Information Security Warnings!
Information as of 01/18/13
Sophos: Hotmail users targeted with "hot" mail
IT World: Google revs up Chrome, crushes bugs
Krebs on Security: Microsoft issues fix for Zero-Day IE flaw
Computerworld: Oracle patches latest zero-day vulnerabilities in Java
Sophos: ADP clients get bogus AV payload
Information as of 09/21/12
Foiling ATM skimmers - There is a lot of technology available to help consumers protect their sensitive data and deter fraudsters. But sometimes the means for stopping a thief from getting their hands on what they're after can be readily at hand. Krebs on Security shares a simple yet effective tip on how consumers can foil ATM skimmer scams. In addition to the usual precautions you relay to your customers about ATM security - using only ATMs in well-lit, public areas and being aware of their surroundings at the ATM - sharing this basic security safeguard may prevent them from being a skimming victim and help your bank mitigate ATM fraud losses (like the one incurred in a recent case in Australia that cost a major bank $12,000).
Keys to BitCoin stolen - Accountholders of BitCoin exchange BitFloor believe in the value of the virtual currency, and so do the hackers who stole about $250,000 from BitFloor when they found the keys to the virtual coin on an unencrypted backup drive. TechWorld has the details. Whether the funds are real or virtual, this story highlights the importance of protecting your customers' data and not leaving the keys to any door lying around for attackers.
Mobile security solution - Mobile banking may be the trend of the future, but in the past year only one in five mobile phone users have accessed banking services via a mobile app, largely because of security concerns. Bank Systems & Technology highlights why banks need to address these concerns to further propel growth in mobile banking.
Tricky triangle fraud - A triangle is a 3-sided polygon, sometimes called the trigon, that has three sides and three angles. The FBI's Internet Crime Complaint Center (IC3) is alerting merchants and card providers to a scam with three different angles, or parties, known as "Triangle Credit Card Fraud." The scam involves a fraudster, a buyer (generally an unwitting victim), and the seller/provider of the product or services. The FBI.gov has the details on this complex scheme that is often perpetrated by overseas criminals using money mules. Awareness of the scam, employing fraud prevention and detection solutions, and prosecuting the fraudsters are key steps to stopping this triangle of activity.
Payday loans deliver ID Theft - Loss of jobs, rising medical costs, and other current economical challenges often lead consumers to desperate measures for relief from their financial woes. Websites offering fast cash and payday loans are enticing to many consumers in these situations. They aren't the only ones who discovered they could "benefit" from payday loan sites. Underground marketers of personal and financial information on millions of Americans are likely getting their data from hacked or insecure payday loan sites, reports Krebs on Security. Sensitive information gleaned from these sites can be used for identity theft and other fraud.
High bankroll botnet - With click fraud and Bitcoin mining as its primary goal, a botnet capable of netting in excess of $100,000 a day for its users has been installed over nine million times and is believed to have infected one million machines around the world, with the majority of those located in the United States. Although the ZeroAccess botnet has been around for awhile, recent changes to the malicious malware have drawn new attention to its data and financial mining threats. Help Net Security has the details and link to the SophosLabs technical paper which includes measures you can take to protect your networks against this potentially damaging botnet.
Help Net Security: MS spoofed by ZeuS
Threatpost: Mobile malware climbs upward
Threatpost: Apple fixes flaws, updates Java 6 for OS X
Sophos: Google releases Chrome 21, shells out $3,500 for security holes
Krebs on Security: Mules take over mail
Help Net Security: Calling all email scammers
CNET: Casting the SMS phishing line
CNET: Private browsing bug fixed in Firefox 15.0.1
NetworkWorld: Microsoft's September Patch Tuesday load lighter than usual
Computerworld: Chrome browser for Android gets security boost, patches
Help Net Security: A PayPal refund! NOT!
Threatpost: FDIC and ADP emails deliver Blackhole Exploit Kit
Help Net Security: Following phishers and fraudsters
Help Net Security: Passwords Plus for Mac OS X released
CNET: Microsoft issues fixes for IE hole; full update coming Friday
Help Net Security: Bogus "Windows Email Security Update" emails lead to phishing
Information as of 08/31/12
Trickier, safer passwords - Thanks to newer, better technology and ever-evolving techniques developed by password crackers and skilled hackers, passwords are less secure now than ever, and the tricks you have been passing onto users for creating secure passwords may now be outdated. Halloween is still two months away, but there is no time like the present to treat your staff and your customers to some updated password tricks to help them protect their personal and financial data. Today.com has the latest password tips worth reviewing. As always, the most important rule of thumb to pass along with these tips is that using a different password for each site mitigates the damage that could be done if a password is compromised.
Krebs on Security: Java opens up BlackHole to attackers
Help Net Security: PayPal notices deliver malware
Threatpost: Malicious malware aimed at businesses on the rise
PC Magazine: Mozilla releases Firefox 15, updated Android App
Help Net Security: Trend Micro Deep Security 9 released
Threatpost: Oracle releases fix for Java CVE-2012-4681 flaw
Information as of 08/24/12
Mobile malware steals money - Mobile payment technology is booming - and mobile payment fraud is trailing right behind it! Researchers at mobile security firm TrustGo have discovered a malicious strain of financial malware targeting Android devices that uses a flaw in the SMS (short messaging service) payment system to forward payment data to the attacker without the users' knowledge. The SMSZombie malware hides itself in popular apps and delivers the virus payload within a file called "Android System Service" when victims install an app, reports Threatpost. Although the SMSZombie malware has only been seen haunting users in China, a flaw in Apple's iPhone, also related to an SMS vulnerability, has been reported by CIO.
