Blog

Symantec has observed a new trend in phishing in which the phishing Web page contains pornographic content. The phishing site states that the end user can obtain free pornography after logging in or signing up. These offers tempt users into entering their credentials in the hopes of obtaining pornography. The attackers use several offers of pornography as bait. Some of the offers are adult chat, social networking with adult personals for sexual favors, blogs with free pornography, and so on. The screenshot below is an example of a phishing website using a leading information services brand. The site states that they provide email alerts for sex parties: ...

Our good friends at Broomfield, Colo., security firm eSoft have found an interesting scam to trick Internet users into installing the Hotbar adware: a fake Firefox download site. The eSoft researchers are theorizing that an affiliate of Pinball Publisher Network (PPB). is responsible. Pinball bought the Zango assets after that pestilent operation failed last spring. However Sunbelt Software Spyware Research Manager Eric Howes did some more digging and found that PPN offers the download file on a site they own so affiliates can send customers victims there for downloads. ...

February 9th will bring numerous Microsoft Updates, 13 bulletins addressing 26 vulnerabilities. All versions of Windows are affected. Looks like a busy Tuesday is ahead. See Microsoft’s Security Bulletin Advance Notification for February 2010 for additional details.

Microsoft has announced in Advisory (980088) that there has been a publicly disclosed vulnerability in Internet Explorer, versions 5 through 8. Users not running Internet Explorer in Protected Mode are at risk of having information, in files with predictable names, accessed by attackers. This vulnerability cannot be exploited to execute remote code or used for a denial-of-service attack. The largest group of users at risk are Windows XP users running IE without Protected Mode enabled. Internet Explorer on Vista and Windows 7 has Protected Mode enabled by default. ...

New, shiny products always tend to catch people’s attention, and spammers are continually looking for ways to do exactly that. So it’s not surprising to see spam tempting people with the promise of a new iPad, and a FREE one at that: The image they’ve used is very sketchy too, patched together from other existing Apple products and bearing little resemblance to the pictures released so far. However much you might want an iPad, don’t get lured in by spam like this.

Valentines Day is coming and people are getting ready with preparation and plans to gift some thing different to their loved ones. In this race how can Windows stay behind? So it has released an official Valentine theme to change you desktop to a festive mood. Here is a screen shot of this theme. You do not need any other modification to install this theme as it is not a third party theme. This theme also includes complete sound pack, to move you with the rhythm. Just download the theme and double click it. ...

You’d think that a company trying to raise several hundred million with an initial public offering of stock would tell their affiliates to be on their best behavior for a while. For example, maybe they’d discourage them from hacking government web sites to attract search engine hits on the word “bestiality,” then redirect browsers to the company’s site. The sites: The code: ...

The U.S. Federal Trade Commission today announced that next Tuesday they will hold a news conference to make public details of “a law enforcement sweep cracking down on job and work-at-home fraud fueled by the economic downturn.” The media advisory said that the news conference would feature the director of the FTC’s bureau of Consumer Protection David C. Vladeck, an assistant attorney general and the Ohio Attorney General. The advisory listed as “also attending” representatives of the U.S. Postal Inspection Service, Monster.com and Microsoft. ...

Today we received some job hiring emails that looked like this: It has been formatted nicely and appears to have come from a large job search website. The message reads as follows: Dear Job Seeker, Upon reviewing your resume on Careerbuilder.com we have decided to offer you a job opportunity with our company. The job position is for a Payment Manager/Payments Processor in your area with no obligation to relocate. ...

Wired magazine has run a story on a phishing scam in Europe, New Zealand and Japan that resulted in the loss of 250,000 carbon credit permits worth $4 million from six companies. The phishing emails spoofed the German Emissions Trading Authority and said that the victim companies needed to re-register their accounts with the authority. When victims entered their information on a fraudulent web page from the link in the phishing emails the scammers accessed their accounts, transferred emissions credits to accounts they controlled then sold them. The amount the scammers made hasn’t been disclosed. ...