Support our Sponsors


uClip Clipping Path Service



Main Menu
Home
News
Blog
Links
Search
Resources
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions
Login



Syndicate
feed-image Feed Entries

spamNEWS | botnet | phising | virus | spam | mallware
Internauts Warned about Scam Emails Imitating PayPal PDF Print E-mail
Written by Administrator   
Thursday, 28 May 2015 09:00

Blog Check & Secure warned on 19th May, 2015 stating that security researchers identified many suspicious looking emails and hence Internet users are being advised to be careful about spam emails from individuals posing as online payment solution PayPal.

The phishing email asserts that PayPal is probing a payment reversal. Apparently, you have received a payment without the permission of the account holder or due to a transaction error.

You are instructed to click a link to login and access your PayPal Resolution Center in a time span of 24 hours in response to a request for information from PayPal.

However, the email has no link with PayPal. Instead, it is a phishing email designed to embezzle your financial and personal information because, clicking on the 'Resolution Center' link by you will take you to a fake website designed to imitate a genuine login page of PayPal.

Logging on to the bogus site will direct you to a form of 'Dispute Resolution' asking for your name along with other personal as well as financial details.

Clicking the 'Submit' button on the hoax form will make you receive a notification saying that the issue has been solved.

Experts, while analyzing the scam email, claim that cybercriminals collect all your information submitted by you which can then be employed to hijack your PayPal account and commit fake PayPal and credit card transactions and identity theft.

Customers of PayPal are main target for phishing scammers because PayPal does almost all of its business through email and the web. Security experts add that it is always safe to login your PayPal account by typing the web address in the address bar of your browser or through an official PayPal app.

Please remember always that companies like PayPal, banks and credit card companies will never ask you to submit such information through email.

In this specific case, the use of generic greeting like 'Dear Customer' and the use of email address instead of name of the customer is a clear signal that the email is fake because PayPal always addresses their customers by their name as the company actually knows their full names which scammers don't know.

Read more... - Internauts Warned ab...
 
New Fake Lottery E-mails Exploit Names of Big Jackpot Winners PDF Print E-mail
Written by Administrator   
Thursday, 28 May 2015 09:00

E-mail users are being cautioned about one online scam which asserts that Angela and Richard Maxwell who won EuroMillions are giving away 1m pounds, published lincolnshireecho.co.uk dated May 18, 2015.

Belonging to Coningsby (Lincolnshire, England), Richard and Angela Maxwell were winners of the EuroMillions lottery gaining 53 million pounds during April 2015.

Addressing recipients, the scam electronic mail tells that they're among the six e-mail account-holders chosen for getting 1m pounds as cash donation the Coningsby couple is offering as the family celebrates their huge jackpot earning from the EuroMillions.

Camelot that runs the National Jackpot had a spokesperson state that that they're wary of certain organizations which try acquiring personal information or payment over the Net from people by making various pretensions. Lincolnshireecho.co.uk published this.

The Spokesperson explains The National Jackpot, other lotteries and people winning National Lotteries are at times fraudulently utilized for executing these scams. Usually, the companies executing them are located abroad, while aiming at people in UK. Therefore, it's advisable to keep that in mind for incase something appears unbelievably true it's likely a fake. Incase any person thinks he has been victimized, he must inform the local cops, the spokesperson recommends.

Meanwhile, three individuals, who're recipients of the bogus e-mails, have contacted Lincolnshire Echo.

Disturbingly, the bogus sweepstake electronic mail scam hasn't only targeted Internet users within UK, but even people within USA where a similar incidence has been reported. In that there's been exploitation of the Mega Millions lottery's name along with Harold Diamond its winner in a bogus e-mail.

The electronic mail asserts Diamond will be handing over a portion from his fortune to 5 persons chosen at random among whom the e-mail recipient is one. However, for getting that fortune the recipient must e-mail to Diamond's advocate while provide one verification code following which further instructions will be sent.

Now, on writing to the "advocate" there'll be instructions for making payments to supposedly cover taxes and other expenses. Actually, when getting a prize, one should never be required for paying money. Moreover, there's no question of ever winning a lottery one hasn't even played.

Read more... - New Fake Lottery E-m...
 
Developers of Rombertik Stopping Its Illegal Use - Symantec PDF Print E-mail
Written by Administrator   
Wednesday, 27 May 2015 07:00

Earlier this month, Cisco reported that the Rombertik malware tries to destroy the master boot record (MBR) of infected devices to stop researchers from examining the threat. However, Symantec says that the feature is designed to stop the usage of Trojan illegally.

Symantec says that Rombertik is a new type of Trojan which is called Carbon Grabber (Infostealer.Retgate). This malware enables cybercriminals to steal information and gives them access to infected devices through backdoor.

The malware has many mechanisms of anti-analysis designed to stop researchers from running it in a sandbox but if someone tries to fiddle with it, the malware tries to overwrite the MBR of the device while encrypting files. However, Symantec believes that this damaging payload is not actually meant for researchers of the security firm.

Researchers believe that the feature is actually a trap for those who might try to use and adjust the malware without any authorization. When cybercriminals buy Rombertik from its author, they receive a copy which converses with their server of command and control (C&C) only and the address of the C&C implanted in the binary code.

