Select Page

Cyren Security Blog

.com malware pretends to be naughty .com website

Sometimes the “other side” uses a neat trick that seems so obvious. In these cases we think “they must have done this before” – then we search the archives (Google) for proof that it has indeed been used before. A good example is our post from last year where we documented the abuse of the HTML textarea tag. We received several responses informing us that it wasn’t a new trick – but no one could actually remember having seen it used anywhere.

So with this in mind, we present today’s obvious malware trick – that seems new but may have been used before…

The email doesn’t include much text – simply asking that you “Pay attention at the attach.”

The neat trick: The attachment name uses its .com suffix to mimic a website name. Unfortunately, the website name that is faked is not really repeatable on this family-oriented blog – but trust us; we blushed when we saw it. As shown in the screenshot it’s www.——-face.com. Those tempted to double-click the “link” in order to visit a porn site would find themselves attacked by malware.

Have you seen this before? – was this trick already used in 1996? – please let us know…

You might also like

LinkedIn Phish Kit

Scam Warning Back in January, LinkedIn posted a warning about connection requests from individuals impersonating employees of a legitimate organization. These requests come from newly created accounts. If someone accepts the request, the attackers will have more...