Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

.com malware pretends to be naughty .com website

Sometimes the “other side” uses a neat trick that seems so obvious. In these cases we think “they must have done this before” – then we search the archives (Google) for proof that it has indeed been used before. A good example is our post from last year where we documented the abuse of the HTML textarea tag. We received several responses informing us that it wasn’t a new trick – but no one could actually remember having seen it used anywhere.

So with this in mind, we present today’s obvious malware trick – that seems new but may have been used before…

The email doesn’t include much text – simply asking that you “Pay attention at the attach.”

The neat trick: The attachment name uses its .com suffix to mimic a website name. Unfortunately, the website name that is faked is not really repeatable on this family-oriented blog – but trust us; we blushed when we saw it. As shown in the screenshot it’s www.—— Those tempted to double-click the “link” in order to visit a porn site would find themselves attacked by malware.

Have you seen this before? – was this trick already used in 1996? – please let us know…

You might also like

Phishing with QR codes

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...