Be Mindful of Which E-mails You Open

Dyre -- a dangerous financial trojan -- has been infecting thousands of banking customers worldwide. The virus is hidden in an e-mail usually disguised as business documents, voicemail or fax messages. Recipients are invited to click on an attachment which directs the user to a malicious website and downloads the virus.

The attacks began one year ago and have been continuing to grow in numbers. Symantec Security Response posted a graph this past June showing the numbers of virus detentions over time.

The most dangerous aspect of this virus is its ability to steal credentials not only from the banking company, but from any site a victim visits. According to Symantec.com, "Dyre is capable of using several different types of man-in-the-browser (MITB) attacks against the victim’s web browser to steal credentials." 

One attack redirects the victim to a fake website that looks similar to its genuine counterpart. This fake website will harvest the victim’s credentials before redirecting back to the genuine website. Another attack allows Dyre to alter the way legitimate websites are displayed in the browser window by adding malicious code to it to steal the victim’s login credentials. In some scenarios, Dyre may also display an additional fake page informing the victim that their computer has not been recognized and that additional credentials need to be provided to verify their identity, such as their date of birth, PIN code, and credit card details.

Scomage encourages all our clients and their families to be careful when it comes to e-mail. Stay educated and never open an attachment from an unfamiliar e-mail address.