| 

This isn't a video, it's a phish

  • Post author: Omid Farhang
  • Post published: December 6, 2010
  • Reading Time: 1 min
  • Word Count: 74 words

You might be seeing something on your Facebook wall today: Sadly, it’s not a fun video. It’s just a phish. The link goes to apps. facebook.com/ lookatuhah, which then redirects to a phishing site: In other words, if you’re absent-minded enough to enter your credentials again, they will be used to then send more of these stupid fake videos posts to others — or do any of a number of other rather nefarious things. ...

Continue Reading This isn't a video, it's a phish

Can you really see who viewed your Facebook profile? Rogue application spreads virally

  • Post author: Omid Farhang
  • Post published: November 28, 2010
  • Reading Time: 3 min
  • Word Count: 449 words

SophosLab: Once again, a rogue application is spreading virally between Facebook users pretending to offer you a way of seeing who has viewed your profile. As we’ve described a couple of times before, plenty of Facebook users would *love* to know who has been checking them out online.. but unfortunately scammers are aware of this, and use the lure of such functionality as a way to trick you into making bad decisions. ...

Continue Reading Can you really see who viewed your Facebook profile? Rogue application spreads virally

Beware the Justin Bieber erection Facebook scam

  • Post author: Omid Farhang
  • Post published: November 24, 2010
  • Reading Time: 3 min
  • Word Count: 602 words

That’s possibly the most unlikely headline I’ve ever had to write in my computer security career, but never mind.. My guess is that regular readers of the Naked Security site might not be ardent fans of Justin Bieber – but chances are that some of you have young daughters or nieces who can’t get enough of the pint-sized pop hamster. If that’s the case then they might be intrigued by a message that is spreading virally across the Facebook social network claiming to be footage of… and how can I put this delicately? I don’t think I can.. Justin Bieber with an erection. ...

Continue Reading Beware the Justin Bieber erection Facebook scam

Hotmail Phishing, Dumb, but it might works

  • Post author: Omid Farhang
  • Post published: November 6, 2010
  • Reading Time: 1 min
  • Word Count: 7 words

Will believe that? I hope you don’t

Continue Reading Hotmail Phishing, Dumb, but it might works

AV scam: is it a rogue or is it AVG’s free edition for sale?

  • Post author: Omid Farhang
  • Post published: November 6, 2010
  • Reading Time: 2 min
  • Word Count: 350 words

Tom Kelchner, Sunbelt blog: Alert reader Laurie (my boss actually) forwarded a copy an email she received from a friend. It said the sender was “…pleased to announce the newest version of Antivirus 2010 for Windows.” There was a link to click, of course. Something called “Antivirus 2010” for sale in November is very odd for three reasons: It’s nearly 2011 and legitimate AV companies are putting out their 2011 versions. There was a rogue security product last year called “Antivirus 2010.” (VIPRE detection: FraudTool.Win32.Antivirus2010 (v)) Although a lot of companies make a product named Anti-Virus 2010, they usually put their name in front of it, such as “Kaspersky Anti-Virus 2010” or “Norton AntiVirus 2010.” The Antivirus 2010 rogue graphic interface from 2009: ...

Continue Reading AV scam: is it a rogue or is it AVG’s free edition for sale?

Fake Twitter homepage kit serves up naked ladies and infection files

  • Post author: Omid Farhang
  • Post published: October 18, 2010
  • Reading Time: 2 min
  • Word Count: 279 words

You might be wondering why the frontpage of Twitter has a big “Edit” line running through it in the screenshot below: The answer, of course, is that this is not the real Twitter page at all. It’s part of an increasingly popular kit used for shenanigans: The scammer downloads the zip, edits the links in the .htm file and places something likely to catch the attention of an end-user underneath the “Edit” line. The fact that the fake content is sitting directly underneath the “New Twitter” promotional text is not a coincidence. ...

Continue Reading Fake Twitter homepage kit serves up naked ladies and infection files

Pooh Bear? No, this is Redpoo and he’s out to scam you

  • Post author: Omid Farhang
  • Post published: October 13, 2010
  • Reading Time: 2 min
  • Word Count: 237 words

Some domain names make you cringe, some make you smile… Such was the case this morning, with redpoo.com a domain name whose registrar is the Center of Ukrainian Internet Names, and registered to: Igor Nikenin ul. B. Pertrovskaya, dom 12, kv 74 Rostov na Donu, 344000 RUSSIAN FEDERATION The servers’ IP, 121.156.57.184, is located in the Republic of Korea. Other than the poor joke, the site serves various exploits which you can view in this Wepawet report. ...

Continue Reading Pooh Bear? No, this is Redpoo and he’s out to scam you

Buggy Paypal phishing

  • Post author: Omid Farhang
  • Post published: October 12, 2010
  • Reading Time: 1 min
  • Word Count: 171 words

Usually I have to wonder how much inventiveness the spammers and Phishers show. But, from time to time, it is funny to see some really stupid Phishing attempts. I do hope that nobody is falling for these puny attempts to fake Paypal we found today. The email below is being sent with a German subject line and it is pretending to come from a German mail address, but the mail itself is written in English and it is allegedly pointing to paypal.com instead of paypal.de. ...

Continue Reading Buggy Paypal phishing

Online pharmacy spam campaign faking Twitter

  • Post author: Omid Farhang
  • Post published: October 12, 2010
  • Reading Time: 1 min
  • Word Count: 185 words

During the weekend our spamtraps received large amounts of emails pretending to come from Twitter. This time, the social engineering twist lies within the subject of the email: It is “You have 2 urgent messages from Twitter!”, creating psychological pressure by some kind of emergency within in the social surroundings of Twitter users. This way the spammers try to increase the rate of the users that are opening the email and click on the links. ...

Continue Reading Online pharmacy spam campaign faking Twitter

“This offer is available TODAY only!!!”

  • Post author: Omid Farhang
  • Post published: October 7, 2010
  • Reading Time: 2 min
  • Word Count: 366 words

Hmmm. That’s not what the source code says We started out the day fat fingering the spelling of “youtube.com” and ended up at the typo squatting site behind the URL “youube.com.” youube.com redirects you to http://youtube.com-prizes.com – obviously a URL intended to make you think it’s really YouTube. Like so many of these “survey” scam web sites, the offer was available “today only: Thursday, October 7, 2010.” Obviously, this is to add a little bit of sales pressure to make a visitor go for the prize ASAP, or at least before midnight. ...

Continue Reading “This offer is available TODAY only!!!”