The Apple iPad is the current gadget du jour amongst the digerati and has been seeing strong presales, with estimates as high as 150,000 units on the first day.  With such attention in the media and the blogosphere, it is no wonder that both legitimate businesses and scammers have taken to using it as bait

[Update: so far I have two votes for dumb. Maybe I'm giving this spammer too much credit, and it is a simple "spam template fail" ;-) On the other hand, while I wouldn't vote "evil genius", I'd still love to know how many people actually fall for this - I don't have a problem envisaging

It has been a year since we last discussed fraudulent domain name registrar scams and we wanted to let people know that this scam continues unabated. In a nutshell, a message is sent to a publicly-visible email address listed on your website (sales, support, the CEO's office, a public relations contact, et cetera) from a

Greetings, friends and fiends. It's been a while since I've been able to blog: I've been trying out one of these vacation thingies that I keep reading about in travel magazines. (Well, my wife does, and she tells me when I need a holiday, presumably as my conversations get grouchier.) But I see that my

Update: more resources I picked up on  a security list just now (I'm drowning in email here!) Apologies for any duplication. Update 2: more additions below. @imaguid pointed out in a microblog that there's a pattern to the use of social engineering around disasters like the Haiti earthquake:  "first comes the tragedy, then malware purveyors exploiting the

It doesn't surprise me when someone says, like David Einstein of the San Francisco Chronicle, that there's no need for a Mac user to run anti-virus software. Though the most usual reason I see given is that there aren't any Mac viruses. (There are, but nowadays the main reason to run anti-malware on any platform

You may have gathered from some of the blogs published here last year that i'm not biggest fan of the BBC's "Click" programme. I regard the Beeb's forays into buying botnets and stolen credit card details and making active use of them as at best naive. I agree that people need to be aware of such issues,

As our December ThreatSense report (now available at http://www.eset.com/threat-center/threat_trends/Global_Threat_Trends_December_2009.pdf) was not only the last of the year but the last of the decade, it's rather longer and more detailed than usual, including a look back at the last 12 months. I suppose we could have gone back over the whole decade, but I have to

Social networking sites have become living biographies of people and may set them up for social engineering attacks. From time to time I enjoy looking to see what I can find out about people who send question to me using the AskESET@eset.com address. I won’t ever name names, but I wanted to share one example.

[Update: I had a couple of machine crashes while I was writing this, and only just realized that a pointer to Allan Dyer's excellent article at http://articles.yuikee.com.hk/newsletter/2009/12/a.html hadn't survived to the final version. Which is a pity, because it's very relevant, and well worth reading.] Over the weekend, I posted a blog on the AVIEN site