Thursday, 14 August 2014

New virus threat data bank in Brazil; malware redirects banking sites

A new virus known as ProxyCharger is being used to steal banking data of Brazilian Internet. Through malicious code hidden in an infected file, the threat is installed on the computer, changing the proxy settings to direct the user to fake versions of banking sites. The phishing threat is the type that sends emails with infected to increase the stroke and more people fool attachments. 

Archives 'rich text' in Word documents can contain viruses; you see me

Sending malicious emails - - This week, a new type of phishing attack was detected with intent to steal bank details of Brazilian Internet. According to the research lab digital security company ESET, the attack involves users in many national and international banks, flags credit card information and legal entities. 
The purpose of ProxyCharger is to steal personal information to access banking systems and perform improper withdrawals. Unlike what happens in the rest of the world, this type of attack is gaining traction in Brazil, infecting a large number of computers. 
Since your computer is infected 
The attack occurs by malicious with a link that leads to download an infected file emails. The downloaded file is displayed on the computer as a folder, with a message that says: "Execute_Para_Visualizar". It is clear that a folder is not an executable file, however, by carelessness or lack of information, many people run the file. At this time, the malicious code initiates a series of actions that change the proxy settings of the system. 
Then a script into action to capture personal data. This file contains rules related to various Brazilian and international banks, and, each time the user accesses a URL that matches these rules, it will be filtered by the proxy. Thus, accessing the database URL, the proxy will intervene modified forwarding the user to a fake version of the site. 
how to avoid 
The fake site looks a lot like the official website of the bank in question, but in this case, the false version of the site that cybercriminals may be copied or is old. That is, if you notice a change in the layout of the database page, suspicious and immediately stop the action. 

Basic steps can completely repel the attack. It is very important not to open attachments from unknown e-mails and do not click on any link in suspicious messages in your email. Also, always keep in the habit of performing searches for viruses on your computer to keep it safe and install a good antivirus software on your PC.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.

Popular Posts