Blog | G5 Cyber Security

Phishing scam in an HTML attachment

M86 Labs has uncovered what appears to be a new phishing trick designed to evade browser-based blacklists. Instead of pointing a user to a phishing site, the bad guys are attaching HTML files to the spam messages. The forms look like legitimate documents from Bank of America, Lloyds, TSB and PayPal. This system avoids the HTTP GET request to the phishing website, thus avoiding being blocked by the browser. The HTML attachment, stored locally, successfully opens in the browser without the user being warned.”]

Source: https://www.csoonline.com/article/2134579/phishing-scam-in-an-html-attachment.html

Exit mobile version