Cyber News and Threats – 27 June 2017
Here are some of the latest updates on cyber threats and news that we’ve picked up in the last couple of weeks.
Fake airline websites distributed by social media
Scammers are using the brands of major global airlines to lure users to fake websites and then encourage them to share links to the sites with friends. When a user clicks through to the sites they are prompted to answer a few simple questions and provide personal information to get free flights. Once they give away their name, email, phone, date of birth and address they are then told they will receive the flights, only once they ‘like’ and share the page on Facebook, spreading the fake sites to new victims.
Mouseover malware masquerading in Powerpoint files
According to media reports, a new method of delivering malware has surfaced. ‘Zusy’ malware, according to IT company ExtremeTech, is a banking trojan whose intention is to steal credentials. The reports suggest that simply hovering your mouse over a link will lead to infection without requiring you to click on anything. However, several stages are required to successfully infect a user.
More than 250 million computers worldwide have been infected with malicious adware called Fireball, according to recent reporting. Produced by Rafotec, a Beijing-based digital marketing firm, the malware is spread mostly via bundling. That is, when a user downloads a product they want, the Fireball malware is ‘bundled’ in without the user’s knowledge or consent.
For the full text of the NCSC weekly Threat Report please go to: www.ncsc.gov.uk/index/report