Fake PayPal Site Spreads Nemty Ransomware

A web page pretending to offer an official application from PayPal is currently spreading a new variant of Nemty ransomware to unsuspecting users. This latest occurrence of Nemty was observed on a fake PayPal page that promises to return 3-5% from purchases made through the payment system.

Subscribe
Notify of
guest
1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Roy Rashti
Roy Rashti , Cybersecurity
InfoSec Expert
September 9, 2019 2:07 pm

Such an attack could and should be blocked by a security solution at each and every stage: pre-delivery, when the fake page is being browsed, when the executable is downloaded to the computer and when the executable begins operating. Without such a solution in place, it is imperative that users be especially careful when clicking any link they receive.

This approach is unique to what other cybercriminals are currently doing in that phishing attacks typically distribute malware via email rather than being sent directly by fraudulent websites. Security solutions, which are designed seek out this more ‘traditional’ approach form of phishing, are much less likely to detect this kind of attack. The scam is also presented to be highly alluring and appear credible to the unsuspecting and unprotected user.

Last edited 2 years ago by Roy Rashti
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x