Latest news
Cybercriminals target Google, LinkedIn and Mass Effect 3 users
Posted on 04.04.2012
During March 2012, GFI Labs documented several spam attacks and malware-laden email campaigns infiltrating users’ systems under the guise of communications purporting to be from well-known companies and promotions for popular products and services.
Google, LinkedIn, Skype and the video game Mass Effect 3 were among the brands exploited by cybercriminals in order to attract more victims.
“Taking advantage of the notoriety of companies, celebrities and major events is a tactic cybercriminals continue to use because it works,” said Christopher Boyd, senior threat researcher at GFI Software.
“They know that Internet users are bombarded with countless emails every day, and these scammers prey on our curiosity and our reflex-like tendency to click on links and open emails that look like they’re coming from a company we know and trust,” he added.
Google served as the hook for two particularly nasty scams uncovered by GFI in March. One SEO poisoning attack told users that “Google systems” had detected malware on their computer and directed them to download a rogue antivirus application.
Meanwhile, spammers inundated mailboxes with messages containing fake announcements for “Google Pharmacy,” a phony service touted as a “pharmaceutical interface for Google.” The body of the email consisted of a single image rather than text in order to circumvent spam filters. Victims who visited the URL contained in the image spam were directed to Pharmacy Express, a site linked to spam attacks since 2004.
Users of popular social networking site, LinkedIn, received fake invitation reminders redirecting them to a BlackHole exploit and infected their machines with Cridex, a Trojan that has targeted banks, social networks and CAPTCHA tests. Other cybercriminals targeted Skype users with a spam campaign claiming to offer free Skype credit, but instead, directed users to a compromised site hosting malicious Java exploits.
Finally, March has been awash with scams and cybercrime efforts revolving around the launch of Mass Effect 3, one of the most eagerly awaited games of the year so far. Among them, GFI Labs covered reports of users being duped with fake alternative ending downloads for the game, taking advantage of the well-publicized intention of the game's maker to clarify the ending, which has been broadly discussed online.
The fake downloads eventually lead users to a myriad of fake surveys and other affiliate marketing scams.
“If something seems off, users should trust their instincts and investigate further,” continued Boyd. “The important thing for everyone to remember is that the Internet provides us with the ability to easily double check every link or attachment that we come across with a simple web search. Pay attention to details such as link URLs and scrutinize where they are directing you if there is any doubt. This may sound like common sense, but having this mind set can often be the difference between avoiding a stressful attack and losing valuable time, money and personal information.”
Google, LinkedIn, Skype and the video game Mass Effect 3 were among the brands exploited by cybercriminals in order to attract more victims.
“Taking advantage of the notoriety of companies, celebrities and major events is a tactic cybercriminals continue to use because it works,” said Christopher Boyd, senior threat researcher at GFI Software.
“They know that Internet users are bombarded with countless emails every day, and these scammers prey on our curiosity and our reflex-like tendency to click on links and open emails that look like they’re coming from a company we know and trust,” he added.
Google served as the hook for two particularly nasty scams uncovered by GFI in March. One SEO poisoning attack told users that “Google systems” had detected malware on their computer and directed them to download a rogue antivirus application.
Meanwhile, spammers inundated mailboxes with messages containing fake announcements for “Google Pharmacy,” a phony service touted as a “pharmaceutical interface for Google.” The body of the email consisted of a single image rather than text in order to circumvent spam filters. Victims who visited the URL contained in the image spam were directed to Pharmacy Express, a site linked to spam attacks since 2004.
Users of popular social networking site, LinkedIn, received fake invitation reminders redirecting them to a BlackHole exploit and infected their machines with Cridex, a Trojan that has targeted banks, social networks and CAPTCHA tests. Other cybercriminals targeted Skype users with a spam campaign claiming to offer free Skype credit, but instead, directed users to a compromised site hosting malicious Java exploits.
Finally, March has been awash with scams and cybercrime efforts revolving around the launch of Mass Effect 3, one of the most eagerly awaited games of the year so far. Among them, GFI Labs covered reports of users being duped with fake alternative ending downloads for the game, taking advantage of the well-publicized intention of the game's maker to clarify the ending, which has been broadly discussed online.
The fake downloads eventually lead users to a myriad of fake surveys and other affiliate marketing scams.
“If something seems off, users should trust their instincts and investigate further,” continued Boyd. “The important thing for everyone to remember is that the Internet provides us with the ability to easily double check every link or attachment that we come across with a simple web search. Pay attention to details such as link URLs and scrutinize where they are directing you if there is any doubt. This may sound like common sense, but having this mind set can often be the difference between avoiding a stressful attack and losing valuable time, money and personal information.”
Spotlight
Information security executives need to be strategic thinkers
Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.
Large orgs in denial about own security breaches?
Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.
Vulnerability scanning with PureCloud
Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.
To hack back or not to hack back?
Posted on 12 June 2013. | If you think of cyberspace as a new resource for you and your organization, it makes sense to protect your part of it as best you can. But is it a good idea?
Reactions from the security community to the NSA spying scandal
Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
