category
phish

Cybersecurity Awareness Month – Awareness for the Next Generation

"Now may I suggest some of the things we must do if we are to make the American dream a reality. First, I think all of us must develop a world perspective if we are to survive. The American dream will not become a reality devoid of the larger dream of brotherhood and peace and

Phishing Victims

Responding to a request for information about phishing and malware distribution mechanisms this morning, I happened upon a link on the Anti-Phishing Working Group site to the Silver Tail blog  The site has been running a series of blogs on "Online Fraud from the Victim’s Perspective". Author Laura Mather tells the story of two victims,

Phishing Persistence

Here’s something I haven’t noticed before (but then I don’t pay nearly as much attention to phishing messages as I used to, owing to the need to sleep occasionally). I’ve started to receive messages purporting to be from the Alliance and Leicester, in the UK. The messages are much the same, apart from the Subject

Phish Phlags

Here’s a phish one of ESET’s partners drew our attention to: it’s aimed at users of Maybank (http://www.maybank2u.com), the largest financial services group in Malaysia. The scam is somewhat more elaborate than many we see, and it’s worth a little analysis to see what flags we can extract from it for spotting a phisher at work From: Maybank

Phishing the Web

A new advisory from the Anti-Phishing Working Group (APWG) offers advice to website owners on what actions to take when notified that their site or server has been compromised for use by phishers. At 18 pages, it’s a substantial high-level document, including: Some web site phishing attack and response scenarios Identifying an attack Reporting a

Get Your Stimulus Check!

As talk goes on in Washington DC about a 2009 Stimulus payment, the phisher are still trying to exploit the 2008 stimulus program. One such attack claims to be the secure way to get your stimulus payment. There was only one secure way to do that, and it was by going through the IRS. There

Self-Protection part 9

It occurs to me that I should make it clear that this "top ten" isn’t in any particular order. Like the other "top ten" suggestions by the research team that are likely to find their way here in the near future, they’re all significant issues that need thinking about. Point 9 (a short one!) is, don’t

Twitter Security: Tweetie Pie Panic

[Update info moved to new blog post on 6th January] In deference to all those old enough to get a panic attack when reminded of how bad pop music was capable of being in the 1970s, I’ll try to overcome by the urge to mention "Chirpy Chirpy Tweet Tweet". Anyway, to business. Having all the

10 Ways to Protect Yourself: Part 5

Don’t trust unsolicited files or embedded links, even from friends. It’s easy to spoof email addresses, for instance, so that email appears to come from someone other than the real sender (who/which may in any case be a spam tool rather than a human being). Basic SMTP (Simple Mail Transfer Protocol) doesn’t validate the sender’s

It’s Scam Time!!!

Welcome to prime-time scam season. This is when the advertisements for taxes in the USA really start to pick up. Granted, they go on all year long, but now is when we traditionally see an increase in volume. There are a variety of such scams. The worst of the scams are the phishing attacks. If

Castlecops: more comments

Further to my post of 25th December about the withdrawal of the CastleCops services, there’s a blog at Darkreading that includes more information, including some quotes from Paul Laudanski, who was, with his wife Robin, the driving force behind the organization: also quotes from our own Randy Abrams, David Ulevitch of PhishTank, and Garth Bruen

Poor Santa

Perhaps the most impersonated person in the world is Santa Claus. For Santa, Identity theft isn’t a problem, but for millions of consumers it is a real problem. There are some steps you can take to help prevent identity theft. That said, identity theft is not always preventable by the consumer. http://www.ftc.gov/bcp/edu/microsites/idtheft/ is a good

Bumper Phish Phry or a Drop in the Bucket?

We’re very interested in the whole Phishing problem, not just the malware/banking Trojans side of the issue. So while free publicity for job sites is not exactly the business we’re in, I thought you might find this item interesting. The PhishBucket site describes itself as a  nonprofit organization dedicated to protecting job seekers from fraudulent

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.