Free Republic

Virus hunters are raising the alarm for a large-scale spam attack that uses fake Facebook password-reset messages to trick PC users into downloading a dangerous piece of malware. The malicious executable is linked to the Bredolab botnet, which has been linked to massive spam runs and identity-theft related attacks. Here’s a sample of the Facebook password-reset messages hitting e-mail inboxes this morning: According to Websense, the address of the sender is spoofed to display “support@facebook.com,” a trick commonly used to trick targets into believing it’s a legitimate e-mail from the popular social network. The messages contain a .zip file attachment...

No one is immune from cyberthreats, not even the head of the FBI. FBI Director Robert Mueller was banned by his wife from doing online banking after he nearly fell for a phishing scam, he said on Wednesday during a talk at the Commonwealth Club of California. He received an e-mail purporting to be from his bank that looked "perfectly legitimate" and which prompted him to verify some information. He started to follow the instructions but then realized that that "might not be such a good idea," he said. "Just a few clicks away from falling into a classic Internet...

The FBI on Wednesday announced that it had charged 53 defendants, the largest number ever charged in a cybercrime case, following a multinational investigation into a phishing scheme that operated in the United States and Egypt. Thirty-three of the 53 defendants named in the indictment have been arrested, the FBI said, and several others are being sought. The investigation, dubbed "Operation Phish Phry," began in 2007. Authorities in Egypt have charged 47 defendants linked to the phishing operation. Phishing is a form of social engineering that attempts to convince Internet users, via e-mail or other means, to provide online credentials...

ALERT! COMCAST EMAIL USERS.... Keep an eye open for phishing emails today. I've received TWO from the same person. See headers and email below. DO NOT REPLY or FORWARD. See below how to handle these emails. Return-Path: skulekci@cox.net Received: from imta11.westchester.pa.mail.comcast.net (LHLO IMTA11.westchester.pa.mail.comcast.net) (76.96.62.22) by sz0165.ev.mail.comcast.net with LMTP; Sun, 16 Aug 2009 12:48:50 +0000 (UTC) Received: from fed1rmmtao107.cox.net ([68.230.241.39]) by IMTA11.westchester.pa.mail.comcast.net with comcast id V0oc1c00W0ricp80B0ocp0; Sun, 16 Aug 2009 12:48:49 +0000 X-Authority-Analysis: v=1.0 c=1 a=03BE8P92kNoA:10 a=B2Z70H6xJSUkDJ515Yrr0Q==:17 a=7IhTD8vkESaNYZtRJxgA:9 a=-6uiuEKKr_hCM7RAdZYA:7 a=CpA5JfuKFtJpqYyoAsU9_fVhKq8A:4 a=H74sq46YGBEA:10 a=FpThlCNnufZFiDQM:21 a=xeKNeA5vEFupyxM6:21 Received: from fed1rmimpo01.cox.net ([70.169.32.71]) by fed1rmmtao107.cox.net (InterMail vM.8.00.01.00 201-2244-105-20090324) with ESMTP id <20090816124835.MYJR21470.fed1rmmtao107.cox.net@fed1rmimpo01.cox.net>; Sun, 16 Aug 2009 08:48:35...

Note: The following text is a quote: Spam, Phishing, and Malicious Code Related to Recent Celebrity Deaths added June 26, 2009 at 10:44 am US-CERT is aware of public reports of an increased number of spam campaigns, phishing attacks, and malicious code targeting the recent deaths of Michael Jackson and Farrah Fawcett. These email messages may attempt to gain user information through phishing attacks or by recording email addresses if the user replies to the message. Additionally, email messages may contain malicious code or may contain a link to a seemingly legitimate website containing malicious code. US-CERT would like to...

Have you received some odd messages from your friends on Facebook lately? Are they suddenly attempting to sell you pharmaceuticals? Or perhaps you've received a cryptic "Check this out!" followed by a link to a page that looks something like Facebook, only it asks you for your log-in information again? It's a common phishing tactic, and scammers have recently been blanketing Facebook with it. A new wave of phishing and spamming attacks is hitting Facebook users as scammers attempt to get hold of their passwords, the social networking site acknowledged in a statement. Similar phishing and spamming scams -- in...

