Blogger phishing attack uses “improved” email template

February 24th, 2010 by Avi Turiel | Category: Email Security | Comments

The Commtouch detection center has confirmed that an email I received yesterday on one of my private accounts was part of a mass phishing attack aimed at Blogger (and Google) users.  In this case I suspected it was a phishing email before opening it since I received it via an email address that is not [...]

World of Warcraft Targeted by Phishing Scheme

December 30th, 2009 by Shara Grifenhagen | Category: Miscellaneous | Comments

Typically, one associates phishing schemes with online banking passwords and related issues. Commtouch Labs recently reported on a brand new scheme involving the popular online role playing game, World of Warcraft (WoW). Apparently once an account is hacked, there is money to be made by selling a user’s “gold,” equipment, and even the account itself. [...]

Webcast Provides Insight Into Web Security Threats in 2010

December 15th, 2009 by Eyal Orgil | Category: Commtouch Partners, Web Security | Comments

Commtouch Security Alliance partners Sunbelt Software, RSA, the Security Division of EMC, and Commtouch held an informative webcast this past Thursday discussing the latest in web security threats. The webcast, entitled “Stormy Web Ahead: A Forecast of Web Security Threats in 2010,” provided essential information needed to understand the web security threats that organizations and [...]

Phishing Attacks & the Art of Reading Data

In September, security company Symantec reported a 45% decrease in phishing attacks compared to the previous month. Several security companies rang into the debate with data both supporting and contradicting the claim. You can check out responses and similar studies from SPAMFighter, MarkMonitor and IBM.
Commtouch Labs examined phishing attack data from seven Commtouch Security Alliance [...]

Beware of Fake Gmail Login Phishing Schemes

September 23rd, 2009 by Shara Grifenhagen | Category: Web Security | Comments

Commtouch Labs alerted me today to a very convincing Gmail phishing scam. The scam was so convincing, that I had to open the REAL Gmail log-in page and flip back and forth to compare the inconsistencies.
Check it out…
This is the fake Gmail log-in page, built to trick people into entering their username and password.

Once entered, [...]

IRS Phishing Schemes…just in time for tax season

As tax season approaches, the numbers of IRS and tax-related spam and phishing outbreaks are rising. As seen below, the latest outbreak is a very official looking email, complete with an @irs.gov email address and IRS logo across the top. They even remembered to add a copyright at the bottom.

Anyone would be excited to receive [...]

Tags: , ,

Italian credit card company targeted in new phishing scheme

We’ve examined spam and phishing attacks in non-English languages before, and it appears that Italians aren’t safe from these schemes either. A recent phishing scheme has surfaced with nearly a nearly immaculate Web site duplication. CartaSi, a well-known Italian credit card company, is the latest target.

The circulating email (seen above) alerts CartaSi customers that their [...]

Facebook friend or foe? New phishing schemes target social networks

February 8th, 2009 by Shara Grifenhagen | Category: Web Security | Comments

Back in early 2008, TechCrunch reported about a Facebook phishing scheme where some users received wall posts proclaiming that funny or scandalous pictures had surfaced. When a user clicked on the link, he or she was redirected to what looked like the Facebook login page, but which actually was an imposter site that collected usernames [...]

Targeting Twitter: A new wave of phishing

January 5th, 2009 by Shara Grifenhagen | Category: Web Security | Comments

Just when you thought it was safe to go in the water…it seems like new phishing schemes are popping up all over the place.
The latest target?
Twitter.
When we logged into the Commtouch Twitter account, we noticed the warning message to users. (Kudos to twitter for being proactive and warning its users!) Apparently the scam targets twitter [...]

Bank of America Phish

September 17th, 2008 by Rebecca Herson | Category: Email Security, Spam Favorites | Comments

More and more banking is happening online, with alerts being sent via email. And this legitimate form of banking business has engendered the reverse darkside, phishers who aim to slip in their messages to try to take advantage of unwary end-users.
I just wanted to share a sample phishing message that looked so real even I [...]