Feeds

Articles about phishing

Phishing miscreants THWART securo-sleuths with AES-256 crypto

Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools are commonly used but Symantec recently caught what it reckons is the first use of AES-256 encryption in dodgy …
John Leyden, 09 Sep 2014

Rejoice, Blighty! UK is the TOP of the WHOLE WORLD ... for PHISHING

British punters are being served three times as many phishing links to trojans and exploit kits than the US, and five times more than the Germans, according to a ProofPoint study. The security researchers say that while the English were being served more malicious links, Germans were hit with the greatest amount of unsolicited …
Darren Pauli, 16 Sep 2014

Bargain basement iPhone shoppers BEWARE! eBay exposes users to phishing vuln

eBay bans the use of cross-site scripting on the online tat bazaar because it can open up the site's users to nasty phishing vulnerabilities. And yet, according to the BBC, some auction listings have been exposed to the exploit since February this year. Some users hunting for old iPhones could have been caught up in the security …
Team Register, 21 Sep 2014

EA games web server was hosting PHISHING SITE – securobod

An Electronic Arts server was hacked and used to host a phishing site targeting Apple ID holders, according to internet security firm Netcraft. The site has since been pulled down and EA has told various news sites that it is "investigating" the report. Netcraft security expert Paul Mutton posted on the company's blog that the …

Hacker breaks into ThrustVPS, launches phishing attack from firm's own servers

Virtual private server firm ThrustVPS has taken the unusual step of admitting it had suffered a phishing attack. Rather than taking the time-honoured solution of just pretending nothing had happened and correcting the issue on the sly, the VPS provider sent an email to customers 'fessing up to the attack. "The phishing attack …
Team Register, 21 Jan 2014

Pre-election phishing spike blasts Iranian Gmail accounts

Google has spotted a massive spike in what it believes to be politically-motivated phishing attacks originating from Iran and targeting tens of thousands of web users ahead of Friday’s presidential elections. The Chocolate Factory has spotted several campaigns over the past three weeks, all coming from inside the Islamic …
Phil Muncaster, 13 Jun 2013
The Register breaking news

New class of industrial-scale super-phishing emails threatens biz

Security watchers are warning of a surge of highly convincing spear-phishing emails sent in bulk. More than one in 10 recipients of these so-called longlining* messages click on links to compromised websites because the phishing email look utterly plausible, according to cloud-based security services firm Proofpoint. The …
John Leyden, 04 Mar 2013
The Register breaking news

Cybercrooks send in Bouncer to guide marks to phishing sites

Cybercrooks have begun bundling whitelisting technology with phishing kits in a bid to restrict access to phishing sites to only their intended victims. The tactic of blacklisting IP addresses associated with security firms from accessing banking fraud sites has been in play for at least a few months now, but a new phishing …
John Leyden, 18 Jan 2013

Welcome the world's new Most Phished Country: Australia

Move over Brazil: Australia has become the most phished country on Earth, accounting for a quarter of all targeted malicious emails sent globally. Down Under has worked hard at the title, according to Kasperksy, more than doubling its share of phishing attacks received. This despite that a mere 23 million people inhabit the …
Darren Pauli, 26 Sep 2014
The Register breaking news

Twitter adds email security to help block phishing attempts

Following a recent spate of incidents in which high-profile accounts have been compromised by hackers, Twitter has implemented a security protocol designed to make it harder for fraudsters to send out emails that appear to come from Twitter.com addresses. "We send out lots of emails every day to our users letting them know what' …
Neil McAllister, 21 Feb 2013

Phishing up, malware down, says Google

Google has revealed a new analysis of five years’ worth of data gathered by its Safe Browsing service. The analysis, as any discussion of online security seems obliged to, includes lots of Scary Big NumbersTM, such as the 9500 malware-infected sites the Chocolate Factory says it finds every day or the 12-14 million warnings it …
Simon Sharwood, 20 Jun 2012

EFF claims Vietnam targeted its staff with spear phishing attack

Advocacy group the Electronic Frontier Foundation (EFF) has warned of an uptick in targeted malware attacks by “state-aligned actors” in Vietnam against foreign activists and journalists. In a blog post this week the group complained of a new campaign targeting its own staff – the first of its kind. A suspicious looking email …
Phil Muncaster, 21 Jan 2014
The Register breaking news

Self-pwned: Black Hat says soz for phishing attack scare

Organisers of the annual Black Hat conference have apologised after an estimated 7,500 conference delegates received a suspicious email yesterday resembling a phishing attack. The dodgy email, informing entrants of a supposed password reset, was sent out after a volunteer with ITN International, the third-party firm handling on- …
John Leyden, 23 Jul 2012

Something smells PHISHY: It's the celeb nudie iCloud PERV trap...

