"SPAMfighter News" - 6 new articles
Texas Attorney General Issued Security Alerts Against PhishingThe Texas Attorney General's office is issuing alerts against phishing scams and other mail scams, as reported by WOAI on October 21, 2008. The Texas Attorney General's office thinks that hackers are currently taking advantage of the present economic crisis in the US and using the Web to steal online users' money. As per them, it is an old scam with some modifications. Security researchers said that some inauthentic mails can be detected from a distance. They also revealed that the best to spot a fake mail is the text of the mail. The fraudulent mails do not use the name of the customer rather they use "Dear Customer". The letter also asks users to click on a link to confirm private details "or else". This kind of text, security researchers claim, is actual "phishing". Further, Spokesperson of Generations Federal Credit Union, Eve Hernandez, said that phishing is done by a person who has harmful intentions to steal private details online, as reported by WOAI on October 21, 2008. Eve said that hackers look for details such as name, driver's license, security number, maiden name of mother and other private details that can enable them to derive huge amount of money from the Web user's account. Security experts and researchers expressed their opinion that although phishing has been present for several years, nowadays it seems to be more authentic and professional. Security experts also added that hackers are increasingly using bank's name, logo and even look-alike sites to convince users so that they divulge their private details. That is the reason Generations Federal Credit Union is not taking any risks. Eve said that they continuously update their sites and provide effective guidelines that help users to identify what to watch out for. They also claimed that they have hired an organization to trace any hacker who tries to intrude and send phishing messages under the name of Generations Federal Credit Union. Also, they advised that if the members feel that they have got a phishing mail, they should immediately check and call the bank or Credit Union to enquire about the phishing mail. • Email to a friend • Related • Spammers Revive Old Airline-Ticket TrickAs per news reported by COMPUTERWORLD on October 20, 2008, security firm, Trend Micro Inc., stated that hackers are repeating an old summer trick to infect users' computers with malware. They are spamming a message that pretends to be fake airline boarding passes and ticket invoices from Continental Airlines Inc. According to Trend Micro, the spam mail expresses gratitude to the recipient for using the airline's new "Buy fly ticket Online" facility. It also offers a login user ID and password and tells the recipient that over $900 has been charged from his/her credit card. In fact, Trend Micro noted that the compressed file attachment of phony airline boarding passes and ticket invoices carries an executable file named "e-ticket.doc.exe", which in reality is a Windows worm that downloads other exploit codes onto the users' computers. Security investigators and analysts at TrendLabs said that the trick is the double-extension of earlier tactic used to dupe user into clicking the attachment, as reported by CATLECOPS on October 20, 2008. Meantime, during the assessment of the latest spamming tactic, security analysts at TrendLabs said that the zip file contains the worm called WORM_AUTORUN.CTO. This worm spread through removable drives as well as accesses Websites to download other malevolent files. It further exhibits the symbols of files relevant to Microsoft Word to escape detection and resultant removal. Security experts at Trend Micro said that the words "Your credit card has been charged" inside the message text simply add concern for the Continental ticket user. As a result, user becomes convinced to examine the 'flight information' by double-clicking on the attachment. Also, security analysts stated that this is yet another incident of 'spamming with e-tickets'. And, according to Trend Micro, the campaign is a renewed campaign since first observed in late August 2007. The airline name used at that time was Northwest Airlines, and the file attachment pointed to a fake anti-virus installation in place of a computer worm. According to security researchers, another airline that was similarly hit in late July 2007 was Delta Airlines Inc. • Email to a friend • Related • Hong Kong Again Emerged The Most Spammed CountryAccording to MessageLabs, Hong Kong experienced the maximum increase in spam levels that rose 13.2% in September 2008 to occupy the place of the highest spammed region with spam rates at 79.6% of the total e-mail sent. Announcing the findings of MessageLabs Intelligence Report for September 2008, the company said that the current results echo earlier results in April 2008 and May 2008 when Hong Kong was the worst spammed country. According to the security specialists, Hong Kong usually remains among the three highest spammed countries in the world. Moreover, Hong Kong is a global commercial and financial hub, having a high percentage of foreign, especially western businesses, according to Mark Sunner, Chief Security Analyst of MessageLabs,. Consequently, online security threats hitting organizations located in Hong Kong increasingly resemble those confronted across the world in both nature and scale, as reported by ComputerWorld on October 20, 2008. Sunner further said that although the spam rate in Hong Kong declined in August 2008, local-language spam made up 7% of all spam heading particularly for Hong Kong. In addition, the report states that that sexually explicit and adult Web content made up 1.7% of the total Web content blocked in September 2008. This indicates that companies have stepped up to face the risks emerging from the World Wide Web as well as proactively safeguarding their business from those threats. At the same time, they are maintaining worker productivity and acceptable usage procedures. Moreover, according to the report, analysis of security activity shows that 45.9% of the total web-borne malware blocked were new during September 2008. Further, the world ratio of viruses through e-mail in total e-mail from previously unknown and new malicious sources was 0.76% during the month. Also, 6.3% of malware through e-mail contained links pointing to malicious Websites, declined by 11.3% since August 2008. Also, states the report that e-mail traffic dispatched to the US, U.K, Australia, Germany and Hong Kong represents over 97% of the worldwide spam volumes that MessageLabs filters. • Email to a friend • Related • FTC Outlines Tips to Avoid SpamAs per a news released by the FTC (Federal Trade Commission) and North Country gazette published it on October 18, 2008, the Commission