Visa bill pay scam

Yesterday I received a mail regarding “Payment Processed by Visa Bill Pay” as below…

If one open this file then a Trojan get installed on system in application data folder, this Trojan connect to below domain and it may further lead to fake antivirus scams, malicious redirects, viruses, trojans, rogue installers, key loggers, droppers, browser exploits, and a range of other security threats.

https://votrebuyh.com/xman/xman.bin
https://votrebuyh.com/xman/gogo.php

VISABILLPAY-VODAFONE.exe” is a Banking Trojan which is used to steal banking credentials from the victim (including confidential details such username, password, credit card number, etc.). By harvesting cookies and accessing other information, the criminals can extract a lot of personal information which can be used to increase their chances to get access to the victim’s online banking account.

Quick Heal detect this as Trojan.Agent2.cuyv

Anand Yadav

Anand Yadav

1 Comment

Your email address will not be published.

CAPTCHA Image

  1. Avatar KarenApril 16, 2012 at 8:07 AM

    Thanks for taking the time to share this, I feel ogtsnrly about it and love reading more on rogueware removal. If possible, as you gain knowledge, would you mind updating your blog with more information? It is extremely helpful for me.

    Reply

This website uses cookies to ensure you get the best experience on our website. Learn more