A blog about generally interesting infosec stuff by Darren Fuller/Paul Marsh, SecQuest Information Security https://www.secquest.co.uk

Friday, 9 May 2014

Lloyds Bank "PCI DSS" Malware

In common with the Facebook scam post earlier we don't usually bother blogging about malware and phishing emails as they're usually handled well by companies and are pretty common.. this email was a bit more interesting.

Had an email from Lloyds Bank <pciportal@lloydsbankcardnetpcidss.com> entitled PCI DSS Compliance Programme:
Looks pretty legit.. PCI too, that's a security thing isn't it!  The attachment looked like this:

So PDF icon with a .scr suffix. That's a Windows screensaver file which will run the code the same as a .exe when it's double clicked (for our younger viewers).

Basically it's a known piece of malware with reasonable detection according to Virus Total:


Interesting all the same, obviously targeted at business rather than end user targets. Be vigilant!

No comments:

Post a Comment