Articles about phishing

Most convincing PHISHING pages hoodwink nearly half of you – Google

Nearly half (45 per cent) of those who visit the most convincing phishing pages are tricked into handing over personal information, according to Google. This effectiveness drops to just three per cent in the case of the most obviously scummy phishing sites, while the online giant reports that the account hijackers work quickly, …
John Leyden, 11 Nov 2014

Phishing miscreants THWART securo-sleuths with AES-256 crypto

Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools are commonly used but Symantec recently caught what it reckons is the first use of AES-256 encryption in dodgy …
John Leyden, 09 Sep 2014

Rejoice, Blighty! UK is the TOP of the WHOLE WORLD ... for PHISHING

British punters are being served three times as many phishing links to trojans and exploit kits than the US, and five times more than the Germans, according to a ProofPoint study. The security researchers say that while the English were being served more malicious links, Germans were hit with the greatest amount of unsolicited …
Darren Pauli, 16 Sep 2014

Bargain basement iPhone shoppers BEWARE! eBay exposes users to phishing vuln

eBay bans the use of cross-site scripting on the online tat bazaar because it can open up the site's users to nasty phishing vulnerabilities. And yet, according to the BBC, some auction listings have been exposed to the exploit since February this year. Some users hunting for old iPhones could have been caught up in the security …
Team Register, 21 Sep 2014

Crooks are using proxy servers to build more convincing phishing sites – new claim

Crooks using phishing pages to grab victims' passwords have apparently upped their game – by using proxy servers rather than static pages to craft legit-looking websites. Normally, thieves recreate a web page – such as a login page for an online shop or webmail – and stick it on a compromised server, then direct marks towards …
John Leyden, 07 Nov 2014

EA games web server was hosting PHISHING SITE – securobod

An Electronic Arts server was hacked and used to host a phishing site targeting Apple ID holders, according to internet security firm Netcraft. The site has since been pulled down and EA has told various news sites that it is "investigating" the report. Netcraft security expert Paul Mutton posted on the company's blog that the …

Hacker breaks into ThrustVPS, launches phishing attack from firm's own servers

Virtual private server firm ThrustVPS has taken the unusual step of admitting it had suffered a phishing attack. Rather than taking the time-honoured solution of just pretending nothing had happened and correcting the issue on the sly, the VPS provider sent an email to customers 'fessing up to the attack. "The phishing attack …
Team Register, 21 Jan 2014

Pre-election phishing spike blasts Iranian Gmail accounts

Google has spotted a massive spike in what it believes to be politically-motivated phishing attacks originating from Iran and targeting tens of thousands of web users ahead of Friday’s presidential elections. The Chocolate Factory has spotted several campaigns over the past three weeks, all coming from inside the Islamic …
Phil Muncaster, 13 Jun 2013
The Register breaking news

New class of industrial-scale super-phishing emails threatens biz

Security watchers are warning of a surge of highly convincing spear-phishing emails sent in bulk. More than one in 10 recipients of these so-called longlining* messages click on links to compromised websites because the phishing email look utterly plausible, according to cloud-based security services firm Proofpoint. The …
John Leyden, 04 Mar 2013
The Register breaking news

Cybercrooks send in Bouncer to guide marks to phishing sites

Cybercrooks have begun bundling whitelisting technology with phishing kits in a bid to restrict access to phishing sites to only their intended victims. The tactic of blacklisting IP addresses associated with security firms from accessing banking fraud sites has been in play for at least a few months now, but a new phishing …
John Leyden, 18 Jan 2013

Chinese responsible for 85 per cent of website scams

Chinese internet users are behind 85 per cent of fake websites, according to a semi-annual report [PDF] from the Anti-Phishing Working Group (APWG). Of the 22,679 malicious domain registrations that the group reviewed, over 19,000 were registered to servers based in China. This is in addition to nearly 60,000 websites that were …
Kieren McCarthy, 10 Dec 2014

Welcome the world's new Most Phished Country: Australia

Move over Brazil: Australia has become the most phished country on Earth, accounting for a quarter of all targeted malicious emails sent globally. Down Under has worked hard at the title, according to Kasperksy, more than doubling its share of phishing attacks received. This despite that a mere 23 million people inhabit the …
Darren Pauli, 26 Sep 2014

Phishing up, malware down, says Google

Google has revealed a new analysis of five years’ worth of data gathered by its Safe Browsing service. The analysis, as any discussion of online security seems obliged to, includes lots of Scary Big NumbersTM, such as the 9500 malware-infected sites the Chocolate Factory says it finds every day or the 12-14 million warnings it …
Simon Sharwood, 20 Jun 2012
The Register breaking news

