Less innovative than the scam mails described in my previous articles (Phish to phry and The Thoughtful Phisher II), there are those phish messages that suggest a problem with your account that they need you to log in to fix. (Of course, you aren’t really logging in to a legitimate site.) Mostly their appeal is
Cybercriminals are using online car auctions and photo-sharing services to dupe victims into downloading malware, the FBI has warned. Once infected, the victims are led to fake websites to buy cars – and when they pay up, the criminals vanish.
An international gang of cyber thieves stole $45 million using bank ATMs in a heist spread across 27 countries.
Valentine’s Day is fast approaching and romance is in the air. Love is also blooming online, but sadly, so are romance scams. We have covered romantically-themed online scams in the past. These include attempts to spread malware through Valentine-themed links on social media, search engine poisoning, phony gift cards, and fake e-greeting cards. Today we
The United States Attorney for the Southern District of New York filed an indictment against two defendants allegedly involved in an ATM skimming operation that resulted in the loss of over $3 million from 6000 bank accounts.
Detectives from the UK Police Central e-Crime Unit (PCeU) investigating cyber criminals who use “ransomware” have arrested three people. Ransomware is a form of malicious software or malware that is served up by infected websites (which themselves may be legitimate). Victims inadvertently download the software which infects their computer. The scam takes different forms in
Want to be safer online using your laptop or tablet when using public Wi-Fi? You can. Here are our five essential tips. 1 First, if you are not going to use the Internet it’s a good idea to turn off Wi-Fi connectivity completely on your laptop, smartphone or tablet. You are then guaranteed that your
A shortened and updated version of the advice that David Harley and Andrew Lee gave to potential phish victims in an earlier paper. Part 3 of a three-part article on phishing scams old and new, and some of the ways to recognize the baited hook.
Today I received the following message in my inbox, claiming to be from the Asian Domain Registration Service and warning me that the eset brand was in danger of being registered by a third-party. Here is the message I received, which I’ve included in its entirety, except for a few bits: Received: from mail.umail168.cn4e.com
In the middle of working on a blog post about SMS phishing scams at my desk last night, I received a rather strange call. The number displayed on the Caller ID was +1 (360) 474-3925. I did not recognize the number, but since it was 7:10PM, I assumed it was a colleague trying to reach
News of SMS (text) phishing scams are nothing new to readers of this blog. ESET researcher Cameron Camp recently wrote an article explaining how they work and how to avoid them here on ESET’s Threat Blog: SMSmishing (SMS Text Phishing) – how to spot and avoid scams, And just before Valentine’s Day, my colleague Stephen
At ESET, we spend a great deal of time researching the latest technologies and how they may be affected by frauds and scams. Sometimes these are “old fashioned” spam through email, or they may be programs like fake antivirus programs or ransomware. And we certainly have blogged extensively about PC support scams where the caller
Fraudsters continue to innovate their scam propagation methods. Again using Facebook and a pretense of a shocking video, they also utilize browser plugins to execute malicious scripts. We also see how the malware scene is intertwined, when the user is directed to a dubious Potentially Unwanted Application. Facebook auto-like scams have been commonplace on the
The United States Attorney Office for the Southern District of New York received a flurry of attention in April, 2011 when they unsealed an indictment against the three largest Internet poker companies in the United States—Absolute Poker, Full Tilt Poker and PokerStars—for fraud, gambling and money laundering. Today, the USAO upped the ante with an
Among the many different trojans that spread on Facebook, something popped up recently that caught our particular attention. The threat, detected by ESET as Win32/Delf.QCZ, is interesting for several reasons. Distribution First, let’s look at the distribution vector. Win32/Delf.QCZ relies on the old “fake codec/media player trick” and links to the malware-laden site are
Here's a diagnostic window that your shouldn't panic over, certainly if some cold-calling scammer directs you to it by persuading you to run a diagnostic on your own system. But I'm getting ahead of myself. You might think I've blogged more than enough about support scams already – you know, where someone calls you out
The death of Osama bin Laden has gone viral, with blogs, social media and search engines pumping terabytes of rumor, innuendo and conspiracy theories at the speed of light, along with the occasional kilobyte of truth. As the number of people searching for pictures and videos of bin Laden’s execution has skyrocketed, the criminal syndicates
[NOTE: As we were publishing this articl, our Latin American office discovered another Black Hat SEO campaign incorporating promises of Osama bin Laden videos on Facebook. Click here to view their article in Spanish. We will follow up on this shortly. AG] The malware phenomenon started by the announcement of Osama Bin Laden’s death continues