{"id":72783,"date":"2010-09-08T06:47:10","date_gmt":"2010-09-08T06:47:10","guid":{"rendered":"https:\/\/localhost\/wordpress\/?p=72783"},"modified":"2010-09-08T06:47:10","modified_gmt":"2010-09-08T06:47:10","slug":"visa-bill-pay-scam","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/visa-bill-pay-scam\/","title":{"rendered":"Visa bill pay scam"},"content":{"rendered":"<p>Yesterday I received a mail regarding \u201cPayment Processed by Visa Bill Pay\u201d as below&#8230;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/siteimg\/visabill2.jpg\" alt=\"\" width=\"633\" height=\"634\" \/><\/p>\n<p>If one open this file then a Trojan get installed on system in application data folder, this Trojan connect to below domain and it may further lead to fake antivirus scams, malicious redirects, viruses, trojans, rogue installers, key loggers, droppers, browser exploits, and a range of other security threats.<\/p>\n<p>https:\/\/votrebuyh.com\/xman\/xman.bin<br \/>\nhttps:\/\/votrebuyh.com\/xman\/gogo.php<\/p>\n<p>\u201c<strong>VISABILLPAY-VODAFONE.exe<\/strong>\u201d is a Banking Trojan which is used to steal banking credentials from the victim (including confidential details such username, password, credit card number, etc.). By harvesting cookies and accessing other information, the criminals can extract a lot of personal information which can be used to increase their chances to get access to the victim\u2019s online banking account.<\/p>\n<p>Quick Heal detect this as Trojan.Agent2.cuyv<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yesterday I received a mail regarding \u201cPayment Processed by Visa Bill Pay\u201d as below&#8230; If one open this file then a Trojan get installed on system in application data folder, this Trojan connect to below domain and it may further lead to fake antivirus scams, malicious redirects, viruses, trojans, rogue installers, key loggers, droppers, browser [&hellip;]<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-72783","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72783"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=72783"}],"version-history":[{"count":0,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72783\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=72783"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=72783"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=72783"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}