Malware crisis! - Malware is evolving from the traditional phishing attacks, trojans and botnets to a whole new breed of bad stuff that is programmed to fly under the radar, evade detection, and target networks with specific goals in mind. Security researchers have discovered a single piece of malware that is capable of spreading not only to both Mac OSX and Windows users, but also to Windows mobile devices and VMWare virtual machines. The first known example of malware that attempts to propagate via a virtual machine, the Crisis malware appears to be professionally designed specifically for stealing financial information. Get the details at InformationWeek and be on the lookout for this and other ever-evolving, sophisticated attacks targeting your bank accounts.
PCWorld: A Sinister New Breed of Malware is Growing
DarkReading: Top 5 Deadliest Mobile Malware Threats Of 2012
DarkReading: Most Paid Apple iOS, Google Android Apps Have Been Hacked
Threatpost: Malware with a Flash
Sophos: Royal malware is coming!
PC World: Adobe releases six critcal pathces for Flash, AIR
ALERT: Computerworld: Microsoft warns of "man in the middle" VPN vulnerability
Information as of 08/17/12
Stealthy and evasive bank trojan - Those tricky bank trojans just keep turning up! The latest financial malware detected by security firm Trusteer is targeting online banking information via the “Man in the Browser” (MITB) technique and evading detection measures. Tilon exhibits behaviors that are similar to Silon, financial malware that was defrauding online banking customers protected by two factor authentication systems in 2010-2011. While the trojan doesn't fully install itself on a virtual machine, it does install a “fake system tool” that disguises itself as scamware, gives itself a random executable name and leaves its malicious intents undetected before terminating itself. Tilon continues to mutate, making detection by anti-virus software even more difficult, reports Help Net Security.
InformationWeek: Security Researcher Uncovers Apple iOS SMS Bug
CSO: Trojan travels through airport VPN
Help Net Security: Phishing is Nationwide
Threatpost: Malware family enters social sites through the backdoor
PC World: Microsoft patches critical security holes in Windows, Office, IE
Threatpost: Adobe patches critical flash bug, releases massive reader update
InfoWorld: Oracle updates Java, JavaFX for OS X, ARM, and Linux
ALERT: Serious vulnerabilities remain in Reader after huge patch release
Information as of 08/10/12
Drive-by ransomware - Most of your customers are honest, law-abiding citizens. Given that, if while conducting their ordinary business online their computer locks up, and a very official-looking warning pops up on their screen from the FBI about a violation of federal law with a demand for a fine payment, there's a chance those law-abiding customers are going to ante up the funds. The FBI's Internet Crime Complaint Center (IC3) has issued a warning about drive-by ransomware that is targeting consumers, many of which are falling victim to this scam. Get the details at FBI.gov and share this alert, which contains instructions on what to do if snared by the malware, with your customers.
Cloud insecurity - History provides us with myriad examples of how one person can change the world in a grand way. Wired technology journalist Mat Honan may not have set out to change the world but his recent publicized account of how hackers took advantage of security holes at Amazon and Apple to wipe out his digital world within one hour may provide a wake-up call to the insecurity of cloud-based services. CNN has Honan's story. Results of a recent global study conducted by the Ponemon Institute revealed that of 4,000 business and IT managers surveyed, nearly half reported they send their data to the cloud. What is a disconcerting finding from the study is that most of those companies are passing the buck for the security of that information to the cloud providers, reports Forbes.
Krebs on Security: Your scam is calling!
Threatpost: ZeuS gets smart on BlackBerry
Threatpost: Microsoft releases attack surface analyzer tool
Information as of 08/03/12
Financial data under attack - Cybercriminals are honing their skills, casting wider nets, and focusing their efforts even more diligently on individuals and organizations that will provide them with the personal and financial information they can profit from. Trend Micro's reports on how financial institutions are responding to the need for increased mobile security and fraud prevention. 2Q 2012 Security Roundup report found that 142 million threats against small and mid-sized businesses were blocked in the first half of 2012, a 27% increase quarter on quarter. The report also notes that cybercriminals are carefully selecting their targets to produce more successful campaigns. The security firm cites the increased use of multiple devices to access personal and financial data as one reason for the success of these attacks. Help Net Security has more details.
Sophos: Discount malware
Threatpost: Competing for your money
NetworkWorld: Mobile malware in the millions
Krebs on Security: Monthly malware report
Threatpost: Google Chrome 21 fixes six high-risk vulnerabilities
Threatpost: Opera 12.01 released with fixes for five security flaws
MSNBC: Apple security update ditches Snow Leopard, Windows users
Information as of 07/27/12
Flooding by fraudsters - In the military, a "smokescreen" refers to a cloud of dense, artificial smoke that obscures military areas or operations from the enemy. The enemy can't defend themselves against what they can't see. Private services are being offered in the criminal underground that provide cybercriminals with "smokescreens" to conceal fraudulent financial activity. Many banks now provide businesses with confirmations of high-dollar transfers sent via phone calls, text messages or emails. Cybercriminals can hire automated service providers to target a business with highly disruptive floods of junk email, text messages and phone calls to prevent them from receiving or seeing alerts from their bank while the fraudsters pull off a cyberheist against their accounts, reports Krebs on Security. Warn your business customers that if they should experience a sudden flood of email, texts or phone calls, they should notify the institution to be alert for possible suspicious account activity.
