There’s a new phishing trick that involved the user downloading a security certificate. It’s been spotted on a fake Bank of America web site. When this fake page is accessed the user is asked to create a digital certificate.
The control is downloaded to the PC using Microsoft Certificate Enrolment Code. This ads a false sense of security for users.
The next step on the web site asks users to download a file called sophialite.exe This is a malicious program.
So if you end up at a web site that looks like the Bank of America pay close attention to the address shown in your web browser, make sure it’s exactly right.
One thought on “Microsoft Certificate Enrolment Code”
A source or reference or link to more info on this would have been nice…