Consumers are being warned to be on their guard against phishers' fake Apple emails and texts designed to exploit the publicity about this week's nude celeb picture flap. In addition to scam emails designed to trick gullible recipients into logging into phishing sites, Symantec warns of a likely upsurge in fraudulent text …
John Leyden, 04 Sep 2014
usb nuclear button hub

Nuke regulator hacked three times in three years

The US Nuclear Regulator Commission (NRC) has been hacked three times in as many years, according to documents obtained under freedom of information requests. Unnamed foreign hackers sent hundreds of phishing emails - targeting 215 staff in one incident alone - in what was dubbed a 'credential harvesting campaign', according to …
Darren Pauli, 19 Aug 2014

Queensland Police warn of tax refund phishing

Queensland Police are warning residents of the Sunshine State about a new phishing scam that sees emails arrive in Australian Taxation Office (ATO) livery, complete with promise of a refund. Such emails are, we imagine here in El RegM’s antipodean eyrie, probably the only email one really wants to open from the ATO. Queensland …
Simon Sharwood, 25 May 2012
The Register breaking news

Six cuffed in £1m student readies phishing probe

Scotland Yard's cybercrime crackdown squad has cuffed suspected crims accused of masterminding a phishing scam that netted more than £1m in cash from hundreds of unsuspecting students. The Met's Police Central e-Crime Unit (PCeU) began an investigation in August after a tip-off that students signed up to a government loan scheme …
Paul Kunert, 09 Dec 2011
The Register breaking news

Google rolls out phishing URL alerts for admins

Google has rolled out a service that alerts administrators when the sites on their networks contain links used in phishing attacks. The Phishing URL notifications are being added to the Safe Browsing Alerts for Network Administrators, which Google rolled out in September. It sends email to admins of autonomous systems when …
Dan Goodin, 15 Oct 2010
Bitcoins

Brainboxes caught opening Bitcoin fraud emails. Seriously, guys?

Cybercrooks have launched a phishing campaign targeting Bitcoin users – and it's enjoying high response rates despite the seemingly random spraying of corporate email addresses with the spam-based scam. Security-as-a-service provider Proofpoint has detected 12,000 messages sent in two separate waves to more than 400 …
John Leyden, 22 Aug 2014
The Register breaking news

Websense boosts defenses against spear-phishing, data theft

Websense has added a slew of new defenses with the launched of Triton v7.7, which it says are designed to prevent the advanced data-theft attacks that have emerged as spear-phishing becomes more sophisticated. Of particular interest to security managers will be a focus on detecting the more patient attacks (in industry parlance …
The Register breaking news

Twitter 'Stalker app' just a phishing scam

A "Stalkers app" doing the rounds on Twitter is actually a phishing scam, security watchers warn. The Stalkers app, which purports to be officially sanctioned and to track people who are "stalking your Twitter", is promoted via messages linking to the application, which does nothing except coax victims into handing over their …
John Leyden, 12 Aug 2011
Syrian Electronic Army threat tweet

SEA hacks Reuters website widget DESPITE 2FA security

Hacktivists with the Syrian Electronic Army have hit news agency Reuters again. Surfers intending to catch up with the latest news were briefly redirected to a page run by the Syrian Electronic Army. The page (screenshot via HotforSecurity here) berated Western media reports about the conflict in Syria. The SEA has previous …
John Leyden, 24 Jun 2014

Google's URL-hiding 'origin chip' is 'backburnered'

Google has “backburnered” a controversial feature that would have hidden full details of web addresses from Chrome users. The feature was called “origin chip” and, as we explained a few weeks back it removed all the characters beyond the top-level-domain from Chrome's Omnibox, as you can see below. The ad-slinger's rationale …
Simon Sharwood, 11 Jun 2014

Poison PDF pusher released to public

Attacking enterprises just got easier with the development of an idiot-friendly tool that spits out booby-trapped PDFs with a few clicks. The tool weaves existing exploits into PDFs, allowing attacks against Adobe Reader and Acrobat versions 8.x prior to 8.2.1 and 9.x before 9.3.1. Users can insert their own URL pointers into …
Darren Pauli, 12 Jun 2014
Puss considers how to respond to PayPal marketing overtures

Average chump in 'bank' phone scam is STUNG for £10,000 - study

UK consumers have lost more than £21m to "social engineering" scams where fraudsters impersonated bank employees and tech support since the beginning of the year, according to GetSafeOnline. A range of tactics including phishing emails, fraudulent phone calls asking for personal or financial information or phone calls from …
John Leyden, 26 Jun 2014
Chrome Canary

