New website details Internet crime targeting World Cup fans

By admin | February 10, 2010 | Leave a Comment 

admin

mandela_world_cupEvents of global significance be they natural disasters, the death of a celebrity or sporting occasions, are guaranteed to bring scammers and other cybercriminals out of the woodwork. Indeed phishing attacks alone increased by 66 per cent during the Beijing Olympics in 2008.

This year’s World Cup in South Africa is likely to be no different. That’s why Symantec has today launched its own dedicated website, www.2010netthreat.com, to provide data, commentary, safety tips and useful links for football fans surfing the Internet for news, tickets and information on the tournament.

Symantec has already installed additional network sensors in South Africa and southern Africa to monitor traffic and so far we’ve detected 27 unique files that have not hitherto appeared outside the region. We’ll keep you regularly updated with the latest information regarding World Cup related Internet security threats.

Dominic Cook

iPad – first the hype, now the threat

By admin | January 28, 2010 | Leave a Comment 

admin

_47197357_ipad-name-jobs-bodiPad’s domination of the news agenda has provided a golden opportunity for cybercriminals to target consumers hungry for more information on Apple’s new creation.

As soon as the announcement was made, we observed that related search terms had become targets for Blackhat SEO attacks and phishing attacks. People interested in finding out more about the iPad over the internet must be on guard. 

The excitement over the iPad has been building for months now, so it’s only to be expected that its announcement would spark a huge spike in search traffic relating to certain terms. Sadly, this is just the kind of opportunity fraudsters like to exploit by poisoning search terms, and we can also expect to see iPad-related spam and phishing attacks hitting consumers hard over the coming weeks. We’d advise the curious to be on their guard. 

Tips for avoiding iPad pain:

  •  Avoid clicking on suspicious links in email or IM messages as these may be links to spoofed Web sites
  • Symantec security experts suggest typing Web addresses directly into the browser rather than clicking on links within messages.
  • If an email offer looks too good to be true, it probably is. Go through authorised and known suppliers or information sources
  • Always be sure that your operating system is up-to-date with the latest updates, and employ a comprehensive security suite
  • Delete all spam

 Candid Wueest

Rumours of Johnny Depp’s death just a scam

By admin | January 25, 2010 | 1 Comment 

admin

johnny_depp1_300_400Once again cybercriminals are at it again spreading rumours and lies to try and trap the unwary. Several news outlets are reporting a set of spam emails circulating about an entirely untrue car crash story, misreporting that Johnny Depp had died over the weekend.

Symantec has investigate the spam and it appears that this is nothing more than yet another Fake AV Scam which attempts to trick users into paying them to remove malware which is not present on their systems.  We detect this as VirusDoctor. Symantec customers, both consumer and enterprise, are already protected. As we reported at the end of last year, unfortunately these sorts of fake AV downloads are not uncommon – indeed the Symantec Rogue AV Report suggested we had seen over 43million people download fake security software in a 12 month period.

As ever, it is important that people keep on their guard when searching for information on the Web. Make sure your legitimate antivirus software is updated and if you are ever feel yourself being strong-armed into buying antivirus software from any dubious online sources – Don’t do it! Instead go to a trusted source such as your local physical shop.

Dominic Cook

Deck the Halls with Spam and Folly

By admin | December 15, 2009 | Leave a Comment 

admin

Spammers have been capitalising on the shift towards online Christmas shopping, warns according to Symantec’s November State of Spam report outlines that sales of ‘luxury goods’ and counterfeit brands continue to dominate spam emails as the holiday season approaches. The top ten subject lines between October and November 2009 were:

  1. Sales receipt from Amazon
  2. Sales Order from walmart.com
  3. Incredible sale for luxury goods
  4. Re: what she wants for Christmas
  5. Give her luxury this holiday season
  6. Bling yourself up this Christmas
  7. Get the perfect gift for Christmas
  8. Impress your friends this holiday season
  9. Xmas on-line cookies
  10. Time limited Christmas promotion

In addition, fake airline ticket spam has also taken off during the holiday season with the promise of cheap deals on airfare used to attract attention from unsuspecting internet users.

British shoppers are expected to spend upwards of £6.8bn online this Christmas, and spammers are desperate to get a slice of the cake. To do this they are crafting subject lines that people are more likely to click on. The top two subject lines indicate that spammers are tricking people into believing that they have a transaction email from two well-known retailers. Although we usually see these types of subject lines associated with phishing or fraud messages, this tactic was actually re-directing users to a bogus online pharmacy site. 