MTOs, scams, and fraud...oh, my! - The idiom "you can lead a horse to water, but you can't make it drink" doesn't always apply to fraudsters and their victims. Despite highly-publicized warnings about common advance fee frauds, like the Nigerian scams and others, online users continue to be led to their financial demise by deceptive cyber crooks. Money Transfer Organizations (MTOs) such as Western Union and MoneyGram (once trusted vehicles for transferring funds to friends and family) are effectively being used to steal from victims across the globe. Just as they want the happily-ever-after ending to a movie, people want to believe they can get rich quick - a mindset fraudsters are capitalizing on as they lead victims to drink up their fraud offerings, reports CSO.
Loyalty may lead to ID theft - Former New York Times CEO Janet Robinson once said, "Repeat business or behavior can be bribed. Loyalty has to be earned." Retailers set out to earn repeat business and loyalty with loyalty cards, also sometimes referred to as "affinity" cards. Loyalty card users often enjoy discounted prices, special offers, and rebates or points toward merchandise, gasoline or even travel. These cards keep a record of what consumers buy and when they shop, and other customer data, that fraudsters may piece together to create an identity profile for use in gaining access to online networks, reports NBC News. Remind your customers to be selective about who they give their loyalty and their personal information to.
Online phishing peaks - Despite increased awareness, cybercriminals continue to successfully lure online victims to fake websites designed to reel in users' logins, passwords and other sensitive information. The Anti-Phishing Working Group (APWG) reports that phishing sites detected in February peaked to an all-time high number at 56,859. Spoofed financial services sites made up 38 percent of the fake websites, followed closely by payment services sites, retail and other service sites. CIO has the details and a link to APWG's full "Phishing Activity Trends Report." Educate your customers on precautions they can take to avoid getting hooked by phishing scams.
Threatpost: FakeSky trojan app
Help Net Security: Avalance of Android malware
Help Net Security: Spear phishing dangles lines to businesses
Threatpost: Google hardens Chrome to block malicious extensions
NetworkWorld: Firefox 14 contains vulnerability patches, security-related features
Help Net Security: Crisis Mac trojan is a spy
Threatpost: Madi malware makes a comeback
Threatpost: Apple ships Safari 6 security update
Help Net Security: Apple releases OS X Mountain Lion
Help Net Security: Kapersky Security for Mac combats emerging threats
Information as of 07/13/12
Mobile banking trojans - The growing popularity of Android smartphones and applications, which are easy to develop, is now being exploited by cybercriminals who are taking advantage of the popular platform for financial malware attacks. Security firm Trusteer has identified new attacks against mobile banking customers that use both the SpyEye and Tatanga banking trojans designed to get around the two-factor authentication systems now being used on many online banking systems. Threatpost has the details. With the growing number of consumers embracing mobile banking, make sure your customers know the risks and educate them on protecting their information from ongoing threats.
DarkReading:Startup 'Jumpshot' Aims To Help Grandma And Her IT Geek Grandkid
Infosec Island: Drive-by flash attacks
Help Net Security: Phishing for webmail users
Threatpost: 100,000 mobile users get malware
MSNBC: Multi-platform malware comes through the backdoor
Help Net Security: Yikes! Yahoo! VoiP passwords exposed!
Help Net Security: Microsoft releases nine security bulletins
CNET : Microsoft squashes bugs with Office for Mac update
Threatpost : Google patches three high-priority flaws in Chrome
Information as of 07/06/12
Debit cards on display - They say you can't help those who won't help themselves. Even the Consumer Financial Protection Bureau's efforts to protect consumers won't reach those who are putting their personal information out there for data thieves. A Twitter feed called @NeedADebitCard has started retweeting bank card pictures posted by users via photo-sharing site Instagram. The account has over 6,000 followers, a portion of which are undoubtedly identity thieves who can't believe their luck. PC Magazine has the details. Now might be a good time to remind your customers that thieves are on Twitter and other social networks too...and are not their friends.
Newsworthy bank trojan - The notorious banking trojans ZeuS and SpyEye may have some competition. Global security firm ESET has discovered financial malware targeting banks in Germany and the Netherlands that is also believed to be harvesting usernames and passwords from a major U.S. newspaper's (unnamed) website. Known as Gataka and Tatanga, the sophisticated malware is connected to an underlying botnet containing between 20,000 and 40,000 infected hosts. It has the ability to hide on infected systems, avoid detection by antivirus software, perform automatic transactions, retrieve mules from a server, and spoof the real balance and banking operations of its victims. InformationWeek has the details. This newly discovered malware is yet another example of the multiple options available to would-be attackers and the need to remain vigilant against emerging threats.
Lost and found data - Summertime is officially underway and the months of July and August are generally peak vacation time for your staff and their families. In the age of mobile technology, employees are taking their electronics with them...and in an alarming number of cases, leaving them there. A recent survey conducted by Credant Technologies revealed that in 2011 more than 8,000 mobile devices were left behind at airports, reports Help Net Security. With increased use of BYOD by corporate and financial services staff, your IT procedures must include securing data wherever it resides...both at rest and in motion. Educating staff and consumers is also paramount to data security. Help Net Security has some summer security tips you can share with your customers and employees to help protect their personal information during this busy time of the year.
