Fake PayPal Site Spreads Nemty Ransomware

By   ISBuzz Team
Writer , Information Security Buzz | Sep 09, 2019 06:02 am PST

A web page pretending to offer an official application from PayPal is currently spreading a new variant of Nemty ransomware to unsuspecting users. This latest occurrence of Nemty was observed on a fake PayPal page that promises to return 3-5% from purchases made through the payment system.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Roy Rashti
Roy Rashti , Cybersecurity
September 9, 2019 2:07 pm

Such an attack could and should be blocked by a security solution at each and every stage: pre-delivery, when the fake page is being browsed, when the executable is downloaded to the computer and when the executable begins operating. Without such a solution in place, it is imperative that users be especially careful when clicking any link they receive.

This approach is unique to what other cybercriminals are currently doing in that phishing attacks typically distribute malware via email rather than being sent directly by fraudulent websites. Security solutions, which are designed seek out this more ‘traditional’ approach form of phishing, are much less likely to detect this kind of attack. The scam is also presented to be highly alluring and appear credible to the unsuspecting and unprotected user.

Last edited 4 years ago by Roy Rashti

Recent Posts

Would love your thoughts, please comment.x