Other key findings from the State of Spam report, include a 9 per cent reduction in spam originating from the EMEA since June 2009 (the region now accounts for 25 per cent of all spam).

 So how do you best safeguard yourself against falling victim to seasonal spam and phishing attacks:

-       Use directions provided by your mail administrators to report missed spam if you have an option to do so

-       Delete all spam

-       Avoid clicking on suspicious links in email or IM messages as these may connect you to spoofed websites

-       Type web addresses directly into the browser rather than relying upon links within your messages

-       Always be sure that your operating system is up-to-date with the latest updates, and employ a comprehensive security suite

 Amanda Grady

Be careful on Cyber Monday

By admin | November 30, 2009 | Leave a Comment 

admin

Father_Christmas_4520e2f2a13a3Today is apparently the busiest day of the year for online shopping.  Known as Mega or Cyber Monday, apparently millions of us will be shopping online today for our Christmas bargains. But as ever, you have to be careful and extra vigilant if you do intend to be one of the millions shopping online.

So while shopping, keep an eye on your personal information and play it safe. To ensure that your cash stays that way (yours), check a site thoroughly before striking a deal. Does it have a privacy policy? And, if so, how does it handle your personal information? If it doesn’t have one, you might want to consider using another site. If you receive any sort of email that asks for your financial information or social security number, discard it and don’t respond. Proper sites never ask for personal information through your inbox.

Also, is your security software up-to-date ? Keeping your computer protected from malware is just another step to keeping your identity, credit card numbers, and hard-drive under lock and key.

Happy bargain hunting!

Dominic Cook

Tiger Woods car accident prompts Scareware surge

By admin | November 30, 2009 | Leave a Comment 

admin

BRITAIN MATCHPLAY GOLFTime after time, we see those engaged in the Cybercrime Underworld using major sporting or news events to trap the unwary into letting down their cyber guard. Well it seems to have happened again with interest in the Tiger Woods car accident over the weekend, and rumours of the cause, giving Scareware peddlers ripe opportunity to poison web search engines. The story, which has generated a swell in web traffic and searches, has been one of the top Google searches since the news broke.

The Symantec Response team have observed some search engine results redirecting users to a number of malicious domains:

  • vir-curemypc-now.com
  • egafuki.cn
  • online-scanner-free.net

These websites then take the user through a fake scanning activity before pointing out a host of serious ‘errors’ and ‘threats’ advising that these must be immediately cleaned from the user’s computer. However, the threats are bogus, and users are unwittingly conned into buying illegitimate antivirus software which could then take personal details for criminal gain.

Hon Lau on the Symantec Response blog, said: “From an IT security point of view, this unfortunate incident is just another fruit ripe for the picking as far as malware writers are concerned. It comes as no surprise that the creators of rogue antivirus or misleading application software have already jumped on the bandwagon and attempted to poison web search engine results to take advantage of this spike in web search activity.”

So as ever, be on your guard. When searching for information on the Web, make sure your legitimate antivirus software is updated and if you are ever feel yourself being strong-armed into buying antivirus software from any dubious online sources- Don’t do it! Instead go to a trusted source such as your local physical shop. 

Dominic Cook

Godfather Of Spam Gets Custodial Sentence

By Guy Bunker | November 27, 2009 | 1 Comment 

Guy Bunker

The self proclaimed Godfather Of Spam has been sentenced to 51 months in jail for a share pump ‘n’ dump spam scheme. Three of his other cohorts have also received custodial sentences. Perhaps one of the scary pieces of this story is that the crime was committed back in 2004/5 and it has taken until now to achieve a conviction. Following an email trail backwards through the Internet is hard, hence it took a lot of time. The other ‘danger’ is that spammers put fake information into the email headers – and so you, as an innocent company, can end up as part of the investigation just because they used some of your details.

Another scam is also doing the rounds, this is one of the ‘standard’ Christmas ones. You receive a card saying that someone has tried to deliver a package but wasn’t able to… there is a 0906 premium rate number to call… which then charges you £15 for the priviledge of finding out you don’t have a parcel. This works well at Christmas time as people frequently have parcels delivered and cannot be in all the time. So… if you get an undelivered parcel card and you weren’t expecting a delivery… check the number before you call it, and if unsure put the number into Google (or your search engine of choice)… it will probably help in identifying whether it is a scam or not as scams are rapidly reported on the web.

