Articles about phishing

Hacked US Census Bureau staff to take anti-phishing classes

The US Census Bureau has asked for additional IT security training for its staff – including tips on how not to fall for phishing emails – in the wake of last week's server breach. The bureau said in a blog post over the weekend that the hackers who managed to pull employee records from its computers did so by targeting the …
Shaun Nichols, 28 Jul 2015

Password-flogging phishing tool pwns EVERY iOS Mail app

Ernst and Young forensic bod Jan Soucek has created a tool capable of generating slick iCloud password phishing emails he says exploits an unpatched bug affecting millions of Apple users. The researcher created the iOS 8.3 inject kit which exploits a bug in the operating system's native email client to produce a …
Darren Pauli, 10 Jun 2015

iCloud phishing attack hooks 39 iOS apps and WeChat

Millions of Apple users are at risk from malicious yet legitimate apps uploaded to the official App Store, which are being used in "unprecedented", live iCloud phishing attacks. The 39 identified apps, including WeChat one of the most popular instant messaging clients in the world, were compiled using a malicious version of …
Darren Pauli, 21 Sep 2015

Crims bait phishing hooks with Flash, cast at US Gov agencies

Hackers are attempting to break into US Government agencies using a recently patched Adobe Flash vulnerability, the FBI is warning. The attacks target flaw CVE-2015-5119 revealed and patched earlier this month that can if exploited allow attackers to run malware on victim machines. The agency warned of the attacks which began …
Darren Pauli, 20 Jul 2015

Phishing gone: eBay patches to block session-jacking Magento holes

Vulnerability Lab researcher Hadji Samir says eBay has squashed three vulnerabilities in its Magento shopping platform that could permit session hijacking and man-in-the-middle attacks. The penetration tester disclosed this month the vulnerabilities along with proof-of-concept videos showing how attackers could steal session …
Darren Pauli, 22 Jun 2015

Most convincing PHISHING pages hoodwink nearly half of you – Google

Nearly half (45 per cent) of those who visit the most convincing phishing pages are tricked into handing over personal information, according to Google. This effectiveness drops to just three per cent in the case of the most obviously scummy phishing sites, while the online giant reports that the account hijackers work quickly, …
John Leyden, 11 Nov 2014
Meme of a dog "typing" at a computer, with the large font phrase "I have no idea what I'm doing' above him.

It's official: David Brents are the weakest link in phishing attacks

Middle management are increasingly becoming the focus of phishing attacks, according to a new study. Managers received more malicious emails and doubled their click rates year-on-year, according to a study by security company ProofPoint. Senior staff seemed more clued up about dodgy emails, meaning managers and staff clicked on …
John Leyden, 22 Apr 2015

Phishing miscreants THWART securo-sleuths with AES-256 crypto

Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools are commonly used but Symantec recently caught what it reckons is the first use of AES-256 encryption in dodgy …
John Leyden, 09 Sep 2014
Hack the planet

Verizon to world: STOP opening dodgy phishing emails, FOOLS

Phishing and web app security problems remain the most common way for hackers to gain access to sensitive information, according to US telco giant Verizon. Two out of three breaches were the result of weak or swiped passwords, making a case for strong two-factor authentication, the latest edition of Verizon’s annual Data Breach …
John Leyden, 14 Apr 2015

eBay bug turns phishing email links into malware-stuffed booby prizes

eBay is racing to fix a second serious security flaw that may allow criminals to spread malware through files seemingly hosted by the online tat bazaar. The bug is closely related to an earlier one discovered by David Sopas, a researcher at security firm WebSegura in Portugal. The hole uncovered by Sopas, since closed by eBay, …
Iain Thomson, 23 May 2015

LinkedIn ices over bountiful executive phishing spot

Kaspersky researcher Ido Naor says LinkedIn users could be phished thanks to vulnerabilities in its notification system. The since-patched flaws existed because the social network for suits misinterpreted and did not properly validate comment input. It meant malicious content could be sent to LinkedIn users who are notified …
Darren Pauli, 24 Jul 2015

Rejoice, Blighty! UK is the TOP of the WHOLE WORLD ... for PHISHING

British punters are being served three times as many phishing links to trojans and exploit kits than the US, and five times more than the Germans, according to a ProofPoint study. The security researchers say that while the English were being served more malicious links, Germans were hit with the greatest amount of unsolicited …
Darren Pauli, 16 Sep 2014

Bargain basement iPhone shoppers BEWARE! eBay exposes users to phishing vuln

eBay bans the use of cross-site scripting on the online tat bazaar because it can open up the site's users to nasty phishing vulnerabilities. And yet, according to the BBC, some auction listings have been exposed to the exploit since February this year. Some users hunting for old iPhones could have been caught up in the security …
Team Register, 21 Sep 2014
Lock security

