Today, we’ve received another phishing email purporting to be from Visa with a spoofed email
address.The fake mail carries a subject line: “Security Notice”. It has an attached html file “VisaMasterCard.htm”. The mail instructs the users to download the attached file and fill it up in order to get security updates for their accounts.
Once executed, the downloaded file looks like this:
It is just a replica of the original page which is getting executed from your machine. As soon as you click on “Update your Account” it will take you to the phishing link shown below which displays an online form to fill.
After clicking on the ‘Complete’ tab, it will show you the following prompt:
If you click on the OK tab on this prompt, it will take you to the genuine website of VISA.
This convinces users that everything is fine. But in reality all the confidential data of the user is transferred to the attacker.
Quick Heal blocks any malicious URL and protects its users.