Phishing Campaign Targets Seattle Government Employees

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Hundreds of city employees in Seattle, Washington yesterday began receiving phishing e-mails disguised as notifications of traffic tickets.

"According to the Microsoft Malware Protection Center and the Seattle Police Department, hundreds of individuals with Seattle.gov e-mail addresses began receiving the fraudulent parking ticket announcements on Thursday," writes Threatpost's Brian Donohue. "The messages have the subject 'Seattle Traffic Ticket' and claim the recipient committed one of a number of violations, including speeding."

"Clicking a hyperlink in the e-mail message loads an iframe that redirects users to a Ukrainian IP address," Donohue writes. "According to TechNet, the site contains an obfuscated JavaScript that exploits bug in the Microsoft Data Access Components (MDAC) that was patched in 2006."

Go to "Phishers Bait City Workers in Seattle With Phony Speeding Tickets" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.