scam-of-the-weekScore another one for the "bad guys", who have yet again demonstrated their seemingly inexhaustible ability to concoct new methods to exploit legitimate services in order to bypass existing anti-malware defenses and spam traps.  Proofpoint researchers report in a special security advisory that malicious actors are delivering the Chthonic banking trojan (itself a variant of the infamous Zeus trojan) through the Paypal "money request" feature.

Using legitimate (and undoubtedly compromised) Paypal accounts, the criminals are sending potential victims bogus phishing requests for money through Paypal. In addition to losing a few hundred bucks to imposters, potential victims may also fall victim to the Chthonic banking trojan if they click the embedded link in the email.

How did this happen? Paypal allows users of the "money request" feature/service to include a personalized message. And that enables the criminals to push malicious links that lead to Chthonic on unsuspecting users. In the example offered by Proofpoint, the malicious link takes the form of a goo.gl shortener link, which then redirects to a malicious domain controlled by the bad guys.

Remember to always Think Before You Click, even if the email gives every appearance of coming from legitimate, trusted sources.

Are your employees trained to spot this type of scam? Are they cautious when working outside of the office? Call us 850.426.4405 for affordable employee training to mitigate your risk.