And the Academy Award for the most dangerous search term goes to…
The team at Norton have been busy digging through the gossip since Sunday’s glamorous Oscar ceremony. They weren’t just looking for juicy rumours though; they’ve been looking for malware around the Academy Awards.
Cybercriminals often take advantage of public interest in both individual celebrities and world entertainment events, so it is no surprise that when the two combine, crooks get busy infecting websites. Norton found that around 50% of Oscar related internet search results lead to “poisoned” sites.
Some of the most dangerous search terms (and the percentage of infected results) include:
- “Oscar 2010 Winners” – 60% infected
- “Music By Prudence” – 58% infected
- “Kathryn Bigelow height” – 48% infected
- “Sandra bullock Meryl Streep kiss” – 43% infected
Criminals predict public curiosity and infect pages that contain key words with malware. When a victim clicks through on links from search engines they inadvertently end up with their computer infected with a virus or inundated with pop-ups for fake, and in some cases dangerous, “anti-virus software.”
When searching for anything online, Oscar-related or not, it is important to be on guard. Make sure you have legitimate antivirus software that includes all the latest updates, and if you don’t, make sure you buy software from a reputable source.
Abigail Lovell
Photo by Flickr user Zadi Diaz, licensed under CC BY 2.0.
Adult phishing scams go social
Symantec’s January State of Spam and Phishing report has highlighted that an astounding 92 percent of adult phishing scams are now taking place on social networking sites. The report has also highlighted a new trend in adult oriented phishing which tempts users to enter personal credentials in return for free pornography. Once the site has this data, users are redirected to a pornographic website that then leads to a fake antivirus website containing malicious code.
The report also showed a high volume of Haiti related spam and phishing in January 2010 as spammers used the tragic event for their benefit. Unsurprisingly, Valentines related spam was also high in January, however it failed to match the levels of seasonal spam seen in the run up to Christmas.
Both scam and phishing categories doubled as in percentage of all spam in January 2010 compared to December 2009. With 419-Nigerian spam – whereby scammers request users host large sums of money while they move country with the promise of substantial returns – becoming more prevalent again. This accounted for 21 percent of all spam, which is the highest level recorded since the inception of this report.
Link to new report – State of Spam and Phishing
Phishing fraudsters target global companies for an estimated €3 million
The BBC has posted a story about a major phishing scam which has targeted the global carbon market. An estimated 250,000 permits worth around €3 million have been stolen this week forcing emissions trading registries in several EU countries to close on Tuesday.
Up until now phishing scams have been more commonly associated with consumers but criminals are increasingly turning to the private sector.
Businesses need to get serious about training staff on the risks of phishing attacks. There is a natural tendency for workers to click without thinking when using a work computer and this scam has brought home the very real risks.
Dominic Cook
Phishing For The President
So today the US gets a new President – but I guess you know that! However, there has also been an increase in phishing around the event. Especially trying to sensationalize the news by indicating that Obama might not take up his post or similar. Remember, the sole goal of the phisher is to pique your interest and get you to click on a link – and then infect you with something to steal your confidential information. So, if you receive email, tweets, instant messenger alerts surrounding the president elect then think twice before clicking on them.
I’m Rich…
… OK, so there is a few flaw in the plan, namely that I need to reply to someone in Singapore who has discovered some dormant investment accounts and I can get 25% if I help them get at the money. All sounds too familiar? Yes, it is that old phishing scam that we know and love however the twist here is that the letter arrived to my home address – it’s the same words as you would find in the ‘traditional’ email variety, just printed out and put in an envelope.
I wonder how many people will fall for this version… none I hope… and in the mean time it will cost the scammers the price of printing and posting – with luck they will be out of business shortly.
The Fine Art Of Zippering…
… or ‘enrichment’ as it is sometimes known. Zippering is where you take data from multiple sources and put it together to create something more meaningful. It is usually used in the ‘phishing’ sense, where cyber criminals gather the information to put together a targeted attack (aka spear phishing). However, there is a call to collect all sorts of information in a single database but there are a number of problems – not withstanding the privacy ones!
Firstly, if someone gets hold of all the information, they need look no further as it is a treasure trove for phishers. Secondly, when zippering information it is vitally important that the pieces relate to a specific individual – and this is the tough part. Imagine if it is done based on name… oops… too many John Smith’s out there… what about address… umm… well there are quite a few people at the same address who have different email addresses… by phone record… pay-as-you-go. Email… cyber cafe’s. The list of potential problems is vast. If you do get it wrong the consequences for an individual can be disasterous. There was recently a case where a stolen credit card was used to download illegal material – and the card owner was accused and it, to all intensive purposes, destroyed his reputation and his life.
So… if we are going to collect vast amounts of information it needs to be secure AND accurate – and failure on either of these counts, is not (as the saying goes) an option.
Phishing From A Great Height
Most people think of phishing as something which is done across millions of people at a time - and only the daft fall for it. However, this is not always the case – how about going for CEOs? CEOs are busy people and when they get an email about a subpoena in a civil case then you end up fooling a few. This happened this week as reported in the NY Times and just points to how crafty the cyber criminals are getting. The email looked official, with official looking graphics and a link to a site with the full details. Of course if you followed the link – and you didn’t have up to date anti-malware you got infected with a nasty keylogger.
What could the CEO have done? The obvious comment is that they should have checked the content and the validity. BUT… who has the time to do that? In this case the fear factor from a social engineering perspective comes into play and the knee-jerk reaction is tough to control. However, that is what you need to do – if you receive an email which you were not expecting then sit back and think about it. We live in a world where people think they should respond to email instantly – sometimes a little additional thinking time would help. In this case there were names and addresses – it looked real, but there were no telephone numbers – and would the district court rely on email to issue a subpoena? No… if it was that important it would come via the mail, probably as a registered letter. So, there were a few pointers that should have raised alarms. The truth is that everyone needs to remain vigilant – and become a little more wary of unsolicited and unexpected email.
As for a catchy term for this new kind of phishing… Whaling… after all, this is all about going after the biggest fish in the sea. (I know, whales are mammals… but you can’t have it all!)
-
Subscribe
-
-
UK Orders
US Orders -
UK Orders
US Orders -
Links, downloads and other resources
Symantec UK
Symantec Podcast Directory
Symantec Security Response
