Phishing scams and online shopping. Part 2 of a three-part article on phishing scams old and new, and some of the ways to recognize the baited hook.

The odds against losing money may be better with cash machines than fruit machines, but why neglect simple, obvious precautions?

Carberp is a unique case, with all the guys who organized really big botnets and made big profits (millions of US dollars) being arrested.

We have been following the development of the Win32/Gataka banking Trojan for several months and can now share some details of its operation which includes facilitating fraudulent bank transfers. This first post will highlight some of its key features, while the second will detail several interesting, more technical aspects of this malware. This banking Trojan

Aleksandr Matrosov and Eugene Rodionov presented their research into “Smartcard vulnerabilities in modern banking malware” at PHDays’2012.

Group-IB and ESET Russia assisted in the investigation that led to the arrest of 6 people suspected of stealing 125m roubles from bank customers in Russia .

Phishers always try to find new ways to bypass security features and trick ‘educated’ users. Over the years we have seen simplistic phishing attempts where the required information had to be typed into the e-mail body. This worked at that time because phishing was new and hardly anyone had a notion of the implications. Later,

Group-IB’s joint investigations with the FSB and MVD resulted in the arrest of a gang of eight accused of larceny, creation of malware, and unauthorized access.

We've noted the often staggering fees associated with a credit card breach, normally accompanied by a slew of bad press. We've seen Stratfor, in light of their recent hack, dealing with public exposure issues due, in part, to unencrypted payment card information (for which, to their credt, they’ve publicly apologized for). Now we see a

Recently we see allegations that CarrierIQ is quietly collecting more information than Android users bargained for. In one case, Trevor Eckhart thinks he proved that they register users’ keystrokes without the users’ knowledge for reasons subject to ongoing speculation. We certainly had no trouble finding the CarrierIQ software on an HTC phone, where it possessed