Homeland Security Warns Phishing Spreading Banking Malware

Reading Time: 2 minutes

US Homeland Security sent out an alert this week about an email phishing campaign that is distributing the “Drye” (or Dryze) banking malware. Drye targets users of banking and financial sites to steal their login credentials and commit financial fraud.

Dry was identified and reported on extensively in June, but Homeland is warning of an elaborate phishing campaign by attackers. Drye uses a man-in-the-middle attack that lets the hackers intercept unencrypted web traffic. Victims think they have a secure connection with their financial site, but the traffic is actually be diverted to the hackers servers.

In phishing campaigns, hackers send deceptive emails hoping to trick the recipient into downloading malicious software or visiting malicious web sites. According to Homeland Security, emails used in this campaign typically have a subject of “Unpaid Invoice” and contain an infected PDF attachment. If you open the attachment it will exploit vulnerabilities found in unpatched versions of Adobe Reader to download the banking malware.

This threat is similar to the Zeus banking Trojan which is responsible for hundreds of millions of dollars in financial fraud loses over the past year. However, unlike some variants, it is not an offshoot of the Zeus source code.

Homeland Security provided the following recommendations for dealing with this campaign, but we would hasten to add that this is good advice for dealing with all phishing campaigns:

Recommendations

Users and administrators are recommended to take the following preventive measures to protect their computer networks from phishing campaigns:

Do not follow unsolicited web links in email
Use caution when opening email attachments
Follow safe practices when browsing the web
Maintain up-to-date anti-virus software
Keep your operating system and software up-to-date with the latest patches

Comodo SecureBox

Comodo has designed a unique solution for businesses whose employees and customers are likely to be target of just such an attack. Comodo SecureBox is a client application that ensures an application can operate safely and communicate critical data even if the client computer is already infected. Learn more here

SecureBox Video

[embedded content]

TEST YOUR EMAIL SECURITY GET YOUR INSTANT SECURITY SCORECARD FOR FREE Source: https://blog.comodo.com/pc-security/homeland-security-warns-phishing-spreading-banking-malware/

Generative Data Intelligence

Homeland Security Warns Phishing Spreading Banking Malware

Recommendations

Comodo SecureBox

SecureBox Video

Go High Level Pricing Plans Explained. 30 Days Special Free Trial

Buy YouTube Subscribers and Enjoy Your Growth!

Latest Intelligence

Winning with TradingView: Profitable tips and strategies from master traders

Thales to supply Netherlands with seven additional radars

First KC-390 airlifter arrives in Hungary ahead of official handover

The best coffee for the planet might not be coffee at all

‘COLD VR’ Takes Smash-hit ‘SUPERHOT VR’ Time-freeze Mechanic & Completely Inverts It

Escape Simulator VR Hands-On: A Great New Way To Play

Chat with us