Fourth of July is a highly anticipated holiday, not only by U.S. citizens, but by the creators of the Waledac worm as well, who are anxious to profit from the massive public interest surrounding it. Security researchers warn that an Independence Day-themed Waledac spam campaign, looking to infect users through a fake fireworks show video, has already started and is expected to hit inboxes hard over the weekend. Initial reports of an imminent Waledac campaign targeting the Fourth of July came in yesterday morning, when malware analysts tracking the worm noticed that some of its domains started to serve a YouTube-cloned page featuring a fake... [read more >>] Security researchers warn that a new version of Zbot is being propagated through Microsoft Outlook configuration-themed spam campaigns. Moreover, the malware distributors have extended their pool of potential victims by also targeting TheBat! users. Cybercrooks are always on the lookout for new ways to trick users into installing their malicious programs or handing up their sensitive personal and financial information. Their creativity in this department seems to be never ending. At the beginning of this month, the creators of the notorious Zbot computer Trojan came up with a new theme for their campaigns, which falsely instructed users t... [read more >>] Security researchers warn of a new phishing campaign that looks to steal e-mail accounts from Outlook users. Users are falsely informed that their e-mail client needs to be re-configured online on a fake page under the control of the attackers. A related malware distribution attack has also been reported. The offending e-mails, with a subject of "Microsoft Outlook Notification," come from a spoofed address and their content reads "You have (1) New Message from Outlook Microsoft. Please re-configure your Microsoft Outlook again. Click on the link below." The included link points to a phishing page with a fake form asking for things such as ... [read more >>] Security researchers from antivirus vendor Sophos have reported three different phishing campaigns targeting the customers of the Commonwealth Bank of Australia in only one week. The attacks employ different social engineering tricks to convince people to reveal their banking and personal details. The first phishing campaign was reported on May 25 and was based on a classic "a banking error" claim. "Dear Commonwealth Bank of Australia customer, During our regularly scheduled account maintenance and verification procedures, we have detected a slight error in your billing information," the associated e-mails read. The potential victim is the... [read more >>] In a second report regarding the concentration of websites advertised through junk e-mail, the anti-spam outfit KnujOn has published a top of domain registrars most favored by cyber criminals. The report uses spam activity data collected by the organization since June 2008. The interesting fact is that, while there are about 900 domain registrars accredited by the Internet Corporation for Assigned Names and Numbers (ICANN) operating at the moment, the ten in this list are responsible for administering 82.90% of all domains used in the spam campaigns documented by KnujOn. The top 10 most spam-friendly domain registrars as established by K... [read more >>] Spammers wasted no time in profiting from Barack Obama's victory in the White House race and launched several spam campaigns. The most wide spread one invites users to watch the newly elected president's acceptance speech on a fake website that serves them a password stealing Trojan hidden as Adobe_flash9.exe.The spam e-mails coming from various spoofed addresses display a variety of subjects like “Obama win preferred in world poll”, “Obama's Win Reshapes the Race”, “USA Election 2008 Results”. They all invite users to watch a video of Obama's speech hosted on a page supposedly from th... [read more >>] According to research conducted by Internet security company TrendMicro, phishers are resorting to new ways of fooling users. The ever present URL to the phishing site has no longer been seen in numerous messages analyzed by TrendMicro. It would seem that instead the user is provided with a legitimate e-mail address.A run of the mill phishing attempt involves the user receiving a spam message that directs that user to a phishing site. You will receive a message that goes something like "you need to update your bank account info, please click on the following link", but by doing so you will be directed to a web page that looks very similar t... [read more >>] I knew I was on to something last Friday when I wrote this article. I don't like saying I told you so… but I did! It's official - spammers are exploiting sex appeal, just like I was telling you last week! As for the title, well, it's generally not a bad thing to like sexy blondes, but if you do and cannot restrain yourself when in front of the PC, then you just might get a virus. Spammers have been using the picture of a rather cute blue eyed, pigtailed blonde woman to make gullible users click on links (and getting viruses).As Sophos experts have reported, spammers are taking advantage of the current popularity of social-net... [read more >>] Now, that's pretty bad! A group of researchers has disclosed the fact that YouTube servers have been used to send spam. Of course, this has nothing to do with the company. Spammers have tapped into YouTube and are now having their way with the servers, sending out huge quantities of unwanted messages! Now, we get spam daily, and to be honest, it's quite annoying, regardless of who is sending it. According to the Marshal Trace team (the ones who have discovered this), all the messages come from "service [at] youtube [dot] com". This means that people will pay more attention to spam, open it and perhaps even believe what those crook... [read more >>] | 
RSS