Guy Bunker

How Many Passwords…

By Guy Bunker | October 7, 2009 | Leave a Comment 

Guy Bunker

… Must A Man Write Down? – to paraphrase the great Bob Dylan. There is (yet again) a story of phishing against web based email in order to get passwords. This is not new – what has been picked up on this time (but has always been true) is that people use the same email for their bank as they do for their email and often everything else. So, if one is compromised, then they all are. So how many passwords do you need?

Well, you need to minimize the number – but not down to one. So, I recommend three. You can remember three relatively easily and you shouldn’t have to write them down. One for the bank – and only for the bank, this should be the strongest cryptographically (so some random numbers, letters and other characters). The next one is for things which involve money, so credit cards / on-line shopping sites / email finally one which is used for the rest – for those sites which require you to log on but only so they can track you.

One of the other dangers with email is that once there is access then the cyber-criminal can see who you do business with (including your bank). They can potentially then request a password reset – which would mean all your hard work keeping passwords safe was pointless. Having at least two email accounts can help you keep an eye on those emails which are important (bank, bills etc) and those which are just marketing.

Maintaining your digital information in the Internet Age is hard and requires a certain amount of vigilance. It also needs some common sense as well… so do remember to change your password regularly. Don’t share usernames and passwords with friends or family – and if you are somewhere which is Internet ‘unsafe’, such as a cyber-cafe, don’t log onto those sites which you would be afraid to be compromised. Finally, if anyone ever suggests you email them your username and password – for whatever reason – don’t do it. If you are worried by the contents of the email, make a phone call to clear things up.

Guy Bunker

Understanding security threats

By dominic_cook | September 21, 2009 | Leave a Comment 

dominic_cook

Last year we embarked on producing an occasional series of short video’s looking at common internet threats and issues. So far they have covered: Phishing, Botnets, The Underground Economy and Drive-by Downloads.

We wanted them to be educational and have some humour to better educate people using the web at home and at work about how to protect themselves from common threats and risks. So far the initial 4 video’s have gone down well, being posted on sites like YouTube and Facebook, as well as the Symantec website and even a number of online retailers.

The lastest two video’s in the series have just been finished. They are:

  1. Symantec Guide to Scary Internet Stuff – No 5 Misleading Applications
  2. Symantec Guide to Scary Internet Stuff – No 6 Denial of Service Attacks

Please have a look at them, and also the other videos in the series, and if you have any thoughts for new topics we should cover, let me know.

Dominic Cook

Phishing World Rife With Wolves in Sheep’s Clothing

By dominic_cook | August 10, 2009 | Leave a Comment 

dominic_cook

Even safe sites aren’t safe anymore, not if you don’t pay attention anyway. Symantec has recently spotted a phishing attack that used a legitimate SSL certificate to masquerade as a legitimate site. Fraudsters continue to use these kinds of techniques to perpetuate identity theft and these particular attacks aren’t as noticeable.

Symantec’s latest Phishing Report indicates attacks employing legitimate SSL certificates have higher possibilities to entice users in to trusting the fake website and provide confidential data. End users would only notice the deception if they reviewed the certificate or had other visual indicators, such as whether or not the site was secured with an extended validation SSL certificate.

The report, which can be downloaded here, also includes the following:

  •  Symantec observed a 52 percent increase from the previous month in all phishing attacks – The observed increase was primarily in the information services sector due to a large toolkit attack targeted towards a social networking brand.
  • 63 percent of phishing URLs were generated using phishing toolkits; an increase of 150 percent from the previous month – Such toolkit attacks targeted towards social networking and other sites in the information services sector facilitate collection of a large amount of personal data marketed in the underground economy to earn income and launch further attacks utilising the available data.
  • More than 130 Web hosting services were used, which accounted for 6 percent of all phishing attacks; a decrease of 14 percent of total Web host URLs when compared to the previous month.
  • There was a 17 percent decrease from the previous month in non-English phishing sites.

 Below are best practices to safeguard against seemingly legitimate SSL certificate attacks:

  • There should be an awareness of SSL certificate frauds and users should be cautious around suspicious URLs even with a SSL certificate and the familiar padlock icon
  • Avoid clicking on suspicious links and/or attachments in email or IM messages as these maybe links to spoofed websites
  • It is advisable to type Web addresses directly in to the browser than relying upon any links
  • Always be sure the operating system and the browser is up-to-date with the latest updates, and a security suite with an anti-phishing solution such as the Norton Internet Security 2009 or Norton 360 (version 3.0) installed on the computer

Launched at the same time as the Phishing Report, Symantec also released its August State of the Spam report. This revealed spammers are continuing to use celebrity names to drive their spamming efforts. The report can be downloaded here.

Dominic Cook

« Previous PageNext Page »