Articles about phishing

Hackers: Ditch the malware, we're in... Just act like a normal network admin. *Whistles*

Hackers almost exclusively use standard network admin tools to move around a compromised network once they’ve broken in using malware or other hacking techniques. Researchers at security startup LightCyber found that 99 per cent of post-intrusion cyberattack activities did not employ malware, but rather employed standard …
John Leyden, 30 Jun 2016
Ben Mezrich, Once Upon a Time in Russia: The Rise of the Oligarchs and the Greatest Wealth in History

Kremlin hackers and the Democratic National Committee: How deep is the rabbit-hole?

Well publicised attacks against the US Democrat National Committee exposed earlier this month are part of a wider pattern of attacks against a much broader range of US political targets, according to new research by Dell SecureWorks. The same group of cyber-spies is predominantly spying on Russia and neighbouring countries but …
John Leyden, 29 Jun 2016
Schematics of the Parkes FRB detection

Deutsche Telekom phish alert

Another day, another customer database leak: this time, it's Germany's Deutsche Telekom. The carrier says it's telling customers to reset their passwords, after being made aware of a database of T-Online e-mail addresses and passwords being offered for sale on darknet sites. Between 64,000 and 120,000 customers may be …
Image by MOSO image http://www.shutterstock.com/gallery-1098953p1.html

Filet-O-Phish: Insecure NFC tag relics hidden under Maccas tables

McDonald's New Zealand and Australia restaurants reportedly have unused and insecure NFC tags glued under tables. Near Field Communications tags allow devices to read instructions with a tap. Phones must be very close in order to read the tags and the instructions it contains. The McDonald's tags seem to have been installed …
Darren Pauli, 20 Jun 2016

Feds warn of skyrocketing business compromise scams

The FBI is warning that businesses have handed some US$3.1 billion to email scammers, a whopping 1,300 percent increase in 18 months. Businesses are tricked into sending the cash to would-be chief executive officers who have sufficient company information, obtained through open source searching or hacking, that makes the …
Team Register, 17 Jun 2016

Sofacy NotSoGood: Time to switch up our Trojan-slinging tactics

A hacking group linked by researchers to the Kremlin has switched its tactics as part of a new attack against the United States government. A spear phishing email from the Sofacy group (also known as APT28) sent to a "US government entity" from a potentially compromised account belonging to the Ministry of Foreign Affairs of …
John Leyden, 15 Jun 2016
Image by Dr Flash http://www.shutterstock.com/gallery-182053p1.html

Japan travel agency fears leak of 7.93 million records, passport deets

Japan's largest travel agency JTB Corp says 7.93 million passport details, and home and email addresses may have been stolen by hackers. Executives at the company held a press conference bowing in apology for the feared breach and telling local media it may have stemmed from staffer who opened phishing-borne malware. The …
Darren Pauli, 15 Jun 2016
Burglar sits in kitchen with stolen tablet. Photo by Shutterstock

Cyber burglars love to pillage Euro businesses they've pwned before

Traditional methods including spear phishing and social engineering still account for more than a third of hacker attacks. A new study by Mandiant reports that many hacked European organisations are re–compromised within months of an initial attack, in a similar way to how burglars revisit homes and offices they’ve already …
John Leyden, 08 Jun 2016

Oh snap! Facebook zaps crap yap gap in web chat, natter app flap

A vulnerability in Facebook's web chatrooms and its Messenger app would have let miscreants surreptitiously tamper with messages after they had been sent. The flaw was discovered by eggheads at security biz Check Point, who reported it to the social network giant. We're told attackers would have needed only a basic knowledge …
John Leyden, 08 Jun 2016
Bitcoin

MtGox collapse victims now picked off by phishing vultures

Phishing scammers are going after people hoping to claw some of their money back from the MtGox collapse. Researchers with computer security biz Cyren have spotted a new round of spam messages claiming to originate from Kraken, the exchange that is heading up efforts to pay out Bitcoins recovered from the MtGox implosion. The …
Shaun Nichols, 06 Jun 2016
Captain Mainwaring