E-mail Scams Exploit Fears Around Swine Flu Outbreak To Lure Victims: Phishers and spammers have caught swine flu fever and are exploiting fears around the outbreak to try to sell pharmaceutical products or steal information, security experts said Tuesday. The e-mail scams have a subject line related to the swine flu and typically contain either a link to a phishing Web site or an attachment that contains malicious code, the United States Computer Emergency Response Team (US-CERT) said in an advisory. One scam features a malicious Adobe PDF document titled "Swine influenza frequently asked questions.pdf," according to Symantec. The malicious...

It was one of those things she never does. But, Wednesday night, when Amory Wooden, 27, received a Facebook message from a friend directing her to a new Web site, she clicked on it. Not only that, once fbstarter.com popped up in her browser, she typed in her Facebook user name and password. She had no idea she'd been hoaxed until Thursday morning, when messages from Facebook friends started pouring in about how they all fell for it. "I don't know why it stumped everybody," the New Yorker told ABCNews.com. "I've been on Facebook for five years … I never...

What's the best way to disguise a phishing attempt so no one can tell where a request for personal information or a password really came from? Easy: Send it via text message."Smishing" is the name being given to the not-entirely-new but growing practice of sending phishing come-ons and scams via SMS message. And spammers are apparently finding it an increasingly easier proposition to text a phishing message to you rather than to email it traditionally.Why's that? You've probably received hundreds or thousands of phishing emails and immediately saw through the ruse: Images were broken, the "from" address was wrong, words...

So, I'm sitting there today working on something for a client when I received an unsolicted Skype Message with an "Important Business Proposal". I normally mess with these guys a little, just to waste their time , but as I was on the phone to a client I just decided to get rid of him quickly.As you can see - he was suprisingly honest about his ultimate intentions. This is how the scam works Mr Dutu, or Mrs Dutu is usually writing to you from a yahoo or other free email address. It usually doesn't address you by name. It...

You could probably see this one coming. With all of the confusion and money involved you knew there would be cyber-vultures out there looking to cash in. Well the Federal Trade Commission today issued a warning that indeed such increased phishing activities are taking place. Specifically the FTC said it was urging user caution regarding e-mails that look as if they come from a financial institution that recently acquired a consumer's bank, savings and loan, or mortgage. In many case such emails are only looking to obtain personal information - account numbers, passwords, Social Security numbers - to run up...

Excerpt - SAN FRANCISCO (AFP)--Internet security researchers warned Thursday that hackers have caught on to a "critical" flaw that lets them control traffic on the Internet. ~ snip ~ "We are in a lot of trouble," said IOActive security specialist Dan Kaminsky, who stumbled upon the Domain Name System (DNS) vulnerability about six months ago and reached out to industry giants to collaborate on a solution. "This attack is very good. This attack is being weaponized out in the field. Everyone needs to patch, please. This is a big deal." ~ snip ~

A federal judge today sided with the Bush administration in a Freedom of Information Act (FOIA) lawsuit related to missing White House e-mails. Judge Colleen Kollar-Kotelly, who is probably most familiar to Ars readers for her role in the Microsoft antitrust case, held that the White House's Office of Administration was not a federal agency as that term is defined by the FOIA and was therefore not obligated to respond to FOIA requests. The ruling represents a setback for the plaintiff, Citizens for Responsibility and Ethics in Washington (CREW), which was also behind the White House e-mail lawsuit we covered...

From Times OnlineApril 23, 2008 Executives harpooned by online 'whalers' Spies and conmen target bosses in e-mail attacks to install malicious software with access to most privileged data Jonathan Richards Corporate bosses have become the latest target of cyber-criminals, after a string of attacks in which senior management have been singled out to receive fraudulent e-mails. Internet fraudsters have taken to sending personally addressed e-mails to chief executives and other high-level executives with a view to installing malicious software on computers that have access to the most privileged company information. In the latest e-mail scam, known as "whaling" because it...

This is a copy of an Email forwarded to all Army Installation Tour Recreation (ITR) Offices, and Key Army Morale Welfare Recreation (MWR) managers at Army Bases worldwide. On March 29, someone in Vancouver Washington established a "phishing" site at HYPERLINK http://mwr.army-support.com. Many ITR/ITT offices and some Army IT staff received an unsolicited email, on Sunday afternoon. This is not a legitimate offer, it is not a legitimate site. It gives the appearance of being part of the official Army MWR web site http://www.armymwr.com/, but the other site is not authorized. This site is in violation of U.S. copy write...