Help Net Security: Live malware
MSNBC: Obama can do it scam
Infosec Island: Evasive Citadel trojan
ALERT: PC World: Malware set to knock thousands off the Internet on Monday
DCWG: Free DNS changer removal tools
Information as of 06/29/12
Infosec Island: ZitMo masquerades as an app
Threatpost: Malicious sites and phishing attacks rising rapidly
Krebs on Security: Mobile security scareware
The H: Adobe updates Flash Player 11.3 to fix Firefox crashing problem
Sophos: Danger! Unpatched Microsoft security vulnerability being actively exploited
Help Net Security: Odds for ZeuS: 1 in 50
Help Net Security: Trojan triggers print jobs
Help Net Security: Blackhole exploit targets BancorpSouth
Help Net Security: Secunia PSI 3.0 released
Help Net Security: OS X Mountain Lion will include automatic security updating
Threatpost: Googles releases Chrome 20 with fixes for 20 security vulnerabilities
Information as of 06/15/12
Shared info up for grabs - Proponents of online security have been warning users for quite some time about sharing too much personal information online with their friends and on social networking sites as that information may be garnered by outside sources to use for personal gain. Case in point: data broker Spokeo has agreed to pay $800,000 to the Federal Trade Commission (FTC) in settlement for collecting personal information about consumers from hundreds of online and offline data sources and selling the information to prospective employers and job recruiters. NetworkWorld has the story. This is a good time to remind your customers that data thieves can use the personal information that is out there to build an identity theft profile.
Beyond password protection - The growing number of password leaks from social networking and other online sites is evidence that password protection alone is simply not enough to protect users. Educating your customers and employees against reusing passwords and creating complex passwords or passphrases is even more important with the growing use of cloud-based services containing large databases of user credentials. But there is no guarantee they will take your advice. InfoWorld has some strategies you can implement to help protect your institution's network from employees who are likely using the same login credentials at work that they are using outside work.
Help Net Security: Microsoft fixes 28 security bugs
Threatpost: Microsoft issues FixIt for XML flaw
InfoWorld: Oracle to issue 14 patches for Java SE
Krebs on Security: Critical security fixes for Adobe Flash Player
ALERT: ZDNet: 'State-sponsored attackers' using IE zero-day to hi-jack Gmail accounts
Information as of 06/08/12
Who leaves the door open? - You can build a fortress of security protections around an online banking network, but the very people you open up the door for are the ones who are likely to leave the door open behind them for cybercriminals. Your online banking security depends on the vulnerability and security you bring when you access your online banking accounts. Providing layered security and educating customers is key to keeping the door to closed to fraud, according to security firm Trusteer's senior security analyst, George Tubin, who shares his thoughts on the subject with PC World.
Taking the risk - Leaving a door to a residence or business unlocked is an open invitation for thieves." A recent consumer survey conducted by CreditDonkey.com revealed that many consumers are leaving some doors open that increase their chances of becoming victims of identity theft. Of the 510 consumers polled, a third admitted using the same password for multiple websites and to sharing their passwords with friends. Nearly 25 percent of the respondents indicated they add people they don't know to their list of friends on social networking sites. Threatpost has the details.
MSNBC: Leaked LinkedIn passwords
MSNBC: Gmail app delivers more than email
Threatpost: Firefox 13 fixes seven security vulnerabilities
Threatpost: Microsoft to fix 28 vulnerabilities in June Patch Tuesday
Computerworld: Adobe patches critical flaws in Photoshop, Illustrator CS5.x
New York Times: Microsoft tries to make Windows updates Flame retardant
Information as of 06/01/12
Double the trouble - The FBI has issued a warning about a joint threat that delivers ransomware and a banking trojan. This latest scam involves the Citadel trojan, which is used to redirect users to a malicious site that installs scareware on the victims' computers. In this newest variation, called Reveton, the scareware delivers an ominous threat to users that they have violated U.S. law and may face prosecution by the Department of Justice if they don't pay the alleged $100 fine. Threatpost has the details.
Tiny trojan hits big - This may be the year of the Dragon, but this week could be dubbed the week of the Trojan as we report on yet another new banking trojan that is small (tiny actually) in size but packs a powerful punch as it slips past desktop defenses and two-factor authentication. Only 20 KB in size, "Tinba" (short for tiny banker) is the smallest banking trojan security experts have ever encountered, which makes it more difficult to detect. Tinba uses Man-in-The-Browser (MiTB) tricks to inject legitimate banking sites with additional forms to get victims to share confidential data. MSNBC has more on this little threat that could cause big trouble for your customers. Keep this one on your radar!
Cutting the phishing line - One way to stop a phisherman from hooking his daily catch would be to cut his phishing line. Russian security firm Kaspersky Labs has announced its newest feature that will do just that. Kaspersky's Automatic Exploit Prevention (AEP) tool, to be included with their 2013 security suites beginning in August, is an updatable anti-phishing engine that works much like anti-virus engines and will reportedly block 100 percent of BlackHole exploits. CNET has more details.
Help Net Security: Olympic lottery scam
InformationWeek: Surging malware, booming botnets
Information as of 05/25/12
Help Net Security: Fake Amex ID verification email leads to malware
Threatpost: Google Patches 13 Flaws in Chrome 19
Information as of 05/18/12
Advisory Message - Greene County residents are cautioned about responding to "Grandparent Scam." Send no money for bail, etc before checking with parents. Click here for more information.
