Jump to content


Photo

"Phishing" schemes - New Exploits


  • Please log in to reply
106 replies to this topic

#101 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 10,562 posts

Posted 21 January 2007 - 08:35 AM

FYI...

Mule pharming
- http://www.f-secure....7.html#00001084
"Fake web sites have been used to recruit money mules* for quite a while. When cops investigate phishing or carding cases, the trail usually ends with the mule who might not have realized at all that he's actually laundering money for crime gangs..."

(Screenshots available at the URL above.)

* http://en.wikipedia....wiki/Money_mule

:(

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#102 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 10,562 posts

Posted 22 January 2007 - 02:28 PM

FYI...

Phishing Attacks Continue to Grow in Sophistication
- http://news.netcraft...istication.html
Jan 15, 2007 ~ "Phishing attacks are continually evolving, as fraudsters develop new strategies and quickly refine them in an effort to stay a step ahead of banking customers and the security community. Here are some of the phishing trends and innovations we noted in 2006:
· Plug and Play Phishing Networks
· Phlashing (Flash-based phishing sites)
· Two-factor Authentication
· Hacked Bank Sites
· Continued XSS Vulnerabilities
· MySpace Phishing ..."

(More detail at the URL above).

:(

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#103 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 10,562 posts

Posted 23 January 2007 - 11:23 AM

FYI...

Google’s Anti-Phishing BlackList Exposed User Info
- http://www.finjan.co...d...=1230&lan=3
January 22, 2007 ~ "Finjan... reconfirms recent reports that Google have unwittingly exposed private user names and passwords on the Google anti-phishing blacklist, which did not use any access protection. Such sensitive information could potentially have been used to compromise user privacy, and could even have been used for identity theft or financial profit (as users generally have a single “web” password for most of their online accounts)... For a snapshot of the data leakage follow this link: http://www.finjan.co...pics/google.jpg ..."

(Pointers for home and corporate users available at the URL above.)

:eek:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#104 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 10,562 posts

Posted 30 January 2007 - 11:54 AM

FYI...

Vivio (e-mail phish) Lure Spreading Crimeware ...Bank phish...
- http://www.websense....php?AlertID=731
January 30, 2007 ~ "Websense Security Labs has discovered a new information-stealing, malicious code attack, which appears to provide more evidence that Russian-based malicious code writers and Brazilians are either working together, or are sharing tools or information. (Previous post: http://www.websense....php?AlertID=724 ).
If users click on the link within the email, they are redirected to a page that is hosted in Russia. That page attempts to exploit the user with the "VML" vulnerability. If the user's PC has not been properly patched, the site downloads and runs an executable called "stylecss.exe". This file is packed with "Yoda's protector"... and has an MD5 of b6b2ccb8d1b862fa92c71a17c1795af2. The file adds information to the Run key in the registry: (C:\Arquivos de programas\ExAlien.exe). Once running, the file is designed to steal information from end-users when they visit banking websites.

(Email screenshot available at the first URL above.)

(Vivio is a very large mobile carrier in Brazil)...

:eek:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#105 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 10,562 posts

Posted 30 January 2007 - 04:06 PM

FYI...

More phish than viruses now... per MessageLabs
- http://preview.tinyurl.com/2sa89n
Monthly Report: January 2007 ~ "Top line results of this report include:
Spam – 75.8% in January (an increase of 1.5% since December)
Viruses – One in 119.9 emails in January contained malware (an increase of 0.08% since December)
Phishing – One in 93.3 emails comprised a phishing attack (an increase of 0.55% since December)
For the first time, MessageLabs noted that the proportion of phishing attacks in email has now overtaken the threat from virus or Trojan attacks..."

:eek:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#106 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 10,562 posts

Posted 05 February 2007 - 05:58 PM

FYI...

Beware of IRS tax refund scams
- http://www.ksl.com/?...=172&sid=780389
January 5, 2007 ~ "With the new year comes tax season, and there's a renewed warning going out to be on the alert for tax scams... Mark W. Everson, IRS Commissioner: "The IRS does not send out unsolicited e-mails asking for personal information…Don't be taken in by these criminals." The IRS has seen a recent increase in these scams, many of which originate outside the United States. To date, investigations by the Treasury Inspector General for Tax Administration have identified sites hosting more than two dozen IRS-related phishing scams. These scam Web sites have been located in at least 20 different countries, including Argentina, Aruba, Australia, Austria, Canada, Chile, China, England, Germany, Indonesia, Italy, Japan, Korea, Malaysia, Mexico, Poland, Singapore and Slovakia, as well as the United States..."

:hmmm:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#107 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 10,562 posts

Posted 23 February 2007 - 04:02 PM

FYI...

Monster.com email lure (phish) to malicious code
- http://www.websense....php?AlertID=747
February 23, 2007 ~ "Websense® Security Labs™ has discovered emails that attempt to lure users to click on a link in order to upgrade their system security. The emails, which are spoofed from Monster, are written in HTML and claim that Monster systems have been upgraded and that users need to download a certified utility to be able to use Monster. The domain name that the emails point to are using five different IP addresses. Upon connecting to one of the IP addresses, the code is run, several files are downloaded and installed on the user's machine, and another file is downloaded and installed from a server in Denmark. The files appear to be designed to steal end-user information..."

(Screenshot available at the URL above.)

:eek:

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button