August 9, 2011

The Philippine Bureau of Immigration is Compromised


Websense Security Labs™ and the Websense ThreatSeeker® Network have detected malicious emails disguised as HSBC Notifications.  A closer look at these emails, like the one you can see below, reveals that the link provided in the emails is a compromised URL belonging to the Philippine Bureau of Immigration. 


Clicking the link prompts the user to download a malicious file called "atualizar.exe".  You can find the VirusTotal analysis results for this .exe here


Websense Email Security and Websense Web Security protect against these kinds of blended threats with ACE, ourAdvanced Classification Engine.



Forcepoint-authored blog posts are based on discussions with customers and additional research by our content teams.

Read more articles by Forcepoint

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.