Careful: This "life insurance invoice" contains Ursnif malware

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Over the past couple of days, the Cofense™ Phishing Defence Centre has observed multiple campaigns that prompt the user to download what appears to be a life insurance invoice. The “invoice” gets delivered in the form of a zip file that contains a LNK file with content crafted to create an effective malware downloader tool. The malware it delivers: Ursnif.

The abuse of this file format represents another example of attackers using creative attack techniques and seemingly-benign file types to bypass security controls to deliver malware to protected environments. The success of these techniques may vary, but phishers will continue to innovate to identify methods that work for them.

In this blog post, we have picked a campaign that demonstrates this principle in action. The campaign pretends to come from AA Life Insurance with a subject of Life Insurance – Invoice.

Visit our blog to continue reading: https://cofense.com/careful-life-insurance-invoice-contains-ursnif-malware/

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
89 Followers
About Cofense Inc.
Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions worldwide. We deliver a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. Our collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees. From driving awareness to security automation and orchestration, our solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. Today, this is all made real for thousands of global organizations. Learn more at www.cofense.com.
Promoted Content
Industry Brief: A Closer Look at Phishing in the Healthcare Industry
Learn How and Why Healthcare Is Vulnerable to Phishing In this industry brief, Cofense shares exclusive data on phishing in the healthcare industry. The take-away: healthcare lags behind other frequently attacked industries in recognizing and reporting phishing emails.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel