Fake Facebook Photo Notifications Contain Malware

Mashable: Sophos’s NakedSecurity blog outlined the threat on Wednesday. The company’s SophosLabs intercepted a “spammed-out email campaign” which was designed to spread malware. Sophos provided the following example: The blog notes that the email address above misspells “Facebook” as “Faceboook.” The link takes the user to a malicious iFrame script, which exposes the user’s computer to malware. However, within four seconds, the user’s browser is directed to a presumably innocent Facebook page like the one below to act as a smokescreen....

July 19, 2012 Â· 1 min Â· 129 words Â· Omid Farhang

Fake Skype app on Android is malware

ZDNet Wrote: A new piece of malware is trying to take advantage of Skype’s increasing popularity, especially on mobile devices. Cybercriminals have created a fake version of the Skype for Android app, designed to earn money from unsuspecting users. Trend Micro, which first discovered the malware, is calling this particular threat JAVA_SMSSEND.AB. The Java in the name should not surprise you, given that Android apps are primarily developed in a custom version of the programming language....

July 15, 2012 Â· 2 min Â· 248 words Â· Omid Farhang

Warning: Fake Biophilla app on Android is malware

Corss-posted from ZDNet: Summary: Cyber criminals have created a fake Biophilla app for Android that is really just malware in disguise. Your first red flag should be that Biophilla is officially available on iOS, but not on Android. During April alone, we’ve already seen malicious versions of Angry Birds Space and Instagram in the wild. Both are Android apps that are really just malware designed to generate money from unsuspecting users by sending expensive international text messages....

April 27, 2012 Â· 2 min Â· 340 words Â· Omid Farhang

Fake Discount Cards

Symantec Connect: Phishers are constantly developing new strategies in an effort to trick end users. In April 2012, phishers created sites spoofing the Apple brand with fake offers for Apple discount cards. In this phishing attack, customers were targeted by region: namely, the UK and Australia. The phishing sites mimicked the webpage of Apple and prompted customers for their Apple ID. The phishing page stated the customer’s long-term loyalty toward the brand gave them eligibility for an Apple discount card as a reward....

April 24, 2012 Â· 2 min Â· 333 words Â· Omid Farhang

Warning: Whitney Houston autopsy video links on Facebook aren't what they seem

SophosLabs: The death of pop superstar Whitney Houston made headlines around the world this weekend, and it didn’t take long for fraudsters and cybercriminals to cash in on the singer’s death. For instance, messages have been seen shared on Facebook claiming to link to a video of Whitney Houston’s autopsy. According to the messages, the video of Whitney Houston’s autopsy “reveals a shocking secret that explains her death”. Here’s what a typical message looks like:...

February 15, 2012 Â· 2 min Â· 224 words Â· Omid Farhang

My Facebook wall has been viewed X times – viral survey scam spreads rapidly

SophosLabs wrote: Do you want to know the total number of times that your Facebook wall has been viewed? Are you curious as to who may be stalking you on Facebook? If so, you’re a prime candidate for scammers who are exploiting that desire to put money into their own pockets. Here are the latest messages spreading virally between thousands of Facebook users who have fallen for the scam: Different incarnations of the scam use slightly different wording, and dream up different numbers for the boys and girls who are said to have looked at your Facebook wall:...

April 4, 2011 Â· 3 min Â· 570 words Â· Omid Farhang

Google, Yahoo, Skype targeted in attack linked to Iran

Cnet: A malicious attacker that appears to be the Iranian government managed to obtain supposedly secure digital certificates that can be used to impersonate Google, Yahoo, Skype, and other major Web sites, the security company affected by the breach said today. Comodo, a Jersey City, N.J.-based firm that issues digital certificates, said the nine certificates were fraudulently obtained, including one for Microsoft’s Live.com, have already been revoked. A fraudulent certificate allows someone to impersonate the secure versions of those Web sites–the ones that are used when encrypted connections are enabled–in some circumstances....

March 24, 2011 Â· 4 min Â· 832 words Â· Omid Farhang

Spammers Exploit Japan’s Catastrophic State

Symantec: Only a few days ago, Japan experienced one of the worst earthquakes in its history. The earthquake registered 8.9 on the Richter scale and triggered an enormous tsunami. The heart-wrenching images on television have left the world shaken. It was the worst earthquake and tsunami in the past century and at least 50 countries have since received related tsunami warnings. As the death and injury tolls continue to rise, one must not forget those who awake to exploit such delicate situations—spammers continue to maintain the guise of charitable institutions and governmental organizations!...

March 14, 2011 Â· 2 min Â· 394 words Â· Omid Farhang

Malicious Goo.gl Links Spreading on Twitter [WARNING]

Mashable: A large number of messages containing only the link “goo.gl/R7f68” has appeared on Twitter today, redirecting the users to various malware-laden sites. The messages are mostly coming from disposable accounts, but they also appear on some accounts that appear to be genuine, which indicates that there’s a worm spreading and sending the messages from infected accounts. Furthermore, all of the messages containing the link are sent from the mobile version of Twitter....

December 7, 2010 Â· 1 min Â· 154 words Â· Omid Farhang

Safe holidays season

Avira TechBlog: Thanksgiving and according holidays are very close – a time in which many people have the time to do (online) shopping. The cyber criminals are eager for their share, so it’s time to remember some safety measures. We are expecting to see spam and phishing campaigns luring the recipients to visit malicious web sites. These web sites usually look quite legal and official. As precaution, don’t follow links from emails to online stores and online payment systems, but use bookmarks or type in the addresses directly into the browser’s address bar....

November 24, 2010 Â· 2 min Â· 365 words Â· Omid Farhang