Monthly Archives: October 2009

Lazy Phishers Just Email the Phishing Web Page to You, Now

October 26, 2009 – 7:44 pm

By Andrew Brandt It was a particularly busy weekend for spammers, especially the creepy, evil ones who are trying to steal information (as opposed to the merely scungy pill vendors and their ilk). Webroot’s Threat Research team has recently seen a glut of phishing messages which, like most, purport to come from banks and ask you to update [...]

By mguthrie09 | Posted in Phishing Trojans, social engineering, Stupid malware tricks, Threat Research | Tags: , , , , , , , , , , , , , , | Comments (9)

Outlook “Patch” Spam Leads to Keyloggers

October 21, 2009 – 1:25 pm

By Andrew Brandt Hot on the heels of the spam campaigns involving emails which purport to come from the IRS, HMRC, and from your IT department comes another round of fake “notification” spam emails — this time, warning users to download and install a patch for the Outlook and Outlook Express email clients. Like the [...]

By mguthrie09 | Posted in Keyloggers, social engineering, Stupid malware tricks, Threat Research | Tags: , , , , , | Comments (13)

Spammers Use Bing to Bypass Filters, Spam Bad Links

October 19, 2009 – 4:12 pm

By Andrew Brandt Word came down from our Threat Research team this morning about a new spam campaign that uses upstart Bing search engine’s own redirection mechanism to bypass spam filters and send undesirable links over email. On top of that, the spammers are also abusing MySpace’s lnk.ms link shrinking system to further obfuscate the destination [...]

By mguthrie09 | Posted in social engineering, Stupid malware tricks, Threat Research | Tags: , , , | Comments (12)

Trojan Uses Commercial Firewall to Block AV Updates

October 16, 2009 – 12:01 am

By Andrew Brandt Purveyors of rogue security products continue to bulk up their arsenal of stupid tricks, all of which are designed to induce either fear or frustration in victims. Increasingly, certain distributions of rogue antivirus include a payload that blocks the infected computer from receiving antivirus updates. That part isn’t new; Many Trojan installers [...]

By mguthrie09 | Posted in Rogue Security Products, Stupid malware tricks, Threat Research | Tags: , , , , , , | Comments (1)

IRS Tax “Warning” Fraud Crosses the Pond, Targets the UK

October 14, 2009 – 12:01 am

By Andrew Brandt For several months, we’ve been seeing spam and phishing Web sites which purport to be IRS notifications of delinquent non-payment of income taxes. Who can blame the fraudsters — almost no three letter agency of the US government inspires more dread and fear than good old Internal Revenue. In the UK, the [...]

By mguthrie09 | Posted in Keyloggers, Phishing Trojans, social engineering, Stupid malware tricks, Threat Research | Tags: , , , , | Comments (16)

Postmortem Michael Jackson Track Dredges Rogues

October 12, 2009 – 10:47 am

By Andrew Brandt As we’ve discussed so many times in the past, search terms that include the names of celebrities make good targets for malware authors, and search terms that include the name of dead celebrities make great targets for malware authors. Now there’s a new corollary to this postulate: Search terms that include the [...]

By mguthrie09 | Posted in Blackhat SEO, Downloaders, Rogue Security Products, social engineering, Stupid malware tricks | Tags: , , , , | Comments (4)

Shields Up During National Cyber Security Awareness Month

October 8, 2009 – 2:44 pm

By Mike Kronenberg Be suspicious. About email swindles, bogus security products and online scams. I’m not kidding around. You need to pay attention and be diligent, because cyberthreats are lurking everywhere. What got me thinking about this was President Obama’s proclamation of October as National Cyber Security Awareness Month. He said that all users — [...]

By Mike | Posted in Passwords, Phishing Trojans, social engineering, Stupid malware tricks | Tags: | Leave a Comment

No Search is Sacred: Fakealerts Flood the Net

October 7, 2009 – 11:52 am

By Andrew Brandt Search engines appear to be no longer in control of the search results they display at any given moment. That’s bad news not only for the search giants, but for anyone who relies on their results. How can that be? After all, it’s the search engines’ own servers that are supposed to [...]

By mguthrie09 | Posted in Blackhat SEO, Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Tags: , , , , | Comments (10)

Trojan Decodes Captchas Using Stolen Commercial Tools

October 2, 2009 – 12:38 pm

By Andrew Brandt A new Trojan quietly circulating in the wild uses components from a commercial optical character recognition (OCR) application to decode captchas, those jumbled-text images meant to help a website discern human activity from automated bots. The OCR-using captcha breaking tool is just one component of the Trojan. Its main purpose appears to [...]

By mguthrie09 | Posted in adware, Keyloggers, Phishing Trojans, Stupid malware tricks, Threat Research | Tags: , , , , , , , , | Comments (4)
Follow

Get every new post delivered to your Inbox.

Join 515 other followers