Articles about phishing

Most convincing PHISHING pages hoodwink nearly half of you – Google

Nearly half (45 per cent) of those who visit the most convincing phishing pages are tricked into handing over personal information, according to Google. This effectiveness drops to just three per cent in the case of the most obviously scummy phishing sites, while the online giant reports that the account hijackers work quickly, …
John Leyden, 11 Nov 2014

Phishing miscreants THWART securo-sleuths with AES-256 crypto

Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools are commonly used but Symantec recently caught what it reckons is the first use of AES-256 encryption in dodgy …
John Leyden, 09 Sep 2014
Lock security

Microsoft blunts hooks of nasty Internet Explorer phishing flaw

Microsoft is investigating an alleged vulnerability in its flagship Internet Explorer browser. The cross-site scripting hole disclosed Saturday by hacker David Leo includes functional proof of concept code, according to confirmed reports. Vulture South reported the flaw to Microsoft Friday and has been told it is working to …
Darren Pauli, 04 Feb 2015

Rejoice, Blighty! UK is the TOP of the WHOLE WORLD ... for PHISHING

British punters are being served three times as many phishing links to trojans and exploit kits than the US, and five times more than the Germans, according to a ProofPoint study. The security researchers say that while the English were being served more malicious links, Germans were hit with the greatest amount of unsolicited …
Darren Pauli, 16 Sep 2014

Bargain basement iPhone shoppers BEWARE! eBay exposes users to phishing vuln

eBay bans the use of cross-site scripting on the online tat bazaar because it can open up the site's users to nasty phishing vulnerabilities. And yet, according to the BBC, some auction listings have been exposed to the exploit since February this year. Some users hunting for old iPhones could have been caught up in the security …
Team Register, 21 Sep 2014

Crooks are using proxy servers to build more convincing phishing sites – new claim

Crooks using phishing pages to grab victims' passwords have apparently upped their game – by using proxy servers rather than static pages to craft legit-looking websites. Normally, thieves recreate a web page – such as a login page for an online shop or webmail – and stick it on a compromised server, then direct marks towards …
John Leyden, 07 Nov 2014

EA games web server was hosting PHISHING SITE – securobod

An Electronic Arts server was hacked and used to host a phishing site targeting Apple ID holders, according to internet security firm Netcraft. The site has since been pulled down and EA has told various news sites that it is "investigating" the report. Netcraft security expert Paul Mutton posted on the company's blog that the …

Hacker breaks into ThrustVPS, launches phishing attack from firm's own servers

Virtual private server firm ThrustVPS has taken the unusual step of admitting it had suffered a phishing attack. Rather than taking the time-honoured solution of just pretending nothing had happened and correcting the issue on the sly, the VPS provider sent an email to customers 'fessing up to the attack. "The phishing attack …
Team Register, 21 Jan 2014

Pre-election phishing spike blasts Iranian Gmail accounts

Google has spotted a massive spike in what it believes to be politically-motivated phishing attacks originating from Iran and targeting tens of thousands of web users ahead of Friday’s presidential elections. The Chocolate Factory has spotted several campaigns over the past three weeks, all coming from inside the Islamic …
Phil Muncaster, 13 Jun 2013
The Register breaking news

New class of industrial-scale super-phishing emails threatens biz

Security watchers are warning of a surge of highly convincing spear-phishing emails sent in bulk. More than one in 10 recipients of these so-called longlining* messages click on links to compromised websites because the phishing email look utterly plausible, according to cloud-based security services firm Proofpoint. The …
John Leyden, 04 Mar 2013

Don't be fooled! He's not from the IT crowd... he's a CYBERSPY – FireEye

Impersonating IT departments in spear-phishing attacks is becoming an increasingly popular tactic among hackers, particularly in cyber-espionage attacks. IT staff themed phishing emails comprised 78 per cent of observed phishing schemes picked up by FireEye in 2014, compared to just 44 per cent in 2013. The sixth annual FireEye …
John Leyden, 24 Feb 2015
The Register breaking news

Cybercrooks send in Bouncer to guide marks to phishing sites

Cybercrooks have begun bundling whitelisting technology with phishing kits in a bid to restrict access to phishing sites to only their intended victims. The tactic of blacklisting IP addresses associated with security firms from accessing banking fraud sites has been in play for at least a few months now, but a new phishing …
John Leyden, 18 Jan 2013

Phishing up, malware down, says Google

Google has revealed a new analysis of five years’ worth of data gathered by its Safe Browsing service. The analysis, as any discussion of online security seems obliged to, includes lots of Scary Big NumbersTM, such as the 9500 malware-infected sites the Chocolate Factory says it finds every day or the 12-14 million warnings it …
Simon Sharwood, 20 Jun 2012

