Scammers take advantage of Epsilon data breach
Trojan hidden as security tool for affected customers.
Scammers are currently taking advantage of the data breach that affected email
security provider Epsilon recently, by creating a copy of
Epsilon's website and claiming that people can download a 'security tool'
that tells them whether they have been affected.
![]()
While far from the first time that hackers have obtained personally
identifiable information, the attack on Epsilon made the
headlines because of its size and the number of financial
organisations affected - which raised concerns that
the data could be used for targeted attacks such as spear
phishing. Epsilon did not help its case by providing
very little information about the attack, adding to the feeling of unease among
its clients' customers.
Scammers are now playing on these concerns by creating a fake copy of
the company's website, which claims to have a tool which users can download and use to determine
whether their personal data has been stolen. Of course the 'tool' is, in fact, a trojan dropper,
and when downloaded it infects the machine with malware.
Computer users have good reason to worry about leaked personal data,
but they should not let these worries get in the way of acting
responsibly when downloading files from the Internet. Companies that
have been attacked by hackers have reason to worry about damage to
their reputation, but they should be aware that by not being open
about the attacks they can make matters worse both for themselves and for
their customers.
More at Websense here.
Tags:
epsilon, phishing, trojan.
Posted on 18 April 2011 by Virus Bulletin.
0 comments.
del.icio.us 
digg this
