The Commtouch detection center has confirmed that an email I received yesterday on one of my private accounts was part of a mass phishing attack aimed at Blogger (and Google) users. In this case I suspected it was a phishing email before opening it since I received it via an email address that is not [...]
Next time you have some Viagra to sell or malware to spread, forget those passé, brute-force directory attacks. You don’t have to generate email addresses with all those alphanumeric characters or “typical” names and email structures, such as jane.smith@FORTUNE500COMPANY.com. And you especially don’t have to take days to deliver them slooowly and methodically so corporate [...]
Gmail users have been treated to a fairly strong track record of spamless inboxes thanks to Gmail’s filtering methods. Every now and then, maybe they’d miss one…or maybe they’d falsely mark a legitimate email as spam…but for the most part, Gmail users have been spared large amounts of spam cluttering their inboxes.
Over the last four [...]
It happens to the best of us, really. I’m not sure I ever really think about how humans are involved in the great processes that go into bringing me my Google search results, but over the weekend, this human intervention became obvious. Anyone who used Google between 6:30 a.m. and 7:25 a.m. (Pacific Standard Time) [...]
Trying to log in to your Chinese Gmail or Yahoo! webmail? Check carefully…. over the past few days phishers have spread a broad attack trying to entice users to give up their credentials to a fake login page for Google and Yahoo-reminiscent addresses, with a .cn (China) domain. Examples include (and there are dozens of [...]
There’s been some talk about the latest incarnation of spam that perverts legitimate sites for the purpose of commercial spam, a subject we have been discussing for a while on this blog, starting back in January. A few interesting articles on Google Docs spam came out this week based on some outreach by MessageLabs. (InternetNews, [...]
Scammers came out with some adwords phishing scams around 1 month ago and in the last few days have started a new round. Subject lines include:
your adwords google account is stoped (sic)
account reactivation.
please re-activate your account.
please re-submit your payment information.
please submit your payment information.
please update your billing information.
reactivate your adwords google account.
submit your payment information.
update [...]
We’ve all known for a while that blogspot, the popular blogger platform from Google, has been a huge source of spam sites, or rather sites that re-direct to spam sites. Steve Rubel wrote about this as long ago as last year. But did you know that for the past several weeks, the Commtouch Detection Center [...]
Scammers are always looking for new ways to hide their intentions, both from message recipients, as well as automated email filters. One new trick Commtouch has started to see recently is the use of calendar-update messages generated from legitimate sites, such as Google or Yahoo. Since these messages need to be generated manually, they only [...]
A message promising Paris Hilton topless includes a hyperlink that appears innocent – the words “download it now” link to a page that begins http://www.google.com/pagead/iclk?sa=l&ai=trailhead&num=69803&adurl=http://…
[this link won't work since I've truncated it on purpose].
The site automatically downloads a Trojan malware called “trailer.exe”. Nothing new under the sun….
