Security News > 2020 > December > Massive Subway UK phishing attack is pushing TrickBot malware
2020-12-11 08:41
A massive phishing campaign pretending to be a Subway order confirmation is underway distributing the notorious TrickBot malware.
TrickBot is a trojan malware infection commonly distributed through phishing campaigns or installed by other malware.
What is concerning about these phishing emails is that they include the user's first name, and some users are reporting they are being sent to emails only used for Subway.
This attack may indicate a data breach at Subway UK that allowed the threat actors to gain access to customer's names and email addresses.
The Subway phishing emails are using email subjects such as "Your order is being processed" and "We've received your order," and state that it is from Subcard, as shown below.
News URL
Related news
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Ongoing Phishing and Malware Campaigns in December 2024 (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)