Twitter adds email security to help block phishing attempts

Following a recent spate of incidents in which high-profile accounts have been compromised by hackers, Twitter has implemented a security protocol designed to make it harder for fraudsters to send out emails that appear to come from Twitter.com addresses. "We send out lots of emails every day to our users letting them know what' …
Neil McAllister, 21 Feb 2013

Aussie spooks warn of state-sponsored online attacks during G20

Australia's top spy agency has warned of 'real and persistent' threats to organisations, agencies and individuals linked to the G20 leaders conference in to be held down under next week. The advice issued by the Australian Signals Directorate (ASD) warns that large diplomatic and defence conferences attract attacks such as …
Darren Pauli, 07 Nov 2014

EFF claims Vietnam targeted its staff with spear phishing attack

Advocacy group the Electronic Frontier Foundation (EFF) has warned of an uptick in targeted malware attacks by “state-aligned actors” in Vietnam against foreign activists and journalists. In a blog post this week the group complained of a new campaign targeting its own staff – the first of its kind. A suspicious looking email …
Phil Muncaster, 21 Jan 2014
The Register breaking news

Self-pwned: Black Hat says soz for phishing attack scare

Black Hat conference Organisers of the annual Black Hat conference have apologised after an estimated 7,500 conference delegates received a suspicious email yesterday resembling a phishing attack. The dodgy email, informing entrants of a supposed password reset, was sent out after a volunteer with ITN International, the third-party firm handling on- …
John Leyden, 23 Jul 2012

Zero-day hacking group resorts to UNICORN SMUT-SLINGING

Sysadmins who have not yet patched their Windows boxes against the 18-year-old "unicorn-like" OLE bug disclosed last month could expect a deluge of spear phishing smut from a group once confined to lofty targeted zero-day attacks. The talented APT3 group was behind widespread zero-day attacks code-named Clandestine Fox earlier …
Darren Pauli, 26 Nov 2014

Something smells PHISHY: It's the celeb nudie iCloud PERV trap...

Consumers are being warned to be on their guard against phishers' fake Apple emails and texts designed to exploit the publicity about this week's nude celeb picture flap. In addition to scam emails designed to trick gullible recipients into logging into phishing sites, Symantec warns of a likely upsurge in fraudulent text …
John Leyden, 04 Sep 2014

Queensland Police warn of tax refund phishing

Queensland Police are warning residents of the Sunshine State about a new phishing scam that sees emails arrive in Australian Taxation Office (ATO) livery, complete with promise of a refund. Such emails are, we imagine here in El RegM’s antipodean eyrie, probably the only email one really wants to open from the ATO. Queensland …
Simon Sharwood, 25 May 2012
usb nuclear button hub

Nuke regulator hacked three times in three years

The US Nuclear Regulator Commission (NRC) has been hacked three times in as many years, according to documents obtained under freedom of information requests. Unnamed foreign hackers sent hundreds of phishing emails - targeting 215 staff in one incident alone - in what was dubbed a 'credential harvesting campaign', according to …
Darren Pauli, 19 Aug 2014

UK's a very popular target for EMEA cyberspies – report

Malware attacks, especially in Europe, nearly doubled in the first half of 2014, according to a new report. Government, financial services, telecommunications and energy were the most targeted sectors – collectively making up more than half of attacks detected by security vendor FireEye. The UK (17 per cent) followed by Germany …
John Leyden, 17 Oct 2014

Silver-tongued phish bait lures execs, hooks M&A deals

A hacking group has been stealing identity information and reading emails to get the inside edge on stock markets to buy and sell to make quick profits. Vendor FireEye reckons the group sent articulate phishing emails with malicious attachments demonstrating "deep" knowledge of financial markets and corporate communications. In …
Darren Pauli, 02 Dec 2014
The Register breaking news

Six cuffed in £1m student readies phishing probe

Scotland Yard's cybercrime crackdown squad has cuffed suspected crims accused of masterminding a phishing scam that netted more than £1m in cash from hundreds of unsuspecting students. The Met's Police Central e-Crime Unit (PCeU) began an investigation in August after a tip-off that students signed up to a government loan scheme …
Paul Kunert, 09 Dec 2011
The Register breaking news

Google rolls out phishing URL alerts for admins

Google has rolled out a service that alerts administrators when the sites on their networks contain links used in phishing attacks. The Phishing URL notifications are being added to the Safe Browsing Alerts for Network Administrators, which Google rolled out in September. It sends email to admins of autonomous systems when …
Dan Goodin, 15 Oct 2010
The standard USB 3 connector

Google puts Chrome credentials on USB drives for two-factor authentication

Google has announced support for a platform which will allow users to log into applications by pressing a button on a secured USB drive. The company announced that it will add support for the Security Key platform into Google applications on Chrome. The decision brings two-factor authentication to0 Google's apps. Security Key …
Shaun Nichols, 22 Oct 2014
The Register breaking news

