In The News

Malware crooks using Contact Us forms threatening legal action

Crooks are using company contact forms to trick employees into visiting malware laced websites.

If your company or website has a Contact Us form – and most do – then be wary of a surge of scams where crooks are using these contact forms to trick unwary employees into downloading malware.

In examples offered by Microsoft, crooks are sending threatening messages via these contact forms to website owners and businesses, falsely claiming they are infringing on someone’s copyright, and demanding the infringing content is removed else they could face legal action. See the examples below.


Source: Microsoft

There is no infringing content. This is a clever social engineering trick to panic the reader into clicking the included link, which appears legitimate because the link leads to a site hosted on the Google Sites platform. Microsoft note on their warning bulletin

We observed more emails sent by attackers on other contact forms that contain similar wording around legal threats. The messages consistently mention a copyright claim lure by a photographer, illustrator, or designer with the same urgency to click the sites.google.com link.

But even websites hosted with Google Sites can be used to distribute malware. If the website or business owner reads the message and clicks the link, they’re asked to login using their Google credentials. Once they do, a ZIP file automatically downloads to their computer. And if that ZIP file is opened and its contents executed, malware will soon follow. In cases seen so far that malware is the IcedID malware, which can steal financial and banking information from a device it infects.


Sponsored Content. Continued below...




And given the surge in these types of attacks researchers believe the crooks have found a way of bypassing CAPTCHA tools that companies use to prevent these types of automated attacks.

Companies and website owners are advised to be extremely cautious of emails threatening legal action for alleged copyright infringements, especially if they direct to websites that download ZIP files onto a user’s device.

Share
Published by
Craig Haley