Latest news
Phishing campaigns once again proved to be among the most significant threats, with scammers targeting Chase and Barclays customers, as well as launching malware attacks against Amazon shoppers expecting holiday packages.
“The threats we uncovered last month illustrate the consistent reuse of tried-and-true attack methods slightly modified to target new groups of potential victims,” said Christopher Boyd, senior threat researcher at GFI Software. “Most cyber-attacks at any given time rely on old techniques deployed with a new disguise. The reason we see them again and again is quite simply because they work, and we anticipate 2012 to bring many fresh takes on old scams.”
In a continuing trend highlighted in the last VIPRE Report, bank related phishing is increasingly becoming a common threat. Barclays customers received messages from a free Yahoo email address claiming that their account had been suspended due to incorrect login attempts.
The phishers employed scare tactics by insisting information had to be provided to reactivate the account within a certain amount of time. Once the victim’s identity was submitted, they were redirected to the official Barclays website in order to further mask the crime. Chase clients were targeted by a similar phishing campaign last month as well.
Online shoppers also continue to be a popular pool of potential victims. Emails disguised as messages from Amazon fooled users into clicking a link to infected websites hosting Black Hole Exploit Kits. These kits are designed to take advantage of unpatched Windows operating systems and software. An infected PDF file was then downloaded to the victim’s computer which exploits a vulnerability in Adobe® Reader® and loads malware onto the system.
Another familiar cybercrime tactic that continued to gain momentum in December was scareware—fake antivirus software and system utility programs—that warn infected users of completely false threats to their computers. GFI Labs document several new variants of these rogue programs on its Malware Protection Center blog.
“Most malware is avoidable,” continued Boyd. “Knowing how cybercriminals operate and understanding how to recognize common attacks are the first steps toward keeping your PC clean and your personal information safe. Most cybercrime requires the victim to aid in the process. A little caution and common sense can go a long way in helping users avoid becoming unwitting accomplices.”
Spotlight
17% of the world's PCs are unprotected
Posted on 30 May 2012. | In a study that analyzed data from voluntary scans from an average of 27-28 million computers per month, McAfee researchers found 17% of the world is browsing the internet completely unprotected.
What's new in ISO 22301
Posted on 29 May 2012. | Currently there are many business continuity frameworks and standards around the world, but none of them have really taken the dominant position.
Trojan spyware promoted as Steam keygen
Posted on 29 May 2012. | To users looking for keygens for their Steam games, read on: we found something that will make you think twice and probably leave you steering clear of key generators forever.
New cyber weapon targets systems in the Middle East
Posted on 28 May 2012. | A new sophisticated piece of malware dubbed "Flame" has been discovered in systems belonging to users in many Middle Eastern countries and is though to have been developed by a nation state.
RuFraud scammers caught and fined
Posted on 28 May 2012. | PhonepayPlus managed to cut off a malware attack that took the form of premium SMS fraudulent apps masquerading as popular apps offered on Google Play and other online stores.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
 |