asks online users to stay protected from spam mails. It also urges users to forward such e-mails to spam@uce.gov, in case they suspect any message to be deceptive or sent by spammers. According to reports, FTC utilizes its spam database to carry out law enforcement procedures against people sending spam or deceptive e-mail. Discussing the spammers' operation modes and spamming tactics, FTC commented that a spammer purchases a catalog of e-mail IDs from a broker, who gathered the addresses by harvesting them online. If anyone's e-mail ID surfaces on a Website posting or in a chat room, or in the membership directory of an ISP, it might make its way to the spammers' catalogs. Following this, the spammers employ special software with which they send massive volumes of e-mails to the compiled addresses. However, to raise awareness among internet users how to avoid spam messages, the FTC issued an advisory giving some excellent privacy and security tips. FTC said in the security advisory that do not respond to a spam mail or a pop-up message asking for financial or other personal information. It is advisable to avoid clicking links embedded on the e-mail though the link seems to arrive from the recipient's bank. Also, the FTC recommends users not to copy such a link and paste it into their browser. According to the agency, phishers or spammers create links in such a way that they appear to go to a particular Website, but actually divert the user onto a different site. FTC further adds that some e-mail spammers call over the phone using an automatic message, or dispatch e-mails pretending to be sent by an agency. The e-mail message often asks the recipient to contact at a given phone number to update her/his account details. FTC again urges to avoid making such calls. Additionally, users must deploy firewalls and up-to-date anti-malware software, concludes FTC. • Email to a friend • Related • FBI Nets Cyber Criminals Under the Cover of 'DarkMarket' WebsiteAs per a report published in Wired's Threat Level blog, DarkMarket.ws, a forum for cyber criminals, is frequently visited by spammers, phishers, identity thieves and online scammers to buy stolen data and to share tips, revealed after the FBI (Federal Bureau of Investigation) sting. Reports from another news site, Wired, published in the 2nd week of October 2008 suggested that the FBI used Dark Market's Website to create its users' profiles. The agency traced the users' IP addresses and monitored their movements on the Website and was able to catch a large number of internet scammers. Reports also stated that the number of online criminals arrested via the FBI's sting operation further helped the Investigation Bureau to capture compromised accounts preventing the financial loss of nearly US$ 70 Million in online fraud. As a result, a huge number potential spamming, phishing or ID theft attacks from the cyber criminals were also prevented. Additionally, the reports present the FBI's disclosure of the site operators. The site is operated by none other than FBI which had registered over 2,500 members. A number of registered members were found to be phishers, identity thieves or online scammers, reveals after investigation. FBI in its report of investigation stated that the products being traded on the DarkMarket Website ranged from specially designed hardware to e-banking login details that were collected via phishing attacks to stolen confidential data. Both types of information are needed to know a consumer's full identity so that scammers may commit financial frauds against different people. However, prior to revealing the Website's details, it was thought that the site running by a cyber criminal named Master Splyntr. On October 13, 2008, German Public Radio reported that the FBI had been running the sting operation against DarkMarket.ws since late 2006, and that Master Splyntr was in fact an FBI agent named J. Keith Mularski, trying to catch phishers and online scammers. Further, according to the reports, Federal Bureau of Investigation ran the sting operation in cooperation of the UK's Serious Organized Crime Agency and authorities in Germany and Turkey. • Email to a friend • Related • AVG Labels ZoneAlarm as Malicious & Infected With TrojanAccording to news reports published by TheRegister on October 16, 2008, a tricky anti-virus update from AVG Technologies wrongly tagged the popular ZoneAlarm firewall as a Trojan virus. Security specialists at AVG Technologies stated that the wrong AVG definition flagged up ZoneAlarm containing the Agent_r.CX Trojan horse. Security company, Grisoft, which found AVG anti-virus, issued a warning that certain files of ZoneAlarm software inside zlsSetup_70_483_000_en[1].exe, a zip file containing inactive set-up files involved in Check Point's ZoneAlarm, were infected with the Agent_r.CX Trojan. Meanwhile, the fake warning soon filled up the ZoneAlarm user forum with postings from concerned users. ZoneAlarm users, who rushed to the widely accepted anti-virus package together with the security software from Check Point, found an improperly working firewall, mysterious reports announcing infections and an incapability to reload their ZoneAlarm software. Moreover, the problem emerged on ZoneAlarm support forums and remained until the early morning hours of Tuesday (October 14, 2008) when AVG Technologies issued a notice that the false warning was fixed. Before that, ZoneAlarm users confronting the problem managed to bypass the problem provided they knew the process of adding ZoneAlarm's directory path as exclusion to anti-virus scrutiny. Furthermore, an AVG spokeswoman acknowledged in a statement that the company accidentally declared the Check Point's ZoneAlarm as a Trojan virus, and the detection stayed for about seven and a half hours. However, the company had resolved the issue as soon as the problem was notified to it. They had also added the software to their white list, the spokeswoman said, as reported by TheRegister on October 16, 2008. Moreover, security specialists said that erroneous anti-virus software files do turn up within the security industry over sporadic periods of time. The AVG Technologies' case is particularly notable as it involves a blending of popular security suites that only a small number of users are inclined to run. Furthermore, false alarms commonly cause difficulties when they pronounce common JavaScript applications, or Windows systems files, for instance, as potentially malevolent, the experts explained. • Email to a friend • Related • |
Click here to safely unsubscribe now from "SPAMfighter News" or change subscription settings
Unsubscribe from all current and future newsletters powered by FeedBlitz
| Your requested content delivery powered by FeedBlitz, LLC, 9 Thoreau Way, Sudbury, MA 01776, USA. +1.978.776.9498 |
0 comments:
Post a Comment