Home / malware W97M.Phisher
First posted on 03 December 2014.
Source: SymantecAliases :
There are no other names known for W97M.Phisher.
Explanation :
The Trojan usually arrives in Word documents that are attached to emails or are downloaded through links included in emails. The body of the email and the attached documents may be adjusted to target a specific individual or industry.
When the Word document is opened, the Trojan displays a pop-up window that claims that the user's Outlook session has expired. It then asks the user to log in with their user name and password to continue.
The Trojan then sends this login information back to the attacker's remote location.Last update 03 December 2014
