Google says its enhanced alarm system for network administrators allows them to detect phishing URLs. – Google has added a new alarm for phishing URLs to a service designed to
alert administrators if their networks have been compromised.
The new phishing alert is part of Google
Safe Browsing Alerts for Network Administrators, a service launched in
September. The idea behind Safe Browsing Alerts is…
Romanian authorities announce the arrest of a man accused of phishing for eBay employee credentials. – Law enforcement in Romania have announced the arrest of a man accused of
trying to phish IDs and passwords for more than 3,000 eBay employees.
Liviu Mihail Concioiu, arrested Sept. 22, is accused of having launched
two phishing attacks against eBay in 2009 and stealing employee
credentials wit…
From the fake IRS e-mails that hit in-boxes during tax season to the phony banking sites that look to trick users into entering sensitive information, phishers are still up to their old tricks. Just how much was underscored recently by a three-month investigation by Panda Security that found scammers are creating 57,000 fake Websites a week to exploit 375 popular brand names, such as eBay and Western Union. Ironically, research has shown very few people respond to phishing e-mails. A report prepared last year by Trusteer analyzing phishing events from 10 large banks in Europe and the United States for three months found only a very small number of the banks’ customers (0.000564 percent) fell victim to phishing attacks. Still, 45 percent of those people who actually visited phishing sites entered their information, and those numbers translated to losses of between $2.4 million and $9.4 million annually per million online banking customers. These fake Websites are not just used for phishing, though. Sometimes they are used to trick victims into downloading malware or buying fake goods. It’s a big business& one eWEEK took a look at with help from security researchers. Here are examples of some of the sites created by scammers to hook victims. – …
IT managers see phishing spam targeting the workplace in greater numbers than social networking sites, such as Twitter or Facebook. – As a JavaScript exploit wreaked havoc on
Twitter.com on the morning of Sept. 21, a survey of small business IT managers
revealed spam as the primary security threat to business networks.
Despite the increasing number of malware attacks originating from social
networking sites like Facebook, MyS…
Hackers are routinely using social network sites and basic searches to find biographical information on corporate executives. And once they have that information, they’re targeting these executives with personalized email messages designed to compromise computers, gain access to the network, and steal corporate information. Smarter Technology reporter, Ashley Daley, discusses the nature of these attacks and what you can do to avoid being the next phishing victim.
– Video Content.
A new attack technique takes advantage of open tabs to launch phishing sites without the user’s knowledge. The attack works on Firefox, Internet Explorer and other major browsers. – New security research has shined a light on an attack technique that can be used to trick users into entering their information on phishing sites.
The attack, dubbed tabnapping, was uncovered by Aza Raskin, creative lead for Mozilla Firefox, and affects all the major browsers on Windows and Ma…
The Anti-Phishing Working Group attributed 66 percent of the phishing attacks in the last six months of 2009 to a single cyber-gang known as Avalanche. The crew is suspected to be a successor to the notorious Rock Phish gang of years past.
– New research from the Anti-Phishing Working Group (APWG) ties a
single crime syndicate to more than 60 percent of the phishing attacks
in the second half of 2009.
According to the report (PDF),
a cyber-gang known as Avalanche was responsible for 66 percent of all
phishing attacks during the la…
Twitter has announced it will begin scanning links posted by users to thwart phishing attacks and the spread of malware on the site.
– Twitter has announced plans to route all links through a scanner in a bid to boost security and weed out malicious activity.
The move follows a partnership announced in November between URL shortening service Bit.ly and security companies VeriSign, Websense and Sophos.
“By routing all …
Officials at Twitter linked the resetting of passwords to a malicious Torrent sites and other schemes. According to Twitter, the company began its investigation after noticing a surge in followers for certain accounts during the past five days.
– Twitter revealed more details about the phishing attacks that caused the company to reset the passwords on some user accounts today.
According to Twitter Director of Trust and Safety Del Harvey, there was a sudden surge in followers for certain accounts during the last five days. For that reason, t…
Officials at Twitter linked the resetting of passwords to malicious torrent sites and other schemes. According to Twitter, the company began its investigation after noticing a surge in followers for certain accounts during the past five days.
– Twitter revealed more
details about the phishing attacks that caused the company to reset the
passwords on some user accounts Feb. 2.
According to Twitter
Director of Trust and Safety Del Harvey, there was a sudden surge in followers
for certain accounts during the last five days. For that reas…
Google has threatened to close its operations and offices in China after hacking of email accounts of many human rights activists.
In a statement on its blog Tuesday, the world’s second biggest corporate said it has detected in December “a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the [...]
New research from Trusteer shows that while the majority of phishing attacks are unsuccessful, those that slip past security defenses are costing millions of dollars. With nearly half of those who click on links to phishing sites giving up their personal information, here are some tips on what you need to do to protect your enterprise.
– Ever
wonder what percentage of people are clicking on those e-mails leading to
fraudulent bank log-in pages? The answer is a very small percentage but more
than enough for phishers to still make a killing.
New
research from security firm (PDF) Trusteer shows that once users had been
lured to …
In a speech in San Francisco, FBI Director Robert Mueller confessed he has given up online banking after nearly falling victim to a phishing attack. His remarks came the same day authorities in Egypt and the U.S. charged 100 people in an international phishing ring that was targeting American banks.
– FBI Director Robert Mueller has apparently sworn off online banking after nearly falling victim to a phishing attack.
During a speech Oct. 7 at the Commonwealth Club of California in
San Francisco, Mueller recounted being “just a few clicks away from falling into a classic Internet phishing sch…
The FBI partnered with Egyptian law enforcement to shut down a phishing ring authorities say was targeting American banks. The investigation, which began in 2007, represents the biggest cyber-crime roundup thus far in the United States.
– Authorities in the United States and Egypt have charged 100 people with
participating in a sophisticated phishing ring authorities say
defrauded two banks in the
United States.
Early today, police in cities across the United States arrested 33 of the 53 suspects named in a federal indictmen…
Microsoft confirmed thousands of Hotmail customers had their usernames and passwords posted recently on a third-party site as a result of a likely phishing attack. An investigation by Microsoft has determined that there was no breach of internal data on the company’s part.
– Officials at Microsoft confirmed that thousands users of Windows
Live Hotmail had their user credentials posted on a
third-party site.
According to Microsoft, the username and password information was likely
swiped in a phishing scheme, and the company is currently working with
customers who…
Phishers are targeting Twitter users in a new attack involving direct messages sent to Twitter users containing a link to a site requesting user log-ins.
– UPDATE: There are reports of a new phishing scam making the rounds on Twitter. The attack seeks to steal user credentials by sending tweets out with links to a phishing site. The attack site requests the user’s log-in information; once the attackers have that, they can take over the account of the v…
Security pros say the Apple iPhone OS 3.1′s anti-phishing feature falls short, failing to block sites blocked by the desktop version of the Safari browser.
– The anti-phishing feature for the iPhone OS 3.1 isn’t all it’s cracked
up to be, according to security researchers.
For whatever reason, some researchers have found, phishing sites blocked by
the desktop version of Apple Safari are not consistently blocked by
the mobile version. Since Apple r…
The Intrepidus Group reveals some details behind a malware attack that exposed critical systems at an energy company. Using a Microsoft zero-day vulnerability and a bit of social engineering, hackers compromised a workstation and threatened critical SCADA systems, the security vendor says.
– It began with an e-mail sent to an employee at an energy company, and ended
with a security breach that exposed critical systems to outside control.
This is an-all-too common scenario, and just one example of the types of
threats targeting not only critical infrastructure
but organizations ge…
