Establishing Digital Trust: Don't Sacrifice Security for Convenience
"The messages themselves, ironically enough, are warnings that advise those impacted by the breach to avoid these exact types of scams," writes The Tech Herald's Steve Ragan. "The messages arrive with a PDF attachment, named simply 'stratfor.pdf.' Once opened, the PDF displays a letter discouraging the reader from opening emails and attachments from 'doubtful senders' and encourages them to 'check all e-mails and attachments with antivirus.'"
"The message is mostly harmless at this point, aside from the link to download the anti-virus software," Ragan writes. "The link itself points to either a server in Turkey or Poland, and serves a variant of the ZBot Trojan, which will siphon off personal information including passwords and financial details."
Go to "Stratfor customers plagued by malicious emails" to read the details.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.