Virus

HTML/Phish!tr

Analysis


HTML/Phish!tr is a detection for HTML codes that redirect the web browser to a phishing web site.
This detection is not limited to in wild spear/attack/spam phishing campaign some samples may include as part of third party pen testers using spam campaign as one of their internal tools.

  • Below are some of the sample illustration on how these Phishing scheme may look like:

    • Figure 1: Scam Phishing hosted over google docs.


    • Figure 2: WhatsApp phishing embedded on some Phishing Mails.


    • Figure 3: Sample Phishing.


    • Figure 4: Sample Phishing.


    • Figure 5: Phishing.


    • Figure 6: American Express Phishing.



Recommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.