Spammers, posing as insurers, use Heartbleed to phish for credentials

Share this article:

In a recently discovered phishing scheme, spammers, posing as a notable U.S. military insurance group, are asking users to log in and “register to the backup security certificates” in order to protect against potential Heartbleed bug attacks.

This is not a way of mitigating the Heartbleed bug threat.

Clicking the Sign On button at the bottom of the email will redirect users to a compromised Turkish manufacturing website, according to a Wednesday post by Symantec, which would not reveal the name of the insurance organization.

Additional giveaways to the phishing scam include poor use of the English language throughout the email, as well as the sender using an old mail client, which most modern businesses no longer use, according to the post.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

VBA malware on rise, templates make it easier to write code

VBA malware on rise, templates make it easier ...

Researchers at SophosLabs found an uptick in VBA samples in July.

Analysts spot 'Critolock,' ransomware claims to be CryptoLocker

Trend Micro noted several differences between Critolock and CryptoLocker, however.

Citadel used in APT attacks against petrochemical firms

Citadel used in APT attacks against petrochemical firms

In an interesting twist, financial malware Citadel was used to infect firms outside of the finance sector via APT attacks, Trusteer found.