Too bad it doesn’t exist. I mean really exist. Here is how an anti-phishing day that is designed to be a highly effective educational deterrent to phishing would work. Google, Facebook, Hotmail, Yahoo, Twitter, Myspace, Banks, Online Gaming sites, such as World of WarCraft, and others would all send phishing emails to their users. Yes,
Search results for: "Scams"
One of the (few) blessings of having been so long in this industry is that I remember a time when most malware was viral and Trojans were rare: so rare, in fact, that there was at one time a notorious "dirty dozen" set of Trojans. At around the same time, there were innumerable hoaxes describing malware with
Another day, another Facejack attack. We see a lot of these sorts of scams, alluringly titled posts – typically with a promise to show you who has been visiting your profile (or infamously, video of Osama Bin Laden's death) – that try to get you to click to see some special content. The latest one
An article came out yesterday from Clement Genzmer who is a security engineer at Facebook. His tagline is "searching and destroying malicious links". Those of us in the business of digital security and safety can certainly identify with that, especially the part where we aim to identify the criminals and work with law enforcement to
The death of Osama bin Laden has gone viral, with blogs, social media and search engines pumping terabytes of rumor, innuendo and conspiracy theories at the speed of light, along with the occasional kilobyte of truth. As the number of people searching for pictures and videos of bin Laden’s execution has skyrocketed, the criminal syndicates
Not using Twitter or Facebook is, in these times, akin to not owning or using a mobile ‘phone. Last night’s events – the reported death of Osama Bin Laden – proved that we are well and truly in the Twitter era (Twitter reported that over 4000 tweets per second were made immediately preceding the President’s
No, this blog isn't expanding into a competitor for CNN or, in this case, Reuters: I've no ambitions to be a reporter. In fact, I don't know if this will attract more than usual blackhat SEO, fake Youtube video links, rogue FB pages and survey scams. In any case, if you're a regular reader of this
In Giving the cybercriminals a helping hand, Randy Abrams discusses how most Facebook app developers are making session hijacking too easy for the cybercriminals. In A tsunami is also a crime wave I talk about the range of cybercrimes that have come out of the Japan earthquakes and tsunami. And in Supporters Club I return to
The Australian Communications and Media Authority is planning to impose harsh penalties on support desk scammers. (Hat tip to Andrew Hayter for drawing my attention to that item.) According to chairman Chris Chapman, nearly half of all the complaints they've received about calls to numbers on the Do Not Call Register have been about cold-calling
As you'd expect, there have already been reports of Black Hat SEO (Search Engine Optimization) being used to lure people looking for news of the earthquake and subsequent tsunami onto sites pushing fake AV. (Stop me if you've heard this before…) My colleague Urban Schrott, however, offered some pretty good advice on what to look out
got a phone call from a gentleman with a pronounced accent wanting to help me with my virus problem ... You didn't know I had a virus problem? Neither did I, but he assured me that I was spraying malware all over the part of town I live and work in.
...Hanging on the Telephone, By David Harley, Urban Schrott and Jan Zeleznak...As if fake anti-virus products weren’t bad enough, nowadays we have unsolicited phone-calls from fake AV helpdesks. ESET researchers tell you more about support scams...
George Santayana was a really smart philosopher. He is best known for his quote “Those who cannot remember the past are condemned to repeat it”. If you want to learn a little something from the past so as not to repeat other people’s mistakes then you can read Aryeh’s blog from when the first iPad
Really, all you have to do is talk someone into giving you their iPad, but you’re not going to get one if you fall for the spam that has been going around on Facebook recently. There have been many of the spam scams over the years. Usually the spam is sent from a hijacked account,
...I know that Facebook has various countermeasures for dealing with the even more various types of fraud that Facebook users are subjected to. Does it really believe that those measures are so effective, no fraudulent message can ever get through?
My Russian colleague Aleksandr Matrosov reports that this week he received an interesting sample from forensic investigation specialists Group-IB. The threat in question is detected by ESET products as Win32/Sheldor.NAD, and coverage by other vendors is reasonable: see http://www.virustotal.com/file-scan/report.html?id=9f3ff234d5481da1c00a2466bc83f7bda5fb9a36ebc0b0db821a6dc3669fe4e6-1294926672. The interesting feature of this sample is that it uses the TeamViewer 5.0 standalone component to effect remote control of the
...In fact, while the season for the traditional end of year crystal ball-gazing is pretty much over, I'll venture a few extra predictions based on recent observations of the support scam business...
My colleague Urban Schrott, from ESET Ireland, wrote a nice feature article for our monthly ThreatSense report (which should be available shortly on the Threat Center page at http://www.eset.com/threat-center) on seasonal scams. As the scam season is starting to get into full swing, we thought it might be good to give it a wider audience here.
After quite a few months of trying to raise public awareness of the problem of fake support cold-calling both here [and elsewhere, it's good to see other vendors also starting to publicize the issue. I've previously cited an article by Symantec's Orla Cox that describes one exchange of civilities with one of the scammers, and
...fake survey scam...