Will you get reimbursed if you're a bank fraud victim? Brits think not

Bank customers worldwide are often in the dark about whether or not they’ll be reimbursed for fraudulent transactions. Customers’ understanding of bank terms and conditions is often sketchy, according to a international study by academics. The researchers found that there is significant variation worldwide, and even within …
John Leyden, 06 Jun 2016

Redmond adds malware, phish warnings to Bing

Microsoft has followed Google's lead by making the malware warnings in its Bing search engine more nuanced. On Friday, the company announced that instead of one generic warning for dangerous sites, it is now giving users different messages for malware sites and phishing sites. Where a search brings up a hit on a site known to …
Image by Lana839 http://www.shutterstock.com/gallery-2897530p1.html

Anti-phishing most critical defence against rife CEO email fraud

AusCERT Internal anti-phishing programs are essential to prevent chief executive officers wiring money to fraudsters, threat man Donald McCarthy says. The programs are an underrated yet proven method for clamping down on what is perhaps the world's most successful and widely-used avenue to attack businesses and individuals. Business …
Darren Pauli, 02 Jun 2016

Is a $14,000 phone really the price of privacy?

A US$14,000 (£9,706, or A$19,352) Android phone has been launched pitching 'military-grade encryption' at privacy-conscious executives. Little information can be found on the Solarin handset's specific security chops other than it will use "chip-to-chip 256-bit AES encryption" for phone calls. That technology is built by …
Darren Pauli, 02 Jun 2016
Image composite: Microsoft and StudioLondon http://www.shutterstock.com/gallery-893620p1.html

Microsoft warns of worm ransomware, finds fix in Windows 10 upgrade

Microsoft is warning of a wormable ransomware that infects removable drives on versions of its operating system below Windows 10. The ZCrypt scumware is distributed through old but effective methods of phishing emails, Word document macros, and fake Adobe Flash installers. It drops a warning notice in a HTML file informing …
Darren Pauli, 01 Jun 2016
Night scene of bank station in central london

Bank in the UK? Plans afoot to make YOU liable for bank fraud

Bank customers may be obliged to bear the bill for fraud against their accounts, under proposed changes mulled by banks, the UK government and GCHQ. Under the plans, individuals or companies with poor online security could be “frozen out of banking services or even excluded from the system whereby banks compensate customers …
John Leyden, 26 May 2016
skull_648

Pastejack attack turns your clipboard into a threat

Once, you could use HTML/CSS to manipulate the clipboard, but it was not a good way to do so. Now a security bod has worked out how to do it in JavaScript and reckons it's a lot more dangerous. At first glance, it looks like purely a stunt-attack, except for this: a phishing e-mail purporting to be from tech support could …
phishing_648

Bangladesh government domain turned into toxic phishing hole

Netcraft security man Paul Mutton says the Bangladesh Government has been used in banking phishing attacks targeting customers of Wells Fargo, Google, and AOL. The domains are restricted Government assets which Mutton says could indicate lax security controls. The popped server is located in the UK hosted by Nibs Solutions …
Team Register, 20 May 2016

Suckfly: The hacking group targeting India but taking weekends off

A professional hacking group called Suckfly is targeting India's infrastructure and economic base by zeroing in on individuals and installing tools to access their work networks. That's according to a blog post by Symantec that has analyzed and dug into the group's activities and methods. Symantec first spotted the group it …
Kieren McCarthy, 18 May 2016

Phishing scam targets ... actual fishermen in eastern Ukraine

Security firm ESET has uncovered a long running cyber-espionage campaign in Ukraine, and seemingly targeted at separatists. Operation Groundbait is a targeted attack most likely run from within Ukraine by as yet unidentified politically motivated hackers. The region is a hotspot for malware-based spying campaign thanks largely …
John Leyden, 18 May 2016
Wall of Spam. Pic: freezelight

