There are plenty of scams effective enough to rate a warning or three, in the hope of alerting potential victims to the kind of gambit they use. And so, even though much of ESET’s business is focused on the bits and bytes of malicious software, I’ve spent a lot of time writing on WeLiveSecurity and
A phishing scam targeting Tesco bank customers puts on a festive party hat and pretends to offer something for nothing. Is this a topical trend?
Less innovative than the scam mails described in my previous articles (Phish to phry and The Thoughtful Phisher II), there are those phish messages that suggest a problem with your account that they need you to log in to fix. (Of course, you aren’t really logging in to a legitimate site.) Mostly their appeal is
In the previous Thoughtful Phisher blog, we looked at some visual clues that should tip you off that a email from a ‘bank’ is not to be trusted. Just as interesting here, though, is the variety of social engineering gambits used by this wave of phish campaigns. It’s worth taking a closer look at some
[A much shorter version of this article appeared in the October 2013 Threat Radar Report as 'The Thoughtful Phisher'. As these particular scam/spam campaigns don’t seem to be diminishing, however – indeed, some of the phishing techniques seem to be getting more sophisticated – I thought perhaps it was worth updating and expanding for a
It so happens that I live over 5,000 miles from the ESET North America office in San Diego, and so tend not to have water cooler conversations with the people located there. Of course, researchers working for and with ESET around the world maintain contact through the wonders of electronic messaging, but there are lots
Major companies such as Disney, Boeing and General Electric are still handing out information to “hackers” using the most basic tool of all – the human voice, according to a report on a competition at DefCon.
ESET researchers explain the difficulties in attribution of targeted attacks; evidence is often circumstantial and the source never positively identified.
Google claims to have spotted and disrupted several phishing campaigns in Iran – attempts to compromise tens of thousands of email accounts in the run-up to the country’s presidential elections this Friday.
Twitter has warned media companies that attacks on their official Twitter accounts are liable to continue, after Britain’s Guardian newspaper became the latest high-profile news site to fall victim.
Most cyber attacks are simple and predictable, relying on basic tactics and preventable employee errors, according to Verizon’s annual Data Breach Investigations Report. The problem is made worse by the fact that companies often take months or even years to detect such breaches.
Twitter accounts used by CBS News were compromised on Saturday – and began serving up bogus news stories with links to malware.
A three-day “cyber war” ended in victory for a team from the U.S. Air Force Academy, who beat off attacks from hackers from the National Security AGency in the 13th annual Cyber Defense Exercise (CDX).
Utility companies have been warned not to share information such as email addresses on company websites, after a spear-phishing attack on an American electricity company.
Malicious spam may still be spreading across Yahoo! Mail accounts. We show you how to turn on the added verification process that Yahoo! offers.
Issues with malware are always with us. There may or may not be a current media storm, or companies hoping for a slice of the anti-malware pie by proclaiming the death of antivirus in a press release, but AV labs continue to slog their way every day through tens of thousands of potentially malicious samples.
In the middle of working on a blog post about SMS phishing scams at my desk last night, I received a rather strange call. The number displayed on the Caller ID was +1 (360) 474-3925. I did not recognize the number, but since it was 7:10PM, I assumed it was a colleague trying to reach
News of SMS (text) phishing scams are nothing new to readers of this blog. ESET researcher Cameron Camp recently wrote an article explaining how they work and how to avoid them here on ESET’s Threat Blog: SMSmishing (SMS Text Phishing) – how to spot and avoid scams, And just before Valentine’s Day, my colleague Stephen
At ESET, we spend a great deal of time researching the latest technologies and how they may be affected by frauds and scams. Sometimes these are “old fashioned” spam through email, or they may be programs like fake antivirus programs or ransomware. And we certainly have blogged extensively about PC support scams where the caller