Preterion's blog

Or where to find some useful info and facts about IT

Phishing scam not blocked by cloud spam filter – myGov

Another phishing scam is in the wild.
Well designed, it is nothing but a simple email with a link and a couple of images embedded.

The campaign is done using infected hosting servers hence it has the potential to pass through spam filters.
It managed to go through our cloud spam filter which is a rare occurrence so it is obviously a well-designed attack.

Clicking the embedded link “go to myGov” results in visiting a web page that runs a bunch of “clean” scripts that ultimately lead to malware deploying page(s), ultimately deploying a malware payload.

This, depending on the recorded path of how the computer got infected, will deploy further threats – including ransomware similar to cryptolocker.

If your spam filter allows manual reporting of such messages, report it immediately and delete the message.

See below a sample of the malicious email:

Comments are closed