Sainsbury’s Bank insurance spam scam causes confusion

Numerous UK surfers were left confused on Monday after receiving email confirmations for insurance products with Sainsbury’s Bank that they never bought. People are receiving emails claiming they have started new policies for travel, home and car insurance from the UK supermarket giant’s banking business. El Reg learnt of the …
John Leyden, 17 May 2016
Prison

Insider trading hacker pleads guilty to p0wning press releases

A Ukrainian ne'er-do-well who broke into market computers for an insider trading scheme has entered a guilty plea in the US. The 28-year-old, Vadym Iermolovych, has put his hands up to three charges – conspiracy to commit wire fraud, conspiracy to commit computer hacking, and aggravated identity theft. The US Department of …
Arcady http://www.shutterstock.com/gallery-450076p1.html

Flash zero day phished phoolish Microsoft Office users

FireEye has detailed an attack on a recent zero-day vulnerability Adobe patched last week. The flaw (CVE-2916-4117) affects the previous latest version of Adobe Flash and copped a rushed patch after FireEye reported attacks in the wild. Genwei Jiang, a Singaporean senior security engineer, has revealed the details of the …
Darren Pauli, 16 May 2016
2001: A Space Odyssey

Lie back and think of cybersecurity: IBM lets students loose on Watson

IBM is teaming up with eight North American universities to further tune its cognitive system to tackle cybersecurity problems. Watson for Cyber Security, a platform already in pre-beta, will be further trained in “learning the nuances of security research findings and discovering patterns and evidence of hidden cyber attacks …
John Leyden, 12 May 2016
Fat Tony

Google kneecaps payday loan ads

Google says it will no longer serve ads for short-term loan services it considers to be predatory lenders. The Chocolate Factory says that as of July 13, it will no longer be taking ads from loan services that seek repayment within 60 days or carry an annual percentage rate (APR) of 36 per cent interest or higher. The aim, …
Shaun Nichols, 11 May 2016
Speedometer by Nathan E Photography, Flickr under CC2.0

Google blocks Pirate Bay

Google's Safe Browsing service has decided The Pirate Bay is a phishing site. The Safe Browsing service tries to rate the web and provides a feed of sites Google's security team thinks deserve to be shunned. Other browser-makers use the service's feed to rate sites, so Google's assessment means those trying to reach …
Simon Sharwood, 11 May 2016

Babycare e-tailer Kiddicare admits customer data breach

Babycare retailer Kiddicare has warned customers that personal data shared with the store has been stolen by hackers. The compromised data is restricted to name, delivery address, telephone number and email address, according to Kiddicare, which is keen to stress that customer payment details or credit/debit card information …
John Leyden, 09 May 2016
Image by Danomyte http://www.shutterstock.com/gallery-256714p1.html

Six-year-old patched Stuxnet hole still the web's biggest killer

The six-year-old vulnerability first burnt by Stuxnet remains the internet's chief pwning vector and is a key instrument of the world's worst exploit kit known as Angler. The vulnerability is a hole in Windows Shell that is both long since patched and well publicised as part of its discovery in the US' Stuxnet worm, the killer …
Darren Pauli, 09 May 2016
German battleship sinking at Scapa Flow

Defence bankrolls Oz Govt's infosec threat sharing strategy

Budget 2016 The Department of Defence will haemorrhage A$122.2 million and the National Innovation and Science Agenda A$38 million to implement the Federal Government's A$230 Cyber Security Strategy, budget papers reveal. The funding Strategy announced last month was welcomed by many in security circles and seated information security …
Darren Pauli, 04 May 2016

Iranian cyberspy phishing rod pulled from the waters and exposed

Security researchers have lifted the lid on a decade long cyber-espionage campaign. The Infy malware, which originated in Iran, has been used to target businesses and governments across the world since 2007 and remains in use, according to security researchers from Palo Alto's Unit42 research unit. Over the time, the malware …
John Leyden, 03 May 2016

