18 June 2020 Thursday

Emergency alert | The new Email scam uses Virusdie brand name!

In Malware and Threats 0 Comments

Beware of suspicious email from popular security service brand names! Today we faced with suspicious scam emails were sent by attackers. These emails use Virusdie’s brand name and suggests you update your account for free by clicking on the link “UPDATE FOR FREE”. And we found, such email scam may use not only Virusdie naming, but all popular security service brands. And more that, in some cases, it looks as you got email right from your service provider. But that is not true.

WHAT IF YOU CLICK ON “UPDATE FOR FREE”.
The link hidden behind the button is: http:// u8872959. ct. sendgrid. net/ls/click?upn=…(long text)

THEN, IT REDIRECTS YOU.
The site processes links and creates a redirect to other sites:

AND THEN, YOU’RE AT THE END POINT OF YOUR JOURNEY.
In case of following the link from the email, you are redirected to https:// abyernoult. com/wp-content/plugins/loginizer/IPv6/configurations/en/cloud .php and here we get a danger warning from the browser:

If we ignore the risk and follow the link, we find a connection timeout error. Because of this, we were not able to find out what kind of fraud the link from the email strive to.

AS A CONCLUSION.
The scheme used in this scam mailing, rather classic. Attackers use free hosting, as well as hacked sites (as in the case with https:// abyernoult .com):
– The first server ( ushadvisors .com ) is used to send letters.
– The second site ( u8872959. ct.sendgrid .net ) is needed for the distribution of links and redirects.
– The third site ( abyernoult.com ) already contains fraudulent and malicious pages.

We have already taken action on these sites. Please be careful in all such cases and do not follow suspicious links from the email to avoid become a victim of phishing or other forms of fraud! Be careful and check email headers first (we recommend you always check email headers if you got suspicious email from your service provider).

Join our private Facebook group to get help from other security experts, and share your own web security experiences and expertise. Group members receive exclusive news and offers. They can also communicate directly with the Virusdie team. Join us on Facebook.

Ultimate Website Security Tools

Emergency alert | The new Email scam uses Virusdie brand name!

See also:

Comments

VIRUSDIE V.5.5! | Introducing Virusdie v.5.5 with the new sidebar with action and activity log plus the new scan engines and backend.

FEB 6, 2024 | Sucuri CloudProxy and Amazon Cloudfront caused sync errors, now can be detected and fixed by sync Wizard!

DEC 20, 2023 | The website sync problem resolving and the new special alert system release.

DEC 7, 2023 | Virusdie professional website security community on Facebook, hits 1800+ members!

NOV 14, 2023 | Site security market volume just $5 billion, and that is the problem in a Big Way. Why?

External Site Check API 3.0

Yeah Baby! Virusdie.com Public beta is available and Free!

Virusdie is on Product Hunt

Time zone set tool and HTTPS settings

New multi-threaded web-server antivirus Virusdie.Server v.2.2.0

Cloud Security Tools

For partners

Help & Support

About Us