For any new cybercriminals, who have succeeded in getting a copy of the malware and would like to use it without paying, they could identify C&C address with only some basic skills and try to change it to point to another selected address by only hacking the binary file itself.

However, if they were fool enough to do this, they would activate the damaging protection mechanism unknowingly. This is, may be, to project punishment for attempting to sabotage the malware.

Net-security.org published news on 18th May, 2015 quoting Dumitru Stama, a Researcher with Symantec, as saying: "It is exciting to find that this mechanism of protection can be ignored because of execution of error made by the developer of the malware".

Net-security.org published news on 18th May, 2015 stating that Raul Alvarez, a Researcher with Fortinet, also revealed that MBR wipe routine of Rombertik will not work on new versions of Windows because it does not have sufficient approval to do it.

However, it will attempt to overwrite files in the computer but will avoid files with following extensions: .exe,.dll, .drv. and .vxd.

Read more... - Developers of Romber...
 
Hackers Breached Federal Reserve Bank Website PDF Print E-mail
Written by Administrator   
Wednesday, 27 May 2015 07:00

According to St. Louis-based Federal Reserve Bank, hackers during April 2015 had effectively managed to compromise the bank's online site, published nytimes.com, May 19, 2015.

On Monday, 18th May 2015, the organization notified all customers that the attack occurring on 25th April 2015 had hackers alter servers' Internet Protocol addresses related to the systems which then diverted traffic onto harmful web-pages the attackers set up to appear like research.stlouisfed.org site of the Federal Reserve Bank. Among the rogue web-pages, some looked like those for FRASER, FRED, ALFRED and GeoFRED.

As a consequence of the above; end-users landed on fraudulent web-pages mimicking material from the Fed, and endangering them with malware/phishing.

Whereas nothing is clear about the attackers' purpose, presumably their aim was for gaining admission into huge volumes of research and economic data already appearing on the affected site.

According to Chief Scientist Igor Baikalov at Securonix a security company, the hackers could have used spoofed web-pages for mining credentials, expecting the same passwords being used again on other online sites; alternatively installed malware which would enable access to end-users' PCs later. While impacted end-users couldn't do much for safeguarding themselves, Baikalov stated it would be good to change passwords just as using up-to-date anti-viruses for scanning PCs could help in malware detection. Infosecurity-magazine.com published this, May 20, 2015.

Further according to Baikalov, the Federal Reserve required closely monitoring impacted software programs to find any problems within user behavior as well as access so probable intruders could be identified and stopped from exploiting the bank's computers to make way for more attacks.

CEO Richard Blech of Secure Channels a digital security solutions company stated that the hacking assault showed how potential thugs duped bank customers and diverted the traffic onto similar-looking websites for making them enter their private details. In short, it was one good, conventional styled phishing assault. He continued that the latest attack was potentially for catastrophe to be little ignored. The hackers were making a game play of Federal Reserve, the consequences of which were likely to be enormous with drastic outcomes for the economy, he contended. Cio-today.com published this, May 19, 2015.

Read more... - Hackers Breached Fed...
 
Police Warns that PennDOT Scam Email Targeting Locals PDF Print E-mail
Written by Administrator   
Wednesday, 27 May 2015 07:00

Fox43.com reported on 16th May, 2015 stating that Pennsylvania State Police Criminal Intelligence Center (PACIC) warns about a fake email notification claiming to be from PennDOT (Pennsylvania Department of Transportation).

The email is entitled: "Action required- fine for Traffic Violations" and its content say that a vehicle registered in your name was caught while jumping a red light along with the desecration date, ticket number and a precise amount of fine. There were also several links for clicking to see photographs and pay fine or more information about the security service of the email. Those URLs redirect the Internaut to websites not associated with PennDot or the Commonwealth of PA.

You can see signs which indicate it as a phishing scam with poor spelling and grammatical errors in the message. This message contained wrong spelling of 'violation' along with two different dates of violation. Moreover, certificates or traffic tickets issued in Pennsylvania are not directly paid to PennDot because definite municipalities or state regulation enforcement agencies generate these.

Lancasteronline.com published news on 15th May, 2015 according to which Trooper Adam Reed of the state police department said that they did not have any idea about the quantity of emails sent. It is difficult to identify the sender because several emails are sent from overseas.

Lancasteronline.com published news on 15th May, 2015 quoting Rich Kirkpatrick, Spokesman of PennDOT in Harrisburg (Pennsylvania), as saying: "a resident of Virginia warned PennDOT on Wednesday, 13th May, 2015 having received the email."

Kirkpatrick and Reed do not know any person who has reported about the receipt of email. Reed said that most of the people might have deleted it after receiving it.

Kirkpatrick was not aware of any attack targeting PennDOT by scammers before.

Reed advised all victims contact their local police department about the scam.

Internauts were also advised not to open any unsolicited emails and should never open any link or attachments which come from any unknown sender.

Kirkpatrick said that PennDOT is making an announcement on its website about the scam. Anyone having any questions may call Driver & Vehicle Service call center of PennDOT at (800)932-4600.

Read more... - Police Warns that Pe...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1274
Polls
The Spamproblem is
 
Who's online
We have 135 guests online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us