By Gerhard Eschelbeck
It’s been a busy year in Internet security — cybercriminals were crafty and creative while we security vendors worked hard to stay a step ahead. Let’s take a look back at the biggest security trends of 2009, and at predictions for what’s ahead in 2010.
2009 – The Year in Review
Conficker. Targeted at enterprise networks [...]
By Andrew Brandt
When you sign up for a credit card — even with one of those pre-approved applications — you still have to provide the bank with your name, address, mother’s maiden name, social security number, and a host of other personally identifiable information. Once the bank issues the card, it shouldn’t ever need to [...]
By Andrew Brandt
Coming on the heels of similar fraud schemes that targeted victims using the names of such familiar institutions as the FDIC, IRS, and HMRC, scammers are trying to get people to infect their own computer using a different organization’s name—one that is probably unfamiliar to most people. NACHA is a not-for-profit association that [...]
By Andrew Brandt
Yet another new phishing campaign targeting users of Facebook struck over the Halloween holiday weekend. After scammers began filling inboxes last week with bogus “Facebook update” attachments, this weekend we saw a different group at work. Employing URLs with random domain names registered under the .eu top-level domain, the campaign looks similar to messages [...]
By Andrew Brandt
It was a particularly busy weekend for spammers, especially the creepy, evil ones who are trying to steal information (as opposed to the merely scungy pill vendors and their ilk). Webroot’s Threat Research team has recently seen a glut of phishing messages which, like most, purport to come from banks and ask you to update your [...]
By Andrew Brandt
Hot on the heels of the spam campaigns involving emails which purport to come from the IRS, HMRC, and from your IT department comes another round of fake “notification” spam emails — this time, warning users to download and install a patch for the Outlook and Outlook Express email clients.
Like the previous rounds, [...]
By Andrew Brandt
Word came down from our Threat Research team this morning about a new spam campaign that uses upstart Bing search engine’s own redirection mechanism to bypass spam filters and send undesirable links over email. On top of that, the spammers are also abusing MySpace’s lnk.ms link shrinking system to further obfuscate the destination that [...]
By Andrew Brandt
Purveyors of rogue security products continue to bulk up their arsenal of stupid tricks, all of which are designed to induce either fear or frustration in victims. Increasingly, certain distributions of rogue antivirus include a payload that blocks the infected computer from receiving antivirus updates. That part isn’t new; Many Trojan installers drop [...]
By Andrew Brandt
For several months, we’ve been seeing spam and phishing Web sites which purport to be IRS notifications of delinquent non-payment of income taxes. Who can blame the fraudsters — almost no three letter agency of the US government inspires more dread and fear than good old Internal Revenue.
In the UK, the counterpart to [...]
By Andrew Brandt
Search engines appear to be no longer in control of the search results they display at any given moment. That’s bad news not only for the search giants, but for anyone who relies on their results.
How can that be? After all, it’s the search engines’ own servers that are supposed to deliver relevant [...]