Welcome the world's new Most Phished Country: Australia

Move over Brazil: Australia has become the most phished country on Earth, accounting for a quarter of all targeted malicious emails sent globally. Down Under has worked hard at the title, according to Kasperksy, more than doubling its share of phishing attacks received. This despite that a mere 23 million people inhabit the …
Darren Pauli, 26 Sep 2014

Chinese responsible for 85 per cent of website scams

Chinese internet users are behind 85 per cent of fake websites, according to a semi-annual report [PDF] from the Anti-Phishing Working Group (APWG). Of the 22,679 malicious domain registrations that the group reviewed, over 19,000 were registered to servers based in China. This is in addition to nearly 60,000 websites that were …
Kieren McCarthy, 10 Dec 2014
Paul Winchell and dummy

O2 notifies data cops 'for courtesy' ... AFTER El Reg intervenes in email phish dustup

O2 has denied that it's suffered a serious data breach after customers began receiving sophisticated phishing emails that appeared to have been sent by the mobile operator late last month. It was claimed by subscribers that the body of the email included their name, email address, and date of birth. The dodgy messages about VAT …
Kelly Fiveash, 04 Feb 2015
The Register breaking news

Twitter adds email security to help block phishing attempts

Following a recent spate of incidents in which high-profile accounts have been compromised by hackers, Twitter has implemented a security protocol designed to make it harder for fraudsters to send out emails that appear to come from Twitter.com addresses. "We send out lots of emails every day to our users letting them know what' …
Neil McAllister, 21 Feb 2013
Punk-styled girl with piercing gazes at an apple

Gullible Apple users targeted by bogus order cancellation scam

Cybercrooks are targeting Apple iCloud users with phishing messages designed to steal financial information. A new run of spam messages offer a slight twist on the popular ”bogus order" scam. Instead of simply telling you about a payment you're supposed to have made, prospective marks are invited to cancel a transaction already …
John Leyden, 13 Feb 2015

Received surprise new Redmond licenses? You might be pwned

Black hats are flinging supposedly free licenses at enterprises in a bid to get malware on corporate networks, security bod Martin Nystrom says. They wrote malware that was slightly neurotic in its bid to evade detection and would make use of the Tor network to receive stolen data. The Cisco threat defence man said realistic …
Darren Pauli, 10 Feb 2015

Aussie spooks warn of state-sponsored online attacks during G20

Australia's top spy agency has warned of 'real and persistent' threats to organisations, agencies and individuals linked to the G20 leaders conference in to be held down under next week. The advice issued by the Australian Signals Directorate (ASD) warns that large diplomatic and defence conferences attract attacks such as …
Darren Pauli, 07 Nov 2014
The Register breaking news

Self-pwned: Black Hat says soz for phishing attack scare

Black Hat conference Organisers of the annual Black Hat conference have apologised after an estimated 7,500 conference delegates received a suspicious email yesterday resembling a phishing attack. The dodgy email, informing entrants of a supposed password reset, was sent out after a volunteer with ITN International, the third-party firm handling on- …
John Leyden, 23 Jul 2012

EFF claims Vietnam targeted its staff with spear phishing attack

Advocacy group the Electronic Frontier Foundation (EFF) has warned of an uptick in targeted malware attacks by “state-aligned actors” in Vietnam against foreign activists and journalists. In a blog post this week the group complained of a new campaign targeting its own staff – the first of its kind. A suspicious looking email …
Phil Muncaster, 21 Jan 2014

Zero-day hacking group resorts to UNICORN SMUT-SLINGING

Sysadmins who have not yet patched their Windows boxes against the 18-year-old "unicorn-like" OLE bug disclosed last month could expect a deluge of spear phishing smut from a group once confined to lofty targeted zero-day attacks. The talented APT3 group was behind widespread zero-day attacks code-named Clandestine Fox earlier …
Darren Pauli, 26 Nov 2014

Queensland Police warn of tax refund phishing

Queensland Police are warning residents of the Sunshine State about a new phishing scam that sees emails arrive in Australian Taxation Office (ATO) livery, complete with promise of a refund. Such emails are, we imagine here in El RegM’s antipodean eyrie, probably the only email one really wants to open from the ATO. Queensland …
Simon Sharwood, 25 May 2012

Hackers pop German steel mill, wreck furnace

Talented hackers have caused "serious damage" after breaching a German steel mill and wrecking one of its blast furnaces. The hack of the unnamed mill, detailed in the annual report of the German Federal Office of Information Security, was pulled off after a victim fell for a phishing email. Hackers then pivoted to the …
Darren Pauli, 22 Dec 2014

Something smells PHISHY: It's the celeb nudie iCloud PERV trap...