Microsoft blunts hooks of nasty Internet Explorer phishing flaw

Microsoft is investigating an alleged vulnerability in its flagship Internet Explorer browser. The cross-site scripting hole disclosed Saturday by hacker David Leo includes functional proof of concept code, according to confirmed reports. Vulture South reported the flaw to Microsoft Friday and has been told it is working to …
Darren Pauli, 04 Feb 2015

Europol operation crushes phiendish global phishing ring

Police have arrested 49 men from Spain, Nigeria, and Cameroon in connection with electronic bank account raids that plundered some €6 million across Europe. The men were arrested as part of Operation Triangle, an effort involving police from Spain, Italy, and Poland together with authorities in Belgium, the UK, and Georgia. …
Darren Pauli, 12 Jun 2015

Crooks are using proxy servers to build more convincing phishing sites – new claim

Crooks using phishing pages to grab victims' passwords have apparently upped their game – by using proxy servers rather than static pages to craft legit-looking websites. Normally, thieves recreate a web page – such as a login page for an online shop or webmail – and stick it on a compromised server, then direct marks towards …
John Leyden, 07 Nov 2014

EA games web server was hosting PHISHING SITE – securobod

An Electronic Arts server was hacked and used to host a phishing site targeting Apple ID holders, according to internet security firm Netcraft. The site has since been pulled down and EA has told various news sites that it is "investigating" the report. Netcraft security expert Paul Mutton posted on the company's blog that the …

Hacker breaks into ThrustVPS, launches phishing attack from firm's own servers

Virtual private server firm ThrustVPS has taken the unusual step of admitting it had suffered a phishing attack. Rather than taking the time-honoured solution of just pretending nothing had happened and correcting the issue on the sly, the VPS provider sent an email to customers 'fessing up to the attack. "The phishing attack …
Team Register, 21 Jan 2014

Pre-election phishing spike blasts Iranian Gmail accounts

Google has spotted a massive spike in what it believes to be politically-motivated phishing attacks originating from Iran and targeting tens of thousands of web users ahead of Friday’s presidential elections. The Chocolate Factory has spotted several campaigns over the past three weeks, all coming from inside the Islamic …
Phil Muncaster, 13 Jun 2013

Cisco's RAT-catchers spot sysadmin-targeted phish

File this under “it was bound to happen one day”: Cisco has spotted a targeted phishing attack based on a popular sysadmin automation tool. If someone in the “IT crowd” bunker falls for the phishing attack, Cisco's Talos Group says the payload exploits AutoIT, a scripting admin environment for Windows. Talos explains what's …
firing range - target in cross hairs

SEC joins hunt for FIN4 attackers

America's Securities and Exchange Commission (SEC) has joined the hunt for the FIN4 hacking group. The bunch, revealed by FireEye in December 2014, used a phishing attack to get access to listed companies' computer systems. Their payoff was to get insider information to trade their targets' stocks. According to Reuters, the SEC …

Cybercrim who fleeced students faces scramble to repay stolen cash

A woman who made £1.2m through cybercrime has been ordered to pay back almost £630,000 accumulated from the hundreds of British students she helped to defraud. Ruth Smith-Ajala, 46, a Nigerian national of Redlands Way, Lambeth, was given a five-year sentence back in December 2013 for her role in stealing £1.2m from British …
The Register breaking news

New class of industrial-scale super-phishing emails threatens biz

Security watchers are warning of a surge of highly convincing spear-phishing emails sent in bulk. More than one in 10 recipients of these so-called longlining* messages click on links to compromised websites because the phishing email look utterly plausible, according to cloud-based security services firm Proofpoint. The …
John Leyden, 04 Mar 2013

Dropbox adds USB two factor authentication for paranoid Chrome users

Dropbox has added dongle-driven two factor authentication to its cloud sharing services for more highly risk-averse users in a bid to foil phishing attempts. The USB authentication dongle will replace the need to manually enter a six digit code sent over insecure SMS or generated by authenticator apps. Punters will need a U2F …
Team Register, 13 Aug 2015
The Register breaking news

Cybercrooks send in Bouncer to guide marks to phishing sites

Cybercrooks have begun bundling whitelisting technology with phishing kits in a bid to restrict access to phishing sites to only their intended victims. The tactic of blacklisting IP addresses associated with security firms from accessing banking fraud sites has been in play for at least a few months now, but a new phishing …
John Leyden, 18 Jan 2013
Padlocks by Simon Cocks Flickr CC2 license

