Upatre Malware Dropper Sent to Bitstamp Exchange Users

  • 31 October 2014
  • 4 replies
  • 353 views

Userlevel 7
Badge +54
Message looks genuine, many users could fall for the trick
By Ionut Ilascu on October 31st, 2014 Emails claiming to come from Bitstamp exchange service inform users that the trader of digital currency modified the bank account information, pointing to an attached file for more details.
The message is carefully crafted and could fool even the more suspicious users of the service.

 

Message shows powerful social engineering skills

 
With the sender’s address spoofed so that the message appears to have been sent automatically through the notification service of Bitstamp, and a signature from the CEO of the exchange, Nejc Kodric, users would have a tough time spotting the deceit.

Even the email body is constructed to remove suspicions, showing that skillful social engineers are behind the campaign. Full Article

4 replies

Userlevel 7
Oh this one was written well!  Most of the phishing emails I see are so poorly worded as to be humorous.  This one not so much.  
Userlevel 7
Badge +54
It had to happen David. We are forever being told that one way to spot the phishing messages are through spelling, well at some point it the grammar and spelling will be on a par with real ones.
Userlevel 7
@ wrote:
It had to happen David. We are forever being told that one way to spot the phishing messages are through spelling, well at some point it the grammar and spelling will be on a par with real ones.
Quite so... as the malware writers are sure to read up on what we are saying about their "products", so they should know we have been laughing at them for a while.  (Still, sadly, even the worst written ones still manage to rack up victims.)
Userlevel 7
Badge +54
All we can do is keep pushing the risks and threats out to people in the hope that some of them may learn to understand the risks.

Reply