Commtouch labs have detected large volumes of emails with malicious HTML attachments. The emails purport to come from a range of legitimate sites including:
Bell Canada
Craigslist
NewEgg
So let’s say you read our previous blog about the rise of the malicious HTML attachments. You open the attached HTML file in a text reader to find the malicious links [...]
In February, we “recommended” that cybercriminals save time and money by using LinkedIn as a way to harvest email addresses and details about corporate employees. Instead, they have added LinkedIn to the pantheon of trusted brands being used to scam unaware recipients.
Thanks to the simplicity of the LinkedIn design, spammers have had an easy time [...]
Perhaps you’ve gotten used to phishing, spam and scams supposedly coming from Facebook, Apple and Google. Now, though, even trusted brands that we thought were safe are being used in an attempt to get recipients to click the embedded URLs. Check out the emails below, both related to “recent account opening activity”.
Wikipedia and WordPress, whose [...]
Last week we saw an interesting series of emails which seemed to indicate a mid-outbreak change of tactic. The initial series of emails all had banking and account related themes. The emails indicated that it was necessary to open an attached document file. The attachments were actually zipped executable Trojan downloaders.
A Virus-Total (www.virustotal.com) scan showed [...]
Well-crafted emails mimicking Amazon order confirmations have been detected in large quantities in the past week. The Amazon logo and “your account” button actually take image files from the Amazon website. The email includes twelve links designed to motivate recipients to click:
More information about an Amazon Visa card
The ordered items are not shown and are [...]
In the last few weeks we have detected increasing usage of HTML attachments in a variety of message types – all of them attempting to install malware. These sorts of attachments are generally not blocked by message scanning systems. In addition they may arouse less suspicion in users than zipped attachments.
In the examples below, the [...]
Commtouch labs have received scores of emails targeting twitter users. The emails have been neatly constructed to include the email address within the email – making them look more genuine.
Recipients are asked to open an attached html file to view their new password. The website that loads contains a browser exploit. Not very friendly…
Yesterday we announced our collaboration with RSA, The Security Division of EMC, in which we now provide real-time phishing data to the RSA® FraudActionSM Anti-Phishing Service to further help prevent online fraud and identity theft. The phishing data includes URLs that we detect in real time following analysis of billions of Internet transactions.
Aside from the [...]
Part 3 in a series of examples where the legitimacy and trust conferred by the Google name has been misused
3) Google birthday scam
The email features standard scam elements but what caught our collective eye is that the huge “winnings” are distributed by Google themselves in honor of their 12th anniversary.
According to our calculations the 12th [...]
Part 2 in a series of examples where the legitimacy and trust conferred by the Google name has been misused
2) Misusing Google Sites
In Google’s words, “Google Sites is a free and easy way to create and share webpages”. Of course there are loads of spammers seeking free webhosting for the usual pharmaceuticals, replicas and porn [...]
