tag
Google

Anti-Phishing Day

Too bad it doesn’t exist. I mean really exist. Here is how an anti-phishing day that is designed to be a highly effective educational deterrent to phishing would work. Google, Facebook, Hotmail, Yahoo, Twitter, Myspace, Banks, Online Gaming sites, such as World of WarCraft, and others would all send phishing emails to their users. Yes,

Gmail Accounts Under Attack

Google posted information today about an attack against some Gmail account holders. In this case the attack appeared to be directed at government officials in the US and Korea, as well as Chinese political activists, journalists and military personnel. If you don’t fit in these categories it doesn’t mean you are not at risk, it

Calling Android Smartphone Zombies

Android Smartphones are under attack again by rogue applications that once installed are reading information from the phone and sending it back to a pre-assigned location. According to mobile security firm as many as 120,000 users may have been infected from a cafeteria selection of at least two dozen applications from the Android Market. “Once

Protecting Consumers from Rogue Online Pharmacies

Over the past couple of years rogue online pharmacies have been advertising their domains on search engines and promoting themselves through search engine optimization.  Legitimate pharmaceutical companies have their own measures in place to work on taking these sites offline.  The problem with rogue online pharmacies is that they do not meet federal regulations.  To

Android’s Anomaly?

There are reports coming out today about Google Android and how approximately 99.7% of its users are potentially open to compromise.  This news cycle started by the Ulm University publishing some information on the 13th of May showing some results.  I'm sure this story will develop and CTAC may follow-up to my blog with more details;

Disaster Scams and Resources

I've added some commentary and resources on the Japan earthquake/tsunami disasters to an independent blog I maintain that specializes in hoaxes, scams and so forth, but here are a few of the same resources that aren't already included in my recent blogs here on the topic: Analysis from Kimberley at stopmalvertising.com: http://stopmalvertising.com/blackhat-seo/recent-japanese-earthquake-search-results-lead-to-fakeav.html Guy Bruneau at Internet

Resumen de amenazas de enero

Escuchá el resumen mensual de amenazas en formato podcast: Nuevamente compartimos con ustedes el resumen mensual de amenazas más importantes del mes de enero. En estos días, pudimos comprobar nuevamente que las redes sociales son un blanco muy importante a la hora de distribuir malware. En este caso, la afectada fue la red social de

You’re So Vain…

You might recall back in November of 2009 ESET released the findings of a survey about cybercrime http://www.eset.com/threat-center/blog/2009/11/16/once-upon-a-cybercrime%E2%80%A6. We went back to Competitive Edge Research & Communication and commissioned them to conduct a new survey to determine prevalence of social networking as well as to identify online security and privacy concerns of Americans. In addition

McAfee FP news misused for more SEO poisoning

We're now seeing a fiercely concentrated Blackhat SEO campaigns exploiting the McAfee False Positive (FP) problem. Juraj Malcho, our Head of Lab in Bratislava, reports that in a Google search like the one I've screendumped above, he got three malicious hits in the top ten (the same ones captured here: of course, the malicious domain

Google: Single Sign-On, Single Point of Failure?

Spoof or SPOF? IT Security reportage veteran John Markoff reports in the New York Times that the attack on Google's intellectual property reported in January was even more interesting (and disquieting) than most of us realized. According to an unnamed source, some of the information stolen related to the company's password system, Gaia. Gaia is a

Top Four Privacy Hacks/Tips/Trends Of The Week

Clearly, anything which is posted online should be assumed to be eternal, written in stone tablets, and admissible for all time. For the early adopter (Internet, blogger, Friendster, etc.) this also operates as a reminder of the ever-powerful TOS change: just because the terms of service (TOS) say that your content is private now never

Polish Air Accident and Blackhat SEO

Thanks to Marcin Gajewski for pointing out that Lech Kaczynski was the President of Poland, not the Prime Minister. I really shouldn't try to blog after a full day's travelling :( While I was enjoying a rare few days off, my colleagues at ESET Latin America were posting a blog article about the ugly way in

No Stone Left Unturned

We have discussed SEO poisoning extensively in the ESET Threat Blog, and it should come as no surprise to our readers that any topic which trends up quickly in search engine traffic will be exploited by the criminals who specialize in such activities.  The poisoned search term du jour is "erin andrews death threat".  Apparently,

April 1st: Your Questions Answered

We're not really set up to use the ThreatBlog as a full strength Questions and Answers resource, but we got so many questions after my blog yesterday about April 1st hoaxes that I feel obliged to try to answer some of them. There is no truth in the rumour that the eCity of San Diego

Here Come (more of) The Ghouls

[Update: it's likely that the attacks described below will also take advantage of the more recent bombings in Dagestan, as described by the BBC here. Isn't it bad enough that horrors like this take place at all, let alone provide revenue for cybercriminals?] Late last  night (30th March) I added a pointer to my earlier

Russian Metro Bombings: Here come the Ghouls

[Interim updates removed: later information on Twitter profile attacks and Blackhat SEO attacks using keywords related to this topic to spread malware, has been made public in a later blog at http://www.eset.com/blog/2010/03/30/here-come-more-of-the-ghouls.] Following this morning's bombings in the Moscow Metro (subway system), Aryeh Goretsky suggests the likelihood of criminals using "blackhat SEO" (search engine optimization

The Ugly Marketing of Google Security

Engineers are really smart people who often know how to make something with no real world effectiveness work really well without effect. In a glaring example of marketing hype, very limited effectiveness, and a lesson in teaching users to fall for phishing attacks, Pavni Diwanji, Engineering Director at Google published a blog post http://googleonlinesecurity.blogspot.com/2010/03/detecting-suspicious-account-activity.html The

“Londoning”: Mugs and Muggings Revisited

Last summer (June 2009), I posted about an example of a very common scam that relies on the scammer gaining access to someone else's email or Facebook account, then sending messages to all their contacts claiming that they've been mugged while abroad on business or vacation, and need their friends to send them some money

Is Gmail Spyware?

Perhaps you have seen the recent buzz around Google Buzz. The fact is that Google has decided that anything it knows about you it is free to share with the world at its discretion and not only do you not need to be told, but if you say no they will say yes for you.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

5 articles related to:
Hot Topic
17 Jun 2011
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.