As Twitter gains momentum there are more and more attacks on it, it’s users and the most recent is a phishing scam via DM (Direct Message).
It was uncovered recently that it was being used as a Botnet Control Channel, shortly before that it was subjected to a DoS attack.
This isn’t the first time DMs have [...]

We need more companies like this that acknowledge hoarding data isn’t doing anything for the greater good, to really stamp out the core problems you have to share the data you’ve correlated across the World so everyone can put together what they have and do something about it.
It seems like with China pumping out the [...]

You might remember back in November last year Spam ISP McColo was Cut Off From the Internet and there was a fairly drastic drop in spam e-mail traffic.
Well it looks like the spammers have got their acts back together as spam levels are back up to 91% of their previous volume.
Having McColo shut down was [...]

Back in November there was a considerable drop in Spam when Spam friendly ISP McColo was cut off from the Internet by it’s upstream peer.
Srizbi worm was pretty smart though and was picking up again by the end of November. Later in the year the botnets were somewhat neutralised leading to a huge drop in [...]

The latest Phishing E-mails going round are leveraging on people’s need to digest the latest information, in this case about the Israel-Hamas conflict.
They set up a fake CNN site which prompts you to upgrade your flash player to view the video, of course it’s not Flash but a Trojan targeting your sensitive financial information.
I don’t [...]

I personally received the following direct message on Twitter from someone I know quite well:
hey! check out this funny blog about you…
http://jannawalitax.blogspot.com/
It’s a link to a fake blogspot URL that redirects to a phishing URL for Twitter, it looks the same as the real login page but the actual URL is:
http://twitterblogs.access-logins.com/login (WARNING THIS IS A [...]

It seems like ‘vishing‘ (basically Phishing – but utilising VoIP call services) as it’s known is getting bigger, especially since the scammers have been using a flaw in Asterisk systems that allows them to hijack the VoIP exchange.
Older versions of Asterisk do have quite a number of serious flaws and it looks like scammers and [...]

It seems the latest target for spammers, opportunists and those into Domain Squatting is the registration of interesting or possibly valuable Twitter usernames.
Twitter has exploded recently as a new ‘micro-blogging’ platform and it works really well, especially when combined with more traditional blogging and the host of tools that have been build around Twitter to [...]

A new generation of phishing attacks is being studied jointly by Google and Georgia Institute of Technology, it seems the bad guys are getting some smarter ideas.
They are using Open Recursive DNS servers to poison DNS queries and return false information, thus luring consumers to even more realistic phishing domains.

Researchers at Google and the Georgia [...]

It seems Phishing is have effects in ways that weren’t originally obvious, it comes back to the same topic we generally discuss here when it comes to security and consumers.
IGNORANCE.
Someone consumers see a Phishing attempt from ‘Brand X‘ as a negative against that brand…even though it has absolutely nothing to do with the brand and [...]

If you remember a while back we mentioned PDF & Image Attachment Spam – The New Problem with E-mail, now we have another ‘innovation’ in spamming..
MP3 spam!
It seems they are using it for the same old pump and dump tactics (Microcap stock fraud) to artificially inflate stock prices then sell out fast.

Spammers are back with [...]

Phishers never give up, password theft protected pages? But what about password protected messenger application… No more to say check it out (lame)…
Link :: www.ourgodfather.com
Another Yahoo anti-phising (did you know?):
zahoo.com (also yahoo, for the ones that have inverted keyboard y-z)

I’ve known for a while you can buy software for spamming and MFA (Made for Adsense) site generation for a few hundred USD which utilises Google’s Blogger platform (blogspot.com sites).
You will have seen all the splogs as they are called (spam blogs) hosted on Blogger, a lot of them scrape Darknet articles and repost them [...]

Ah another way for phishers and people wanting to steal login credentials to con IE7 users.
Yet another reason to use Firefox or Opera?
Not saying these browsers are perfect…but look at the amount of problems Internet Exploder Explorer has had.

The flaw lies in the way IE7 processes a locally stored HTML error message page that is [...]

As always, spam filters get better and smarter, but so do spammers..and frankly spammers have more to gain by beating the spam filters so they always work harder and think in more innovative ways.
As they get their spam resembling real emails more and more, the spam filters become less accurate.
On top of that they start [...]

Now this is a massive growth, 8000% percent..woah!
Thankfully losses are still ‘modest’ whatever that means, I guess although the attacks grow in
number, awareness an education also increases (in places like UK anyway) so the risk is fairly well mitigated.

UK incidents of phishing scams have grown 8,000 per cent over the last two years, according to [...]

It seems common in most things, and it’s the same in infosec and especially malware, phishing and spam.
The majority of malware, phishing attacks and spam mails are coming from the same few sources, I’d say it’s a case of 80/20.
20% of the people are sending 80% of the messages, one of the big groups is [...]

Criminals are not stupid, cyber criminals are the same breed, perhaps even smarter than the traditionalists as they are utilising new ways of doing the same old tricks online.
Now the online criminals are recruiting fresh grads to help them push the boundaries further.

Organised crime is “grooming” a new generation of would-be cybercriminals using tactics which [...]

It seems like phishers are changing their tactics to those similar to spammers, rather than going for big targets and mass mails they are turning to more wealthy customers and fewer but larger bounties.
Imagine if they can nail a few big ones, they are set.

Online fraudsters are turning their attentions away from large banks and [...]

Botnets and organises cybercrime is getting more prevalent, it seems it’s increasing exponentially despire crackdowns by the US governments and other organisations.
The criminals are getting more advanced, phishing scams are getting more realistic, technically trojans are getting more effective and the groups are getting really organised.

Cybercrooks are organizing better and moving to more sophisticated tactics [...]

Apologies for the lack of updates for the past few days, I had to go abroad for an important assessment
It’s sad how people can pray on things as terrible as disasters to make a quick buck, but well we have to face the facts that they do, and will.

And as it seems, they [...]

I saw some interesting information recently on a mailing list.

We took one sample of one carding/phishing forum that our Global Surveillance Center was monitoring and sampled the set into a graph that lists the top 10 banks and the losses over the last month. As you can see, it’s obvious who the top credit card [...]

The shocking statistic first, “56% of consumers do not have active anti-virus on their PCs”, ok not that shocking but still a bit worrying. Allthough asking if your average user doesn’t protect themselves on the internet conjures up images of the pope squatting in the woods.

The basic F-Secure anti-virus product protects against viruses and [...]

Sounds complicated, it’s almost a tongue-twister.
It turns out the carders (people using stolen credit card details fraudulently) have worked out how to get money out of the spammers (spamming being massive nowdays)
Fraudsters who deal in stolen credit card data have devised a means to extract money from sponsors of junk mail campaigns.

Carders have signed up [...]

I remember some time back Netcraft developed an anti-phishing toolbar for Internet Explorer Exploder and Firefox.
You can check it out here:
Netcraft Toolbar

Protect your savings from Phishing attacks.
See the hosting location and Risk Rating of every site you visit.
Help defend the Internet community from fraudsters.

Then recently Google has come out with the Safe Browsing Extension for [...]

Phishing is a difficult enough form of fraud to avoid for most computer users, but when some of the biggest names in the financial industry fail to do their part to detect and eliminate these online scams, consumers often are placed in an untenable situation.
Case in point: A source recently forwarded a link to one [...]