Researchers have uncovered a new variant of the infamous Zeus Trojan. It’s called Chthonic, a reference to spirits and deities from the underworld in Greek mythology, and it’s targeting 150 banks and 20 payment systems in 15 countries.
Zeus, as its name suggests, is the king of banking malware. It first emerged in 2007 and has been wreaking havoc on online bank accounts ever since. In 2011, its developers threw in the towel and posted its source code for all to see. It may seem as though this would be the end for Zeus, but, in fact, the opposite is true.Read more
ICANN is investigating a recent intrusion into our systems. We believe a "spear phishing" attack was initiated in late November 2014. It involved email messages that were crafted to appear to come from our own domain being sent to members of our staff. The attack resulted in the compromise of the email credentials of several ICANN staff members.
The attacker obtained administrative access to all files in the CZDS. This included copies of the zone files in the system, as well as information entered by users such as name, postal address, email address, fax and telephone numbers, username, and password.Read more
A hacking group has been stealing identity information and reading emails to get the inside edge on stock markets to buy and sell to make quick profits. Vendor FireEye reckons the group sent articulate phishing emails with malicious attachments demonstrating "deep" knowledge of financial markets and corporate communications.
In one instance the attackers targeted five organisations involved in a then non-public merger, months before the deal was announced. In another, it used information gleaned from a hacked consultancy to better target that firm's clients. Malware researchers said the FIN4 group targeted a lot of firms.Read more
A survey by One Poll and Dimensional Research on holiday shopping security practices evaluated online cybersecurity awareness of consumers from the USA and United Kingdom, and revealed that a lot of people believe emails from “trusted brands” are safe to click, and some respondents anticipate doing at least part of their holiday shopping while at work.
Cybercriminals are very resourceful, and they know that the siren song of a good deal is almost always irresistible to bargain hunters. The number one reason to click is trust in a brand, which isn't good there are some very convincing phishing emails that look nearly identical to the real thing.Read more
Researchers have spotted a new technique used by phishers which could trick even more users into believing they are entering their information in a legitimate web form.
Instead of replicating as faithfully as possible a legitimate website, the attackers need only to set up a phishing page with a proxy program which will act as a relay to the legitimate site, and create a few fake pages for when users need to enter their personal and financial information. In the spotted attack, users are directed to the malicious site by clicking on a search result they got by entering a product's name. The attackers used a number of techniques to make the URL appear in the results.Read more
Phishing attacks are by far the most popular form of cybercrime in the 21st century. The media regularly reports lists of organizations whose customers fell victim to phishing attacks. Phishing scams increase in quality and quantity every day.
Whereas spam tends to be merely an annoying distraction, phishing frequently leads to real financial losses. If the threat is so real, why don’t people learn to avoid it? There are numerous reasons why phishing works so well, starting with the ability of the scammers to play mind tricks on victims, in order to lure them into trouble. Phishers can use tempting offers, like complimentary giveaways, in order to bait users.Read more
The well-known delivery services became popular among spammers. Spammers pretended to be such companies as DHL, FedEx, UPS and TNT. Hackers have more chances to achieve results, posing as well-known companies. A large amount of phishing emails were explored with the help of which attackers pretended to be famous international delivery service.
Making phishing attacks, spammers have two main goals: to get customer‘s information, both financial and personal data; or to infect the victim's PC with malware. If the download is succeed, such computers start spamming or become first step for organizing DDoS-attacks.Read more