Phishing

AV scam: is it a rogue or is it AVG’s free edition for sale?

Published: November 6, 2010 Reading time: 2 min

Tom Kelchner, Sunbelt blog: Alert reader Laurie (my boss actually) forwarded a copy an email she received from a friend. It said the sender was “…pleased to announce the newest version of Antivirus 2010 for Windows.” There was a link to click, of course. Something called “Antivirus 2010” for sale in November is very odd for three reasons: It’s nearly 2011 and legitimate AV companies are putting out their 2011 versions. There was a rogue security product last year called “Antivirus 2010.” (VIPRE detection: FraudTool.Win32.Antivirus2010 (v)) Although a lot of companies make a product named Anti-Virus 2010, they usually put their name in front of it, such as “Kaspersky Anti-Virus 2010” or “Norton AntiVirus 2010.” The Antivirus 2010 rogue graphic interface from 2009: ...

Continue Reading

Fake Twitter homepage kit serves up naked ladies and infection files

Published: October 18, 2010 Reading time: 2 min

You might be wondering why the frontpage of Twitter has a big “Edit” line running through it in the screenshot below: The answer, of course, is that this is not the real Twitter page at all. It’s part of an increasingly popular kit used for shenanigans: The scammer downloads the zip, edits the links in the .htm file and places something likely to catch the attention of an end-user underneath the “Edit” line. The fact that the fake content is sitting directly underneath the “New Twitter” promotional text is not a coincidence. ...

Continue Reading

New Likejacking-Attack on Facebook

Published: October 18, 2010 Reading time: 1 min

Currently a new likejacking-attack is running on Facebook. If a user clicks on the link of a friend which is reads “I Will NEVER TEXT Again After Seeing THIS!! on CLICK HERE TO SEE.”, she or he will automatically “like” that link too due to some clever scripting on the attacking website. A second like-link says “This American GUY must be Stoned to Death for doing this to a GIRL (NO SURVEYS)! … on CLICK HERE TO SEE.”. This is another variant of the same likejacking-attack. ...

Continue Reading

Facebook Privacy Breach: Users' Info Leaked To Advertising, Tracking Firms

Published: October 18, 2010 Reading time: 1 min

The information being transmitted is one of Facebook’s basic building blocks: the unique “Facebook ID” number assigned to every user on the site. Since a Facebook user ID is a public part of any Facebook profile, anyone can use an ID number to look up a person’s name, using a standard Web browser, even if that person has set all of his or her Facebook information to be private. For other users, the Facebook ID reveals information they have set to share with “everyone,” including age, residence, occupation and photos. ...

Continue Reading

Pooh Bear? No, this is Redpoo and he’s out to scam you

Published: October 13, 2010 Reading time: 2 min

Some domain names make you cringe, some make you smile… Such was the case this morning, with redpoo.com a domain name whose registrar is the Center of Ukrainian Internet Names, and registered to: Igor Nikenin ul. B. Pertrovskaya, dom 12, kv 74 Rostov na Donu, 344000 RUSSIAN FEDERATION The servers’ IP, 121.156.57.184, is located in the Republic of Korea. Other than the poor joke, the site serves various exploits which you can view in this Wepawet report. ...

Continue Reading

Buggy Paypal phishing

Published: October 12, 2010 Reading time: 1 min

Usually I have to wonder how much inventiveness the spammers and Phishers show. But, from time to time, it is funny to see some really stupid Phishing attempts. I do hope that nobody is falling for these puny attempts to fake Paypal we found today. The email below is being sent with a German subject line and it is pretending to come from a German mail address, but the mail itself is written in English and it is allegedly pointing to paypal.com instead of paypal.de. ...

Continue Reading

Online pharmacy spam campaign faking Twitter

Published: October 12, 2010 Reading time: 1 min

During the weekend our spamtraps received large amounts of emails pretending to come from Twitter. This time, the social engineering twist lies within the subject of the email: It is “You have 2 urgent messages from Twitter!”, creating psychological pressure by some kind of emergency within in the social surroundings of Twitter users. This way the spammers try to increase the rate of the users that are opening the email and click on the links. ...

Continue Reading

“This offer is available TODAY only!!!”

Published: October 7, 2010 Reading time: 2 min

Hmmm. That’s not what the source code says We started out the day fat fingering the spelling of “youtube.com” and ended up at the typo squatting site behind the URL “youube.com.” youube.com redirects you to http://youtube.com-prizes.com – obviously a URL intended to make you think it’s really YouTube. Like so many of these “survey” scam web sites, the offer was available “today only: Thursday, October 7, 2010.” Obviously, this is to add a little bit of sales pressure to make a visitor go for the prize ASAP, or at least before midnight. ...

Continue Reading

Twitter password phishing

Published: October 7, 2010 Reading time: 2 min

Our friend in the UK got this via a contact. It was from a Twitterer who obviously had his Twitter login stolen: (Twitter apparently is filtering this URL at this point.) The link led to a phishing page that used the deceptive tactic of showing an error message: “Wrong Username/Email and password combination.” You login, it steals your Twitter password, sends the above Tweet to all your contacts and continuing rounding up passwords. ...

Continue Reading

Facebook spammer fined $1 billion USD

Published: October 7, 2010 Reading time: 2 min

How does one say in French: “We’re gonna make an example out of you, boy” The Toronto Sun is reporting that convicted spammer Adam Guerbuez of Montreal has been ordered to pay $1 billion to Facebook by Quebec Superior Court. The court was upholding a U.S. Federal court fine that resulted from a wave of four million spam ads sent to Facebook users in 2008. Guerbuez did not contest the Sept. 28 Quebec Superior Court ruling. ...

Continue Reading