I must send my thanks to whoever sent me the one about poop in the glue on envelopes because I now have to use a wet towel with every envelope that needs sealing. Also, now I have to scrub the top of every can I open for the same reason. I no longer have any savings because I gave it to a sick girl (Penny Brown) who is about to die in the hospital for the 1,387,258th time. I no longer have any money at all, but that will change once I receive the $15,000 that Bill Gates/Microsoft and AOL...

How best to Clean up the InternetWe all know this is a job that has be be attended: we have got phishers, pharmers, hackers, bank robbers, sleazes sending out RATS and robots, taking over our computers, stealing our identity, credit cards, bank funds, and birth days, plotting conspiracy, and sending sleazeover OUR networkIn his book "Geekonomics: The Real Cost of Insecure Software" David Rice describes our condition as a "market failure": the current Market Incentives are not producing results most beneficial to society.David rails over "insecure software" and that is certainly a big part of our network troubles today, but...

http://forums.ebay.com/db2/thread.jspa?threadID=1000565444&start=0 Ebay was hacked today. Users complete credit card information was being posted today on eBay's Trust and Safety board including name, cc number, CCV, paypal info, etc. It took eBay over 90 minutes to finally pull down the Trust & Safety server to remove the publicly posted information. If you have an eBay or PayPal account, you might want to monitor the above link.

Monster beefs up security after breach Aug 29, 2007 Monster Worldwide Inc., a major online job-search site, said Wednesday it was beefing up its security measures following a significant data breach this month. Sal Iannuzzi, the company's chairman and chief executive, said the company was improving its surveillance of how the site is used as well as limiting the way data can be accessed. Iannuzzi declined to provide specific details about how the new security measures will work, saying he didn't want to make them vulnerable to potential hackers. While Iannuzzi said the company couldn't provide an absolute guarantee against...

For American trucker, Mark R. Taylor, of Warren, Arkansas, MySpace.com was a place to keep in touch with friends and co-workers from his days as a truck driver hauling the mail in Iraq and with fellow truckers in the United States. For Truck It Records’ recording artist, Joey Holiday, it was a place fans could come to see music videos and send messages to their favorite performer. That changed on August 21, 2007, when Taylor, a friend of Holiday’s, opened his MySpace inbox and found a message purportedly from Holiday claming to be a “Hysterical Video” using Taylor’s image. Suspicious,...

The IFrame code that leads to drive-by exploits.(Credit: Trend Micro) Over the weekend, thousands of legitimate English-language Italian Web sites fell victim to one line of code. Taking advantage of the trust the users have in the sites they visit, the malicious code silently redirects browsers via JavaScript to servers containing a variety of drive-by exploits. If the visiting computer is unpatched for a variety of operating system, browser, and specific application flaws, malicious code is downloaded. Once installed, the new software can then be used to steal personal information or enlist a compromised machine in attacks on other machines....

Online criminals are using Windows registration pages as new way to fool consumers into divugling confidential information, researchers with Symantec have noticed. The security firm said that it has spotted a new trojan that steals credit card information by posing as an anti-piracy control for Windows XP. The phishing trojan mimicks the behavior of Microsoft's Windows Genuine Advantage (WGA) anti-piracy software, which tracks down pirated copies of the operating system. On startup, the trojan produces a window informing the user that their copy of Windows has been activated by another user. In order to "re-activate" Windows, the software asks the...

"Microsoft has launched a marketing campaign that lets any student at an Australian university buy the Ultimate edition of Office 2007, usual price $1,150, for only $75 — a discount of about 93%. But when students go to the promotion site, Microsoft Live OneCare pops up a warning that the site may be a phishing scam. The warning reads: 'Phishing filter has determined this might be a phishing website. We recommend that you do not give any of your information to such websites. Phishing websites impersonate trustworthy websites for the purpose of obtaining your personal or financial information.'"

