Malvertising (malicious advertising) typically exploits a vulnerability in a software program and recent variants do not require any user interaction to infect the user’s machine. Infections can include browser redirects to malicious sites, ransomware, bot creation, Trojans and more. Malicious software affects users, advertisers and publishers.

Phishing Alert: Rejected Federal Tax Payment Scam

zveloLABS detected a suspicious-looking email purporting to come from the Electronic Federal Tax Payment System (EFTPS) of the U.S. Treasury Department. This email is fraudulent and claims that “Your Federal Tax Payment ID has been rejected.” The payment rejection is falsely attributed to the use of an invalid identification number. Here is an example of the actual phishing email (see image 01), followed by some observations that should raise red flags about its validity.

Malware Distribution Point Detection – a Case Study

The media consistently warns people that clicking on links within emails from unknown sources can be dangerous. What about links in seemingly harmless emails received from individuals of trust? More so, what if the URL of a said link points to a familiar website? In recent weeks, zveloLABS® has identified several websites that appear benign in nature at first glance, but after further analysis these sites have been categorized as malware distribution points. What made the following case study interesting is that none of the well-known Internet blacklists and malware analysis tools flagged these URLS as being malicious. The following analysis shows how these trusted control mechanisms were circumvented with nothing more than a guise and a fundamental understanding of how the Internet operates.