Insurance you don't need - Tatanga, a trojan that's been around since early 2011, has been adapted for use when a user enters a bank website. The customer gets a pop-up offering free credit card insurance if they sign up. It's extremely believable since the information in the pop-up is directly related to what the user is doing within the browser. At this point, it has not been widely deployed, so now is the time to investigate and take measures to thwart this attack. ITworld will fill you in with the details.
Detecting rotten spam - Some malicious emails are so obvious they are almost funny, but as time goes on, spam writers are becoming more creative. While you may be familiar with many of the warning signs, many in your office or out in the branches could use this advice. FindLaw has a list of ten signs that the email you are reading may not be legit.
A traveling scam - Thousands of business and government personnel travel around the globe to execute business dealings and conduct trade operations. This time of the year college graduations are upon us, the school year is winding down for public schools, and summer travel plans are underway for many consumers. Reports of new malware targeting travelers abroad while they are establishing online connections on laptops in hotel rooms has been reported by the FBI's Internet Crime Complaint Center this week. There are a few "unknowns" in the somewhat cryptic warning released from the FBI, however, reports Sophos. This threat should be taken seriously by anyone traveling anywhere.
Sophos: Better business scam
Threatpost: Trojan Mimics Chrome Installer to Steal Banking Info
Threatpost: Google Releases Chrome 19, Fixes More Than 20 Bugs
ITworld: Apple patches 36 bugs in OS X, fixes encryption password goof
Help Net Security: Apple security update fixes QuickTime vulnerabilities
US-CERT: Adobe Releases Security Bulletins
CNET: Tumbling and pinning scams
InformationWeek: Apple fixes serious iOS security bugs
PC World: Microsoft fixes critical flaws with Patch Tuesday updates
Computerworld: Apple patches Safari, blocks outdated Flash Player
Threatpost: Adobe patches 13 flaws in Photoshop Flash Professional and other apps
Information as of 05/04/12
Chatting with cybercriminals - Many websites, including those of financial institutions, now offer the convenience of a "Live Help" feature, which gives users the opportunity to chat with a live customer service representative to assist with transactions. Cybercriminals are taking advantage of this help feature to trick online banking customers into handing over their login credentials or into authorizing fraudulent transactions. Using a new strain of the financial malware, Shylock, the browser-based man-in-the-middle attack is launched when a victim logs into their online banking application. The victim receives a "system couldn't identify your PC" message delivered via a chat session under the control of hackers at which time the victim is directed to provide additional verification information to avoid having their account locked. This sophisticated new attack was reported by NBC12 in Richmond, VA. The article contains a link to a security firm Trusteer blog post with details about the scam.
Double the trouble - "Double, double toil and trouble" is a famous line from Shakespeare's play Macbeth. Cybercriminals have stirred up a way to poison their victims with double the trouble. The fraudsters have devised a method to deliver a banking trojan and ransomware to unsuspecting victims. The attackers lure a user to a drive-by download site where the Citadel malware is installed on the user's PC. The malware then retrieves ransomware from a command and control server that locks the PC and demands a $100 "fine" from its victim to unlock the computer. Help Net Security has the details.
Bank robbery 2.0 - While traditional brick and mortar bank robberies remain an ever-present reality for banks, the Bonnie and Clydes of today are using a more sophisticated modi operandi to get their hands on the loot. We have entered the era of bank robbery 2.0: online banking. The target: bank customers. Consumers are often lulled into a false sense of security under the belief that simply installing anti-virus software is enough to protect them from online threats. This article shows you how to protect yourself at home and on your mobile devices, which is key to thwarting online robbery of your funds. Help Net Security has the details.
ID theft: an epidemic - Identity theft is widely prevalent and can affect anyone - young or old, rich or poor, individuals or even businesses - it's an epidemic that does not discriminate. In 2011, 4.9% of U.S. adults were victims of fraud. The digital age has provided thieves with more ways to steal identities and commit fraud faster and easier than ever before, reports Help Net Security. Recent data revealed that child identity theft is on the rise. A study conducted by AllClear ID concluded that theft of identities from children ages 5 and under grew 105% since last year - the highest growth rate of any age group. Infosec Island has more on this alarming trend.
MSNBC: Hacking via Skype
Threatpost: Patch Tuesday advance notification: May edition
Help Net Security: Malware delivering bogus PayPal notifications
Threatpost: Google fixes five bugs in Chrome 18
TechWorld: Microsoft issues swift patch for Hotmail bug
Information as of 04/30/12
CNET: Flashback is back - again
Help Net Security: Olympic-sized scams
CNET: Firefox 12 ushers in automatic updates
Computerworld: Microsoft issues Office 2011 SP2 update
Threatpost: New version of Wordpress fixes slew of security bugs
Threatpost: Opera 12 Beta released with new security features, including do not track support
Help Net Security: BofA phishing expedition
Information as of 04/20/12
Stolen identities used for tax fraud - April is the month taxpayers either look forward to in anticipation or dread, depending on the status of their annual tax filing. It's also a popular time of year for identity thieves and fraudsters to crawl out from under their cyber rocks. Russian citizen Petr Murmylyuk, a.k.a. Dmitry Tokar, residing in New York, was a member of the latter group. The 31-year-old Brooklyn resident set up a bogus online employment search website where unemployed workers could apply for what were non-existing jobs. Murmylyuk used personal information he gathered from the victims to file fraudulent income tax returns and collect refunds of nearly half a million dollars. Sophos has the story and additional charges the thief is facing for hacking brokerage accounts.