*** IT Security Alert *** ** This is a very serious matter ** Increasingly over the past few weeks, specifically targeted social engineering attacks have been made via email messages designed to be extremely tempting to target recipients. These attacks are exploiting vulnerabilities in Microsoft Outlook and other applications to secretly plant malicious software on the targeted user's machine. The malicious software can be used to gain access to other network resources, allowing hostiles to extract proprietary data that can be extremely damaging. Malicious payloads can also lie dormant ("zombies"), to be activated in a manner that disrupts network operations...

I am preparing a presentation on phishing, for my computer law class. I will have them create a hyperlink that apparently goes to a "real" site (e.g. www.realsite.com), but actually goes to a second site (e.g. www.fakesite.com). Question: am I correct that there's a way that www.fakesite.com can "mask" its own URL, and tell the browser instead (falsely) that it's at the "real" site? Is there html that does it? I'd like to be able to explain that concept and how it's done, and appreciate any help. Thanks.

LOS ANGELES - A man faces a sentence of up to 101 years in federal prison after being the first person in the U.S. convicted under a federal anti-spam law, authorities said. Jeffrey Brett Goodin, 45, of Azusa, was found guilty Friday of running a "phishing" scheme that tricked people into believing they were giving personal information to a legitimate business. Prosecutors said Goodin then used the information to go on a spending spree. Goodin is the first person in the nation convicted under the 2003 CAN-SPAM Act, the U.S. attorney's office said. The law forbids e-mail marketers from sending...

Why PHP apps accounted for 43% of security issues in 2006PHP has become the most popular application language on the web, but common security mistakes by developers are giving PHP a bad name. Here's how PHP coding errors have become the new low-hanging fruit for attackers, contributing to the phishing problems on the web. PHP became one of my favorite languages because of how quickly one can write a highly functional, standards-based web application with a database back-end. Unfortunately, attackers are taking these applications down even faster than they appear. I'm sure I'll receive my share of flames under this...

Exploit Prevention Labs in Atlanta, GA reported in September that company researchers have discovered a scam in which e-cards are used to install keylogger software on the victim’s computer. The scam, which was executed by an Australian cyber criminal ring and is known as MDAC, involves sending to the user an e-card that appears to originate from a major online greeting card service. When the user clicks on the hyperlink to open the card, the browser is redirected to a exploit server, which checks to see if the computer has been updated with the latest security patches. If it hasn’t,...

Google Apologizes in an Update: (Nov. 10,2006) Staffers mistakenly e-mail the virus to subscribers of the Video Blog mailing list. Google accidentally sent out e-mail containing a mass mailing worm to about 50,000 members of an e-mail discussion list focused on its Google Video Blog, the company said Tuesday. "On Tuesday evening, three posts were made to the Google Video Blog-group that should not have been posted," Google said in a statement, posted late Tuesday night. "Some of these posts may have contained a virus called W32/Kapser.A@mm -- a mass mailing worm. If you think you have downloaded this virus...

A Look at the Shadowy World of Pretexting BY J. SCOTT ORR WASHINGTON -- Want to shop where actress Calista Flockhart shops? Want to know what kind of vehicle Mick Jagger leased? Want to know what board member is leaking company information to the press? Ask a pretexter. To its practitioners, pretexting is an abstract discipline without boundaries or rules. It relies on cunning, creativity and expertise, like a safecracker skillfully unlocking a vault of personal information on just about anybody.The art of pretexting leapt into the spotlight when it was revealed that investigators working to plug news leaks at...

Bot Networks What could you do if you controlled a network of thousands of computers -- or, at least, could use the spare processor cycles on those machines? You could perform massively parallel computations: model nuclear explosions or global weather patterns, factor large numbers or find Mersenne primes, or break cryptographic problems. All of these are legitimate applications. And you can visit distributed.net and download software that allows you to donate your spare computer cycles to some of these projects. (You can help search for Optimal Golomb Rulers -- even if you have no idea what they are.) You've got...

Computer-based fraudsters are finding new ways to trick people -- not technology -- to get the information they seek "Lawsuit against you," reads the subject line in an e-mail that hit thousands of in-boxes around the world last month. In flawless legalese, the message warns recipients that they recently sent an unsolicited fax to the sender's office. Citing U.S. civil code, its prohibition on sending junk faxes, and an actual $11 million settlement by restaurant chain Hooters, the missive threatens a lawsuit over the alleged junk fax. "If you do not pay me $500 by the deadline for payment, I...

