Feeds

Scareware scams switch to social network smut lures

One stop shops for info theft and scareware fraud

Security for virtualized datacentres

Scams which attempt to trick users into volunteering personal credentials in return for free pornography have moved over onto social networks.

More than nine out of ten (92 per cent) of such adult phishing scams recorded in January took place on social networking sites such as Facebook and Bebo, according to the latest monthly security report from Symantec. Once fraudsters have snaffled personal credentials, surfers are often redirected to sites punting scareware scams rather than smut.

Scareware scams more commonly rely on manipulating search engine results for search terms in the news, such as the death of an athlete practising for the luge event at the winter Olympics. These results are poisoned so that surfers looking for videos of this tragedy (as explained by Sophos here) are instead redirected to anti-virus scan scam portals, which warn of non-existent malware risks in a bid to trick users into buying worthless scamware.

Symantec's research suggests that searches for smut via social networks have been added to this more established black-hat SEO approach as a route to market (marks) for the scareware slingers.

Both the scam (from 2 to 4 per cent) and phishing categories (5 to 10 per cent) doubled as a percentage of all junk mail month-on-month from December 2009 to January 2010. 419-Nigerian spam made up 7 per cent of all spam, a new high.

Symantec's report also showed a high volume of Haiti Earthquake-related spam and phishing in January 2010, as unscrupulous fraudsters once again latched onto human tragedy as a route to personal enrichment. By contrast, the run up to Valentine's Day was accompanied by fewer scam and malware laced emails than in previous years.

Symantec also reported a 25 per cent decrease in the number of phishing attacks last month, primarily due to a decrease in the volume of attacks created using phishing toolkits. This is not necessarily good news, with both Symantec and Ironkey reporting that phishing attacks are becoming more targeted on attacking major brands.

A full copy of the report can be found here. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.