US Bank-E-payment-Online E-payment Transfer Notification From Another US Bank Customer

From: "US Bank-E-payment-Online"<online.communication@account.com>
Date: 19 Dec 2016 18:34:45 -0500
Subject: E-payment Transfer Notification From Another US Bank Customer

Attachments

  • US Bank Payment.pdf

Technical Analysis


This one was being sneaky! Noting dodgy within the Email. The PDF scans clean for viruses, but open the PDF, and there is a tempting link to click on. You can see it in the image above – note that our image is not clickable. With an Email, you are able to hover above a link and see where it is going. The PDF is not like that by default.

In this case, I was able to interrogate the link, and it shoots off to a website for a bakery. It is unusual to find a bakery hosting web pages on behalf of a bank, so my suspicions were aroused! The reality is that the bakery would have been hacked, and a rogue webpage created to either collect data or plant trojans.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Exit mobile version