Phishing

Phishing email leads to Denver area health care breach

February 07, 2012

Hackers may have accessed the personal health data belonging to patients of Denver area-based Metro Community Provider Network, a nonprofit health care provider for low-income individuals and families.
 

Facebook sues Adscend Media for malware and spam

January 30, 2012

Facebook and the state of Washington have filed separate lawsuits against Adscend Media, alleging the company was responsible for spreading malware and for stealing personal information from Facebook users.
 

Zappos breach affects 24M, opens door for more attacks

January 16, 2012

Hackers breached a server belonging to online retailer Zappos and made off with the personal information of 24 million customers, though no credit card numbers were involved.
 

Spam with QR code targets mobile users

January 11, 2012

Researchers have revealed a new type of spam campaign that appears to be a test run to find out how mobile users will respond to social engineering attempts on their smartphones and tablets.
 

Retrophitted Retrophish

David Harley, ESET senior research fellow • January 11, 2012

Malware that uses US-CERT and the Anti-Phishing Working Group to "legitimize" itself.
 

US-CERT warns about spoofed US-CERT phishes

January 10, 2012

Phishers are spoofing email addresses belonging to US-CERT, an arm of the Department of Homeland Security that coordinates information sharing related to cyber threats, to trick users into installing malware.
 

Stratfor subscribers receive phony emails

January 06, 2012

Some Stratfor subscribers received an email on Friday that claimed to come from the breached company's CEO, but actually was designed to publicize the hack and have some fun at the expense of the recipients.
 

Yahoo wins $610M spam judgment

December 12, 2011

Digital media company Yahoo has ended a three-year legal battle against a team of spammers, winning a default judgment of $610 million.
 

Amazon users targeted with new phishing attack

December 05, 2011

Attackers have been widely spamming messages - purportedly sent from Amazon - claiming users' accounts are about to be deactivated.
 

Cyber Monday scam emails hit inboxes

November 28, 2011

Spammers have begun trying to capitalize on the Cyber Monday buying frenzy.
 

Cyber Monday to bring increase in online threats

November 23, 2011

Cyber Monday, the digital equivalent of the brick-and-mortar world's Black Friday, is one of the busiest online shopping days of the year, and typically marks the beginning of a month-long period of increased online threats.
 

User discovers phished Hotmail, MSN credentials

November 15, 2011

A Reddit user with the handle "Roddds" found the credentials of 47,000 webmail users after investigating a phishing message.
 

Phishing, the Slim Jim of cybercrime

Stephen Cobb, security evangelist at ESET • November 03, 2011

Phishing is all grown up and operated on a large-scale by well-funded cybercriminals who use botnets to harvest personal data and sell it on the black market.
 

Phishers aiming for Apple IDs, passwords

October 31, 2011

Spam that seemingly emanates from Apple is making the rounds with the aim of tricking users into handing over their IDs and passwords, researchers at anti-virus firm Trend Micro said in a blog post Monday.
 

Banker trade group warns of phishing uptick

October 27, 2011

Cybercriminals typically ramp up their phishing efforts during the holiday season and following natural disasters, according to the American Bankers Association.
 

Microsoft drops botnet suit, asks former defendant for help

October 26, 2011

Microsoft has dropped a complaint against a Czech Republic man and his company in relation to their alleged involvement in controlling a recently dismantled botnet.
 

Podcast: Automating social engineering

October 21, 2011

The process of delivering targeted attacks to end-users has gotten easier for attackers thanks to automated social engineering, in which adversaries can write tools that scour the web for personal data to include in their emails to increase their believability. The goal, of course, is to design messages that people are more likely to click on and, as a result, install malware on their machines or divulge personal information. In this podcast, Matias Brutti, a security consultant at security services firm IOActive, explains what the automation of social engineering means for organizations and how they can fight back.
 

Cloud: A risk/reward proposition

October 03, 2011

Assessing what level of risk is acceptable to one's business is key to any move to the cloud, says Siobhan Byron, president of Forsythe Technology Canada.
 

