The Philippine Bureau of Immigration is Compromised

Forcepoint

Websense Security Labs™ and the Websense ThreatSeeker® Network have detected malicious emails disguised as HSBC Notifications. A closer look at these emails, like the one you can see below, reveals that the link provided in the emails is a compromised URL belonging to the Philippine Bureau of Immigration.

Clicking the link prompts the user to download a malicious file called "atualizar.exe". You can find the VirusTotal analysis results for this .exe here.

Websense Email Security and Websense Web Security protect against these kinds of blended threats with ACE, ourAdvanced Classification Engine.

Forcepoint

Forcepoint-authored blog posts are based on discussions with customers and additional research by our content teams.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.

Learn more about Forcepoint

The Philippine Bureau of Immigration is Compromised

Forcepoint

About Forcepoint

Sign up for the latest from our research and development team

To the Point Cybersecurity

X-Labs

Get insight, analysis & news straight to your inbox

You are here

Forcepoint

About Forcepoint

Sign up for the latest from our research and development team