Multiple security organizations warned Tuesday that Internet Explorer, Firefox, Mozilla, and SeaMonkey -- on Windows, Linux, and the Mac -- are vulnerable to a JavaScript bug that could allow a determined attacker to dupe users into giving up sensitive personal information such as credit card or bank account numbers and passwords. According to Symantec, which issued an alert late afternoon Tuesday, all versions of the Microsoft and Mozilla browsers could be used to harvest data through a JavaScript key-filtering vulnerability. "This issue is triggered by utilizing JavaScript 'OnKeyDown' events to capture and duplicate keystrokes from users," went the Symantec warning....

With its easy sharing of jokes, gossip, photos and videos within a virtual community of young people, the Web site MySpace.com has rocketed to second place in worldwide popularity, with an estimated 78 million users. But the site also has brought concerns about teens meeting strangers online. And now there's a new worry: a "phishing" scam that experts say could compromise teens' -- or their parents' -- financial information. As with other phishing scams, in which con artists create realistic-looking Web sites using the names of well-known banks or other corporations, the MySpace scam tricks people into going to a...

CHICAGO, May 1 (UPI) -- Computer-security professionals at the weekend were working on what is being described as a just-emerging IT problem -- the kind which, if the pros are correct, potentially could imperil all e-commerce across the globe. Hackers have apparently compromised the computer server of a Russian bank and set up a fake subsite to "phish" for credit-card information and other personal financial details, experts tell UPI's Networking. This is a new kind of phishing scam, as computer criminals usually set up sites that simply look and feel similar to the site they are attacking. But in this...

In a new twist on phishing, fraudsters are sending out e-mail that attempt to trick people into sharing personal information over the phone. Cloudmark, a San Francisco-based e-mail security company, said it has seen two separate attacks this week. In both cases, the spammed message warns of a problem with a bank account and instructs the recipient to dial a phone number to resolve it, the company said in a statement published Wednesday....

Computer-based fraudsters are becoming ever-more sophisticated, using elegant tricks rather than technology to get at your money. "Lawsuit against you," reads the subject line in an e-mail that hit thousands of inboxes around the world last month. In flawless legalese, the message warns recipients that they recently sent an unsolicited fax to the sender's office. Citing U.S. civil code, its prohibition on sending junk faxes, and an actual $11-million settlement by restaurant chain Hooters, the missive threatens a lawsuit over the alleged junk fax.

WASHINGTON, March 20, 2006 – Participants, as well as some non-participants, in the Thrift Savings Plan are targets of a "phishing" scam, an official with the board administering the program said today. Tom Trabucco, director of external affairs for the Federal Retirement Thrift Investment Board, said phishing is an "attempt to get recipients of the unsolicited e-mail to compromise themselves by giving up their personal financial information." Thrift Savings Plan administrators would never request personal or financial information via e-mail, Trabucco said. "Do not respond to unsolicited e-mail, and never give out information of a personal nature (through) unsolicited e-mails,"...

China Construction Bank may not know that a security vulnerability on its server has been exploited Criminals appear to have hacked a Chinese bank's server and are using it to host phishing sites to steal personal data from customers of eBay Inc. and a major U.S. bank., according to Internet services company Netcraft Ltd. It may be the first scheme that uses one bank's infrastructure to exploit another bank, said Paul Mutton, an Internet services developer for Netcraft, based in Bath, England. A user of Netcraft's free phishing toolbar reported receiving a suspicious e-mail, Mutton said. The e-mail led to...

Firefox to get phishing shield By Joris Evers Staff Writer, CNET News.com Published: March 8, 2006, 2:21 PM PST An upcoming version of Firefox will include protection against phishing scams, using technology that might come from Google. The phishing shield is a key new security feature planned for Firefox 2, slated for release in the third quarter of this year, Mozilla's Mike Shaver said in an interview Tuesday. "Everybody understands that phishing is a significant problem on the Web," said Shaver, a technology strategist at the company, which oversees Firefox development. "We are putting antiphishing into Firefox, and Google is...