You'll hate Google's experimental Chrome UI, but so will phishers

Phishers might have a tougher time hooking victims if a new feature introduced into the experimental strain of Google's Chrome browser makes it into a future full release. The "origin-chip" feature cleans up Chrome's omnibox – or address bar – by removing lengthy URLs and replacing them with just the domain name shorn of "http …
Darren Pauli, 05 May 2014
Money image

Hackers steal trade secrets from major US hedge firm

Criminals have successfully attacked a hedge fund, delaying trades and stealing profitable secrets in a rare direct raid on the financial services sector, according to BAE Systems Applied Intelligence. The clever hack cost the unnamed US-based hedge fund millions of dollars over two months, the firm alleges. Attackers apparently …
Darren Pauli, 23 Jun 2014

Something's phishy: More holiday scam spam flung at real hotel customers

Multiple customers at several hotels are getting hit up with a sophisticated phishing scam based on real hotel bookings. The latter all share the common factor of being made through Booking.com. Last week we reported how the wife of a Reg reader received a scam email after booking a family holiday in a hotel in Mallorca, Spain …
John Leyden, 18 Aug 2014
The Register breaking news

Finnish police close case on phishing Trojan gang

Finnish police closed on investigation on Tuesday after arresting 17 people suspected of involvement in a banking Trojan scam used to siphon off hundreds of thousands of euros held in accounts with Nordea Bank. The alleged perpetrators, from Estonia and Finland, attempted to steal €1.2m through a series of over 100 false …
John Leyden, 10 May 2011
The Register breaking news

Norton blocks Facebook as 'phishing site'

Symantec has withdrawn an update to its Norton consumer security software that branded Facebook a phishing site on Wednesday. The snafu meant that users of Norton Internet Security were blocked from accessing the social networking site and were told a "fraudulent web page" had been blocked, as illustrated in a discussion thread …
John Leyden, 14 Oct 2011
The Register breaking news

Scareware scammers now phishing for punters

Scareware scammers are targeting credit card users with a new run of spam emails falsely warning recipients that their plastic has been blocked. The fraudulent emails, which resemble those more commonly seen in phishing or banking Trojan attacks, are fairly detailed and attempt to trick prospective marks into opening an attached …
John Leyden, 02 Aug 2011
Remy from Ratatouille

Another RAT crawls out of the malware drain

Yet another banking trojan has appeared, using browser hooking to steal data from Internet Explorer, Chrome and Firefox users. Dyreza, or Dyre, is pitched the usual way, via a phishing e-mail (a lesson that's never learned well enough for the approach to fail), and the e-mail contains what purports to be a zipped document that …
The Register breaking news

Free and subdomain hosting lets phishing sites live longer

A growing numbers of phishers are using free domains and subdomain to register net fraud sites, a move that seem to have allowed phishing sites to stay online longer. Official figures from the Anti-Phishing Working Group (APWG) records that around 11 percent of all phishing attacks took advantage of either the free .TK domain …
John Leyden, 27 Apr 2011

British Gas Twitter account hijacked by mystery phishermen

An official British Gas Twitter account was hacked over the weekend as part of a phishing scam designed to harvest Twitter login credentials. The account @BritishGasHelp, which is normally geared towards helping people with boiler breakdowns and other queries, was taken over to push a series of ostensibly jokey tweets. The …
John Leyden, 23 Jun 2014
Malaysia Airlines Boeing 777 9M-MRO

Chinese hackers spied on investigators of Flight MH370 - report

Malaysian officials investigating the disappearance of flight MH370 have been targeted in a hacking attack that resulted in the theft of classified material. The malware-based hacking attack hit around 30 PCs assigned to officials in the Malaysia Airlines, the Civil Aviation Department and the National Security Council, a …
John Leyden, 21 Aug 2014
chalk outline of  human body at crime scene

Hi-tech Fagin couple used Apple scam cash to fly pickpockets to UK

A pair of phishing fraudsters each received long jail terms after they were convicted of making £15,000 through online scams before using the funds to finance the travel of other crooks into the UK. Constanta Agrigoroaie, 23, and Radu Savoae, 28, both of Mornington Avenue, Ilford, both pleaded guilty to conspiracy to commit …
John Leyden, 18 Jul 2014
internet explorer 8

Redmond slow to fix IE 8 zero day, says 'harden up' while U wait

Microsoft has decided not to rush out a fix for an IE 8 zero-day first identified seven months ago, instead telling users to harden up their browsers. The vulnerability allowed attackers to execute arbitrary code on computers running the older Internet Explorer version 8 through drive-by and phishing attacks. Details were made …
Darren Pauli, 22 May 2014
The Register breaking news

