MacOS Malware Targets Swiss Bank Customers Via Phishing Emails

Status
Not open for further replies.
Fake, self-signed, unknown or untrusted certs should always raise a warning making it very clear you should be safe and not open/interact with the faulty cert unless you are absolutely certain you trust it.

Yes, many people will continue anyway, but it doesn't sound like this warning was even raised with Safari.

I mean, if you can just fake the cert, what good is the cert system to begin with?
 


The cert is trusted because the malware installs its own Certificate authority onto the system. This will always work.
 
"Trend Micro security researchers recommended users to refrain from downloading file attachments unless they trust the people that sent them." That isn't great advice. Most phising emails are spoofed to appear that they came from a contact or other trusted source.
 
Status
Not open for further replies.