This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties.  Members and Law enforcement use only. Contact us for any permissions.  To do otherwise will result in the loss of membership.

Complete Story
 

09/09/2019

Fake PayPal Website Distributes New Variant of Nemty Ransomware

The State of Security

Digital attackers created a fake PayPal website to distribute samples of a new variant of the Nemty crypto-ransomware family.

Security researcher nao_sec uncovered the ransomware variant after they came across a fake PayPal website. This site promised users a return of 3-5 percent for making purchases through its payment system. But its primary purpose was to trick visitors into downloading and running a malware executable called “cashback.exe.”

To do this, the site stole the structure and branding of PayPal’s official site to trick users into believing it was a legitimate location. It also leveraged homograph domain name spoofing techniques to fool users who might have been a bit warier of its promises.

Read more...

Printer-Friendly Version


Resources

Alerts

The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.

more information
Resources

Resources

Your electronic library to help in fighting financial fraud for all of our partners.

more information