This phishing email uses an unexpected trick to infect PCs with keylogger malware

Rather than using macros, this malware uses Visual Basic Script to avoid detection.
 
                              http://zdnet4.cbsistatic.com/hub/i/r/2017/01/16/52bb98ec-eabf-48c6-9542-62ad2e65fd44/resize/770xauto/123171e0d8b167447388eba71c7fabcf/silverlight-1-fake-email.png
 By Danny Palmer | January 16, 2017
 
Cybercriminals are targeting a US major financial services provider with malicious emails containing the tools required to install information collecting keylogging software onto the infected systems.
 
Keylogging enables hackers to see everything that's typed using the keyboard of an infected machine, something which can be exploited to steal information, personal information, and login credentials.
 
Cybersecurity researchers at Proofpoint note that the attack is very narrow in scope, targeting users in just a single US-based financial services and insurance organisation with malicious emails. Naturally, banks are a high-profile target for cybercriminals who not only see money as a lucrative target, but also view financial institutions as a treasure trove of data to exploit.
 
Full Article