Money mules are REAL victims of phishing, says Microsoft iconoclast

Microsoft has somewhat controversially claimed that money mules are the ultimate victims of phishing emails, rather than the consumers or banks that cyber-crooks target in online banking scams. Mules act as middlemen who receive funds from compromised bank accounts before sending the bulk of the cash overseas to the organisers …
John Leyden, 30 Mar 2012
Malware

Attackers raid SWISS BANKS with DNS and malware bombs

Attackers suspected of residing in Russia are raiding Swiss bank accounts with a multi-faceted attack that intercepts SMS tokens and changes domain name system settings, researchers have warned. The attacks sported a clever implementation of malware that pointed victim machines to replica phishing bank sites when they attempt to …
Darren Pauli, 23 Jul 2014
The Register breaking news

'Freeware' phishing kit dupes s'kiddies

Skilled malware authors have duped less skilled cybercrooks into doing their dirty work with a new phishing kit. A "freeware" phishing kit posted onto hacker forums poses as a way to set up fraudulent websites pretending to be, for example, PayPal or webmail providers. Spam emails masquerading as security checks are then …
John Leyden, 23 Jul 2010
The Register breaking news

German finance ministry tags fraudsters’ phishing form

The German Ministry of Finance has applied some lateral thinking in order to warn potential victims of a new phishing campaign. Fraudulent tax refund emails doing the rounds in Germany seek to con marks into handing over sensitive information in order to claim a tax refund. The scam email uses images pulled from the genuine …
John Leyden, 11 May 2011
Rubbish bin

Webmin hole allows attackers to wipe servers clean

Holes in the Webmin Unix management tool - thankfully since patched - could allow attackers to delete data on servers, says security researcher John Gordon of the University of Texas. The remote root access server tool contained vulnerabilities in newly-created cron module environment variables that could erase data through …
Darren Pauli, 11 Sep 2014
Hacker baseball cap

Israel defence ministry, contractors phished by mystery attacker

Individuals in the Israeli Ministry of Defence are among the latest to fall victim to phishing attacks that gave attackers access to a number of the nation's government systems. According to UPI, Israeli security vendor Seculert believes as many as 15 machines were compromised earlier this month. The report quotes Seculert's …
Facebook privacy image

Ethicists say Facebook's experiments not SO creepy

The Ethical Research Project has weighed into the argument over the ethics of Facebook's “creepy” social contagion research, doing the unthinkable: actually asking ordinary punters how they feel about being lab rats. Interestingly, the study suggests that users might have not felt too badly about the Facebook work, if anyone had …

Major cyber attack hits Norwegian oil industry

More than 50 Norwegian oil and energy companies have been hacked by unknown attackers, according to government security authorities. A further 250 firms have been advised by the Norwegian government that they ought to check their networks and systems for evidence of a breach, The Local reports. State-owned Statoil, Norway's …
John Leyden, 27 Aug 2014

Google researcher says government hack attacks on journos on the rise

Most major news organisations are now the targets of state-sponsored attacks on their security, according to Google security researcher Shane Huntley. According to Reuters, Huntley told the Singapore Black Hat conference on March 28 that his research, conducted in partnership with Citizen Labs' Morgan Marquis-Boire, revealed …

Plusnet shunts blame for dodgy DNS traffic onto customers' routers

BT-owned telco Plusnet has blamed subscribers who use third-party routers for a rise in hostile DNS traffic that has been crashing its way through the ISP's system. The rebuff came after Sheffield-based Plusnet suffered a nasty outage last Tuesday relating to an unspecified "network error". A Reg reader claimed on Sunday, in …
Kelly Fiveash, 11 Mar 2014
The Register breaking news

HMRC warns (again) over tax refund phishing scams

UK taxpayers were officially warned on Friday to have nothing to do with supposed tax refund emails that have begun circulating since the deadline for self-assessment tax returns expired on Monday. The scam emails claim the recipients (prospective marks) are entitled to a tax refund, which can supposedly be claimed after handing …
John Leyden, 04 Feb 2011
The Register breaking news

China goes on attack over Google phishing claims

China has angrily denounced Google's claims that it has uncovered a sophisticated spear phishing attack on key US individuals which originated from the heavily firewalled country. Google said in a blog post that the campaign "affected what seem to be the personal Gmail accounts of hundreds of users including, among others, …
Joe Fay, 02 Jun 2011
portcullis

SIEMs like a good idea: How to manage security in real time

Register now for this webcast that explains how security information and event management (SIEM) can work, what it does, and how to fit it into your existing security environment. Watch this live event on today at 13:00 BST (8:00 EST) - if you can't make it, just sign up and we will email you when the recording is available. …
David Gordon, 29 Sep 2014