Tag Archives: twitter

Twitter Phish Floods Network with Short URLs

Posted on by

By Andrew Brandt

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

All day, I’ve been getting reports from my Twitter-using friends and acquaintances that they’ve been receiving tweets of short URLs. I took a look and it looks like another phishing campaign aimed at users of the social network is underway. The short URLs, prefaced with the message “This you???” lead to a fake Twitter login page.

The fake login page is hosted on a domain that points to a server in China. Other domains that are currently hosted on that same server’s IP address, including bzpharma.net, have previously been implicated in earlier Twitter spam campaigns. The same domain appears to also be attempting to phish credentials to AOL’s Bebo social network, and has reportedly begun spamming users with fake pharma ads.

It appears a lot of people may get tripped up in the rush to see what the link is all about. After you type anything at all into the phishing version of the Twitter login form, your browser is redirected to a hastily created, empty blog page on Blogspot. Meanwhile, the tweets keep on coming.

Just a reminder to our Twitter fans: Please look at the address bar before you enter your Twitter credentials. As you can see from the screenshot above, it’s painfully obvious that this is not the legitimate twitter.com URL.

New Research: IT Pros Sound Off On 2010 Security Concerns

Posted on by

Research from the enterprise security experts at Webroot

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

With the explosion of social networking sites like Twitter and Facebook in 2009, it’s no surprise cybercriminals have set their sights on these Web sites for new victims. Facebook now has over 400 million active users and Twitter has over six million — a sizeable pool of potential targets.

These new threats are a cause of great concern for IT managers and businesses. Webroot recently surveyed over 800 IT professionals in the US, UK and Australia, at companies ranging from 100 to 500 people in size, to learn what are their biggest concerns for 2010. Eighty percent of those who responded anticipate Web 2.0-based malware threats will be among their biggest challenges, and 73% said these types of malware are much harder to manage than email-based threats.

Many IT admins reported they thought their organizations were sufficiently protected, but that wasn’t always the case: Significant numbers reported attacks from viruses (60%), spyware (57%), phishing attacks (47%), hacking attacks (35%), and SQL injections of their Web sites (32%). What’s more, because malicious hackers have a financial motive, individuals who possess sensitive business data are perfect targets. Increasingly, small and medium-sized businesses (SMBs) come under attack because they are less likely to have the multpile layers of protection that larger enterprises do.

Data breaches, when they happen, can be devastating to SMBs: According the the FBI, blended Web and email attacks led to approximately $100 million in attempted losses last year. SMBs can take precautions to make sure they aren’t a part of these staggering statistics. It is important to keep up with the latest threat vectors by using a security service with URL filtering, end user policy management and virus protection, and by making sure employees are educated on know to avoid threats in a growing landscape — especially when it comes to social media.

Webroot will address this topic in greater depth when our CTO Gerhard Eschelbeck delivers a Web security trend report at the RSA Conference 2010 Wednesday, March 3, at 4:30 p.m. PST in the Briefing Center on the Expo Hall floor. We’ll continue the conversation at Infosec Wednesday, April 28 at 3:20 p.m. GMT in Earls Court when Eschelbeck  presents Securing the Internet for a Web 2.0 Collaborative Culture.

wordpress blog stats

Friends, Followers, Fans: Be On Guard in 2010

Posted on by

By Mike Kronenberg

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Do you use a social networking site? Be prepared, because I predict in 2010 it’ll be a major target for cyber criminals. Among the threat experts here at Webroot, we’ve discussed the ROI opportunity that social networks present an enterprising hacker who strings together the personal information people choose to share on social networks, or who creates a program to infect PCs with one click of a malicious link.

I’ve also discussed the issue with my colleagues in the security industry. Each of us acknowledges that users of all kinds – be it individuals, public figures, nonprofits, or corporations – assume a certain level of risk when signing on to one. But we all agree social networks are pretty much essential in today’s networked society and economy.

Given that, I’d like to share my take on the top five reasons why social networks hold such great appeal for cybercriminals so you can begin thinking about how you’ll use them in 2010. Continue reading

Our Twitter Q&A with Threat Research Director Jeff Horne

Posted on by

By Jeff Horne

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

On December 11, 2009, users of Twitter submitted questions to Webroot’s Director of Threat Research, Jeff Horne, as part of a live Q&A session. Webroot’s Twitter followers asked questions about connecting safely to the Internet while traveling during the holidays. A variety of questions came in live, with some others through direct messages in advance, and one non-twitter user asked a question via Webroot’s Facebook page. The interview was tracked using the #webroot hashtag, which has been omitted from the tweets to make them easier to read. We’ve posted a transcript of the Q&A on the following page.

Continue reading

Koobface: Not Just for Facebook, Anymore

Posted on by

By Andrew Brandt

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

smalltweet_obsThe latest generation of Koobface targets its particularly effective brand of social engineering at more social networks than ever. As the worm has evolved, we’ve seen it grow to encompass a pantheon of services, targeting more than just the widely publicized Facebook, MySpace, and Twitter, but a host of other Web sites where people meet and (apparently) post links of funny videos for one another to watch.

To illustrate how pervasive the worm has become at propagation, we put together the video below. (And no, you don’t need to download some random codec to watch it, just Flash.) If you’ve got two minutes, check it out, but to get the best view, maximize the video window first (click the little “X” next to “vimeo” in the lower-right corner):

For our test, several members of Webroot’s Threat Research team created profiles on the social networks Koobface attempts to infiltrate, logged into those accounts on test computers, then executed the worm’s main installer application.

The worm checks to see which sites among the ones it targets that you’ve logged in to, and downloads specific payloads for each social networking site it targets. That makes sense: Each of those social networks has its own distinct user interface, which the payload targeting that site interacts with. But the sites all have one thing in common: They all permit members to send one another messages containing hotlinked URLs. And that’s what Koobface is best at: Propagating itself by sending links. Nothing surprised us more than finding that we could actually watch the worm interacting with the interface, filling in forms and clicking buttons, as we stared at the screen. Continue reading