HTML/BankFraud.A!phish
Analysis
This detection covers a method of phishing attack against Deutsche Bank. The detection identifies HTML code within an email message or online (fake) website that attempts to spoof the content such that an unwitting person that viewed the content could mistake it for the factual Deutsche Bank website.
A successful phish attempt would lead a targeted user into financial loss, as logon credentials would be stolen from the user.
Recommended Action
- check the main screen using the web interface to ensure the latest AV/NIDS
database has been downloaded and installed -- if required, enable the "Allow
Push Update" option
FortiClient systems:
- Quarantine/Delete infected files detected
FortiGate systems:
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |