Scam

Symantec has observed a new trend in phishing in which the phishing Web page contains pornographic content. The phishing site states that the end user can obtain free pornography after logging in or signing up. These offers tempt users into entering their credentials in the hopes of obtaining pornography. The attackers use several offers of pornography as bait. Some of the offers are adult chat, social networking with adult personals for sexual favors, blogs with free pornography, and so on. The screenshot below is an example of a phishing website using a leading information services brand. The site states that they provide email alerts for sex parties: ...

Our good friends at Broomfield, Colo., security firm eSoft have found an interesting scam to trick Internet users into installing the Hotbar adware: a fake Firefox download site. The eSoft researchers are theorizing that an affiliate of Pinball Publisher Network (PPB). is responsible. Pinball bought the Zango assets after that pestilent operation failed last spring. However Sunbelt Software Spyware Research Manager Eric Howes did some more digging and found that PPN offers the download file on a site they own so affiliates can send customers victims there for downloads. ...

New, shiny products always tend to catch people’s attention, and spammers are continually looking for ways to do exactly that. So it’s not surprising to see spam tempting people with the promise of a new iPad, and a FREE one at that: The image they’ve used is very sketchy too, patched together from other existing Apple products and bearing little resemblance to the pictures released so far. However much you might want an iPad, don’t get lured in by spam like this. ...

You’d think that a company trying to raise several hundred million with an initial public offering of stock would tell their affiliates to be on their best behavior for a while. For example, maybe they’d discourage them from hacking government web sites to attract search engine hits on the word “bestiality,” then redirect browsers to the company’s site. The sites: The code: ...

The U.S. Federal Trade Commission today announced that next Tuesday they will hold a news conference to make public details of “a law enforcement sweep cracking down on job and work-at-home fraud fueled by the economic downturn.” The media advisory said that the news conference would feature the director of the FTC’s bureau of Consumer Protection David C. Vladeck, an assistant attorney general and the Ohio Attorney General. The advisory listed as “also attending” representatives of the U.S. Postal Inspection Service, Monster.com and Microsoft. ...

Wired magazine has run a story on a phishing scam in Europe, New Zealand and Japan that resulted in the loss of 250,000 carbon credit permits worth $4 million from six companies. The phishing emails spoofed the German Emissions Trading Authority and said that the victim companies needed to re-register their accounts with the authority. When victims entered their information on a fraudulent web page from the link in the phishing emails the scammers accessed their accounts, transferred emissions credits to accounts they controlled then sold them. The amount the scammers made hasn’t been disclosed. ...

Found this little gem today. It’s distributed with other malware, cracks and drive-by downloads. It purports to be a security warning from your Windows operating system. Notice the “Visa, MasterCard, etc” – it doesn’t even bother to list all the cards it accepts. The really cool thing about it is that it takes FAKE credit card numbers as well as real ones!

Sami, one of our test engineers, was recently seeking a Play Station 3. He found this offer at Huuto.net, a Finnish auction site. 160€ for a 60GB unit, with games, not bad. Sami wanted to confirm that the seller was legit, so he requested a picture, and received this. When he examined the image properties, he discovered that the picture was taken in 2008. ...

With virus and spam outbreaks, analysts needs to keep their nerves to analyze the situation and proceed to deal with the new threat. So, I wasn’t expected to be surprised by my friends’ actions on facebook this past weekend. It started innocently enough, as a post about getting a Free $25 Starbucks gift card for joining a particular group. The first person to join the group from my friends list happens to work for a non-profit organization helping young people. So, I expected the young people on his “friends list” to join this group shortly. ...

Since yesterday, our lab has detected a flood of email messages that seem to contain a Microsoft Update, but it’s actually malware. We’ve seen around 3,000 in a few hours. The message is like the following: This email, which seems to have been sent by the Microsoft Support team, informs you that a new security update for Outlook/Outlook Express has been released. It’s a critical update, so it’s better to install it as soon as possible. ...