Michigan electricity utility downed by ransomware attack

A water and electricity authority in the US State of Michigan has needed a week to recover from a ransomware attack that fortunately only hit its enterprise systems. Lansing's BWL – Board of Water & Light – first noticed the successful phishing attack on its corporate systems on April 25, and has had to keep systems including …

Google Play infested with cash-stealing web apps

Security researcher Joshua Shilko says phishing apps targeting some of the world's biggest payment services have slipped past screening and landed on Google Play. Shilko says he's aware of 11 well-designed fraud apps that have slipped into the official Play store, often by mimicking mobile payment sites. Shilko did not name …
Darren Pauli, 29 Apr 2016

Gumtree 'fesses up to breach and personal information leak

UPDATE eBay's even tattier tat bazaar Gumtree says it's suffered an attack during which users' personal data was encountered by parties unknown and unauthorised. The Register has seen multiple posts in which members of the site report receiving an email with the following text: “We are writing to let you know that some of your …
Simon Sharwood, 29 Apr 2016
Facebook VR, photo by Facebook

Facebook's own TLS cert used by crooks in double logon phish

Netcraft security man Paul Mutton says phishers are using Facebook's TLS certificate to create a 'remarkably convincing' scam that would go unnoticed by most users. The phish uses an iframe to serve a Facebook verification form, but that form isn't from The Social NetworkTM. Instead, the form comes from an external Hostgator …
Team Register, 26 Apr 2016

Hackers so far ahead of defenders it's not even a game

Cybercriminals are way ahead of the game against defenders without having to try anything new, according to the latest edition of Verizon's benchmark survey of security breaches. The study shows that miscreants have no need to switch up, because the same old tactics are still working fine. Security defenders are still …
John Leyden, 26 Apr 2016
Lady eating a sandwich checking her mobile phone

Spotify accounts breached

Spotify account-holders' details have appeared on Pastebin. User names, passwords and email addresses are among the details divulged. Spotify says it has not been breached, leaving open the possibility that users had entered their account details into a third party or phishing service. The company is informing affected …
Darren Pauli, 26 Apr 2016
Mexico

'No password' database error exposes info on 93 million Mexican voters

Information on 93 million Mexican voters has been leaked online. Voter records were exposed as the result of a config error in a MongoDB database that meant that the information was left accessible by anyone who knew where to look. The database – hosted on Amazon AWS – included voters' names, addresses, voter ID numbers, dates …
John Leyden, 25 Apr 2016

MoD contractor hacked, 831 members of defence community exposed

Exclusive Up to 831 members of Britain's defence community with high-level security clearances had their personally identifying information stolen when the Ministry of Defence's business networking organisation was hacked, The Register has learned. Although heavily redacted in places, correspondence between the MoD and Niteworks— …

Cybercrooks turn away from banks. Your health records are far juicier

Cybercrooks are switching up targets moving away from retail and financial services onto healthcare and government last year, according to figures from IBM’s security business. Retail drops out of top five most attacked sector while financial targets dropped from #1 to #3 in IBM X-Force’s 2016 Cyber Security Intelligence Index …
John Leyden, 20 Apr 2016

Four bugs bait hooks in Asian phishing trip

Malware writers are exploiting four RTF parser vulnerabilities, in a long-running campaign to target journalists, human rights activists, and Tibetans across Hong Kong and Taiwan. An Arbor Networks study found miscreants are exploiting since-patched vulnerabilities in Microsoft Office's handling of rich text files (CVE-2012- …
Darren Pauli, 20 Apr 2016
Flash Gordon