Twitter 'Stalker app' just a phishing scam

A "Stalkers app" doing the rounds on Twitter is actually a phishing scam, security watchers warn. The Stalkers app, which purports to be officially sanctioned and to track people who are "stalking your Twitter", is promoted via messages linking to the application, which does nothing except coax victims into handing over their …
John Leyden, 12 Aug 2011
The Register breaking news

Websense boosts defenses against spear-phishing, data theft

Websense has added a slew of new defenses with the launched of Triton v7.7, which it says are designed to prevent the advanced data-theft attacks that have emerged as spear-phishing becomes more sophisticated. Of particular interest to security managers will be a focus on detecting the more patient attacks (in industry parlance …

Social sniffer predicts which Nigerian prince has the best chance of scamming you

Kiwi penetration tester Laura Bell has released a social engineering analysis tool to allow analysis of risky behaviour by punters. The platform dubbed "AVA" and billed as an "automated three-phase human vulnerability scanner" will soon be released as open source and made usable for both hackers using Kali Linux and less tech- …
Darren Pauli, 18 Dec 2014
Bitcoins

Brainboxes caught opening Bitcoin fraud emails. Seriously, guys?

Cybercrooks have launched a phishing campaign targeting Bitcoin users – and it's enjoying high response rates despite the seemingly random spraying of corporate email addresses with the spam-based scam. Security-as-a-service provider Proofpoint has detected 12,000 messages sent in two separate waves to more than 400 …
John Leyden, 22 Aug 2014
Malware

Twitter 'news' spreads faster than Ebola #FakeCures #Malware

Updated Social media has become a conduit for the spread of fake cures and treatments for Ebola. As if that weren't bad enough, confusion about the epidemic is also being harnessed to push malware and other cybercrime scams, security watchers warn. The hoaxes began in the Twittersphere with the spread of false ways to treat Ebola. Late …
John Leyden, 20 Oct 2014

Security seals clobbered ahead of Black Friday bonanza

This Black Friday, beware the shop with the security seal: researchers have shown that issuers of common good webkeeping seals of approval sometimes miss basic flaws, happily certify phishing sites and inadvertently function as a hackers' black book of vulnerable sites. The research examined the effectiveness of the top 10 …
Darren Pauli, 26 Nov 2014
The Register breaking news

Finnish police close case on phishing Trojan gang

Updated Finnish police closed on investigation on Tuesday after arresting 17 people suspected of involvement in a banking Trojan scam used to siphon off hundreds of thousands of euros held in accounts with Nordea Bank. The alleged perpetrators, from Estonia and Finland, attempted to steal €1.2m through a series of over 100 false …
John Leyden, 10 May 2011
Uber - living the dream

Taxi app Uber plugs 'privacy-threatening' web security flaw

Updated A potentially nasty XSS vulnerability discovered on the website of controversial ride-sharing service Uber has been fixed, according to the security researcher who reported the bug. The cross-site scripting vulnerability put visitors at risk of being compromised via theft of cookies, personal details, authentication credentials …
John Leyden, 10 Dec 2014
The Register breaking news

Norton blocks Facebook as 'phishing site'

Symantec has withdrawn an update to its Norton consumer security software that branded Facebook a phishing site on Wednesday. The snafu meant that users of Norton Internet Security were blocked from accessing the social networking site and were told a "fraudulent web page" had been blocked, as illustrated in a discussion thread …
John Leyden, 14 Oct 2011
The Register breaking news

Scareware scammers now phishing for punters

Scareware scammers are targeting credit card users with a new run of spam emails falsely warning recipients that their plastic has been blocked. The fraudulent emails, which resemble those more commonly seen in phishing or banking Trojan attacks, are fairly detailed and attempt to trick prospective marks into opening an attached …
John Leyden, 02 Aug 2011
Syrian Electronic Army threat tweet

SEA hacks Reuters website widget DESPITE 2FA security

Hacktivists with the Syrian Electronic Army have hit news agency Reuters again. Surfers intending to catch up with the latest news were briefly redirected to a page run by the Syrian Electronic Army. The page (screenshot via HotforSecurity here) berated Western media reports about the conflict in Syria. The SEA has previous …
John Leyden, 24 Jun 2014
The Register breaking news

Free and subdomain hosting lets phishing sites live longer

A growing numbers of phishers are using free domains and subdomain to register net fraud sites, a move that seem to have allowed phishing sites to stay online longer. Official figures from the Anti-Phishing Working Group (APWG) records that around 11 percent of all phishing attacks took advantage of either the free .TK domain …
John Leyden, 27 Apr 2011

