Virus

HTML/VisaCard!phish

Analysis

HTML/VisaCard!phish - 06-07-27

More Info:

This is a phishing attack against VISA.

There is a hyperlink:

http://www.visa.com/verified-by-visa/update.htm

When the user clicks, it will redirect to a malicious site that emulates a login. Their logon credentials may become compromised.

Recommended Action

FortiGate systems:

check the main screen using the web interface to ensure the latest AV/NIDS database has been downloaded and installed -- if required, enable the " Allow Push Update" option

FortiClient systems:

Quarantine/Delete infected files detected and replace infected files with clean backup copies

Detection Availability

FortiClient
Extreme
FortiMail
Extreme
FortiSandbox
Extreme
FortiWeb
Extreme
Web Application Firewall
Extreme
FortiIsolator
Extreme
FortiDeceptor
Extreme
FortiEDR

ID	265553
Released	Jul 27, 2006
Description Updated	Jul 27, 2006
Aliases	HTML.Phishing.Bank-380
Platform Profile	HTML
Profile Type	Phishing (phish)

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Virus

HTML/VisaCard!phish

Analysis

Recommended Action

Telemetry

Detection Availability

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Virus

HTML/VisaCard!phish

Analysis

Recommended Action

Telemetry

Detection Availability

Threat Intelligence
Center