Infosec Island: Follow Rogue Antivirus on Twitter
Help Net Security: Phishing, malware and scams - oh my!
Help Net Security: Apple enhances Apple ID account security
Infosec Island: Apple releases Flashback malware removal tool and patches
Information as of 04/13/12
Open season for credit reports - With the rise in credit card and identity theft, consumers have been urged to check their credit reports frequently for signs of fraudulent activity. Now consumers are being warned that identity thieves are getting their information from the very sites they rely on to help protect them fraudulent activity. Hackers have devised relatively easy formulas for accessing consumer credit reports in stealth mode. Dan Clements from Internet security firm CloudEyez.com provides insight into how credit reporting agencies, and websites that offer credit reports, are being targeted by cyber criminals and increasing consumers' risk of identity theft. MSNBC has the story.
The real bank fraud victims - The Electronic Fund Transfers Act (Regulation E) establishes the rights, liabilities, and responsibilities of consumers who use electronic fund transfer services and the financial institutions that offer these services. In most cases, when a consumer experiences losses due to bank or card fraud, the consumer is made whole again under Regulation E. In other words, they get their money back and life goes on. But the unseen victims are the middle men (and women) used by many cyber criminals to transfer stolen funds from point A to point B. These middle men are known as money mules. Not protected by anti fraud laws or as unreachable as the often overseas crime gangs who hire them, money mules become the "fall guys" and the real victims of bank fraud, according to recent research conducted by Microsoft. Threatpost has the details.
Checking in with ZeuS - Airline companies profits will drop today as many travelers won't fly on Friday the 13th due to the superstition rooted in ancient bad-luck associations with the number 13 and the day Friday. But it doesn't have to be Friday the 13th for some travelers to have the misfortune of being targeted by the ZeuS banking trojan. In March, US Airways travelers received emails with a link for online reservations and online check in. But the flight the victims checked into was piloted by the ZeuS malware and redirected users to malicious code delivered via the Blackhole exploit kit, reports SC Magazine.
Close the door to fraud - Lucky or unlucky, superstitious or not, most people don't leave their valuables unprotected or leave the door to their homes open and unlocked when they go out. Securing personal computers and mobile devices, and protecting login credentials, ranks right up there - and in some cases higher - on their list of risks. A survey of 1,637 Internet users (over the age of 18) conducted by internet security provider Webroot found consumers recognize the risks of conducting personal business online, sharing passwords, and using email. They place significant value on digital devices and are becoming more savvy about their safety when using them. Help Net Security has more results from the survey.
Threatpost: Malware going after Mac users
Help Net Security: Phishing for eBay identities
Infosecurity: Selling malware in Google Chrome Store
Computerworld: Adobe streamlines Flash player updates by going silent
Threatpost: Google releases Chrome 18, fixes nine security flaws
Help Net Security: Free online tool teaches IT security procedures
PC World: 'Tis the season for tax scams
Help Net Security: Phishing at HSBC
Threatpost: Mobile hacking abroad
NetworkWorld: Hooking those phish
Sophos: Don't play with angry malware
Help Net Security: Verify your Google account - for thieves
Help Net Security: Microsoft released six comprehensive security updates
CNET: Acrobat and Reader updates close security vulnerabilities
Krebs on Security: Urgent fix for zero-day Mac Java flaw
Help Net Security: 0-day in Backtrack Linux found, patched
Help Net Security: Microsoft warns of targeted attacks exploiting Windows flaw
Information as of 03/23/12
Fake Caller ID Attacks On The Rise - "Vishing" attacks increased by 52 percent in the second half of last year. Darkreading has the details.
eSecurity Planet: LinkedIn to malware
InformationWeek: Remote desktop malware
Help Net Security: Google AV malware warning
Threatpost: Six high-risk flaws fixed in Google Chrome
InformationWeek: Firefox takes privacy lead with HTTPS by default
Information as of 03/16/12
Remote controlled banking trojan - The rise in Android malware to plunder financial information from unsuspecting mobile users is constantly evolving. The most recent malicious malware discovered, Android/FakeToken.A, has man-in-the-middle functionality but, unlike its notorious predecessors Zeus and SpyEye, can be controlled remotely by thieves. Disguised as an Android app, the trojan poses as a Token Generator application and targets specific well-known financial entities using the logo and colors of the institution in the icon, lending it credibility with consumers. Threatpost has the details.
Mobile banking fraud - It seems the more mobile consumers become, the more motivated and ingenious fraudsters get. Security firm Trusteer is warning mobile users that cybercriminals are impersonating users in order to obtain replacement SIM cards from the victims' mobile carriers. Variants of the Gozi trojan are being used to trick victims into exposing their phone's IMEI (international mobile equipment identity) number, which is used by the fraudsters to report the mobile device as lost or stolen and to obtain a new SIM card. The victims' online banking and other one-time passwords are then sent to the fraudulently-controlled device. Get the details about this and another newly discovered attack targeting your mobile customers at Help Net Security.
Fraud detection app - More than 11.6 million adults in the U.S. were victims of identity theft last year, according to Javelin Strategy & Research. Many of those cases resulted from phishing emails and malware, with consumers having no idea their information had been stolen until fraudulent charges surfaced. A Texas-based security firm is offering identity fraud protection with AllClear ID, a free mobile app that will alert consumers if their personal data has been stolen and is being used by cybercriminals. MSNBC has more details. With the rise in mobile banking and mobile fraud, this is an invaluable service.
