Tried-and-true phishing scams continue to win a psychological game with victims, and have hit Canada particularly hard.
April 02, 2012
The quest for accountability in digital communication has a new champion: Domain-Based Message Authentication, Reporting and Conformance (DMARC).
A message purportedly sent from the FBI Anti-Terrorist and Monetary Crimes Division is making its way to inboxes, threatening recipients that they will be arrested if they do not reply back.
Most spam messages sent in recent days have been delivered with subject lines containing fake order or ticket numbers, delivery invoices, payment notices or tax information, according to researchers from security firm Websense.
Attackers have been circulating a trojan via email messages with subjects such as "ACH payroll payment was not accepted by Central Trust and Savings Bank."
Hackers broke into The Washington Post's jobs website late last month and stole approximately 1.27 million user IDs and email addresses, the newspaper disclosed Thursday. No passwords or other personal information was affected. Attackers leveraged a security vulnerability on the site to break in twice, on June 27 and 28. The newspaper has since fixed the flaw and implemented additional unspecified security measures to ensure a similar incident does not recur. Affected individuals may receive an increase in spam and phishing messages as a result of the hack, The Washington Post warned.
Cybercriminals are scrapping widespread malicious email campaigns for more targeted attacks, according to a new Cisco report.