Identity protection outfit LifeLock picked, popped

Security researchers Eric Taylor and Blake Welsh have disclosed a cross-site scripting vulnerability in US identity protection company LifeLock. The duo from US outfit Cinder say the vulnerability allows attackers to target the company's three million users with malware and phishing attacks, session jacking, among other acts …
Darren Pauli, 01 Jul 2015
Edinburgh. Pic: michel

More than 13,000 emails swiped in Edinburgh council cyber assault

Edinburgh council has been targeted by a cyber attack, leading to the details of more than 13,000 email addresses being stolen. In an email to people who have an online account with the council, the local authority said the attacker had penetrated the security of one of its website service providers, based in a UK data centre …
Kat Hall, 08 Jul 2015
Google Password Alert warning

Google polishes Chrome security with Password Alert

Google's seen way too much phishing, it seems, so the Chocolate Factory has pushed out a Chrome extension to catch attacks against accounts on Google domains. Mountain View reckons two per cent of Gmail messages are phishing attempts, and a well-constructed attack can have a 47 per cent success rate. Outlined here, the Password …

White-listed phish slip through Google Apps

Security probers Patrik Fehrenbach and Behrouz Sadeghipour have found a (since-patched) flaw in Google Apps that allowed criminals to register corporate domains and send white-listed phishing emails from admin addresses. The Choc Factory patched the flaw and handed the duo US$500 by way of thanks. the flaw meant attackers could …
Darren Pauli, 10 Mar 2015

Dangerous resurgent banking malware hits UK

The formidable Dyreza and Dridex banking malware are back in renewed and rejigged macro-based campaigns that includes a shift by the former to target industrial supply chain organisations and by the latter to smash the UK. Both malware instances are dangerous. Dyreza is a powerful man-in-the-browser bank trojan whose creators …
Darren Pauli, 02 Oct 2015

Phishing up, malware down, says Google

Google has revealed a new analysis of five years’ worth of data gathered by its Safe Browsing service. The analysis, as any discussion of online security seems obliged to, includes lots of Scary Big NumbersTM, such as the 9500 malware-infected sites the Chocolate Factory says it finds every day or the 12-14 million warnings it …
Simon Sharwood, 20 Jun 2012

China using cyberspies in border disputes with India and neighbours

Cyberspies have been snooping on Bangladesh, India, Nepal and Pakistan, seeking information on border disputes as well as general diplomatic intelligence. The ongoing APT-style cyber-attack against India and neighbouring nations has been going on since 2011 and is likely to be the work of China, according to net security firm …
John Leyden, 21 Aug 2015
Marc Benioff of Salesforce. Pic: Techcrunch

Salesforce plugs silly website XSS hole, hopes nobody spotted it

A cross-site scripting (XSS) vulnerability on Salesforce's website might have been abused to pimp phishing attacks or hijack user accounts. Fortunately the bug has been resolved, apparently before it caused any harm. Cloud app and security firm Elastica said the issue affected a Salesforce sub-domain – …
John Leyden, 14 Aug 2015

Google Password Alert could be foiled with just 7 lines of JavaScript

Google has been obliged to revise its Password Alert anti-phishing protection just hours after releasing it when security researchers showed how the technology was easily circumvented. Security consultant Paul Moore (@Paul_Reviews) has published a proof-of-concept JavaScript exploit that skirted the defensive technology with …
John Leyden, 01 May 2015

Don't be fooled! He's not from the IT crowd... he's a CYBERSPY – FireEye

Impersonating IT departments in spear-phishing attacks is becoming an increasingly popular tactic among hackers, particularly in cyber-espionage attacks. IT staff themed phishing emails comprised 78 per cent of observed phishing schemes picked up by FireEye in 2014, compared to just 44 per cent in 2013. The sixth annual FireEye …
John Leyden, 24 Feb 2015
The Register breaking news

Twitter adds email security to help block phishing attempts

Following a recent spate of incidents in which high-profile accounts have been compromised by hackers, Twitter has implemented a security protocol designed to make it harder for fraudsters to send out emails that appear to come from addresses. "We send out lots of emails every day to our users letting them know what' …
Neil McAllister, 21 Feb 2013
The Register breaking news

Self-pwned: Black Hat says soz for phishing attack scare

Black Hat conference Organisers of the annual Black Hat conference have apologised after an estimated 7,500 conference delegates received a suspicious email yesterday resembling a phishing attack. The dodgy email, informing entrants of a supposed password reset, was sent out after a volunteer with ITN International, the third-party firm handling on- …
John Leyden, 23 Jul 2012

Welcome the world's new Most Phished Country: Australia

Move over Brazil: Australia has become the most phished country on Earth, accounting for a quarter of all targeted malicious emails sent globally. Down Under has worked hard at the title, according to Kasperksy, more than doubling its share of phishing attacks received. This despite that a mere 23 million people inhabit the …
Darren Pauli, 26 Sep 2014
two human shadows

