Items tagged with Phishing

Google has a message for webmasters serving up malware and it goes something like this: Fool me once, shame on you. Fool me twice, shame on me. Going forward, Google is plugging what it calls a "gap" in its online protection scheme that allowed sites serving up malicious content to become repeat offenders without much repercussion or warning to users. In the past, sites that ran afoul of Google's "Malware, Unwanted Software, Phishing, and Social Engineering Policies" were temporarily branded with a warning to users. The brand would remain until Google could verify that the site is no longer serving... Read more...
Twitter needs to get a handle on its Promoted Tweets feature and it needs to do it quickly. The problem has to do with vetting, or lack thereof. We don't know how widespread the problem is, but there is at least one Promoted Tweet going around that is nothing more than a phishing scam preying on the desire of Twitter users to have a verified account.The microblogging service previously reserved restricted accounts for Twitter users that it identified on its own as being worthy of such a badge, typically celebrities, famous athletes, popular media personalities, and other prominent users. A little... Read more...
There are many different ways of hacking into a person's email account. Some are rather sophisticated and involve a lot of effort, while on the end of the spectrum a scheme known as phishing is one of the easiest methods—all you need is a cooperative victim with limited technical savvy. Hackers found both in John Podesta, Chairman of the Hillary Clinton presidential campaign.What is even more startling is that hackers found the same in Clinton's IT staff. It now appears that it was not some complex hacking that compromised the security of Podesta's email account, it was the inability to recognize... Read more...
We talk a lot about the importance of businesses beefing up security to protect from the threat of those who might want to gain access to internal networks. Last week, we were given another great example of why: an integral piece of Linux software suffered a bug that at first seemed modest but turned out to be quite severe. These issues can creep up out of nowhere, and those who actively beef up their security will be those who suffer the least amount of hassle in the future. As important as that kind of security is, though, some of the biggest flaws inside of a company can be the employees... Read more...
Computer hackers accessed personally identifiable information and financial details belonging to around 1,400 University of Virginia workers as part of an email phishing scam, the University announced. An internal investigation determined that the culprits first accessed the stolen records in early November 2014 and continued to pluck private data up through early February 2015. The phishing emails were successful in tricking an untold number of recipients with access to the University's Human Resources system into coughing up their usernames and passwords. Once the hackers had the necessary login... Read more...
ICANN, a non-profit organization that is responsible for looking after the names and domains of the Internet, announced that it has suffered a serious phishing attack that compromised its data. An investigation is underway, but ICANN believes that it was the victim of a “spear phishing” attack that was first initiated last month. Fake email messages that appeared to come from the company’s own domain had been sent to employees. As a result of the attack, the email credentials of several ICANN staff members were compromised. In addition, ICANN stated that its Centralized Zone... Read more...
Another day, another exploit/attack/hack/breach/phishing scam to worry about. This one concerns Valve’s Steam Guard Protection and a new phishing scheme that, if successful, allows a cybercriminal to steal a file that will bypass the Steam Guard Protection and allow the thief to log in to the victim’s account from any computer. The above is a fake--a phishing attempt Malwarebytes detailed how the scam works. When you attempt to log into Steam on a different machine and Steam Guard asks you to submit a verification code it will let you in. However, if the phisher gets you to fall for... Read more...
Symantec, which has been making antivirus products for decades (including Norton, the first piece of software most people would try to remove from a new PC), is getting out of the antivirus game, sort of. Brian Dye, Symantec's senior vice president for information security, told the Wall Street Journal that in Synamtec’s view, antivirus is dead. "We don't think of antivirus as a moneymaker in any way," he stated. That doesn't mean the company is completely abandoning Norton, but it is heading in a new direction. Basically, instead of primarily focusing on keeping the walls secure, Symantec... Read more...
We live at a quizzical time in technology. The tech boom has revolutionized the world, and the innovations that are pouring out of brilliant minds are incredible in both their frequency and content. But there is also a backlash against a lot of technology, perhaps highlighted best by the curious rage that Google Glass seems to engender in a startling number of people. To gauge attitudes about technology’s future, the Pew Research Center did what it does and conducted a survey. Primarily, the study looks at our collective level of excitement or fear over current and future technologies. “Overall,... Read more...
Kaspersky released its Safe Browser for Windows Phone, months after putting out the same product for iOS and days after making a similar one for Android. The app does exactly what you think it does, by blocking access to potentially dangerous sites with a warning page to protect against phishing attacks. Designed for both personal and corporate use, Kaspersky Safe Browser also allows users (read: IT admins) to select certain app settings to make sure the device is in line with the company’s security requirements. It’s good to see more security measures for mobile devices. Too many users... Read more...
Although news about Target’s huge data breach broke almost two months ago, the post-mortem has persisted, and a security firm has posted a detailed breakdown of what went wrong. The story is unnerving, to say the least, as it’s not so much about system-wide failures or anything so big as it is about how all it takes for a body with so many moving parts to fall apart is one weak link and some good old-fashioned phishing. It’s already been established that the breach appears to have emanated from a malware email phishing attack on a Pennsylvania HVAC company called Fazio Mechanical... Read more...
According to security company Kaspersky Labs, hackers and cybercriminals are targeting gamers, with 11.7 million attacks on gamers in 2013 and some 4.6 million pieces of malware specifically designed to target them. Kaspersky says that’s about 34,000 attacks per day, on average. It’s perhaps not terribly surprising, though, as gaming enthusiasts present a growing attack vector. "Gaming has an ever-increasing fanbase, which also means that the number of potential victims for cyber criminals is rising as well,” said Christian Funk, Senior Virus Analyst, Global Research and Analysis... Read more...
A study from the Polytechnic Institute of New York University examining the factors that cause people to be more susceptible to phishing attacks found strong correlations between gender, certain personality traits, and openness orientation to social networking and being more vulnerable to such an attack. The three authors of the study, which include individuals from computer science; electrical and computer engineering; and technology, culture, and society areas, used the Big Five personality framework as a reference point in determining the traits that might contribute to a greater vulnerability... Read more...
One of the worst possible things that could happen to Facebook would be if it became overrun with phishing scams. Users would start jumping ship in droves. Of course, Facebook users are certainly no strangers to phishing--they’ve seen everything from fake screens asking for your login credentials to baited “Hey bro, i’m in london and need money, can u help me out?” messages--but the busy bees running the social network have done a rather remarkable job of fending off too much of the stuff. Classic Facebook phishing: A fake page for stealing login credentials where anything... Read more...
1 2 3 Next