UGN safenet phishing report UGN safenet phishing report
Google ads, spyware, Hackers, Phishers and New forms of identity theft
Terrorist analyst Mark Ginsberg takes a close look at American websites and ISP providers who are hosting, aiding and abetting al-Qaeda. This video is an eye-opener -- because it could very well be the same ISP that YOU use. What are they saying? What are they teaching... watch the video... watch the video of Mark's interview
U.S. Department of Defense security officials were rather disturbed recently when they discovered that military personnel were getting targeted emails from hackers. If the soldier tried to open the attacked file, their computer who have hacking software secretly installed. Strategy Page - USA
Farsi-speaking folks in Iran have recruited the IRS in a phishing scam. Blogger News Network - USA
Most malware in August appeared to come from servers based in Korea, according to a new report.
Research carried out by IT security company Fortinet found that 89 per cent of malicious code activity was based in just one country. According to reports, this was mostly attributed to the Dloader.K!tr (aka small) trojan. This worm showed large spikes of activity in Korea. Researchers at the company said that this indicated that a distribution campaign was going on in the country by cybercriminals. IT PRO - London,Greater London,UK
USAJobs, the official job search site for the federal government, said Wednesday that more than 146,000 users had their account information stolen as a result of an attack on job search giant Monster.com earlier this month.
In mid August, attackers compromised Monster.com accounts gaining access to the company's resume database. With the help of a Trojan horse program targeted at Monster.com users, the attackers made off with the name, address, telephone number, and email address of at least 46,000 Monster.com users. Washington Post - United States
Scammers have created a phony Internal Revenue Service Web page asking people to enter personal data to claim nonexistent refunds. IRS officials and consumer protection advocates warn people to avoid the site, which replicates the IRS logo to fool users.
*** forward ALL phishing email relating to the IRS to phishing@irs.gov phillyBurbs.com - Philadelphia,PA, USA
Aladdin eSafe Content Security Response Team (CSRT) has uncovered significant new details surrounding an eBay botnet attack. The attack, which is one of the first of its kind to employ extremely complex, multi-stage attack methods, performs a distributed and covert brute force attack on eBay accounts in an effort to obtain personal information and/or items sold/purchased via the eBay site CNNMoney.com - USA
a new tactic, where hackers hack into an individual's personal email system and then uses the information and the list of contacts to target that person's friends, through an email that seems all to believable South Asian Focus - Brampton,Ontario,Canada
The Anti-Phishing Working Group (APWG) and the US Federal Trade Commission (FTC) have pooled their resources and experience of combating identity theft. FTC figures show that as many as 10 million US citizens may suffer from ID fraud each year, costing individuals $5 billion and businesses almost $50 billion.
NOTE: another example of the wrong tactic - The Anti-Phishing Working Group is basically noneffective because of the method they use. Virus Bulletin - Abingdon,Oxon,UK
Security firm Sunbelt, which recently discovered that the Bank of India's hacked website was serving dangerous malware, has said the infamous Russian Business Network -- an ISP linked to child pornography and phishing -- is behind the attack.
"A scan of RBN and affiliated ISPs' net space conducted by VeriSign iDefense analysts failed to locate any legitimate activity. Instead, [our] research identified phishing, malicious code, botnet command-and-control, denial-of-service attacks and child pornography on every single server owned and operated by RBN," the spokesperson said. ZDNet UK - UK
Knowing about this existing relationship, the scammer can then use the harvested contact information to send out targeted phishing e-mails that appear to come from Monster.com ...
According to this Associated Press story, access to all these résumés was gained in the first place by hacking into accounts used by corporate recruiters, who have access to thousands or millions of résumés. The data was then harvested by an automatic tool.
AP Story: Monster breach teaches familiar lessons
By now, the perils of securing online data with little more than user names and passwords should be well known. Monster.com learned that lesson late and the hard way, prompting disclosure that the Web jobs board will spend millions of dollars to improve its security.
Hackers have stolen the personal information of several hundred thousand users of the Monster.com career Web site, a Symantec researcher has discovered. The thieves used a Trojan, called Infostealer.Monstres, to obtain information from approximately 1.6 million resumes uploaded to the site by jobseekers. Ars Technica - Boston,MA, USA
Scam e-mails have been an issue for the Internal Revenue Service (IRS) since 2005, but problems have heightened over the summer.
The IRS issued a consumer alert Tuesday regarding new, two-step e-mail scams that falsely promise recipients they will receive money for participating in online surveys. NBC13.com - Birmingham,AL, USA
In Greek mythology, the heads of the Hydra grew back faster than Heracles and Iolaos could hack them off. A similar thing is happening with current botnets and phishing sites, whose malicious servers seem to appear faster than they can be shut down. A new flexible layer of proxy intermediaries - the so-called Fast-Flux network - makes this possible.
Classic botnets use a comparatively simple principle: The infected PCs - the bots or zombies - connect with a central IRC server. From this chat server, their masters then command them to distribute a new spam email, participate in a DDoS attack or deploy updated malware. heise Security - London,UK
Phishing and pharming represent one of the most sophisticated, organized and innovative technological crime waves faced by online businesses. Security Park - Winkfield,UK
More than a quarter of people concerned about phishing admit they cannot tell the difference between a legitimate and a bogus email. VNUNet.com - UK
A man who waged a phishing scam against AOL users is facing up to seven years in federal prison. He targeted AOL users for four years with an "elaborate" phishing scheme pleaded guilty to federal charges Wednesday.
Michael Dolan, 23, formerly of West Haven, Conn. and North Miami Beach, Fla., pleaded in a U.S. District court in Connecticut to one count of conspiracy to commit fraud in connection with access devices, and one count of aggravated identity theft. Dolan, who is slated to be sentenced on Nov. 14, faces a mandatory sentence of two years for the identity theft charge and a maximum of five years on the second charge. InformationWeek - Manhasset,NY, USA
Return to: the top of this page, or the INDEX for this department
Exit to: The User Group Network front page
Contact: The Editor, Webmaster or Membership Director
* Discuss Photoshop
* Discuss Desktop Publishing
* Critique your Web Site