Posts tagged phishing
Spammers abusing domain parking services on a massive scale
Jun 7th
By Nick Johnston
Domain parking, the act of registering an Internet domain name without placing any content on the website, is a common practice for a business website in the pre-launch stage.
These landing pages are familiar to us all, often reading “Coming Soon” or “Under Construction.” However, domain parking can also be used for less than noble reasons.
Cyber squatting, registering a domain and reselling it to a company who owns a trademark within the name, and monetized domain parking, where advertisements are displayed for revenue, are also prevalent. Read the rest of this entry »
Cutwail botnet raising spam levels once more
May 12th
There has been a recent increase in the amount of malicious email traffic detected by MessageLabs Intelligence despite a continuous decrease in the actual number of spam mail distributed.
The decrease in spam is due in large part to the takedown of Rustock, the largest spamming botnet, in March. So what accounts for this increase in malware traffic?
Paul Wood
An investigation by MessageLabs Intelligence revealed that this increase is at least due in part to the Cutwail botnet.
10 Internet threats you want to know about
Apr 15th
By Claudiu Popa
From the moment we unwrap that shiny new cell phone or unpack a new, user-friendly computer we are presented with opportunities to ‘get online’ and ‘look at stuff’. Indeed that ‘stuff’ is now the bulk of the value of the Internet as far as users – employees and home users alike – are concerned.
Claudiu Popa
Unfortunately we’re at a random point in the evolution of the Internet where the criminal element and the amoral minorities have a huge footprint in the online world. Indeed, it would not be an exaggeration to say that surfing the Internet without filtering its content is akin to having unprotected sex with strangers.
Playing with fire may be exciting at first, but the outcome is practically inevitable. And so I volunteer, in the name of randomness of course, to list my top 10 Internet security follies of the moment. Read the rest of this entry »
2011: The year that big name companies got owned
Apr 5th
By Claudiu Popa
There’s little sense in waiting until the end of the year. We know that the headline will likely say something to that effect. The question is, why now?
Comodo is known for their free Windows firewalls. The company has seen its digital certificate process compromised to the point where their digital certificates, built into all Web browsers, could no longer be trusted. A simple breach exposed millions of users, embarrassed the company and tarnished an already shaky public image.
Claudiu Popa
RSA, the paragon of security thanks to its ubiquitous password tokens, has seen a key piece of its access control mechanism breached. In so doing, hackers have technically compromised the security infrastructure of tens of thousands of organizations that depend on these systems for verifiable protection. Again, what could be simpler than a phishing attack? All it took was one employee clicking on email-borne malware to install a remote access tool. But can we really blame the access compromise on a single user error at the world’s leading access control company?
Speaking of phishing, the client contact information of such notable enterprises as Citigroup, JPMorgan Chase, Best Buy, Disney, Ritz Carlton, Marriott, Barclays PLC, US Bancorp, McKinsey & Co, Walgreens, TiVo, Capital One, HSN Channel, Hilton Hotels, Verizon, Kraft Foods, AstraZeneca and some 5900 colleges, universities and schools has been compromised in one fell swoop by a breach of Epsilon, a prominent marketing firm with some 2500 big name clients. Read the rest of this entry »
Spam levels decline in January, but not for long
Jan 30th
After the dramatic decline in spam levels seen over the holidays, spam now accounts for 78.6 per cent of all email traffic, the lowest rate since March 2009. Results from our January 2011 MessageLabs Intelligence Report have found that spam volumes are 65.9 per cent lower than last year at this time.
Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec Hosted Services
During December 25 to January 1, spam volumes decreased from 80.2 billion spam emails per day to 33.5 billion spam emails. We have found two reasons for this dramatic decline – the first being a halt in the spam-sending activities of three botnets, Rustock, Lethic and Xarvester and the second due to unrest among pharmaceutical spam-sending gangs.
In May 2010, pharmaceutical spam peaked with 85 per cent of spam being related to pharmaceutical products. However in January 2011, MessageLabs Intelligence found that pharmaceutical spam accounted for only 59.1 per cent of all spam. The closure of spam affiliate, Spamit, in October was partially responsible for this disruption. The Canadian Pharmacy brand, previously the most prolific pharmaceutical spam brands, disappeared when Spamit shut down. Read the rest of this entry »
Cyber attacks target sensitive data and specific individuals
Apr 19th
Authorities in many countries are concerned that attacks on business and government resources will become the next battleground in cyber warfare. In the throne speech earlier this year, the Canadian government announced that it is developing a National Cyber-Security Strategy to address a range of concerns from economic disruptions and state secrets to consumer scams and identity theft.
Seth Hardy, Senior Malware Analyst at Symantec Hosted Services
The March 2010 MessageLabs Intelligence Report examined the nature and origins of targeted attacks. The ultimate aim of a targeted attack is to gain access to sensitive and valuable data or internal systems by targeting specific individuals or companies.
These malicious emails are sent in relatively small volumes, typically to senior executives, with the express purpose of getting control of a target’s computer for industrial espionage.
Free anti-spam and malware tool for Facebook
Jan 22nd
Are you getting tired of clearing out all those spam messages from your blogsite’s comment section?
You’re not alone. A recent survey released by online security software company Websense Inc. says that nearly 95 per cent of user generated comments to blogs, chat rooms, message boards and other social net content are actually spam or links to malware.
If you’re engaged in any form of social networking activity to boost your professional or personal profile or if Facebook, Twitter, YouTube, BlogSpot or other such sites part of your company’s marketing campaign, that’s bad news.
Websense, however, has recently released a beta version 2.0 of its Defensio social Web threat detection platform. Read the rest of this entry »
Scammers & fraudsters extend Holiday earnings at Haiti’s expense
Jan 19th
As much as consumers look forward to Christmas every year, retailers salivate at the boost in revenue and its positive impact on earnings. No one enjoys the holidays more than criminals however, from petty scammers to organized crime groups whose tens, perhaps hundreds of millions of dollars in revenue make up for months of preparation. This year’s windfall stands to be supplemented by an unexpected bonus on account of the Haiti disaster.
There is no shortage to the amount of compassion that such a disaster can bring out in people and the Internet is a great place to reach many, many people. With dozens, perhaps hundreds of individual charities and independent efforts to help Haitian victims, it can be difficult to tell legitimate groups from opportunistic fraudsters. Read the rest of this entry »
Holiday fear mongering! Will Anyone Survive 2010?
Dec 24th
Since my previous blog post I read a ridiculous number of security projections for 2010. These range from catastrophic scenarios to something much, much worse. To these I say, bah humbug!
It seems that Christmas is the time of year when many security professionals find it acceptable to drop their responsible approach to informing the world about emerging trends in favour of much more alarmist ways to spread the word about their worst nightmares.
The only security advice you need this holiday season
Dec 16th
With the holidays now upon us, what better way to get started than to talk about what’s on everyone’s mind? No, it’s not the last minute shopping nor the latest credit card spending statistics. It’s really about the amounts of money lost to financial fraud, scams, hacking and identity theft.
The holidays are a special time for everyone. Three groups are the main protagonists in this production: individual consumers, businesses and the bad guys. Read the rest of this entry »
