Researchers have discovered a new phishing tactic utilized by cybercriminals to spread Dyre malware.
Experts at PhishMe were tipped off on the new tactic thanks to reports from employees leveraging its “Reporter” tool – an email add-on that reports suspicious emails to the security firm, according to a recent blog post.
All of the messages have “Voice Message” as the subject line, luring readers into thinking there is an important audio message waiting to be tended to. The email gives the reader an option to download a zip file that contains an executable, that once is executed, uploads the Upatre downloader – which then “downloads an encoded payload” that is the Dyre malware, according to experts.
Dyre was discovered by PhishMe researchers in June when it was used in a phishing ruse that targeted banking credentials for specific financial institutions.