Fake AV Attack Targets Wordpress Users



Websense detected a new wave of mass-injections of a well-known rogue AV campaign. It targets websites that use the open source WordPress website content management system. Websense reported that more than 200,000 web pages had been compromised, on 30,000 websites where about 6 pages each were infected.



The injection redirects them to rogue AV sites that try to social engineer the users to download and install a Trojan onto their workstation. Wensense said these rogue AV sites do the known trick of simulating a scan and reporting fake infections, using a "Windows Security Alert" dialogue box. Would not hurt to warn your users about this once more! Link:



">http://community.websense.com/blogs/securitylabs/archive/2012/03/02/mass-injection-of-wordpress-sites.aspx?cmpid=pr



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews