tag:blogger.com,1999:blog-79365860167429298152024-03-28T23:28:41.047-04:00CySecurity News - Latest Information Security and Hacking IncidentsCySecurity News is leading portal for IT Security and Hacker News. Get Cyber Security, hacker and cyber crime updates.The Enlightened soulshttp://www.blogger.com/profile/13074213201632490140noreply@blogger.comBlogger171125tag:blogger.com,1999:blog-7936586016742929815.post-64811208928658462792020-05-12T08:02:00.000-04:002020-05-12T08:02:00.098-04:00Russia recognized as the leader in posting fraudulent resources on the Web<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEin4Le-2EMfO4pBjJgQWmAs2JWTWs8z0GqqzdstlRiuuLwkvKgALKNwah_2pk-g-Tehjox1ZW-Iwi1bL8mia4Xb_mLHl0NF60xkca4r_fRC97pCwEK0IUmDb5KOAuod5NuD4RovSl8Xw4c/s1600/IMG_0722.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="596" data-original-width="1280" height="298" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEin4Le-2EMfO4pBjJgQWmAs2JWTWs8z0GqqzdstlRiuuLwkvKgALKNwah_2pk-g-Tehjox1ZW-Iwi1bL8mia4Xb_mLHl0NF60xkca4r_fRC97pCwEK0IUmDb5KOAuod5NuD4RovSl8Xw4c/s640/IMG_0722.jpg" width="640" /></a></div>
<br />
According to the results of last year, Russia seized the first place from the United States in terms of<br />
the placement of fraudulent Internet resources, found out in the international company Group-IB, which specializes in repelling and preventing cyberattacks.<br />
<br />
If in the previous three years, most of the blocked phishing resources were located in the United States, in 2019, Russia took first place in this indicator. Hosting services in Russia received 34% of blocked phishing resources, in the US 27%. Panama is in third place, it accounted for 8% of blocking.<br />
The company also indicated that in 2019, the total number of blocked phishing resources increased three times, from 4.4 thousand to 14,093.<br />
<br />
According to the Group-IB, earlier scammers stopped their campaigns after they were blocked and switched to other brands. Now they continue to work, replacing the blocked pages with new ones. They also complicated and expanded the mechanisms for implementing phishing attacks.<br />
<br />
At the same time, the scammers revised their goals: the number of phishing resources for attacks on cloud storage doubled over the year and the number of fraudulent pages targeting users of Internet service providers tripled. This is due to the desire to get personal and payment data of users.<br />
<br />
It is worth noting that Group-IB may require blocking resources as a competent organization that cooperates with the Coordination Center of RU domains.<br />
<br />
<a href="https://www.ehackingnews.com/2019/11/cyber-criminals-stealing-customer-data.html" target="_blank">Kaspersky lab reported in November 2019 that cyber fraudsters</a> have developed a new method of corporate phishing to steal personal data from banks. For example, Bank employees receive an invitation to pass certification with the requirement to enter a username and password from their work email. As a result, fraudsters get access to their correspondence, which may contain files with personal data of credit institution clients.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-3600800484382262912020-05-10T01:09:00.000-04:002020-05-10T01:09:08.625-04:00Russians began to click on scam sites 10 times more often<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKi11Y2NPaxF8MuIRXfGisK6sPw36AJ_w4kvuwlx_fMomGg7TepNBEH1Aha_qtavb1b0EPGTTOnxuVVDFdwOEzefqlgc_qtnk_f7nd_E5xCIHlyOQEyQkCEAEJjGbGD1AFsWpMMGZHoTc/s1600/IMG_0693.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="948" data-original-width="1280" height="474" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKi11Y2NPaxF8MuIRXfGisK6sPw36AJ_w4kvuwlx_fMomGg7TepNBEH1Aha_qtavb1b0EPGTTOnxuVVDFdwOEzefqlgc_qtnk_f7nd_E5xCIHlyOQEyQkCEAEJjGbGD1AFsWpMMGZHoTc/s640/IMG_0693.jpeg" width="640" /></a></div>
<br />
According to the study of Kaspersky Lab, at the beginning of 2020, the number of attacks on Russians through scam resources increased 10 times to 15 million, and the number of such pages doubled to 10 thousand. The rapid increase is associated with the spread of the coronavirus. Fraudsters actively exploit the theme of the pandemic: from fake promises to pay benefits or refunds for a small cash contribution to the sale of personal protective equipment.<br />
<br />
If every click to a scam page entailed deception of at least one user, then the potential amount of damage in the first quarter of 2020 could exceed 3 billion rubles ($40,5 million). Experts did not say how much money the Russians lost on scam resources during this period.<br />
<br />
Senior content analyst at Kaspersky Lab Tatyana Sidorina believes that the popularity of scam resources has increased, as Russians have begun to spend more time at home, on the Internet. In addition, users are offered various big money compensations, for the withdrawal of which they need to pay a small commission.<br />
<br />
She stressed that the scam resources disguised as state lotteries began to be actively used at the beginning of 2020, 219 resources were discovered. Kaspersky Lab noted that last year, separate statistics on lotteries were not even kept.<br />
<br />
In order to minimize the damage from fraud, the Stoloto state lottery is already actively cooperating with law enforcement agencies and conducting an information campaign, said Varvara Basanovich, the organization's operating Director. She stressed that it is impossible to win the lottery without buying a ticket, and the tax is paid after receiving the money, and not in advance.<br />
<br />
The head of Analytics and Special Projects at InfoWatch, Andrey Arsentiev, expects that after exiting the self-isolation regime, mass frauds with tourist trips to Russian resorts can start, as well as sellers of drugs for restoring strength, immunity and mental health can become active.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-26705250093434553482015-09-24T09:15:00.000-04:002015-09-24T09:15:15.277-04:00Facebook's 'Dislike Button' scam <div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQhay5vKEi3oJA9lPLLBMpR9h1Lfu-hBr1SHUuFcZxMdawjF0TkbEf8QUkFvQd-otTbeEGh0oO1urO4MZeNRbW6IwUD6aLWfTIdJmVoZea23m95wcw7c3VUPFD8_wL7TtIY9askVVN2g4/s1600/facebook-dislike-button.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="213" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQhay5vKEi3oJA9lPLLBMpR9h1Lfu-hBr1SHUuFcZxMdawjF0TkbEf8QUkFvQd-otTbeEGh0oO1urO4MZeNRbW6IwUD6aLWfTIdJmVoZea23m95wcw7c3VUPFD8_wL7TtIY9askVVN2g4/s320/facebook-dislike-button.png" width="320" /></a></div>
Few days after Facebook CEO Mark Zuckerberg, on September 2015, in a Q&A session announced that the long awaited Facebook ‘Dislike Button’ will be implemented soon, scammers seized upon this opportunity in spreading phishing attacks and malware.<br />
<br />
Soon after this, many users got the link inviting them to download the Facebook’s ‘ Dislike Button’, it says that it is "invite-only feature". One of the most popular dislike button scam is titled as “Get newly introduced Facebook dislike button on your profile". Once clicking on these links leads the victims to a malicious websites.<br />
<br />
<!-- adsense -->The ultimate goal of the scammer is to encourage users to share the link on their Facebook page. Once it is spread on Facebook, they asks you for your personal information and account credentials, or sometimes it downloads the malicious software causing further damage to the computer.<br />
<br />
Zuckerberg, the co-founder and CEO said that, "We are working on it, and are very close to shipping a test of it."<br />
<br />
Computer security expert Graham Cluley showed this concern over this on his blog. "Scams like this trick you into liking pages, and sharing the link with your friends, using the bait of something alluring...in some cases they will even lead you to pricey premium rate mobile phone subscriptions, online surveys that generate the scammers income, or trick you into downloading malicious code onto your PC."<br />
<br />
And advised that, "Don't be duped. If you're a Facebook crack-addict then try to resist the urge of falling for the latest scam, and wait for Facebook to properly roll-out new features as and when they choose."</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-14013175545065257062015-07-03T02:00:00.000-04:002015-07-03T02:00:00.824-04:00Fake Verification of Twitter account could lead to Phishing and Credit Card theft<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDsZI7m4U6nuI7xsRycwKSpvgjOsTUAR-4vbOkwrHA5_X2n0zC_K5urLYkGKib2_9Ch0Jtqja1XGxv4VfuS1QQmf7I_JL-qfeLmqcvL9VLrXRlIsd1selkNLbU_Rd3zqk7NYlpMPzND7k/s1600/twitter-verified.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="203" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDsZI7m4U6nuI7xsRycwKSpvgjOsTUAR-4vbOkwrHA5_X2n0zC_K5urLYkGKib2_9Ch0Jtqja1XGxv4VfuS1QQmf7I_JL-qfeLmqcvL9VLrXRlIsd1selkNLbU_Rd3zqk7NYlpMPzND7k/s400/twitter-verified.jpg" width="400" /></a></div>
The verification of somebody's account on Twitter is a pretty big deal as you as an user cannot do anything about it. It is only if you are recognizable by thousands of people that Twitter verifies your account.<br />
<br />
<!-- adsense -->The chance to get a verified account on Twitter can seem very tempting and that is how somebody operating Twitter account 'Verified6379' is scamming people into divulging their payment details.<br />
<br />
The user which claims to be an 'Official Verification Page' of Twitter redirects you using a shortened Goo.gl URL and lands you on a page that looks like twitter.<br />
<br />
The page then demands secure information like username, password, credit card numbers and others to verify your account.<br />
<br />
The URL has seen over 18,000 hits over the last month.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-22068627688583667762015-06-28T14:04:00.000-04:002015-06-28T14:05:08.361-04:00Don’t click every link to read sensational stories on social networking site<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal">
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXwcd0zqyMdfNpx2dGuHKc0Lnp3iGX3Smeaa5dOSU0jwsnumMeIBTwNSsa07szyxLG-L4Uk3m5wApBmKIAN0zF80yBXRmyBe8giOgHWWUFjGfEwjUPJOyt535eXCQOyR1lyoC0ZPy_IPw/s1600/malware-trojan-spam.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="336" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXwcd0zqyMdfNpx2dGuHKc0Lnp3iGX3Smeaa5dOSU0jwsnumMeIBTwNSsa07szyxLG-L4Uk3m5wApBmKIAN0zF80yBXRmyBe8giOgHWWUFjGfEwjUPJOyt535eXCQOyR1lyoC0ZPy_IPw/s640/malware-trojan-spam.jpg" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Credits: Symantec</td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Sensational stories! Wow, the only one thing common which we all love. Especially on social medias, we do not think even hesitate before clicking any sites or email to read such stories.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
However, researchers say that we need to be vigilant and skeptical when reading sensational stories on social media sites or in emails.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<!-- adsense --> People should visit trusted news sources for information instead of clicking on random links online, go directly to your trusted news source because few days ago, a Brazilian singer and songwriter Cristiano Araújo lost his life in a car accident. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
After his death, Symantec started to observe malicious spam email using the news as a lure. Some of the spam emails attempt to entice users into downloading video footage of the accident. If users click on the Google Drive URL found in the email, they will end up downloading malware. The malware is detected as "Download.Bancos", a well-known banking malware that has been plaguing South America for a while now.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Once the initial malware, a downloader, infects the computer, it will download Infostealer.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Security researchers from Symantec Security Response wrote in the blog that their telemetry on the malware distributed by this spam campaign shows it targeting users in Brazil and Venezuela.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
“Symantec advises users to be cautious when it comes to emails crafted around popular news stories such as the one discussed in this blog as they may be malicious. This type of social engineering is not limited to email and users should also be careful on social media sites as similar tactics can also be used,” the researcher added.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The researchers strongly suggest that never install applications or do surveys in order to view gated content. It's a trick to put money in the pockets of scammers and anyone’s computer or device is at risk to malware.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
“Report suspicious content. Do your part by reporting this type of content as spam,” the blog read.</div>
</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-2800167665326071842015-06-15T07:32:00.002-04:002015-06-15T07:32:35.555-04:00Acai Berry Diet Facebook spam attack: Don't buy, don't try, don't reply, says expert<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy8PPRZ6xiXMZd4RHVkSuD2sdPGkJN75vrexzapRuR4fOcJn2mjGr5nUnhb5f1Ciuw3wCJuBfbOY6BYayaF6zPpWyzAoirHRH5vKcXvOmtJzYIbAAiIpyp1cRBUegW8K5BFI9U2SR-8EE/s1600/facebook-scam.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="303" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy8PPRZ6xiXMZd4RHVkSuD2sdPGkJN75vrexzapRuR4fOcJn2mjGr5nUnhb5f1Ciuw3wCJuBfbOY6BYayaF6zPpWyzAoirHRH5vKcXvOmtJzYIbAAiIpyp1cRBUegW8K5BFI9U2SR-8EE/s640/facebook-scam.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<!-- adsense -->Most of the Facebook users would have noticed various websites promoting Acai Berry diet products. Sometimes, even our friends recommend Acai Berry advertisements on Facebook. However, think twice before you click on those links. If you do, you end on some diet supplement scam page. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
In the Acai Berry scam, we can only see two successive postings on our Facebook Timeline without our permission. Like:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
“Successfully results in this particular health solution.”<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Then, here comes a follow-up post as if anyone has forgot <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
“The link, hehe.. http://goo.gl/xxxxxx.”<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Paul Ducklin, a computer security expert, wrote on Naked Security's blog post “You'd be right to be suspicious, at least if you know your friend is competent in English, because some of the phrases stretch the limits of comprehensibility. However, we're guessing that there are two postings in order to add some kind of human-sounding realism.”<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
He added that it was understandable that automated bogus messages wouldn't forget the link in the first place. And secondly, humans would rush to correct their error with comments saying "hehe."<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The expert said that short links like: goo.gl URLs have been used in the campaign and seem to have redirected to URLs.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For example: [hexdigits].my.test/[letters]/image_[hexdigits].jpeg<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