Google's URL-hiding 'origin chip' is 'backburnered'

Google has “backburnered” a controversial feature that would have hidden full details of web addresses from Chrome users. The feature was called “origin chip” and, as we explained a few weeks back it removed all the characters beyond the top-level-domain from Chrome's Omnibox, as you can see below. The ad-slinger's rationale …
Simon Sharwood, 11 Jun 2014

Poison PDF pusher released to public

Attacking enterprises just got easier with the development of an idiot-friendly tool that spits out booby-trapped PDFs with a few clicks. The tool weaves existing exploits into PDFs, allowing attacks against Adobe Reader and Acrobat versions 8.x prior to 8.2.1 and 9.x before 9.3.1. Users can insert their own URL pointers into …
Darren Pauli, 12 Jun 2014
Puss considers how to respond to PayPal marketing overtures

Average chump in 'bank' phone scam is STUNG for £10,000 - study

UK consumers have lost more than £21m to "social engineering" scams where fraudsters impersonated bank employees and tech support since the beginning of the year, according to GetSafeOnline. A range of tactics including phishing emails, fraudulent phone calls asking for personal or financial information or phone calls from …
John Leyden, 26 Jun 2014
Chrome Canary

You'll hate Google's experimental Chrome UI, but so will phishers

Phishers might have a tougher time hooking victims if a new feature introduced into the experimental strain of Google's Chrome browser makes it into a future full release. The "origin-chip" feature cleans up Chrome's omnibox – or address bar – by removing lengthy URLs and replacing them with just the domain name shorn of "http …
Darren Pauli, 05 May 2014
Money image

Hackers steal trade secrets from major US hedge firm

Criminals have successfully attacked a hedge fund, delaying trades and stealing profitable secrets in a rare direct raid on the financial services sector, according to BAE Systems Applied Intelligence. The clever hack cost the unnamed US-based hedge fund millions of dollars over two months, the firm alleges. Attackers apparently …
Darren Pauli, 23 Jun 2014

Something's phishy: More holiday scam spam flung at real hotel customers

Updated Multiple customers at several hotels are getting hit up with a sophisticated phishing scam based on real hotel bookings. The latter all share the common factor of being made through Booking.com. Last week we reported how the wife of a Reg reader received a scam email after booking a family holiday in a hotel in Mallorca, Spain …
John Leyden, 18 Aug 2014
Smashed Apple Store window

Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'

Russians hackers have exploited a zero-day vulnerability in Microsoft Windows to hijack and snoop on PCs and servers used by NATO and the European Union, says security biz iSight. The software flaw is present in desktop and server flavors of the Redmond operating system, from Vista and Server 2008 to current versions. No patch …
Simon Sharwood, 14 Oct 2014
Remy from Ratatouille

Another RAT crawls out of the malware drain

Yet another banking trojan has appeared, using browser hooking to steal data from Internet Explorer, Chrome and Firefox users. Dyreza, or Dyre, is pitched the usual way, via a phishing e-mail (a lesson that's never learned well enough for the approach to fail), and the e-mail contains what purports to be a zipped document that …

British Gas Twitter account hijacked by mystery phishermen

An official British Gas Twitter account was hacked over the weekend as part of a phishing scam designed to harvest Twitter login credentials. The account @BritishGasHelp, which is normally geared towards helping people with boiler breakdowns and other queries, was taken over to push a series of ostensibly jokey tweets. The …
John Leyden, 23 Jun 2014
The Register breaking news

'Freeware' phishing kit dupes s'kiddies

Skilled malware authors have duped less skilled cybercrooks into doing their dirty work with a new phishing kit. A "freeware" phishing kit posted onto hacker forums poses as a way to set up fraudulent websites pretending to be, for example, PayPal or webmail providers. Spam emails masquerading as security checks are then …
John Leyden, 23 Jul 2010
The Register breaking news

Money mules are REAL victims of phishing, says Microsoft iconoclast

Microsoft has somewhat controversially claimed that money mules are the ultimate victims of phishing emails, rather than the consumers or banks that cyber-crooks target in online banking scams. Mules act as middlemen who receive funds from compromised bank accounts before sending the bulk of the cash overseas to the organisers …
John Leyden, 30 Mar 2012
Malaysia Airlines Boeing 777 9M-MRO

Chinese hackers spied on investigators of Flight MH370 - report

Malaysian officials investigating the disappearance of flight MH370 have been targeted in a hacking attack that resulted in the theft of classified material. The malware-based hacking attack hit around 30 PCs assigned to officials in the Malaysia Airlines, the Civil Aviation Department and the National Security Council, a …
John Leyden, 21 Aug 2014