Protecting users against advanced threats and the human factor

Register here to watch our on-demand Regcast, where we look at why the human factor is an important internet security risk. Register for the webcast here and watch this special three-part Regcast at your own convenience. Handy synopsis for you As we reported in April, you build security and the users muck it up. At a time …
David Gordon, 02 Jul 2015

Chinese responsible for 85 per cent of website scams

Chinese internet users are behind 85 per cent of fake websites, according to a semi-annual report [PDF] from the Anti-Phishing Working Group (APWG). Of the 22,679 malicious domain registrations that the group reviewed, over 19,000 were registered to servers based in China. This is in addition to nearly 60,000 websites that were …
Kieren McCarthy, 10 Dec 2014
No junk mail. Pic: gajman, Flickr

SendGrid infosec chief eats humble pie, admits email service hacked

Marketing email distribution service SendGrid is asking customers to switch passwords after admitting it got hacked. The move follows the realisation that a previously reported hack is a bigger deal than previously imagined. The initial alert was triggered after the SendGrid account of Bitcoin exchange Coinbase was compromised …
John Leyden, 28 Apr 2015
Paul Winchell and dummy

O2 notifies data cops 'for courtesy' ... AFTER El Reg intervenes in email phish dustup

O2 has denied that it's suffered a serious data breach after customers began receiving sophisticated phishing emails that appeared to have been sent by the mobile operator late last month. It was claimed by subscribers that the body of the email included their name, email address, and date of birth. The dodgy messages about VAT …
Kelly Fiveash, 04 Feb 2015
Punk-styled girl with piercing gazes at an apple

Gullible Apple users targeted by bogus order cancellation scam

Cybercrooks are targeting Apple iCloud users with phishing messages designed to steal financial information. A new run of spam messages offer a slight twist on the popular ”bogus order" scam. Instead of simply telling you about a payment you're supposed to have made, prospective marks are invited to cancel a transaction already …
John Leyden, 13 Feb 2015

Received surprise new Redmond licenses? You might be pwned

Black hats are flinging supposedly free licenses at enterprises in a bid to get malware on corporate networks, security bod Martin Nystrom says. They wrote malware that was slightly neurotic in its bid to evade detection and would make use of the Tor network to receive stolen data. The Cisco threat defence man said realistic …
Darren Pauli, 10 Feb 2015
Looks like DNA

Protecting users against advanced threats and the human factor

WEBCAST Register now to watch our live Regcast, where we look at why the human factor is an important internet security risk. Watch this video broadcast live today at 11:00 BST. Handy synopsis for you As we reported in April, you build security, and the users muck it up. At a time when productivity growth in many businesses has ground …
David Gordon, 18 Jun 2015

Email apparently from Home Office warns of emails apparently from Home Office

The Home Office has sent unsolicited emails to the public, warning that the Home Office will never send unsolicited emails to the public, and will not ask for personal information or passwords in an email. The lay-off happy government department warned the public to be wary of emails that appear to come from the Ministry of …
Grand Theft Auto Lindsay Lohan lookalike

BLAM! Valve slams brakes on Steam flimflam with $5 spam scram plan

Video-gaming kingpin Valve has promised to do a better job of protecting its subscribers from dollops of spam, by applying a $5 limit on user accounts before unlocking a number of key features. The company explained the new strategy in a post on its support forum. It said that features – including friend invites, group chat, …
Kelly Fiveash, 19 Apr 2015

Blackhats exploiting MacKeeper hole to foist dangerous trojan

Last month's MacKeeper vulnerability is now being exploited in the wild to hijack Apple machines, according to BAE security researcher Sergei Shevchenko. The hacker says criminals are using social engineering to trick users into installing malware capable of exfiltrating data using a then zero-day vulnerability in the notorious …
Darren Pauli, 16 Jun 2015

Queensland Police warn of tax refund phishing

Queensland Police are warning residents of the Sunshine State about a new phishing scam that sees emails arrive in Australian Taxation Office (ATO) livery, complete with promise of a refund. Such emails are, we imagine here in El RegM’s antipodean eyrie, probably the only email one really wants to open from the ATO. Queensland …
Simon Sharwood, 25 May 2012
The Register breaking news

Google rolls out phishing URL alerts for admins

Google has rolled out a service that alerts administrators when the sites on their networks contain links used in phishing attacks. The Phishing URL notifications are being added to the Safe Browsing Alerts for Network Administrators, which Google rolled out in September. It sends email to admins of autonomous systems when …
Dan Goodin, 15 Oct 2010