Official: FBI investigating 400 bank account takeovers

September 19, 2011

Despite fresh guidance and quicker fraud detection, the FBI actively is investigating more than 400 cases of corporate bank account takeovers, an official told federal lawmakers last week. Gordon Snow, the FBI's assistant director of the cyber division, told a House Financial Services subcommittee that these cases, in which criminals initiate unauthorized Automated Clearing House and wire transfers from seized accounts belonging to mostly small and midsize businesses, have resulted in the attempted theft of more than $225 million and actual losses of around $85 million. In his remarks, Snow also discussed risks related to ATM skimming, mobile banking and supply chain compromise.
 

Cybercrime costs $388B annually, report says

September 07, 2011

The cost of digital crimes now rivals the illegal drug trade, according to a new report from Symantec.
 

The new breed of attackers

Hugh Thompson, RSA Conference program committee chairman. September 01, 2011

The time is ripe for open dialogue around teaching trust, says RSA Conference's Hugh Thompson.
 

Enabling a mobile workforce

Patrick Harding, CTO, Ping Identity September 01, 2011

Suddenly, corporations can no longer ignore next-generation smartphones and tablets.
 

Researchers study actual file used in RSA SecurID breach

August 26, 2011

Researchers have discovered that the email containing the malicious file used to breach RSA contained just two sentences: "I forward this file to you for review. Please open and view it."
 

Web browsers offer more protection than you may think

Sam Alapati, senior technical director, Miro Consulting August 02, 2011

Browser security has come a long way in recent years, and utilizing certain features can help stave off attacks. Our author calls out three browsers he thinks stands above the rest in protecting you against threats and safeguarding your privacy.
 

Phish quota exceeded In your mailbox

David Harley, ESET senior research fellow • August 01, 2011

A phishing lure with a slightly novel lure.
 

Phisher gets more than a dozen years in prison

July 29, 2011

A Long Beach, Calif. man was sentenced Thursday to 12 years, seven months in prison for orchestrating a phishing operation that duped at least 38,500 people, according to federal prosecutors in Sacramento. In September, That Tien Truong Nguyen, 34, pleaded guilty to computer and access device fraud charges for creating fake banking websites designed to trick unsuspecting users into divulging their personal information. Nguyen, who was arrested for the crimes in 2007, sold the stolen data to co-conspirators, who opened up credit lines to make purchases. He reportedly perpetrated the scam to support a meth habit.
 

The luck of the Irish

David Harley, ESET senior research fellow • July 11, 2011

ESET Ireland reveals an interesting trend in the murky world of 419 scams.
 

Hackers steal 1.27M email addresses from Washington Post site

July 08, 2011

Hackers broke into The Washington Post's jobs website late last month and stole approximately 1.27 million user IDs and email addresses, the newspaper disclosed Thursday. No passwords or other personal information was affected. Attackers leveraged a security vulnerability on the site to break in twice, on June 27 and 28. The newspaper has since fixed the flaw and implemented additional unspecified security measures to ensure a similar incident does not recur. Affected individuals may receive an increase in spam and phishing messages as a result of the hack, The Washington Post warned.
 

Crooks opt for spear phishing despite higher upfront cost

June 30, 2011

Cybercriminals are scrapping widespread malicious email campaigns for more targeted attacks, according to a new Cisco report.
 

U.S. lead on huge phishing ring receives 13 years in prison

June 28, 2011

A Los Angeles man has earned considerable time behind bars after serving as the U.S. head of a phishing operation that stole more than $1 million from the customers of two banks.
 
Powered by Disqus
Popular Topics
Analyst Reports & Industry Surveys Android Anonymous Breaches & Exposures Canada Data Breaches DNS Education Finance Government Hackers Hacktivism Health Care Lawbreakers & Cybercrime Lawsuit Legislation LulzSec Malware Mobile Applications Mobile Devices Phishing Rootkits SC Awards 2012 Social Engineering Trojans