A hacker has discovered a universal Cross Site Scripting (XSS) flaw that affects Internet Explorer 11 on Windows 7 and 8.1, and which could allow attackers to execute extremely convincing phishing attacks against Internet users.
Fake Facebook account suspension emails are doing rounds of inboxes around the world, trying to convince the recipients that their account has been temporarily disabled due to the social network's "Terms and Policies renewal": Seemingly coming from a Facebook email address and signed with "The Facebook Team," the email is likely to trick some of the recipients into following the offered link to the TermsPolicies.pdf.exe file hosted on what seems to be a compromised third party site (assetdigitalmarketing [dot] com).
Google Chrome users are being actively targeted with a spam email campaign impersonating the Internet giant, urging them to download a newer version of the popular browser because theirs is "potentially vulnerable and out of date": Unfortunately for those who fall for this scam, the offered link does not lead to the legitimate software, even though the executable is named ChromeSetup.exe.
The Business E-mail Compromise scam is alive and well, and expected to rise both when it comes to the number of victims and the total money loss sustained by them.
Bitdefender is warning Microsoft Office users against the emergence of a new spam campaign that is looking to trick antispam filters in order to allow spam to pass freely into mailboxes.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.