Do you know what the latest version of Adobe’s Flash Player is? If you don’t, you may very well fall for this: Flash Player 11? There are more than 3 million pages linking to this alleged version 11: Most pages are from unsanitized forums, but there is even a Google Ad for it! Ooooops…. The screen below depicts the social engineering trick: What appears to be an X-rated video with a Windows Media Player logo (that is odd!). ...
I have seen a lot of these lately. This one currently doing the rounds tries to dupe the reader into thinking that the International Monetary Fund (IMF) wants to use their accounts to transfer money meant for charity. In the email. the IMF (supposedly) wants to transfer $10 Million into the reader’s account using NatWest Bank. The contact details within the Bank are given as follows: Name: Mr. Donald Miller (Co-founder) Office Address: 11 El Shams Bldgs., 8th District Nasr City E-mail: Bernisecharityfoundationimf ‘at’ gmail.com Tel: (+44) 7031-939-750 Fax: (+44) 7011830323 ...
Today we are going to take a closer look at bots and botnets. On the black market, selling bots and botnets is quite profitable, which makes creating them a popular activity for criminals. It helps that bot sources and creation kits are available on the Internet, allowing even script kiddies to create their own botnets. Another reason bots get created is that some people who get bored in their daily lives tend to do things that in their opinion might earn them respect or admiration in front of their peers or in various Internet chat rooms. ...
The DarkReading site is carrying a story about brand-protection firm MarkMonitor’s finding that phishing increased 62 percent in 2009 with 565,502 attacks in the year. MarkMonitor is based in San Francisco. Other conclusions in MarkMonitor’s 2009 BrandJacking Index report: The huge increase can probably be attributed to the use of botnets and the large amount of personal information that can be scraped from social network sources. 2009 saw the all-time high average of 600 phishing attacks per organization only 33 percent of victims were first-time targets. Social networks suffered 11,240 attacks – two percent of the year’s total. The U.S. hosted 44.7 percent of phishing attacks, up from 36.5 in 2008. DarkReading story Here.
The underlying structure of a typical website is made up of different folders and sub-folders, much like the ones that are on your computer. A webmaster (is this term still used often lol?) transfers files back and forth using an FTP client in order to update the website. In most cases, specific folders are created for a specific reason. For instance the ‘pub’ folder is usually a public repository that allows anybody access to. ...
I won’t abuse it, I promise…. cross my heart… spit into the wind… etc. Hi folks, Yesterday, I received this SPIM (Instant message spam) … usnews3.com sounds kind of official, doesn’t it? and the page looks impressive… There are lots of links on the page, but unfortunately, a mouse-over of each link reveals that they all go to the same place… That’s not a good sign for a legitimate webpage. Moreover, a whois shows that it was registered just on 7th December 2009, and that the ownership is hidden behind a privacy protector service. ...
Today there’s a phishing run underway in Twitter, using Direct Messages (“DMs”). These are private one-to-one Tweets inside Twitter. The messages look like these: If you follow the link, you end up to a fake Twitter page: If you mistakenly give out your credentials, the attackers will start sending similar Direct Messages to your contacts, posing as you. The ultimate goal of the attackers is to gain access to a large amount of valid Twitter accounts, then use these account to post Tweets with URLs pointing to malicious websites which will take over users computers when clicked. ...
With Windows 7 becoming increasingly popular, more and more software companies have begun to upgrade their interface for the latest Microsoft operating system. Manufacturers seem to understand the need for a beautiful user interface for their products. However, not all software behaves as good as it looks. Today, I saw a Fake Antivirus program with a newer, more jazzed up interface, which we detect as Troj/FakeAle-RK. This malware specifically targets users of Windows 7 and appears in the form of a pop-up dialogue box, which attempts to tell you that your Windows 7 PC has many serious threats. When a user clicks “Remove all Threats immediately”, another pop-up will be generated asking them to download a file called win_protection_update.exe. ...
The internet is rife with free tools from anything to everything (almost) – from free HTML web editors to free applications to free games and so on. We’ve been in this situation before. Sometimes out of curiosity or “affluenza” (also known as “I-GOTTA-HAVE-IT-NOW-NO-MATTER-WHAT”), we are tempted to install some of these free tools and applications from the web. The unfortunate problem with freebies is that unless you know the source of where you download the tools from and whether the software author who created the application is credible, you are literally at the whim and mercy of the author should you choose to download and install the application. ...
Benjamin Franklin once wrote, “‘In this world nothing can be said to be certain, except death and taxes.” These days we can add to the certainty of those two inevitable events with the addition of the annual scams that accompany tax time. For those of you who haven’t heard of this type of scam, it’s basically another way to separate a man from his money, or if you want to look at the bigger picture, a way to defraud the federal government. Either way, your wallet suffers. The financial website money-zine has a good article on the latest tax scams you may encounter on the Web. ...