Trust is on the (phishing) line - Back in the day - before email, online banking and electronic bank statements - identity thieves would scour neighborhoods for unsecure mailboxes to procure bank and card statements and steal personal information. In this electronic age, cybercriminals have turned to email accounts as the avenue for bank fraud schemes...and as low-tech as it might seem, it's working. Technology may change but these attacks target a facet of human nature that remains an age-old security vulnerability: trusted relationships between customers and their banks. Krebs on Security has some insight into how the thieves are pulling off their financial phishing ploys.
The tax scams cometh - Tax refund time is one of the most anticipated seasons of the year for taxpayers who have big plans for the return of some of their hard-earned money. With the added convenience of online tax filing, consumers can get their refunds within a matter of days or weeks. So can identity thieves who have big plans for those tax refunds too. Tax and wage-related fraud is on the rise, accounting for 24 percent of consumer complaints to the FTC last year - up from 12.7 percent in 2009, reports Infosec Island. Educate yourelf with information about tax season scams with some tips from USA Today.
MSNBC: Videos playing fraud victims
Help Net Security: Fake AV schemes resurface
PC Magazine: Patch Tuesday: Microsoft fixes critical remote desktop flaw
Computerworld: Apple patches record number of Safari 5 bugs with monster update
PC Magazine: After Delay, Firefox 11 Arrives With Add-on Sync, Dev Tools
Information as of 03/14/12
Eweek: Twitter Being Used by Malware Developers to Attack Smartphones
Information as of 03/09/12
CSO: Old scams, new Tricks
Forbes: Tornadoes spawn scammers
Threatpost: Scammers pinning their interest on social media
Threatpost: Adobe issues emergency fix for Flash Player vulnerabilities
ZDNet: Google patches 14 high risk Chrome browswer holes
Information as of 03/05/12
Banking malware at your service - Customer service is a financial institution's highest priority and today's technology provides us with greater tools for reaching out to consumers in "real time." Cyber criminals have discovered a way to use those same tools to infect banking users with malware. Security firm Trusteer is warning users about a disturbing new attack it's identified using the live chat feature now found on many banking and business websites. The cyber crooks lie in wait for unsuspecting victims to login online and then present them with fake messages informing them that “security checks” need to be performed and that a bank representative will assist them via live chat. Threatpost has the details. This is another alarming example of the growing sophistication of fraudsters who depend on the users' trust in their banks' security procedures.
Business identity theft is another growing concern - Business identity theft has thus far been ambiguous and may often go unreported. Threatpost has more details on a trend that could be more commonplace than you think.
Threatpost: Mac trojan flashback
Information as of 02/24/12
FDIC Tips For Small Business and Consumers - Small businesses are crucial to the U.S. economy and they're very important to their owners — the entrepreneurs who put their own money and long hours into operating and growing a company. The Winter 2011/2012 FDIC Consumer News, published by the Federal Deposit Insurance Corporation, features practical tips and information in a collection of articles entitled "Minding Your Own Business: Banking Tips for Small Companies." This issue also includes articles on protecting senior citizens from financial fraud and theft, and guidance for consumers turned down for a checking account because of mismanagement. Click here for more details
DOBs and PINs - What has four digits and is easy to remember? The month and year of your birthdate and your banking PIN - which for many consumers is the same, according to research conducted by Cambridge University. The study concluded that 23% of users select their banking PINs based on a memorable date, and that nearly a third use their birthday. Since most people (99% of those surveyed actually) carry their driver's license or something with their birthdate in their wallet, attackers have a 9% chance of guessing their PIN, according to the research group. InformationWeek has the story.
iC3: Payday loan scam calling victims
Help Net Security: Banking bot trojan delivered via email
Sophos: The "Dirty Dozen" tax scams
Network World: Apple's Gatekeeper: A low cost for partial security
Threatpost: Waves of attacks target Adobe Reader bug from 2010
Information as of 02/10/12
Internet's 'Most Wanted' - It is said that if you know your enemies and know yourself, you will not be imperiled in a hundred battles. That is a philosophy that can be applied to online users and the miscreants who troll cyberspace to trick and attack innocent victims, robbing them of their identities and their money. Unlike the FBI's Most Wanted Posters, it's hard to put a face on cybercrime. PC World shares some valuable information to pass along to your consumers about identifying Internet bad guys and includes a link to a TrendLabs "most wanted" poster.
PC World: Hackers prey on Valentine's Day romantics
Infosecurity: QuickBooks tax scam leads to BlackHole
Help Net Security: Trojan grabbing Word and Excel docs
CNET: Chrome 17 tweaks speed, download security
IT World: Updates for Snow Leopard security, Remote Desktop now available
Information as of 02/08/12
Phishing Scam - Southern Missouri Bank of Marshfield has been notified of an attempted phishing attack on Southwest Missouri residents. The caller represents themselves as a government employee, with the crime unit and gives their “government ID #”. The caller already has the name and address of the person and states that they have been awarded special grant money. The person calling has broken English and is difficult to understand. They state they are not allowed to issue a check, but the money can be direct deposited into the bank account of the recipient. This is when the caller requests the bank account information. If you receive a phone call like this one, or a similar one, do not give out any of your bank or personal information. As a reminder, do not ever give out birthdays, social security numbers or bank account information to someone that calls you. If this information has been given out accidentally, please notify us immediately. Please feel free to contact us if you have any questions in this matter.
