Filed under Malware
Tagged as android, Phishing
A phisher hoping to harvest bank login details managed to smuggle his app onto the Android app store.
Malicious apps posted by Droid09 were quickly identified, prompting a warning to legitimate users and a ban for the VXer. The incident raises questions about whether a tighter vetting process is needed for the Android Marketplace.
The rogue Android application posed as a legitimate banking applet, but was actually designed to trick marks into handing over bank login details to fraudsters, an alert by credit union First Tech warns. The credit union, which said it wasn’t targeted by the attack, doesn’t even have an app for Android as yet.
Android fans who downloaded any of Droid09’s apps are advised to purge them from their phones before consulting their mobile phone firm for further advice.
The incident happened in December, but became public after news outlets picked up on First Tech Credit Union’s fraud alert on Monday.
Source: The Register
An aggressive spear phishing email campaign inviting recipients to “apply a new set of settings” to their mailboxes because of a recent “security upgrade” of their mailing service.
An embedded link in the email connects users to a web site that appears to be a Microsoft Office Outlook Web Access page, including official Microsoft and Microsoft Office logos. On the page, users are directed to “download and launch a file with a new set of settings for your e-mail account.”
The executable is actually a Zbot Trojan virus similar to Trojans distributed in recent H1N1 and Facebook phishing attacks.
“This spear phishing campaign is unusual in that it is highly personalized and is targeting a very large number of domains with a customized message for each domain,” said Dr. Tom Steding, president and CEO of Red Condor.
“Spear phishing campaigns usually target a single organization or domain, but this attack broke the mold as the volume and targets are very high. Once again, this is a perfect example of scammers modifying their tactics to thwart traditional security systems and demonstrates the importance of having an advanced, real-time email security solution. For Red Condor customers, the messages were blocked immediately, and a new filtering rule was in place within a few minutes of detecting the campaign.”
A spear phishing campaign is a highly targeted form of phishing that typically targets a single organization. Emails appear as if they come from a trusted source, such as an employer who would normally send an email to the entire company or a well-known organization.
Source: Help Net Security
Filed under Privacy
Tagged as Phishing
Compared to the first half of 2009, the amount of phishing messages has remained relatively unchanged, although phishers have switched their focus to institutions that could bring them the most profit in the shortest timeframe. This is one of the results of BitDefender’s malware and spam survey.
Primary targets are PayPal, Visa and eBay, followed by HSBC, American Express and Abbey Bank. Ally Bank and Bank of America rank last with a little over one percent of the total amount of phishing messages. These messages mostly target English-speaking computer users who are using the services of at least one of the institutions previously mentioned.
BitDefender Labs found that most web 2.0 phishing attempts in the first half of 2009 relied on social engineering schemes and speculated user naivety. The Twitter Porn Name scam is a good example. Users were invited to reveal their first pet name, as well as the first street on which they lived. These names are usually employed as backup/security questions. An e-crook possessing a person’s username along with these “clues” can easily retrieve a password that he or she can later employ to access the account and send spam, access transactions, or use the account in whatever way necessary to make a profit, including demanding a ransom for release of the hijacked account.
“2009 witnessed a wide range of security threats aiming at both end-users and at corporate networks,” Vâlceanu commented. “Extra caution and a highly-rated antimalware solution with antispam, antiphishing and antimalware modules are a must-have for anyone surfing the web in 2010.”
Source: Help Net Security
Filed under Security
Tagged as Phishing
Scam e-mail artists have launched a massive campaign to trick webmasters into giving up the credentials needed to administer their Web sites, targeting site owners at more than 90 online hosting providers. Experts say the attackers are attempting to build a distributed network of hacked sites through which to distribute their malicious software.
The spam e-mails arrive addressed to users of some of the top Web hosting firms, from hostgator.com to yahoo.com and 50webs.com, and bear the same basic message:
“Due to the system maintenance, we kindly ask you to take a few minutes to confirm your FTP details.” Recipients who click the included link are brought to a Web site made to look like a cPanel page (cPanel is a widely used Web site administration software package). People who fall for the scam and provide their credentials are then forwarded on to the actual site of the Web hosting company named in the body and subject line of the scam e-mail.
Source: Washington Post
Filed under Security
Tagged as Email, Phishing
Banks and financial institutions are fond of lecturing customers about the perils of phishing emails, the bogus messages that attempt to trick marks into handing over their login credentials to fraudulent sites. Yet many undo this good work by sending out emails themselves that invite users to click on a link and log into their account rather than going a safer route and telling users to use bookmarked versions of their site.
The problems of the former approach are neatly illustrated by a blog posting by Randy Abrams, a former Microsoft staffer who is now director of technical education at anti-virus firm Eset. Abrams complained about the inclusion of a link in an email from PayPal as it looked rather too much like a phishing email.
PayPal support staffers responded not by noting that Abrams may have a point, which it would consider, but by treating its own email – which it acknowledged was “suspicious-looking” – as a phishing attack.
“Not even PayPal support can tell the difference between a legitimate PayPal email and a phishing attack,” Abrams notes.
Source: The Register
Filed under Privacy
Tagged as Phishing
A phishing scam has been detected that uses the ‘Verified by Visa’ authentication program.
Webroot’s Andrew Brandt claimed that the scam begins with an email that appears to be targeted at holiday shoppers who buy gifts online. Brandt said: “Once you register with the (real) Verified by Visa service, participating merchants permit you to enter a password in addition to your card information.
“In addition to providing the purchaser with an additional layer of safety, the password also gives the merchant some assurance that larger-than-normal transactions (like the ones you make during holiday shopping season) will be approved quickly, without triggering fraud alerts.”
However Brandt pointed that in the email, the user is sent to a web page that asks you for the information you gave the card-issuing bank at the time you first signed up for the credit card. He also commented that the page is clearly more professional, slick and clean than most phishing pages as the form’s businesslike appearance serves to reassure the victim that the page really belongs to Visa.
Source: SC Magazine UK
