top | item 45651762

(no title)

I run a small, extremely niche fan site with under 500 users, and I received a very similar email the other day - someone complaining about the "cookie popup" (which my site doesn't have), and then sending me a "screenshot" in a sites.google.com link when I told them I don't know what they're talking about.

Only difference is that it downloaded a .zip file containing a shortcut (.lnk) file which contained commands to download and execute the malicious code.

discuss

beAbU|4 months ago

When I opened the Google domain link from TFA it downloaded a zip file for me. Perhaps it detects OS/Browser and serves the most appropriate attack?