VB Migration

Tag: social engineering

  • Symantec warns of rigged Google search links

    Advanced search options lead clickers straight to junk sites. Spammers have found a novel use for Google ‘s advanced search options and ‘I’m Feeling Lucky’ function, using a combination of website setup and custom searches to create genuine Google search links which will lead directly to their sites. Spams have been spotted by researchers at…

  • Phishing trojan targets Mac OSX

    DNS hijack disguised as codec threatens Apple systems. A new trojan affecting Apple ‘s Mac OSX operating system – a relative rarity in the malware world – has been seen in the wild. The trojan, thought to belong to the highly prevalent Zlob (aka Puper) family, is being served by numerous fake codec sites, linked…

  • Storm spams promise spooky Halloween

    Tricks not treats as skeleton game emails link to attack. The ‘Storm’ attack has once again taken advantage of a popular cultural occasion to spam out the latest wave of links to fake online games, which hide new variants of trojans designed to hijack systems and add them to a global zombie network. Previous dates…

  • Pump-and-dumpers move on to MP3 spam

    Audio files latest stock pushing tactic. Pump-and-dump spammers have moved on from image spam, PDF spam and Excel spreadsheet spam to try out yet another file type: MP3 audio files. In pump-and-dump scams, crooks buy up swathes of cheap ‘penny’ stocks, send out massive advertising campaigns trying to convince recipients that the company is worth…

  • Storm attack strikes back

    Cute kitten cards cover latest wave of malware. The Storm attack has returned with yet another wave of blended attacks, with links to the drive-by download sites of the initial trojan spammed out under cover of humorous kitten ecards. The ecard tactic has been a favourite of the gang behind the attack for some months…

  • Storm DDoS hits anti-scam sites

    419 fighters attacked – NFL and TOR latest spam hooks. The massive botnet amassed by the ‘Storm’ (Zhelatin/Nuwar/Dorf/etc.) attack continues to target new victims, with the TOR online anonymity system and the start of the NFL season in the US the latest social engineering tactics to trick spam recipients into installing the trojans. Over the…

  • YouTube latest Storm hook

    Fake video links aim to pull in yet more victims. The never-ending stream of ‘Storm’ attacks continued over the weekend with a new tactic – the latest spammed email campaign contained links claiming to lead to videos on highly popular entertainment site YouTube . The simple emails follow in the wake of several similar campaigns,…

  • Latest Storm barrage offers site memberships

    New tactic provides logins to special-interest sites. The ‘Storm’ attack has changed tactic yet again, with the latest set of spams providing login details to a wide selection of sites covering various interests. Once visited, the sites try to trick victims into downloading the latest version of the trojans used to infect more systems and…

  • Phish poses as Sophos malware alert

    Fake security alarm lures users to spoofed site. A phishing email recently spammed out uses the name of security firm Sophos to lend credence to a fake malware alert, designed to trick readers into visiting a spoof site and handing over sensitive login details. The email, claiming to originate from financial services giant Merrill Lynch…

  • Fake malware infection alerts spammed out

    Latest spam run masquerades as malware warning and fix. The group behind last week’s Fourth of July spams are thought to be behind another campaign this week, with messages claiming to warn of malware infections detected on the recipient’s system, and a trojan waiting to be downloaded if a link to an alleged patch is…