AOL filed three civil lawsuits yesterday against "several major phishing gangs". The lawsuits are the first by a major ISP to cite Virginia's anti-phishing statute, the first in the US, adopted in July 2005. The suits also cite applicable Federal laws, including the Lanham (Trademark) Act, and the Computer Fraud & Abuse Act. AOL is seeking total damages of $18m in the series of lawsuits which allege that the phishing gangs victimised AOL and CompuServe members through emails that attempted to drive them to bogus websites. The three lawsuits, filed in the US Court for the Eastern District of Virginia,...

A recently revealed image rendering vulnerability related to Windows Meta Files made it easier for phishers to spread software designed for a criminal enterprise, such as identity theft. The number of sites distributing "crimeware" or software engineered for criminal activity like identity theft or information fraud nearly doubled in December, rising from 4,630 in November to 7,197 the following month, according to a report issued Tuesday, February 14 by the AntiPhishing Working Group (APWG). APWG Chairperson David Jevans said, "The speed, precision and massive scale by which the phishers were able to identify and exploit this vulnerability for criminal enterprise...

In the midst of all the hypocritical and self-righteous talk about the fact that the National Security Agency actually listens to calls from known or suspected terrorists talking to someone in the United States or vice versa, is the fact that every single American is under surveillance these days. It begins with the Social Security number that is issued to newborn infants!

I received an email from ebay titled "A26 TKO NOTICE Restored Account" that states that someone has hacked my ebay account and is using it to swindle other people. It urged me to go to my account and change my password, the go to "Securing my account." So I tried to, but my ebay account password has been changed by the hacker. WTF do I do? I have no way to contact ebay. Is there a phone number I can call them with? This really sucks. If it can happen to me it can happen to anyone. Help!

Indiana Senator Richard Lugar says he supports congressional hearings to look into President Bush's contention that he had constitutional and congressional authority to authorize domestic wiretaps without a court order. Lugar was among four senators who said Sunday that hearings are called for to investigate the president's domestic spying order, which was issued after the September 11th attacks. Lugar, who is chairman of the Foreign Relations Committee, says Congress made many concessions in the first few weeks after the 2001 terror attacks because the nation was under attack. The Indiana Republican says Congress now needs to look into the president's...

I have received two email today asking me to login into my paypal account and verify my info. Seeing as Pay-Pal has the worst customer support on the planet I decided to share this with everybody. This first emailer messed up and gave me his actual e-mail address, or at least its not his spoofed email. To: aft_lizard01@yahoo.com Subject: Your Account Access Has Been Compromised Message-ID: <1134799105.41926.qmail@paypal.com> From: "service@paypal.com"<service@paypal.com> Content-Type: text/html <br> <br> &nbsp;&nbsp;Dear PayPal Member,<br> &nbsp;&nbsp;<br> &nbsp;&nbsp;Our systems detected your user ID being used in Europe.<br> &nbsp;&nbsp;At the moment we are trying to trace and resolve the provenience of...

Google Inc. is testing a Firefox extension that displays blogger comments on the Web page being viewed. The Blogger Web Comments for Firefox, released in beta this week, shows a display panel on the bottom right of the browser that lists bloggers' comments. Clicking on an item launches a new tab for viewing the blog. For people subscribing to Google's blogging service, called Blogger, they can use an "add comment" link on the display panel to post their own comment on their blog. Google will automatically add to the blog a link to the page being viewed. The extension is...

Biting the hand that feeds IT Original URL: http://www.theregister.co.uk/2005/11/29/cybercrime/Cybercrime 'more lucrative' than drugs By John Leyden Published Tuesday 29th November 2005 12:18 GMT Global cybercrime turned over more money than drug trafficking last year, according to a US Treasury advisor. Valerie McNiven, an advisor to the US government on cybercrime, claimed1 that corporate espionage, child pornography, stock manipulation, phishing fraud and copyright offences cause more financial harm than the trade in illegal narcotics such as heroin and cocaine."Last year was the first year that proceeds from cybercrime were greater than proceeds from the sale of illegal drugs, and that was,...

Just received the following message in my email and am posting it as a warning for those who might have PayPal, I don't and am assuming that this is some sort of scam: PayPal Dear Paypal valued member, Due to concerns, for the safety and integrity of the paypal account we have issued this warning message. It has come to our attention that your account information needs to be updated due to inactive members, frauds and spoof reports. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any...