A couple of weeks ago I posted an entry on here about the size of the cybercrime problem from a dollar perspective. I pointed out that is was reported that US banks had lost US$40 million per month for the third quarter of 2009 due to online banking fraud. Also, the 2009 Internet Crime Report

[Update: it's likely that the attacks described below will also take advantage of the more recent bombings in Dagestan, as described by the BBC here. Isn't it bad enough that horrors like this take place at all, let alone provide revenue for cybercriminals?] Late last  night (30th March) I added a pointer to my earlier

It will likely come as no surprise to regular readers of ESET's Threat Blog that we are somewhat gadget aficionados here in the Research Department. Our focus, however, is usually on issues such as malware, spam and privacy so we do not spend a lot of time discussing gadgetry.  Every once in a while, though,

Bill B. forwarded an interesting hoax mail to my "hoaxchecker" account (hoaxchecker [at] gmail [dot] com. The hoax isn't so interesting in itself, in that it's been around quite a while, as is described at the ever-dependable hoax resource snopes.com. But I do find interesting the fact that this particular variant includes some wrinkles that

About a month ago I gave a presentation in Kuala Lumpur that covered some of the concerns about the seemingly enthusiastic rush to push everything out "to the cloud". People in the Marketing business love the term "cloud computing" and have come up with some lovely images of fluffy clouds reflected on office blocks and

[Interim updates removed: later information on Twitter profile attacks and Blackhat SEO attacks using keywords related to this topic to spread malware, has been made public in a later blog at http://www.eset.com/blog/2010/03/30/here-come-more-of-the-ghouls.] Following this morning's bombings in the Moscow Metro (subway system), Aryeh Goretsky suggests the likelihood of criminals using "blackhat SEO" (search engine optimization

Early last month I posted a blog entry entitled "Who Is Doing it? Who? Who….?!". The main point of my entry was regarding the matter of people opening attachments and clicking on links that appear to be spam based. I've just been reading the 2010 MAAWG Email Security Awareness and Usage Report, and it seems

Yesterday the US House of Representatives approved legislation that would specify and limit open-network P2P usage by government employees and contractors on systems authorized to connected to federal computers and network resources. As with everything in life, there are exceptions. Requests to use open-network P2P applications can be made for the following purposes: necessary for

An article at Help Net Security by Zeljka Zorz describes malware written in Visual BASIC which masquerades as legitimate updates DeepFreeze, Java, Windows, Adobe Reader, and other legitimate applications. Zeljka says: "They have the same icon and version details, and can fool regular users and experts alike…it opens the DHCP client, the DNS client, Network share

Looking into their crystal balls (no jokes, please) at the end of 2009, our colleagues in Latin America came up with a prophecy that was later incorporated into a white paper (2010: Cybercrime Coming of Age): In June 2010, one of the most popular regular sports events, the soccer World Cup, will take place in