Consumers are being warned to be on their guard against phishers' fake Apple emails and texts designed to exploit the publicity about this week's nude celeb picture flap. In addition to scam emails designed to trick gullible recipients into logging into phishing sites, Symantec warns of a likely upsurge in fraudulent text …
John Leyden, 04 Sep 2014

Snooker WPA secrets with this Wi-Fi tool

Crypto geek George Chatzisofroniou has published a WiFi social engineering tool used to steal credentials and credit cards from users of secure wireless networks. The administrator at the University of Greece developed the WiFiPhisher tool which sought out and then replicated WPA-protected networks, sans password. The tool, …
Darren Pauli, 05 Jan 2015

Fraudsters make bank as exec wires $17 MEELLION to China

Scammers have swindled commodities trader Scoular out of US$17.2 million (A$22.1 million, £11.3 million) in a targeted phishing exercise. Local news outlet Omaha.com reported the company controller at Scoular with the 800-seat company had followed instructions to wire a series of massive payments to a Chinese bank from emails …
Darren Pauli, 09 Feb 2015
usb nuclear button hub

Nuke regulator hacked three times in three years

The US Nuclear Regulator Commission (NRC) has been hacked three times in as many years, according to documents obtained under freedom of information requests. Unnamed foreign hackers sent hundreds of phishing emails - targeting 215 staff in one incident alone - in what was dubbed a 'credential harvesting campaign', according to …
Darren Pauli, 19 Aug 2014
The Register breaking news

Google rolls out phishing URL alerts for admins

Google has rolled out a service that alerts administrators when the sites on their networks contain links used in phishing attacks. The Phishing URL notifications are being added to the Safe Browsing Alerts for Network Administrators, which Google rolled out in September. It sends email to admins of autonomous systems when …
Dan Goodin, 15 Oct 2010

'Domain shadowing' hijacks registrar accounts to spawn attack sites

Fiends behind the world's most infamous exploit kit Angler are stealing login credentials to create tens of thousands of pop-up domains used in hit-and-run -style attacks. The new attacks are dubbed 'Domain Shadowing' and represent the latest evolution of online crime in which scores of web sites are set up to compromise victims …
Darren Pauli, 05 Mar 2015
The Register breaking news

Six cuffed in £1m student readies phishing probe

Scotland Yard's cybercrime crackdown squad has cuffed suspected crims accused of masterminding a phishing scam that netted more than £1m in cash from hundreds of unsuspecting students. The Met's Police Central e-Crime Unit (PCeU) began an investigation in August after a tip-off that students signed up to a government loan scheme …
Paul Kunert, 09 Dec 2011

UK's a very popular target for EMEA cyberspies – report

Malware attacks, especially in Europe, nearly doubled in the first half of 2014, according to a new report. Government, financial services, telecommunications and energy were the most targeted sectors – collectively making up more than half of attacks detected by security vendor FireEye. The UK (17 per cent) followed by Germany …
John Leyden, 17 Oct 2014

Silver-tongued phish bait lures execs, hooks M&A deals

A hacking group has been stealing identity information and reading emails to get the inside edge on stock markets to buy and sell to make quick profits. Vendor FireEye reckons the group sent articulate phishing emails with malicious attachments demonstrating "deep" knowledge of financial markets and corporate communications. In …
Darren Pauli, 02 Dec 2014
The Register breaking news

Twitter 'Stalker app' just a phishing scam

A "Stalkers app" doing the rounds on Twitter is actually a phishing scam, security watchers warn. The Stalkers app, which purports to be officially sanctioned and to track people who are "stalking your Twitter", is promoted via messages linking to the application, which does nothing except coax victims into handing over their …
John Leyden, 12 Aug 2011
The Register breaking news

Websense boosts defenses against spear-phishing, data theft

Websense has added a slew of new defenses with the launched of Triton v7.7, which it says are designed to prevent the advanced data-theft attacks that have emerged as spear-phishing becomes more sophisticated. Of particular interest to security managers will be a focus on detecting the more patient attacks (in industry parlance …
The standard USB 3 connector

Google puts Chrome credentials on USB drives for two-factor authentication

Google has announced support for a platform which will allow users to log into applications by pressing a button on a secured USB drive. The company announced that it will add support for the Security Key platform into Google applications on Chrome. The decision brings two-factor authentication to0 Google's apps. Security Key …
Shaun Nichols, 22 Oct 2014
The Register breaking news

Finnish police close case on phishing Trojan gang

Updated Finnish police closed on investigation on Tuesday after arresting 17 people suspected of involvement in a banking Trojan scam used to siphon off hundreds of thousands of euros held in accounts with Nordea Bank. The alleged perpetrators, from Estonia and Finland, attempted to steal €1.2m through a series of over 100 false …
John Leyden, 10 May 2011

