"SPAMfighter News" - 3 new articles
Spear Phishing E-Mails Attack LinkedIn MembersAbout 10,000 users of the professional social networking Website LinkedIn.com were recently targeted in a customized scam that asked recipients to download a malicious software. Journalist Brian Krebs of Washington Post, who was the first to report the news, said that the scam e-mails addressed its recipients by name to add to it an element of authenticity, as reported by SCMagazine on October 9, 2008. Security specialists state that the e-mails in the campaign were spoofed to appear as if they had come from support@linkedin.com with the subject title, "Re: business contacts". Furthermore, a part of the message said that the site managed to send a catalogue of business addresses the recipient had requested for. The remaining message then asked the user to click on an attachment providing the catalogue of business contacts. But it installed a malicious program on the system to steal sensitive credentials from the targeted PC, like usernames and passwords. Security specialists further revealed that spear phishing attackers are aiming at the members of Websites for social networking like LinkedIn as its users are accustomed to getting e-mails from those Websites. According to David Marcus, Director for Security Research and Communications at McAfee's Avert Labs, the rate of success of spear phishing attacks is considerably higher than the conventional malicious attacks. A lot of people have got a phishing or spam message starting with "Dear banking customer", that they deleted. However, many people have not received e-mail that specifically addressed them, as reported by SCMagazine on October 9, 2008. Marcus further said that normally, a scammer would try to obtain the information database containing names, e-mail IDs along with other identifying details either by hacking or by purchasing the information database from cyber crime markets. Subsequently, the scammer would utilize that information for crafting an official looking e-mail to send it to his target. Elucidating the problem, Krista Canfield, Spokesperson of LinkedIn, stated that these e-mails were not distributed through LinkedIn's own network, as reported by Washington Post on October 8, 2008. The site advises users to connect to only people known to them. • Email to a friend • Related • Spam Mails Hitting Workers' Mailboxes in the UKInternet security firm MessageLabs recently conducted a research, which reveals that employees working in the city of Scarborough, UK, receive an average of 9.7 spam mails per day. Scarborough ranks 139th among the total of 229 towns and cities the company surveyed, ahead of Bristol and Newcastle. Further, workers in some towns like Egham in Surrey receive a huge 189 unsolicited e-mails each day, while those working in Alton Hampshire receive similar messages at a mean of 167 times. However, Fareham, also in Hampshire, is spammers least preferred target as staff there gets a mean of merely two messages per week. Meanwhile, businessmen acknowledged that spam mails have made an impact on their businesses. According to one entrepreneur, businessmen receive thousands of spam messages, and they are now extremely careful that they don't open them. The entrepreneur also said that they had been hit twice by spam carrying viruses that caused their computers to crash, and such a phenomenon of systems going down could be extremely dangerous to businesses. Further, MessageLabs' analysis suggests that companies bear higher rates of spam that belongs to IT services, manufacturing and recreation sectors. The third sector (recreation) makes up a considerable part of Scarborough's economy, and is more vulnerable to spam due to its very character of business in which e-mail IDs commonly belong to the public domain. Similarly, manufacturing businesses might also suffer from a high rate of spam, as the sizes of organizations seem large to the external world, but there is a much smaller number of employees who are online have a valid e-mail address. Separately, MessageLabs also declared the outcome of its US survey in which the company indicated that Indiana inboxes were on the list of the top ten destinations for spam in the US. The Hoosier state ranked 7 for receiving unsolicited e-mails. These e-mails accounted for 87.6% of all e-mails. And while neighboring Illinois ranked 1 in the study, the cluttering of mailboxes with junk messages is a widespread problem nationwide, and MessageLabs estimates that over 80% of all the e-mails are regarded as spam. • Email to a friend • Related • Romanian Hacker Pleaded Guilty for Defrauding Over 7000 PeopleA federal court in Minneapolis, US, found a Romanian hacker, named Sergiu Daniel Popa, guilty for possessing more than 15 unauthorized access devices and aggravated identity theft. This 22-year-old hacker is currently facing 10 years of imprisonment following a theft of $700,000 (£413,000) through phishing e-mails. As per the prosecutor, Popa cheated 7,000 internet users by sending fake e-mails in names of reputed financial services firms like Citibank and PayPal. The recipients of Popa's e-mails led to fraud Websites where they were asked to provide their valuable credentials such as names, PIN codes, addresses, bank accounts, credit card numbers. Moreover, this hacker was allegedly involved in selling phishing kits with complete instructions on how to make fake credit cards. It may be noted that Spain had extradited Popa to the US in June 2008. The US Attorney's Office for Minnesota stated that Popa maintained two e-mail accounts during June 2000-February 2007. He used those accounts to steal personal data and other sensitive financial credentials of online consumers by means of phishing. Popa admitted that he had a motive to steal personal and important information like credit cards, PIN numbers and names of about 21 individuals. He also confessed that he had performed aggravated identity theft without having the legal authority. According to the FBI, it started investigation in Popa case in January 2005 and charges were imposed against him in June 2007, before Spain extradited him to the US in June 2008. Graham Cluley, Senior Technology Consultant at Sophos, said that the authorities have made commendable efforts in handling Popa's case and presenting him for a trial in the court. Further, he expressed his regret over the cyber crime that is still carried out by several other criminals who are trying to take benefit of the ignorant internet users by robbing them off their identities, as reported by PCAdvisor on October 10,2008. Moreover, according to Graham Cluley, internet users should make sure that they are fully protected from such phishing attacks, and should be cautious enough while responding to the emails asking for their financial information, as reported by ComputerWeekly on October 10, 2008. • Email to a friend • Related • |
Click here to safely unsubscribe now from "SPAMfighter News" or change subscription settings
Unsubscribe from all current and future newsletters powered by FeedBlitz
| Your requested content delivery powered by FeedBlitz, LLC, 9 Thoreau Way, Sudbury, MA 01776, USA. +1.978.776.9498 |
0 comments:
Post a Comment