In the grand phishing universe, it’s clear that Amazon would be a target. This particular phishing outbreak caught our eye though. It starts with a typical “account verification” email. Recipients must submit the required information or they will suffer the dreaded “locked account”.
Opening the attached HTML file reveals phishing for more than just a username [...]
In part 4 (or is it 5 or 6) of our coverage of Google abuse we present a phishing attack targeting adwords users. Actually it’s just a shade over 2 years since we last discussed adwords phishing attacks. This one almost had us convinced for about half a second with some fine phishing touches:
It only targets users [...]
Yesterday we announced our collaboration with RSA, The Security Division of EMC, in which we now provide real-time phishing data to the RSA® FraudActionSM Anti-Phishing Service to further help prevent online fraud and identity theft. The phishing data includes URLs that we detect in real time following analysis of billions of Internet transactions.
Aside from the [...]
Phishing is the easiest way for criminals to find out your username and password; they simply ask you for it.
Many password thieves send emails pretending to be from your bank, Facebook or PayPal, among others. These messages explain that a problem exists with your account and include a request that you “verify” your username and [...]
The Commtouch detection center has confirmed that an email I received yesterday on one of my private accounts was part of a mass phishing attack aimed at Blogger (and Google) users. In this case I suspected it was a phishing email before opening it since I received it via an email address that is not [...]
Typically, one associates phishing schemes with online banking passwords and related issues. Commtouch Labs recently reported on a brand new scheme involving the popular online role playing game, World of Warcraft (WoW). Apparently once an account is hacked, there is money to be made by selling a user’s “gold,” equipment, and even the account itself. [...]
Commtouch Security Alliance partners Sunbelt Software, RSA, the Security Division of EMC, and Commtouch held an informative webcast this past Thursday discussing the latest in web security threats. The webcast, entitled “Stormy Web Ahead: A Forecast of Web Security Threats in 2010,” provided essential information needed to understand the web security threats that organizations and [...]
In September, security company Symantec reported a 45% decrease in phishing attacks compared to the previous month. Several security companies rang into the debate with data both supporting and contradicting the claim. You can check out responses and similar studies from SPAMFighter, MarkMonitor and IBM.
Commtouch Labs examined phishing attack data from seven Commtouch Security Alliance [...]
Commtouch Labs alerted me today to a very convincing Gmail phishing scam. The scam was so convincing, that I had to open the REAL Gmail log-in page and flip back and forth to compare the inconsistencies.
Check it out…
This is the fake Gmail log-in page, built to trick people into entering their username and password.
Once entered, [...]
As tax season approaches, the numbers of IRS and tax-related spam and phishing outbreaks are rising. As seen below, the latest outbreak is a very official looking email, complete with an @irs.gov email address and IRS logo across the top. They even remembered to add a copyright at the bottom.
Anyone would be excited to receive [...]