Social sniffer predicts which Nigerian prince has the best chance of scamming you

Kiwi penetration tester Laura Bell has released a social engineering analysis tool to allow analysis of risky behaviour by punters. The platform dubbed "AVA" and billed as an "automated three-phase human vulnerability scanner" will soon be released as open source and made usable for both hackers using Kali Linux and less tech- …
Darren Pauli, 18 Dec 2014

Cryptowall's ransomware's tough layers peeled

Cryptowall's 2.0 incarnation is hidden in a tough shell crafted by developers paranoid about the security research community, technical analysis reveals. The ransomware has matured much since it emerged last year, encrypting victims' files and demanding money for the supply of a decryption key. It's superior design lead to …
Darren Pauli, 08 Jan 2015
The Register breaking news

Norton blocks Facebook as 'phishing site'

Symantec has withdrawn an update to its Norton consumer security software that branded Facebook a phishing site on Wednesday. The snafu meant that users of Norton Internet Security were blocked from accessing the social networking site and were told a "fraudulent web page" had been blocked, as illustrated in a discussion thread …
John Leyden, 14 Oct 2011
The Register breaking news

Free and subdomain hosting lets phishing sites live longer

A growing numbers of phishers are using free domains and subdomain to register net fraud sites, a move that seem to have allowed phishing sites to stay online longer. Official figures from the Anti-Phishing Working Group (APWG) records that around 11 percent of all phishing attacks took advantage of either the free .TK domain …
John Leyden, 27 Apr 2011
The Register breaking news

Scareware scammers now phishing for punters

Scareware scammers are targeting credit card users with a new run of spam emails falsely warning recipients that their plastic has been blocked. The fraudulent emails, which resemble those more commonly seen in phishing or banking Trojan attacks, are fairly detailed and attempt to trick prospective marks into opening an attached …
John Leyden, 02 Aug 2011
Bitcoins

Brainboxes caught opening Bitcoin fraud emails. Seriously, guys?

Cybercrooks have launched a phishing campaign targeting Bitcoin users – and it's enjoying high response rates despite the seemingly random spraying of corporate email addresses with the spam-based scam. Security-as-a-service provider Proofpoint has detected 12,000 messages sent in two separate waves to more than 400 …
John Leyden, 22 Aug 2014
Malware

Twitter 'news' spreads faster than Ebola #FakeCures #Malware

Updated Social media has become a conduit for the spread of fake cures and treatments for Ebola. As if that weren't bad enough, confusion about the epidemic is also being harnessed to push malware and other cybercrime scams, security watchers warn. The hoaxes began in the Twittersphere with the spread of false ways to treat Ebola. Late …
John Leyden, 20 Oct 2014
botnet

Europol shuts down darn RAMNIT botnet

Euro cybercrime cops have taken down the RAMNIT botnet, which has infected 3.2 million computers worldwide, including 33,000 in the UK. The National Crime Agency's cybercrime unit worked with cops in the Netherlands, Italy and Germany to shut down command-and-control servers used by the botnet. One of the servers was housed in …
Kat Hall, 25 Feb 2015

Security seals clobbered ahead of Black Friday bonanza

This Black Friday, beware the shop with the security seal: researchers have shown that issuers of common good webkeeping seals of approval sometimes miss basic flaws, happily certify phishing sites and inadvertently function as a hackers' black book of vulnerable sites. The research examined the effectiveness of the top 10 …
Darren Pauli, 26 Nov 2014

SoShabby GoDaddy flings patch at domain hijack hole

Domain goliaths GoDaddy has rushed to plug a vulnerability that allowed attackers to hijack registered sites. Pen tester Dylan Saccomanni dropped the Cross-Site Request Forgery (CSRF) bug on his blog after the company said there was no timeline for a fix. GoDaddy applied a fix less than 24 hours after the blog was published. " …
Darren Pauli, 21 Jan 2015
Uber - living the dream

Taxi app Uber plugs 'privacy-threatening' web security flaw

Updated A potentially nasty XSS vulnerability discovered on the website of controversial ride-sharing service Uber has been fixed, according to the security researcher who reported the bug. The cross-site scripting vulnerability put visitors at risk of being compromised via theft of cookies, personal details, authentication credentials …
John Leyden, 10 Dec 2014
Syrian Electronic Army threat tweet

SEA hacks Reuters website widget DESPITE 2FA security

Hacktivists with the Syrian Electronic Army have hit news agency Reuters again. Surfers intending to catch up with the latest news were briefly redirected to a page run by the Syrian Electronic Army. The page (screenshot via HotforSecurity here) berated Western media reports about the conflict in Syria. The SEA has previous …
John Leyden, 24 Jun 2014