Information as of 02/03/12
Warning: Watch For Emails Wanting You to Verify Debit Card Transactions. Any unsolicited email stating you have debit card transactions to review should be immediately deleted. We will not contact you via email about your debit card. If you accidentally click on a link in an email, and provide your personal information, you are opening yourself to identity theft and account takeover. If you have questions about the legitimacy of an email, please feel free to contact us at 417-859-1292, or email us at firstname.lastname@example.org.
Click on this link to see an example of a fraudulent email.
Bank phone calls diverted by trojan - Post-transaction attacks, designed to conceal fraudulent activity while the crooks transfer money or conduct more unauthorized transactions, are increasing with the advancement in malware toolkits. Security software firm Trusteer has discovered a modified variant of ZeuS that enables cyber criminals to divert post-transaction verification phone calls from the victims' banks to numbers controlled by the attackers. Ice IX manipulates content displayed in browsers and injects rogue forms into online banking websites. In addition to extracting online banking credentials, the newest variant also creates a form asking victims to update their contact phone numbers, which are used to conduct post-transaction fraud. Help Net Security has the details.
NetworkWorld: Malware for Androids? There's an app for that!
Threatpost: Apple ships huge set of patches for OS X
CIO: Firefox 10: Better business support and a new version for Android
ALERT: InfoSec Island: MSUpdater trojan smuggles data as Windows Update traffic
Information as of 12/09/11
Mobile financial fraud rising - Cyber criminals are increasingly moving from targeted email phishing attacks to mobile messaging. Financial fraud via SMS (short messaging service) is growing at a rate of over 300 percent year over year. Global messaging security solutions provider Cloudmark reports that it's presently tracking more than 20 unique, financial related SMS attacks in the U.S., with thousands of variants on each attack. These targeted attacks appear as if they are coming from a major bank or credit card company and are designed to extract users' financial account information for fraudulent use. In some cases, users are tricked into thinking they have received a gift card - a ploy that consumers are especially vulnerable to at this time of year. PC Magazine has more details, including a link to the Cloudmark article containing images of sample messages being sent to victims' mobile devices.
Merry season for malware - 'Tis the season for giving and receiving gifts from friends and loved ones. Gift cards are a great option when you aren't sure what to buy someone and provide the recipients the flexibility to purchase something they want. Cyber crooks are taking advantage of the holiday season spirit of giving to spread malware disguised as gift cards from the nation's leading online retailer Amazon. An Adobe software upgrade notification is also making the rounds in a phishing email containing the ZeuS banking trojan, reports MSNBC. US-CERT has issued its holiday season advisory for consumers and businesses with tips at Infosec Island you can share with your customers on staying alert and protecting their financial data from holiday grinches.
Help Net Security: Verizon mobile banking malware
SC Magazine: Adobe to issue emergency fix for Reader security bug
Information as of 12/02/11
Gameover for Banks - ZeuS is back in the game again with targeted attacks against banks and their customers. The FBI has issued a warning that data thieves are using a modified version of ZeuS called "Gameover" to launch a spear phishing campaign using legitimate-looking emails from the National Automated Clearing House Association (NACHA). The fake emails advise recipients there's a problem with an ACH transaction at their bank and the transaction wasn't processed. When users click on the link in the email the Gameover malware infects their PC with the ability to key log as well as steal their online banking credentials, defeating several forms of two factor authentication. The thieves then launch a DDoS (Distributed Denial of Service) attack on the financial institution which the agency believes is a ploy to divert the banks' attention from high-dollar wire transfers. Krebs on Security has the details.
MSNBC: Holiday package delivery scam
Sophos: PayPay email change phishing expedition
Help Net Security: Fake FBI Monetary Crimes Division email
Slide Show: Top 10 Holiday Phishing Scams
Information as of 11/18/11
Cyberville's Grinch is a mean one - On Black Friday, shoppers will storm retail stores across the country for the lowest prices on the hottest items. Those who want to avoid the mayhem and shop from the comfort of their homes will wait a few days to get their bargains on Cyber Monday. They aren't the only ones who will be logging in early on the Monday after Thanksgiving. Cyber Grinches will also be online taking advantage of retail promotions and popular holiday shopping searches to con consumers into buying their rogue products (malware attached as a bonus). Forbes has more on the increased risks seasonal shopping presents for you and your customers, and tips for security best practices your organization can implement to protect its network and its jolly visitors.
Android Malware Surging
Adobe Fixes 12 Critical Flaws in Flash
Fake Microsoft Office tool hides worm
Information as of 09/30/11
Transferring funds or spam? - Few consumers pay bills the "old fashioned" way anymore - writing out checks and mailing them to lenders, suppliers, and utility companies. Online bill pay and ACH payments are replacing the hassle of check writing, buying stamps, and a trip to the post office. So it may seem reasonable for an online bill pay user to receive an email notification advising them that an ACH payment didn't go through. At least that what spammers are banking on. Help Net Security has the latest on an old scam.
Updates, Patches and Alerts...
SC Magazine: Unpatched Java flaws cause the most infections
Apple updates OS X to block Mac trojan
Mozilla fixes 11 security bugs in Firefox 7 release
For older content, please click here