MacOS Malware Targets Swiss Bank Customers Via Phishing Emails

Status
Not open for further replies.

hellwig

Distinguished
May 29, 2008
1,743
0
19,860
26
Fake, self-signed, unknown or untrusted certs should always raise a warning making it very clear you should be safe and not open/interact with the faulty cert unless you are absolutely certain you trust it.

Yes, many people will continue anyway, but it doesn't sound like this warning was even raised with Safari.

I mean, if you can just fake the cert, what good is the cert system to begin with?
 

firefoxx04

Distinguished
Jan 23, 2009
1,371
0
19,660
144


The cert is trusted because the malware installs its own Certificate authority onto the system. This will always work.
 

Jayson_15

Prominent
Jul 12, 2017
4
0
510
0
"Trend Micro security researchers recommended users to refrain from downloading file attachments unless they trust the people that sent them." That isn't great advice. Most phising emails are spoofed to appear that they came from a contact or other trusted source.
 
Status
Not open for further replies.

ASK THE COMMUNITY

TRENDING THREADS