“If you click through to the buy page and check the very limited disclaimers and FAQs there, you'll find that the product only helps you to lose weight if you combine it with a diet specifically designed to make you lose weight. So, assuming that you spot the scam for what it is before you fill in your credit card number on the buy page, and bail out, you should be OK,” he added.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
“Don't buy, don't try, don't reply,” he wrote.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
He suggested that if anyone gets to know about he/she has been posting ‘out-of-character posts’ without his/her approval, please check the following:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
• Is your computer patched and up-to-date? <o:p></o:p></div>
<div class="MsoNormal">
• Is your anti-virus up-to-date and running properly? <o:p></o:p></div>
<div class="MsoNormal">
• Has someone else been logging into your accounts? <o:p></o:p></div>
<div class="MsoNormal">
• Did you use the same password on multiple sites? <o:p></o:p></div>
<div class="MsoNormal">
• Have you authorized any apps to access your social media accounts? </div>
</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-63438402772543333852015-05-12T03:30:00.000-04:002015-05-12T03:30:01.023-04:00Celine Dion's website becomes unusual spam launchpad, astonishes fans<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal">
Singer Celine Dion recently had her website showing something unusual. The Canadian vocalist’s website viewed a hockey related spam, surprising her fans all over the world.</div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg83HifIGFf9z6uFdn0Kyr3NLXxdrMCONwb_dSSHkwV-PxTSa01V3isxpYihwV7g3yz-iMDR2zcFSiIJqNMdfDqpF0BXfP-2RkgavfRQhRJU2fS9zDUd7Ym6dIXwjVbqdHRoGE8KxdKofI/s1600/celine-spam1.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg83HifIGFf9z6uFdn0Kyr3NLXxdrMCONwb_dSSHkwV-PxTSa01V3isxpYihwV7g3yz-iMDR2zcFSiIJqNMdfDqpF0BXfP-2RkgavfRQhRJU2fS9zDUd7Ym6dIXwjVbqdHRoGE8KxdKofI/s400/celine-spam1.png" width="257" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">(pc- malwarebytes.org)</td></tr>
</tbody></table>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div style="-webkit-font-smoothing: subpixel-antialiased; background-color: white; border: 0px; color: #484848; font-family: Helvetica, Arial, sans-serif; font-size: 14px; font-stretch: inherit; line-height: 1.5; margin-bottom: 15px; padding: 0px; vertical-align: baseline; word-wrap: break-word;">
Partial text below:</div>
<pre style="background-color: whitesmoke; border-radius: 4px; border: 1px solid rgba(0, 0, 0, 0.14902); color: #484848; font-family: inherit; font-size: 13px; font-stretch: inherit; line-height: 20px; margin-bottom: 10px; padding: 9.5px; vertical-align: baseline; white-space: pre-wrap; word-break: break-all; word-wrap: break-word;">///Fox Tv//Czech Republic vs Austria Live Stream Hockey World Championship Online
</pre>
<blockquote class="tr_bq">
<div class="MsoNormal">
<span style="background-color: whitesmoke; color: #484848; font-family: inherit; font-size: 13px; line-height: 20px; white-space: pre-wrap;">Watch Czech Republic vs Austria Wild live lead series 2015, TODAY Watch Canadiens vs. Senators Live Online Video Streaming, NHL playoffs 2015: Time, TV schedule and how to watch Game 3 online, Watch Czech Republic vs Austria Wild Stream Stanley Cup Playoffs Live Free Sports Live Streaming - Channel 1.Watch Czech Republic vs Austria Wild Stream Stanley Cup Playoffs Live - Free Sports Live Streaming - Channel 1.You can follow Game 2 with CBC Ottawa as Dan Séguin and Stu Mills live-tweet from inside and outside the Bell Centre in Montreal.Ottawa Senators Curtis Lazar gets hilt by Montreal Canadiens Alexi Emelin during first period action at the Bell .... LIVE: Ottawa Senator</span></div>
</blockquote>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Official sites of celebrities as spam launchpads are somewhat unthinkable. Posts of “online free video streaming” are usually posted on sites which offer free registration and nonexclusive posts. Dion, therefore, is definitely an exception.</div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXj4-ko4U_Wtt7DQDj3pUukwsWGwt2bWW5aRPpOGIMCdjCisXqWNoSzVl0qAovlQxKGn-6qnH1q8alKRwklVOBliri2O-3EvWJJcTBsdMZcPie01MIgOjeF9t_G0OFheX_g-CVmLhg-94/s1600/celine-plugin00.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="66" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXj4-ko4U_Wtt7DQDj3pUukwsWGwt2bWW5aRPpOGIMCdjCisXqWNoSzVl0qAovlQxKGn-6qnH1q8alKRwklVOBliri2O-3EvWJJcTBsdMZcPie01MIgOjeF9t_G0OFheX_g-CVmLhg-94/s320/celine-plugin00.png" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">(pc- malwarebytes.org)</td></tr>
</tbody></table>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The spam was seen on the celebrity’s photo gallery in her website. It is similar to the posts on the website ‘malwarebytes unpacked’ as it resembles the spam posts on steam (blogging domain like slideshare, twitter, soundcloud etc.).</div>
<br />
<div class="MsoNormal">
The issue is however with a plugin allowing registered users in the site to upload fan photographs. The admins might have foreseen the spam images appearing with the clickable text. The visitors are then asked for personal information and payment details after clicking on the spam link.</div>
</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-12272431840462358642015-04-27T02:42:00.000-04:002015-04-27T02:42:09.284-04:00Beware of emails with resume attachments as Phishers still use JavaScript attachments<div dir="ltr" style="text-align: left;" trbidi="on"><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiKBv24oNQnw2WQfm62QuuqI6qncBHK0drmD-PUQSwzq802LK8cLOcNQ_NTSiB6fDo-VaPLgvBzZuuqg-4c9oRDmFCOJ9QgXP0-h4SC2LevKGw5x6-1l752_ChXl_0sJC5ijxSUAUzYBU/s1600/Cry.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiKBv24oNQnw2WQfm62QuuqI6qncBHK0drmD-PUQSwzq802LK8cLOcNQ_NTSiB6fDo-VaPLgvBzZuuqg-4c9oRDmFCOJ9QgXP0-h4SC2LevKGw5x6-1l752_ChXl_0sJC5ijxSUAUzYBU/s1600/Cry.png" height="384" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><br />
</td></tr>
</tbody></table><div class="MsoNormal">Beware of emails with an attached resume from a job applicant because some of the hackers are still using old JavaScript attachments to deliver the CryptoWall which could leave people in great trouble.</div><div class="MsoNormal"><br />
</div><div class="MsoNormal"><!-- adsense --> In an article by Brian Bebeau posted on <a href="https://www.trustwave.com/Resources/SpiderLabs-Blog/Cryptowall-and-phishing-delivered-through-JavaScript-Attachments/" rel="nofollow" target="_blank">SpiderLabs Blog</a> (Trustwave SEG Cloud), mentioned that recently, it was noticed that a spam run of emails which contained an attached resume from a job applicant. The attachment, with a file extension ‘.js’, was in plain-text and consisted of JavaScript.</div><div class="MsoNormal"><br />
</div><div class="MsoNormal">After some days, the next spam was noticed which looked more serious and zipped the attachment. The hackers tried to give the attachment a MIME type of "image/png" in order to appear it as an image among the people.</div><div class="MsoNormal"><br />
</div><div class="MsoNormal">If anyone retrieves the picture, it will turn out to be a Windows executable. </div><div class="MsoNormal"><br />
</div><div class="MsoNormal">Bebeau wrote that after analysing the file, they came to know that this is a Cryptowall ransomware variant. So, if anyone opens the attachment to look a resume or picture, he/she could end up with his/her entire system in trouble.</div><div class="MsoNormal"><br />
</div><div class="MsoNormal">He added that some group of spammers also uses JavaScript to hide their phishing attachments. Instead of a resume, they used that old standby, the common account phish. </div><div class="MsoNormal"><br />
</div><div class="MsoNormal">Bebeau wrote that people can verify an email by looking at the header addresses, before opening the attachments. </div><div class="MsoNormal"><br />
</div><div class="MsoNormal"><b>Subject lines include:</b></div><div class="MsoNormal"><br />
</div><div class="MsoNormal"><b>- Un-authorized User</b></div><div class="MsoNormal"><b>- Verification Required</b></div><div class="MsoNormal"><b>- Must verify your account</b></div><div class="MsoNormal"><b>- Validate account</b></div><div class="MsoNormal"><br />
</div><div class="MsoNormal">He said that it is said that people’s account has been limited or disabled, and that to restore their account, they must follow some steps in the attachment.</div><div class="MsoNormal"><br />
</div><div class="MsoNormal">Now, the attachment is an HTML file with a JavaScript section which instructs people to turn on JavaScript. If they view the attachment in a JavaScript-enabled browser, it creates a form which asks for their personal information.</div><div class="MsoNormal"><br />
</div><div class="MsoNormal">The form asks for peoples’ social security number and their credit card number along with their name and address. And if anyone fills it and clicks submit button, his/her all data goes to a server in Russia.</div><div class="MsoNormal"><br />
</div><div class="MsoNormal">According to Bebeau, if people can examine an attachment carefully, it can be a useful to pull JavaScript code for content blocking. </div><div class="MsoNormal"><br />
</div><div class="MsoNormal">He wrote that, Trustwave SEG Cloud, blocked around 200 of these phishing messages within three days. People should not turn on JavaScript even if some email asks them to do so.</div></div>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-49219114481838293082015-03-23T10:05:00.000-04:002015-03-23T10:05:09.442-04:00Fake Facebook: Don't give your details away<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLlwe82t1cmq_NRXT2-ag_yi-6orizeKUH6D_xAeCjZh8upd-awLi7sT4j0efwyFWjzMnMRBH0ro21sYpEPfBLai7PkAVDzvinFSDiDNEClvV3VHdO4efLvGf_WEj7biC_q-yYfEt9gvfU/s1600/facebook-recovery-on-dropbox.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLlwe82t1cmq_NRXT2-ag_yi-6orizeKUH6D_xAeCjZh8upd-awLi7sT4j0efwyFWjzMnMRBH0ro21sYpEPfBLai7PkAVDzvinFSDiDNEClvV3VHdO4efLvGf_WEj7biC_q-yYfEt9gvfU/s1600/facebook-recovery-on-dropbox.png" height="255" width="420" /></a></div>
<br />
A new phishing scam designed to steal your Facebook data has come to light. You might be receiving a mail or a message on social media asking you to recover your Facebook account, before it is permanently closed.<br />
<br />
<!-- adsense --> The scam is focused on getting Facebook credentials, along with phone number and date of birth of a user. The scam came to light beacuse of the bad English in the message.<br />
<br />
Aside from that, the page where you enter your details (the phishing page) is hosted on cloud sharing website Dropbox, allowing for all data you input to be conveniently for the hacker or hackers.<br />
<div>
<br /></div>
<div>
The details are then posted online on a .PHP page, preferably to be sold. No official word is yet out from Facebook on the matter, but <a href="https://blog.malwarebytes.org/fraud-scam/2015/03/facebook-phisher-apologizes-for-disturbing-your-comfort/" rel="nofollow" target="_blank">www.blog.malwarebytes.org</a> has cautioned users to be careful before responding to any such message, suspected to be from hackers.</div>
</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-36898398880052020862015-03-20T00:17:00.000-04:002015-03-20T00:17:05.323-04:00Employee email accounts of Children's National Health System targeted with Phishing emails<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6cILqUKlyOjBT8lbgn9d1-Uwxv6zswF1vaX7V13V-MoA7tbFVNvG9Q4g1EIX68M2Ubd1rsnrs-OwdzS3JTwugL_8MbJ6fGEqaGO8-QYtjAO30dmqDVoKBk6ztdrYO40_P_nk11PGqG06U/s1600/images.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6cILqUKlyOjBT8lbgn9d1-Uwxv6zswF1vaX7V13V-MoA7tbFVNvG9Q4g1EIX68M2Ubd1rsnrs-OwdzS3JTwugL_8MbJ6fGEqaGO8-QYtjAO30dmqDVoKBk6ztdrYO40_P_nk11PGqG06U/s1600/images.jpg" height="266" width="400" /></a></div>
<br />
Children's National became a victim of a cyber-attack, after its employees responded to phishing emails by hackers believing they were legitimate.<br />
<br />
<!-- adsense --> The issue came to light on December 26 last year and <a href="http://childrensnational.org/notice" rel="nofollow" target="_blank">Children's National </a>believes that any potential unauthorized access of its employees email accounts could have taken place between July 26 and December 26 last year.<br />
<br />
Children's National has come out to say that Patient History Information of various patients in the affected email accounts has been put at risk, and although it has not received any information regarding the misuse of this information, affected people are being informed to stay on the lookout for discrepancies in their insurance statement.<br />
<br />
On learning of the incident, Children's National immediately secured the emails accounts of the affected employees and began an investigation into the matter. They hired an external forensics firm to carry out their investigation into the matter.<br />
<br />
They implemented new safety features and reviewed its systems to upgrade the security of their network. They have also setup a dedicated call centre with a helpline number for getting in touch with the affected patients.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-31246869806586084192014-09-22T11:09:00.001-04:002014-09-25T03:25:27.619-04:00Don't cook your iPhone with Microwave oven<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2efkWKzkG2v6D6YFgjvfx0_2D2zlpj2OA-T74UZmthvKVX72ptbg043KYl41OWBVMq2YVkuLirFM5oT1fuBtB92eggeOMHM6pPVLYdBuzT_mpt40MOJ_yhn-UJGqHnGpiFJJzY7cI48E/s1600/iphone-wave-hoax.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2efkWKzkG2v6D6YFgjvfx0_2D2zlpj2OA-T74UZmthvKVX72ptbg043KYl41OWBVMq2YVkuLirFM5oT1fuBtB92eggeOMHM6pPVLYdBuzT_mpt40MOJ_yhn-UJGqHnGpiFJJzY7cI48E/s1600/iphone-wave-hoax.jpg" height="317" width="320" /></a></div>
<br />
There is an Internet hoax circulating around claiming users of Apple's IOS 8 can charge their iPhone by putting it in the microwave oven. <br />
<br />
<!-- adsense --> The hoax ad was posted in 4chan and stated "Wave is our latest and greatest addition to iOS8. Wave allows your device to be charged wirelessly through microwave frequencies. Wave can be used to quickly charge your device's battery using any standard household microwave"<br />
<br />
I don't think anyone fall for this hoax. But it is funny to read the ad and tweets about it.<br />
<br />
<blockquote class="twitter-tweet" lang="en">
The app which allows you to charge your new iPhone 6 in the microwave is a hoax!!! Try it and you'll get an explosion and a visit from us!<br />
— Perry Barr Fire (@PerryBarrFire) <a href="https://twitter.com/PerryBarrFire/status/512940031355682816">September 19, 2014</a></blockquote>
<script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script>Last year, when iOS7 was first launched, some pranksters made a similar fake ad claiming updating to the iOS7 made phones waterproof. Many people reportedly fell for that hoax.<br />
<br /></div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-14147448690061740622014-05-21T17:29:00.001-04:002014-05-21T17:34:29.377-04:00Facebook hoax "Prayers for Like"<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0NJDOaVjicv2kHt1HPzpdcVLMU92GnlDbv7UxZj7YDvScgEb8tKkyboMWw7sVifBOJLoPphLBZrUcBleOv3Vr9JY9hUnv9SO02k_LgAxMtjECkBHGKtROhpf9RBgXwRve8wWdlUxYyzAH/s1600/Screenshot+from+2014-05-22+00:54:33.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0NJDOaVjicv2kHt1HPzpdcVLMU92GnlDbv7UxZj7YDvScgEb8tKkyboMWw7sVifBOJLoPphLBZrUcBleOv3Vr9JY9hUnv9SO02k_LgAxMtjECkBHGKtROhpf9RBgXwRve8wWdlUxYyzAH/s1600/Screenshot+from+2014-05-22+00:54:33.png" height="320" width="200" /></a></div>
<br />
The message is a disgraceful hoax designed to get maximum number of likes for a facebook page and further promote it through sharing the message.<br />
<br />
<!-- adsense --> A baby's photograph was taken out illegally from a personal facebook profile and is circulated without the parents permission. Unfortunately the baby from the photograph died two weeks after her birth. As the baby's picture is being circulated without the parents permission, it is causing great pain to them. If this hoax message comes your way, do not like or share it. Advisory, report this particular message to Facebook.<br />
<br />
According to the facebook's currently distributed hoax message, you can offer prayers to this baby girl by liking or sharing the picture. However, liking or sharing the particular message would not help the baby, infact would cause considerable distress to the parents and make them belligerent.<br />
<br />
The people who create these messages are highly motivated by the green eyed monster and look through the children whose pictures they misuse. Facebook pages with large number of likes are a source of black market and can also be sold to inhumane internet marketers and used to make further scam and hoax messages.<br />
<br />
Believes of offering prayers for someone who is unfotunate is sane but reciprocating it through social networking sites is simply absurd. Are we to believe on a denigrating fact that, “almighty has a deal with facebook that one shrare contributes hundred prayers?”<br />
<br />
Not only this it can also be seen on other pages including images of God and Godesses and they ask for a like or comment to seek There blessings.Well its ironical that even the Almighty now needs likes, shares and comments on their images for blessing the mankind.Huh.Well my suggestion is open up your eyes and think broadly.<br />
<br />
<span style="color: #cc0000;"><b>If this message comes your way, do not like, share or comment on such a post. </b></span>It plays in favour of inhumane and immoral people who earn from such hoaxes. <br />
<br />
The company needs to take action that ensures that these scam messages are removed from the network as quickly as possible.<br />
<br />
Moreover, facebook has actually removed some of the messages, as they have been reported a number of times. The company should ensure that these hoaxes are removed from the network as quickly as possible.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-27915998789782250102014-05-13T01:40:00.003-04:002014-05-13T01:40:41.018-04:00Phishing mail says 'DSVX virus' detected in Your Yahoo Mail<div dir="ltr" style="text-align: left;" trbidi="on"><br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiC0PRfADYAym70EJp5TyAKALJc19tsrUQncYkSW-3poUEEloutaf0o_x-epn99uqEJyfZ0KJWt8ZUDuSb7ohW3Yfhwsf6E8Rh6j0QZ0EEgt8EXZOLo-hTx8rhKLcZ37pS2Ciq2ebU6IJ4/s1600/phishing-email.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiC0PRfADYAym70EJp5TyAKALJc19tsrUQncYkSW-3poUEEloutaf0o_x-epn99uqEJyfZ0KJWt8ZUDuSb7ohW3Yfhwsf6E8Rh6j0QZ0EEgt8EXZOLo-hTx8rhKLcZ37pS2Ciq2ebU6IJ4/s1600/phishing-email.jpg" height="356" width="640" /></a></div>If you are getting emails saying that a virus detected in Your Yahoo Email account, ignore the emails. It is none other than another tricky method used by cybercriminals to fool users.<br />
<br />
<!-- adsense --> Hoax-slayer has <a href="http://www.hoax-slayer.com/dsvx-yahoo-phishing-scam.shtml" rel="nofollow" target="_blank">spotted</a> a fake email claiming to be from Yahoo informs recipients that it has detected a so-called DSVX virus in your yahoo mail account and you have to update your account.<br />
<br />
The email warns the recipients that if they failed to update, they will lose access to their email address.<br />
<br />
It also claims the update will give latest spam protection, faster email and unlimited storage facility. <br />
<br />
To update their email, it asks the recipients to send their username, email id, password, email security question and answer, country, phone number and Date of Birth by clicking the Reply Button.<br />
<br />
Keep in mind that Yahoo or any other organizations are never going to ask you to send your username and passwords or any other sensitive data via an unsecured email. </div>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-32002045685392967082014-05-07T01:37:00.003-04:002014-05-07T01:39:01.212-04:00Scam Alert: Your Facebook Accounts will be Permanently Disabled<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnjyLfni3FYBKoSr6HWXiKPE9RyyP9ib2I6mj6qhQEaYdELfdZBoTGUsXssYyspiZ-MegxzQLqgkRcVCei2UuczYRZRz48ghFJaBEAeZylLMmxu75upS-IaY9XOxC7tUWvaw-k-PJuVaw/s1600/faebook-scam.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnjyLfni3FYBKoSr6HWXiKPE9RyyP9ib2I6mj6qhQEaYdELfdZBoTGUsXssYyspiZ-MegxzQLqgkRcVCei2UuczYRZRz48ghFJaBEAeZylLMmxu75upS-IaY9XOxC7tUWvaw-k-PJuVaw/s1600/faebook-scam.jpg" height="350" width="640" /></a></div>
We have seen large numbers of facebook posts that promise something, but it turns out to be a scam. Fb users are still believing such kind of posts and blindly following the instructions. So, Cyber criminals are keep coming up with new themes to trick users.<br />
<br />
<!-- adsense --> Over the past few days, i have been receiving a facebook notifications informing that one of my friends mentioned me in a comment. I had a look at the post, it is none other than a facebook scam.<br />
<br />
The scam posts says "to all facebook users Your Facebook Accounts will Permanent Disable. you must register your account to avoid permanent disabled . How to register? Go to our pinned post. and follow instructions carefully!" <br />
<br />
It asks you to copy and paste some code in the console of your browser. By blindly following the instructions of scammers, users are allowing scammers to do various actions('like', 'sharing', 'tagging friends' and more) on their behalf. <br />
<br />
Earlier this year, we <a href="http://www.ehackingnews.com/2014/01/facebook-scams-hacking-any-facebook.html" target="_blank">learned</a> that scammers were tricking users by promising them that following the instructions will help them to hack their friends' accounts.<br />
<br /></div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-28445557273711239892014-05-03T23:28:00.002-04:002014-05-03T23:34:55.423-04:00Cybercriminals abusing Microsoft Azure for phishing attacks<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj59AhnR4Ijqdb-A6pTAEvOWMkcngZLi38RBdSvog4HcG-TRjW2eU4lOAt41lksYe2f6NZNSlmHu6mrGDMr04SVPyjdbpUy759hTkfplqLCaBsgo6MNpd2x3sFtim0WWeDRY9wmKifGsao/s1600/azure-paypal-phishing.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj59AhnR4Ijqdb-A6pTAEvOWMkcngZLi38RBdSvog4HcG-TRjW2eU4lOAt41lksYe2f6NZNSlmHu6mrGDMr04SVPyjdbpUy759hTkfplqLCaBsgo6MNpd2x3sFtim0WWeDRY9wmKifGsao/s1600/azure-paypal-phishing.jpg" height="328" width="640" /></a></div>
<br />
CyberCriminals usually host fake web pages on hacked websites, free web hosting, more recently they abused Google Docs. These fake pages(phishing pages) trick unsuspecting users into handing over their personal and financial information.<br />
<br />
<!-- adsense --> Now, the cyber criminals have started to abuse the Microsoft's Azure cloud platform to host their fake websites.<br />
<br />
Creating accounts on Azure is very easy and they are also offering a 30-day trial. Once you are done with account creation, you can easily create your web pages using the main dashboard.<br />
<br />
However, Registration process is not easy for criminals. Because, it needs you to provide a valid phone number and credit card details.<br />
<br />
<a href="http://blog.malwarebytes.org/fraud-scam/2014/04/cyber-criminals-interested-in-microsoft-azure-too/" rel="nofollow" target="_blank">MalwareBytes</a> researchers says the attackers may have stolen the username and passwords from legitimate users that were already registered.<br />
<br />
Netcraft has <a href="http://news.netcraft.com/archives/2014/04/28/phishers-find-microsoft-azure-30-day-trial-irresistible.html" rel="nofollow" target="_blank">identified</a> several phishing pages targeting users of Paypal, Apple, Visa, American express, Cielo hosted on Azure.<br />
<br />
<b>PhishTank records:</b><br />
http://www.phishtank.com/phish_detail.php?phish_id=2428419<br />
http://www.phishtank.com/phish_detail.php?phish_id=2391951<br />
http://www.phishtank.com/phish_detail.php?phish_id=2342647 <br />
http://www.phishtank.com/phish_detail.php?phish_id=2174737</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-21632217262278833412014-05-02T13:31:00.002-04:002014-05-02T13:34:53.921-04:00Beware of fake versions of Malwarebytes Anti-Malware 2.0 claiming to be free<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYJOK9kj0qk3FYn2GhjEsBzFFBCeyT-MPia62m1z_GRXQE5LLfnbM5SXeStIaJ7D06dxoAV1D-flXPv2KVel54xhROX3Jqh7uIKdlSIoKD8eyy0gVp_IcIxJ7pOi8s6m25Wlwqi0fzNFg/s1600/fake-version-of-malwarebytes-anti-malware.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYJOK9kj0qk3FYn2GhjEsBzFFBCeyT-MPia62m1z_GRXQE5LLfnbM5SXeStIaJ7D06dxoAV1D-flXPv2KVel54xhROX3Jqh7uIKdlSIoKD8eyy0gVp_IcIxJ7pOi8s6m25Wlwqi0fzNFg/s1600/fake-version-of-malwarebytes-anti-malware.png" height="380" width="640" /></a></div>
It is always suggested not to download cracked versions of software, if you are really concerned about your Desktop security. But, Downloading a cracked version of Antivirus or from unknown sources is height of stupidity. <br />
<br />
<!-- adsense --> MalwareBytes recently released new version 2.0 of the MalwareBytes Anti-Malware(MBAM). Cyber criminals have now started to trick users into installing the fake versions of this security application.<br />
<br />
Researchers at <a href="http://blog.malwarebytes.org/security-threat/2014/05/fake-malwarebytes-anti-malware-2-0-abound/" rel="nofollow" target="_blank">Malwarebytes</a> have come across a number of websites offering free version their software, but are actually potentially unwanted programs.<br />
<br />
These bogus applications are capable of making itself run every time, whenever the system is restarted. They are also capable of accessing your browser cookies, list of restricted sites and browser history. <br />
<br />
These apps also blocks users from accessing certain websites by adding them to Internet Explorer's restricted zone, which includes wikia, gamespot, Runescape online.<br />
<br />
The security firm also have spotted premium version of MBAM with key generators on torrent websites. But, in this particular case, users are asked to fill survey in order to download the app. Filling these kind of surveys will help the cybercriminals to earn money. </div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-72532187244463752552014-04-24T12:10:00.001-04:002014-04-24T12:10:29.914-04:00Emails promising CNN article about HeartBleed vulnerability leads to Spam sites<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha2RAMR6cDFj08HC94X9hiJqofhnSdDPf8Rq9SV14EllNSUZBrpp7NZV41Lqw4OQvqDJG-1KQt2DRe1bFY-dYPLK_RfYMcVNGUhmGBupoh_7fQ_rwcnR87aXu8-UwG6oq77DoNt_tRLrU/s1600/heartbleed-bug-spam-campaign.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha2RAMR6cDFj08HC94X9hiJqofhnSdDPf8Rq9SV14EllNSUZBrpp7NZV41Lqw4OQvqDJG-1KQt2DRe1bFY-dYPLK_RfYMcVNGUhmGBupoh_7fQ_rwcnR87aXu8-UwG6oq77DoNt_tRLrU/s1600/heartbleed-bug-spam-campaign.jpg" height="304" width="640" /></a></div>
Cyber Criminals often take advantage of hottest topics and latest events to entice users into visiting spam websites. The HeartBleed bug, which has made headlines over the past few weeks, is no exception.<br />
<br />
<!-- adsense -->Now, spammers are sending out emails with subject "HeartBleed Bug warning". The spam campaign was discovered by Security researchers at TrendMicro. <br />
<br />
"I Just want to let you know there is a big security concern now in the internet. The Internet bug called Heartbleed Bug, was recently discovered by experts. So if were you, you need to change your internet passwords specially your banking passwords." The spam email reads.<br />
<br />
"Check for this report in CNN. Report from CNN[LINK]" <br />
<br />
If the link provided in the email led to the actual CNN report, the email may have been considered as cyber security awareness email. But, the link leads to some malicious webpage.<br />
<br />
One good thing what spammers did is notifying users about the HeartBleed vulnerability and suggest recipients to change their password. If the link provided in the email. </div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-20208525506153764642014-04-18T05:07:00.002-04:002014-04-18T05:07:56.167-04:00Phishing pages trick Steam users to Upload SSFN file<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjftNk0-r6XmKqS6UH7XTR6s-mrigm4d36Mwr45I1RtHLnvDcmg9419FXYA1tPFFsI1wcbso9kRz38O6j5nxCH3Vr3us-wVlIf_gpc51hwwJUDIrzCJxjal2z_honBM8mD2eQlDeZatiUQ/s1600/steamguard-phishing-page.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjftNk0-r6XmKqS6UH7XTR6s-mrigm4d36Mwr45I1RtHLnvDcmg9419FXYA1tPFFsI1wcbso9kRz38O6j5nxCH3Vr3us-wVlIf_gpc51hwwJUDIrzCJxjal2z_honBM8mD2eQlDeZatiUQ/s1600/steamguard-phishing-page.jpg" height="306" width="640" /></a></div>
Is Steam login page asking you to upload SSFN file? Think twice before uploading, because the legitimate steam site never asks you to upload SSFN file.<br />
<br />
<!-- adsense --> Steam Guard is extra layer of security. It will ask you to enter a verification code sent to your email, whenever you try to log in from a computer you haven't used before.<br />
<br />
This feature will prevent attackers from taking control of your steam account, even if they know your login id and password. <br />
<br />
However, there is new Phishing scam uncovered by <a href="http://blog.malwarebytes.org/fraud-scam/2014/04/phishers-bypass-steam-guard-protection/" rel="nofollow" target="_blank">MalwareBytes</a> that bypasses the Steam Guard protection. It tricks users into handing over their login credentials and the SSFN file. <br />
<br />
<b>What is SSFN File?</b><br />
SSFN is the file that avoids you from having to verify your identity through Steam Guard every time you login to Steam on your computer. If an user deletes this file, he will be asked to verify again and new SSFN file will be generated and stored in your pc.<br />
<br />
If you upload your SSFN file to a phishing page, attackers can use this file with username &password to take control of your account.<br />
<br />
In a <a href="http://www.reddit.com/r/Steam/comments/1yw25k/psa_new_phishingscam_technique_on_fake_steam/" rel="nofollow" target="_blank">reddit</a> thread, several users have reported that they got fooled by this phishing scam. <br />
<br />
"<span style="color: red;"><b>Steam will never ask you to provide any Steam Guard files</b></span>. If you upload or give a user your Steam Guard .SSFN file, they can gain access to your account without accessing your email account. However, they must know your Steam account password and username to use this file" Valve <a href="https://support.steampowered.com/kb_article.php?ref=4020-ALZM-5519" rel="nofollow" target="_blank">article</a> about Steam Guard reads.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-78117445496809956452014-03-05T10:51:00.001-05:002014-03-05T10:51:41.625-05:00European Apple users targeted with phishing emails<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiopmXtr7iEDEBWNYEBkjGTYH6g5mxnq6LlvbHYyeuzC0nlcQX6yXsnKgD4JRSgoOpqTsCBCY-QZ7BTpl1ivDy46Gax-p7DR_tCIrOmj7IEdE6VjNvbUsFH7udbc75YXeRyikgl1lhx5Ao/s1600/apple-phishing-scam.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiopmXtr7iEDEBWNYEBkjGTYH6g5mxnq6LlvbHYyeuzC0nlcQX6yXsnKgD4JRSgoOpqTsCBCY-QZ7BTpl1ivDy46Gax-p7DR_tCIrOmj7IEdE6VjNvbUsFH7udbc75YXeRyikgl1lhx5Ao/s1600/apple-phishing-scam.jpg" height="320" width="640" /></a></div>
A new phishing campaign targeting European users of Apple store which promises to offer a discount.<br />
<br />
<!-- adsense -->Security researchers at <a href="http://www.securelist.com/en/blog/8188/A_gift_for_Apples_valued_customers" rel="nofollow" target="_blank">Kaspersky</a> have spotted a new spam mail targeting Apple users, tricks users into thinking that they can get discounts of 150 euros by just paying 9 euros.<br />
<br />
"Apple is rewarding its long-term customers. Your loyalty for our products made you eligible for buying an Apple discount card" The spam mail reads. <br />
<br />
The spam mail asks users to download an attached HTML file and fill the form, where users are being asked to enter personal information as well as credit card information.<br />
<br />
The scammers spoofed the email address such that it makes the email pretending to be from informs@apple.com. They also promised to send the discount card within 24 hours, after filling the form.<br />
<br />
If a recipient follows the instructions and fill the form, the phishing file will send the data to the attacker server. The attacker will use the given financial data. </div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-19343424899743630582014-02-07T18:36:00.002-05:002014-02-07T18:36:32.509-05:00Users targeted with large number of Spam mails containing Banking Trojan<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimNNxsZmfv0_t4esLPk7CgIUlf2qLwLFbXgOTtitWsHHZchHBJSVYEf-kl9Hp4nVCN7oOthoUtAALlG2Vyb9NR2aGbM47QEkHH7kzDPwk5jWdqBSp7vciwR6JCsNrp44X61qBSZGcRHFM/s1600/massive-spam-campaign-virus-traffic.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimNNxsZmfv0_t4esLPk7CgIUlf2qLwLFbXgOTtitWsHHZchHBJSVYEf-kl9Hp4nVCN7oOthoUtAALlG2Vyb9NR2aGbM47QEkHH7kzDPwk5jWdqBSp7vciwR6JCsNrp44X61qBSZGcRHFM/s1600/massive-spam-campaign-virus-traffic.jpg" height="320" width="640" /></a></div>
A new massive spam campaign has been spotted by security researchers at AppRiver which sends large amount of spam mails to data centers in an effort to evade Email-filtering engines.<br />
<br />
<!-- adsense --> AppRiver's data centers received 10 to 12 times normal traffic. Even though AppRiver managed to block the spam mails, tremendous volume of traffic caused some of its customers delays in sending and receiving emails.<br />
<br />
CyberCriminals are targeting users with large amount of emails with varying premise. One of the spam mails is targeting Bank of America customers. A fake alert message pretending to be from Bank of America contains a Bredo malware.<br />
<br />
Researchers say the malware is capable of recording the keystrokes and steal financial information. It has also capabilities to do download additional malware on the victim's machine. The spam mails reportedly detected only by 11 out of 51 antiviruses.<br />
<br />
Another mail analyzed by <a href="http://blogs.appriver.com/Blog/bid/101293/Massive-Spam-Campaign-Still-Attempting-to-Spread-Malware" rel="nofollow" target="_blank">AppRiver</a> is pretending to be from "VISA/MasterCard" and informs recipients that their account has been blocked due to unusual activity.<br />
<br />
Some of the malicious attached files have pointed to Andromeda botnet and some other pointing to Bredo Botnet. This botnet activity being referred as <b>TidalWave/TidalBotnet </b>by AppRiver. </div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-73134198880945686552014-01-28T10:48:00.003-05:002014-01-28T10:48:44.169-05:00Facebook Scams: "Hacking any Facebook Account", "Facebook Music Theme"<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitHeeXIrKW4Re5bXxuAsZLOZ5LN8J4pCLg6_n_xoUmRZ1rh75biYIg2YIEi6cpK-HI4R_GStpblCFRSDwB79Do5IgmGk60kDkyuBnYzPrNYUI8ebhGOXIz2CgQFNnfhD1aFzCfA0TJpR4/s1600/facebook-account-hacking-scam.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitHeeXIrKW4Re5bXxuAsZLOZ5LN8J4pCLg6_n_xoUmRZ1rh75biYIg2YIEi6cpK-HI4R_GStpblCFRSDwB79Do5IgmGk60kDkyuBnYzPrNYUI8ebhGOXIz2CgQFNnfhD1aFzCfA0TJpR4/s1600/facebook-account-hacking-scam.jpg" height="359" width="640" /></a></div>
<br />
A new facebook scam which is claimed to be a script to "Hack any Facebook account" is spreading like Wildfire. Recently, i also came across a facebook scam post that promise a "Facebook Music Theme". I've been tagged in the spam posts by more than 20 friends within a week.<br />
<br />
<!-- adsense --> The post has a link to a script file which is randomly hosted in dropbox, pastebin, textuploader and other file hosting services.<br />
<br />
The post tricks users into thinking that it is a script to hack any facebook accounts. It urge users to use it before it is getting blocked by facebook.<br />
<br />
It asks them to copy the script and paste in the "console" section of the "inspect element" option in your browser. It claims you will get username and password once you done the process.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimmbBPANeUsjdYm36waGQ_rz5AvFhW5pqaKZWUD6Q35I2Ch-IMITNceyiypIEp_aHQ7HbBkgq75VC3iagikWrj1LgwnMqRLasDYQFMeIdMFNp06ofOgiJVwPHovQ0o8gO8uCm47zEJcbc/s1600/malicious-scripts.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimmbBPANeUsjdYm36waGQ_rz5AvFhW5pqaKZWUD6Q35I2Ch-IMITNceyiypIEp_aHQ7HbBkgq75VC3iagikWrj1LgwnMqRLasDYQFMeIdMFNp06ofOgiJVwPHovQ0o8gO8uCm47zEJcbc/s1600/malicious-scripts.jpg" height="322" width="640" /></a></div>
<br />
<span style="color: #cc0000;"><b>Here is what exactly happening:</b></span><br />
When you execute paste the code in the console section, it will run the code on behalf you. So, it will send several requests including "Like" & "comment" request". It means that you are unknowingly "liked" and "commented" on the scammer's pages.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8slBd9RxSIEaMLpWFj-oPbnHRQkaw57ttmTC_qgaszbBRCDZFUR_B8XPXT-cKfsMMguBxGSdaw0OMRLu2IBfzmA2FNd3HmiipHjjwu0fztXzKvxFASEnU-meGADPjBS87SHsmuyXwR88/s1600/spam-likes-activity-log.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8slBd9RxSIEaMLpWFj-oPbnHRQkaw57ttmTC_qgaszbBRCDZFUR_B8XPXT-cKfsMMguBxGSdaw0OMRLu2IBfzmA2FNd3HmiipHjjwu0fztXzKvxFASEnU-meGADPjBS87SHsmuyXwR88/s1600/spam-likes-activity-log.jpg" height="378" width="640" /></a></div>
<br />
It also tag all of your friends in a comment so that it can spread the scam further and get more victims.<br />
<br />
I can't believe that there are still plenty of people out there who still believe some stupid scripts can hack accounts.<br />
<br />
<span style="color: #cc0000;"><b>Are you one of the victim who followed the stupid instructions?</b> </span><br />
No need to panic. As far as i know, the script only "likes"& "comments" on behalf you. So, you can simply go to "Activity" log page in your account and unlike & uncomment them. If you are reading this article, make sure you are not doing the same mistake again.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-59693186265450211832014-01-03T19:19:00.001-05:002014-01-03T19:19:14.082-05:00Facebook Scam: World's Largest Snake Video and Shark Eating Man Videos<div dir="ltr" style="text-align: left;" trbidi="on">
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCVZNEaZ_5r4tmU-ywaviPr8D0O7kIMs9_4UjTRAMhyphenhyphenWpHn1l4KC5eCAg7nd4gdXvK-HD2RWuOawDMJ9COCT_uOf0ypavVRpT-j0ZI5g-WeSiA4GB_VarGxSPmp2QDXo8_uAatc6q6jn8/s1600/facebook-surve-scam.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="309" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCVZNEaZ_5r4tmU-ywaviPr8D0O7kIMs9_4UjTRAMhyphenhyphenWpHn1l4KC5eCAg7nd4gdXvK-HD2RWuOawDMJ9COCT_uOf0ypavVRpT-j0ZI5g-WeSiA4GB_VarGxSPmp2QDXo8_uAatc6q6jn8/s640/facebook-surve-scam.jpg" width="540" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Facebook Survey Scam</td></tr>
</tbody></table>
<!-- adsense -->Attention Facebook users ! If you are seeing a Facebook post promising outrageous videos, for instance"Shocking video: World's Largest Snake Video, Don't click it, It is nothing other than Survey Scam.<br />
<br />
There are various facebook posts circulating with different bogus title in facebook that leads to a survey scam page.<br />
<br />
So far, the topics used in the scam campaign are " SHOCKING VIDEO World’s Largest Snake Found In [Brazil /Mexico ]", "Exclusive: Shark eats the swimming man in an Ocean!! Watch the video".<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGh88cIKcJjcfQypPdCVzHang-2zPCVswkVYBzysupKa3irsR0m_YXj1nV26NHLhTwn2MgNOOMpXXz_WPxsfsod6ZMjLGJg0l41NHBy4-gptmLy_vbuXdJW1R4TRMa290CBDpi1MbrhZg/s1600/FACEBOOk-scam-shark-eats-man.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="296" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGh88cIKcJjcfQypPdCVzHang-2zPCVswkVYBzysupKa3irsR0m_YXj1nV26NHLhTwn2MgNOOMpXXz_WPxsfsod6ZMjLGJg0l41NHBy4-gptmLy_vbuXdJW1R4TRMa290CBDpi1MbrhZg/s400/FACEBOOk-scam-shark-eats-man.jpg" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Facebook Scam post</td></tr>
</tbody></table>
The user who clicks the link in the post will be taken to a web page where they are asked to complete the survey in order to view the video and share the video in their facebook account.<br />
<br />
At the end, you will get nothing other than being a victim of the scam. Remember, there is no such videos. If you come across these kind of posts, just ignore it /report it to Facebook.</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-91382919937385034632013-12-21T03:30:00.000-05:002014-01-07T12:59:03.738-05:00Spam mail promising Adobe License key delivers Trojan<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
Adobe has issued a warning about a new spam email campaign which is purporting to deliver License key for a variety of Adobe products. <br />
<br />
Security researchers at <a href="http://blog.mxlab.eu/2013/12/19/trojan-attached-in-fake-emails-regarding-license-key-from-adobe/" rel="nofollow" target="_blank">MX Lab</a>, have come across the spam emails with the subjects such as "Download your License Key", "Than you for your order" that distributes a new Trojan. <br />
<br />
The attacker managed to spoof the email address so that it will appear to be from Adobe Inc. The email thank the recipient for buying a various Adobe products and informs them "License Key" is attached with the email.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWFeQnoeZY7EnShyAxZCPFdzq8HMopHKdmFtmvflIIvyhAAIFgjNmxlN4IMQYTPj3ZAkaMvFzlYsH5kMDO5lTeHo1N2uNoEBycfd0dmHKKhseMzE2yxZ1xUiwi4gZhthtgsICcNGRmipk/s1600/adobe-license-key-attachment-malware.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWFeQnoeZY7EnShyAxZCPFdzq8HMopHKdmFtmvflIIvyhAAIFgjNmxlN4IMQYTPj3ZAkaMvFzlYsH5kMDO5lTeHo1N2uNoEBycfd0dmHKKhseMzE2yxZ1xUiwi4gZhthtgsICcNGRmipk/s320/adobe-license-key-attachment-malware.jpg" height="97" width="320" /></a></div>
<br />
Those whose eagerly searching for a new License key definitely open the attachment. The attached file "License_Key_OR8957.zip" is nothing but a malware.<br />
<br />
At the time of writing, 27/49 Antivirus engines detect it at VirusTotal. It appears the cyber criminal use the same technique from 2011. </div>
</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-85285266394061190942013-12-15T21:38:00.000-05:002014-01-07T13:02:22.568-05:00Nigerian man jailed for $1.5 m phishing scam targeting students<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
A Nigerian man has been sentenced to three years and nine months for taking part in a $1.5 m phishing scam targeting UK students.<br />
<br />
Olajide Onikoyi, 29-year-old, from Manchester, was one of the person of a criminal group who targeted students by sending phishing emails inviting them to update student load details.<br />
<br />
According to <a href="http://news.sky.com/story/1182454/computer-hacker-jailed-for-1-5m-student-scam" rel="nofollow" target="_blank">SKY News</a>, he laundered £393,000 from 238 victims in total, including one student who had £19,000 taken from his account.<br />
<br />
When Metropolitan police central e-crime unit seized his computers, they found a chat logs that revealed he was conspiring with criminals in Russia, Lithuania and UK.<br />
<br />
A number of other people have also been jailed in connection with the scam.</div>
<br />
Users are all advised to be extreme caution when clicking links in unsolicited emails, log into the websites directly by entering the url of the site instead of clicking the link. </div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-7936586016742929815.post-51576481449903677282013-12-13T03:49:00.002-05:002014-01-07T13:02:45.723-05:00Halifax Bank phishing email claims "3rd party Intrusion detected" <div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwRf9eeEvxNgZ_aNo5n8j6QwnCCXEoGhbZNWwViV_2J4EYOoMs_PNo2Tq9ZVaQdHNEE2izUMdNgCQGcNDxSq29zqZ4_4Du8h2r1haNQwa0-qkT0JmrCg_P2qzL-dAZNvfeVjU0BxIE6w4/s1600/halifax-bank-intrusions-phishing-scam.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwRf9eeEvxNgZ_aNo5n8j6QwnCCXEoGhbZNWwViV_2J4EYOoMs_PNo2Tq9ZVaQdHNEE2izUMdNgCQGcNDxSq29zqZ4_4Du8h2r1haNQwa0-qkT0JmrCg_P2qzL-dAZNvfeVjU0BxIE6w4/s640/halifax-bank-intrusions-phishing-scam.jpg" height="383" width="540" /></a></div>
<br />
A phishing email targeting UK-based Halifax Bank users attempt to trick recipients into handing over their sensitive information.<br />
<br />
The email informs the recipients that "3rd party intrusions" have been detected and their account has been limited for security reasons, according to <a href="http://www.hoax-slayer.com/halifax-third-party-intrusions-phishing.shtml" rel="nofollow" target="_blank">Hoax-slayer</a>.<br />
<br />
To restore the account, it asks recipients to confirm their identify and verify that their account has not been used for fraud purposes, by filling an online validation form.<br />
<br />
<!-- adsense --> Once the victim opened the link provided in the email, it will take them to a fake Halifax Bank website where it will ask them to log in. Then, it will ask victims to enter their personal information such as name, phone number, birth dates.<br />
<br />
In next form, they will be asked to enter sensitive information such as Account Number, sort code, card number, expiration date and security code.<br />
<br />
As usual in phishing scams, once the form is filled, the victim will be automatically redirected to the legitimate Halifax Bank website. </div>
Unknownnoreply@blogger.com