jatiN mahindrA doT coM

Hijacked Brands Reach Record Level In Q4

Cybercrime syndicates are expanding the base of brands they exploit for online fraud beyond major financial institutions and online merchants, according to a new report from the Anti-Phishing Working Group (APWG). The number of hijacked brands reached a record 356 in October, up nearly 4.4 percent from the previous record of 341 in August 2009. "No brand is safe from the threat of spoofing for...

You May Be the Biggest Threat to Your Twitter Account

Twitter initiated a password reset to a bunch of user accounts who were suddenly following a couple of suspicious accounts. These accounts were determined to be involved in phishing scams related to torrent sites. "It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then...

Spam is Getting More Malicious

Symantec has released two new reports for the month of November – the State of Spam, and the State of Phishing (both PDFs). The reports highlight a dramatic increase in spam that contains malware. On top of that, junk and malicious email now accounts for close to 9 out of 10 email messages. The security firm says that a new generation of "Spam Princes" are rising, and that the Asia...

Uptimes For Phishing Websites Down 25%

The amount of time phishing websites remain online has dropped 25 percent over the last year, according to a new survey by the Anti-Phishing Work Group (APWG). The APWG says uptimes are a critical measure of how damaging phishing attacks are and the longer a phishing attack remains active, the more harm it causes consumers. The decrease signals collective progress is being made by the parties that...

Stealth Phishing Attack Looks Like Internal Email

Security company Trusteer Research issued a security advisory this week, dealing with a stealth new Zeus/Zbot phishing attack, which is aimed at harvesting enterprise log-in credentials for web banking, financial, HR, and SaaS accounts. "The attack is highly effective because it pretends to be an e-mail from the corporate IT department asking the user to update their Microsoft Webmail (OWA) settings,"...

Email Attacks Put Other Types of Accounts in Jeopardy

You’ve probably seen reports of big webmail phishing attacks over the week. A spokesperson for Symantec’s Message Labs tells WebProNews, however, that most reports have glossed over a key point to consider. That is that the potential impact on other aspects of victims’ online lives are in jeopardy as well. "The bad guys have more than just access to users’ email accounts,"...

FBI Nets 100 People In Phishing Ring

The FBI has charged nearly 100 people in the U.S. and Egypt as part of "Operation Phish Phry," one of the largest cyber fraud phishing investigations ever. The people charged in Operation Phish Phry targeted U.S. banks and victimized hundreds of account holders by stealing their financial information and using it to transfer around $1.5 million to bogus accounts they controlled. More than...

Watch Out for the Twitter Worm

There are numerous reports of a new Twitter worm that steals your log-in information and spreads its evil cause. The worm comes in the form of a direct message from someone you may know, and maybe even trust. If you get a direct message saying something along the lines of "rofl this you on here? http://videos.twitter.secure-logins01.com," don’t click it. The message will take you to...

Phishing Down, But Probably Only Temporarily

Spam is rising as we get closer to the Christmas holiday season according to Symantec, although they do say that phishing is down. The company has shared some findings from its September State of Phishing report. According to the report, there was a 45% reduction in phishing attacks between July and August. Symantec says this will likely be a short-term lull, however, reflecting the end of a particular...