tag
Social Engineering

Hmmm, Phishing Works

Specifically spear-phishing, where the target is deliberately selected, as opposed to a random untargeted attack. An article at Dark Reading.com discusses the entirely unsurprising results of a test that concluded that the iPhone, BlackBerry, and Palm have essentially no protection against spear-phishing attacks. http://www.darkreading.com/insiderthreat/security/app-security/showArticle.jhtml?articleID=221100150&cid=nl_DR_WEEKLY_T LinkedIn was used as the service to send a fake invitation

Antivirus? Who Needs It?

I came across an interesting article today on "Breaking the conventional scheme of infection" at the evil fingers blog site. Actually, it’s by my colleague in Argentinia, ESET Latin America Security Analyst, Jorge Mieres, but I didn’t realize that at first. (The original blog is in Spanish, and if your command of that language is

Fan Check: Fretting about Facebook

Update: Lysa Myers, of West Coast Labs, has confirmed that she knows of a number of people who’ve used the application and didn’t see anything fishy happening. It did offer to send emails outside Facebook but didn’t insist on it, so it’s hard to see where the messages from unapproved contacts are coming from. I’ll

Fake Antimalware – Old Dogs, New Tricks

(1) Websense, our neighbour in San Diego, has reported a fake anti-malware scam centred on Labor Day social engineering. The scam uses malicious SEO (Search Engine Optimization) techniques, sometimes referred to as index hijacking or SEO poisoning, to misdirect potential victims. When the victim uses Google to search for Labor Day sales (apparently these are very

419 and Mac scams

I forwarded this to myself from another account yesterday because I thought it was one of the laziest 419 scam messages I’d ever seen. From: British Tobacco Company Sent: 27 August 2009 19:46 Subject: Contact Mr Paul Adams Congratulations! Your e-mail ID was among the selected lucky winners of £1,000.000.00 GBP in our BRITISH TOBACCO

A Matter of Life and Delf? Malware on the Fiddle

There’s been a certain amount of buzz in the past couple of days about messages claiming to link to Wire Transfer information, but actually related to a Trojan commonly called Delf or Doneltart. ESET is detecting the examples we’ve been seeing as a variant of Win32/TrojanDownloader.Delf.OZG. The messages generally look something like this (at least,

SlideShare used to spread malware

Over the weekend our colleagues at ESET Latin America found that Slideshare was being used to spread malware. As they haven’t found much information on the web about this, Sebastián Bortnik blogged today about what they found. (Errors in translation and interpretation should be attributed to David Harley!) I’ve added some thoughts and some content

Research and the Art of the Obvious

We know that spam works: well, it works well enough for spammers to keep devoting time and money into pumping sewage into the arteries of the internet. The interesting question is why does it work? The Messaging Anti-Abuse Working Group (MAAWG), a global coalition of network operators and messaging providers who do some vital work

Statistical Accuracy and the Gullibility Gene

SC Magazine in the UK picked up on our Global Threat Report for June, based on statistics that derive from our ThreatSense.Net® threat-monitoring technology. Thanks, Dan: when you do as much writing as I do, it’s comforting to know that someone is reading it. ;-) I thought, though, I’d develop some thoughts on a topic arising

Mugs and Muggings, Scams and Facebook

The estimable Gadi Evron has posted an article at DarkReading about a dialogue he was caught up in on Facebook. One of his contacts popped up in a Facebook Chat window and told him how she’d been been held at gunpoint and robbed in London, losing her credit card, cash and mobile phone. Well, having

Blog Spam? No Comment….

I’d like to say thanks to Sean, who commented on my first blog on Orbasoft blog spam (don’t miss the later blog!) as follows: "These people are still not telling the truth. This software has been tested several times in the last few days and has been verified as a Rogue. It is on average detecting

Facebook: Computeracy by Degrees

When I first went to university at the end of the 1960s (yes, I really am that old, though not quite old enough to be of that generation that only remembers that decade through a haze of psychedelic phenomena), my choice of social sciences was regarded as somewhat fluffy. It was the age of "the

Mac Musings

I haven’t commented on the recent flurry of interest in the Mac botnet issue, having already mentioned it a few weeks ago here. It’s not as though anyone has shown much interest in the technical aspects, such as the interesting use of the Authorization Services APIs to trick the victim into authorizing installation. Just one of

Mad Macs – the iBot

When I write about Mac issues, I usually find myself abused by individuals convinced that there are no Mac viruses, never were any Mac viruses, and never could be any Mac viruses. Less advanced cases sometimes admit that there is Mac malware (and malware that isn’t Mac-specific, but can affect Mac users), but buy into

Chinese Whispers: Targeted Malware and E-Espionage

I’ve mentioned here before that targeted malware, often delivered by "spear phishing" carried by apparently "harmless" documents such as PDFs, .DOCs and spreadsheets rather than overt programs, can have much more impact than the raw numbers of such attacks suggest. In fact, some sources now use the term "whaling" rather than "spear phishing" to reflect the

Signed Updates and Social Engineering

Someone raised an interesting point in a comment to yesterday’s blog about Symantec’s own PIFTS.EXE being flagged by their own firewall as a possible problem. Let me quote the comment in full. I by no means buy into the super root-kit routine, I do however think that there will be copy cats (if not already)

Phishing Persistence

Here’s something I haven’t noticed before (but then I don’t pay nearly as much attention to phishing messages as I used to, owing to the need to sleep occasionally). I’ve started to receive messages purporting to be from the Alliance and Leicester, in the UK. The messages are much the same, apart from the Subject

Phishing the Web

A new advisory from the Anti-Phishing Working Group (APWG) offers advice to website owners on what actions to take when notified that their site or server has been compromised for use by phishers. At 18 pages, it’s a substantial high-level document, including: Some web site phishing attack and response scenarios Identifying an attack Reporting a

Facing Down Facebook

An IT/business magazine called Information Age, apparently aimed at executives with interest and responsibilities in IT, hit my letterbox this morning. That’s an actual magazine with real paper pages: remember those? Seeing as it’s Saturday, I took it back to bed with me to look through while I had the first coffee of the day, and

The Perils of PDF

Security issues with PDFs are nothing new, as a skim through past Adobe security bulletins and advisories indicates. (This isn’t a criticisim of Adobe: it’s inevitable that security issues will surface from time to time in sophisticated, function-rich software, and Adobe are clearly aware of the need to address the problems as they arise.) In

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

2 articles related to:
Hot Topic
30 Oct 2009
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.