Exploit kit writers turn away from Java, go all-in on Adobe Flash

Exploit kit writers are no longer fussed about Java vulnerabilities, focusing their attention almost entirely on Adobe Flash. All of the top 10 vulnerabilities targeted by exploit kits during 2015 are related to Adobe Flash, according to a new study [PDF] from NTT Group. In 2013, by contrast, the top 10 vulnerabilities …
John Leyden, 19 Apr 2016
hacker

What exactly is it that infosec miscreants get up to? A quick overview

If corporate IT infrastructures are a battlefield, then the cybercriminals are putting up a good fight. Last year saw some nasty breaches. Anthem Insurance, which lost nearly 80 million records, and the US Office of Personnel Management, which lost 21 million records after failing to encrypt its records. Cybercriminals are …
Danny Bradbury, 13 Apr 2016
London - Iconic Red telephone box with Big Ben at the background and blue sky - UK, England. Photo by Shutterstock

Spear phishers target gullible Brits more than anyone else – survey

There’s been a sharp (35 per cent) increase in crypto ransomware attacks, with the UK ranked as the nation third most targeted with ransomware. The UK is also ranked as the most targeted nation for spear phishing attacks and the second most hit-upon country with social media scams, according to other findings from Symantec's …
John Leyden, 12 Apr 2016

SANS man lists five security things you're not doing but should

SANS Institute dean of research and head of the SANS Internet Storm Center (ISC) Johannes Ullrich has given systems admins some some light weekend reading with a list of five neglected security controls that "nobody implements". Ullrich reckons that if put these controls in place your security posture will improve and things …
Darren Pauli, 08 Apr 2016
Katipunan, Quezon City, Philippines. Photo by Chris Villarin, CC 3.0

Megabreach: 55 MILLION voters' details leaked in Philippines

A massive data breach appears to have left 55 million Philippine voters at much greater risk of identity fraud and more. Security researchers warn that the entire database of the Philippines’ Commission on Elections (COMELEC) has been exposed in what appears to be the biggest government related data breach in history. The …
John Leyden, 07 Apr 2016
barbie

Barbie-brained Mattel exec phell for phishing, sent $3m to China

Toy maker Mattel has recovered some US$3 million it shipped off to Chinese hackers who sent a well-crafted phishing email to a finance executive. The recovery was mostly down to luck: the cash was wired on a Chinese bank holiday which meant the funds were held up and returned by fast-acting authorities. Sources told …
Darren Pauli, 06 Apr 2016

Microsoft account-hijacking hole closed 48 hours after bug report

British researcher Jack Whitton has reported a Microsoft account hijacking authentication bug that would have been another arrow in an attacker's phishing quiver, save for the fact that Microsoft fixed it. Whitton quietly reported the flaw to Microsoft which pounced and took only two days to process and patch the flaw. The …
Team Register, 05 Apr 2016
band_aid_patching_648

Optus patches crap credential cock-up in cable modems

Optus has patched a vulnerability in its popular routers that allowed attackers to change administrative passwords without knowing the existing logins. The flaw, reported by The Register, exists in the CG3000v2 cable modem and means attackers could type anything into the current password field to change the code to one of …
Darren Pauli, 04 Apr 2016
PayPal inStore app in action

PayPal plugs phishing-enabling vulnerability, stumps up $500

PayPal has patched a flaw which created a means for miscreants to abuse its platform to lend authenticity to fraudulent or otherwise malicious emails. The input validation and mail encoding web vulnerability in the official PayPal online web app was discovered by Vulnerability Laboratory researcher Benjamin Kunz Mejri. The …
John Leyden, 01 Apr 2016

Unpatched stealthy iOS MDM hack spells ruin for Apple tech enterprises

Black Hat Asia Enterprises the world over are at risk from a seamless new attack that allows the latest Apple devices to be quietly compromised in what researchers say requires a total overhaul of Cupertino's enterprise provisioning architecture for mobile device management. The unpatched hack – dubbed SideStepper and crafted by Israel-based …
Darren Pauli, 31 Mar 2016