Information Security News
A writer wrote in to send us an interesting phishing attempt they had received at their organization. An email from a school domain that purported to be VetMeds send an encrypted PDF that required a user-name and password to log in to. The subject of the email was Assessment document. The PDF itself was created with Microsoft Word and included a link that suggested it was a locked document and you needed to click a link to unlock it which pointed to chai[.]myjino[.]ru and gave a screen with a purported PDF behind it and a login box that it happily accepts. Below are some screenshots, but some notes. Updated versions of Acrobat should ask before going off to bad websites. What I found interesting was the lure was a VetMeds assessment but the underlying document at the Russian website is for a SWIFT transaction, so some mixes messages there.
Some advice, be wary of emails from domains that don" />
bambenek \at\ gmail /dot/ com