Browsing Category: Social Engineering

Businesses Remain Scared of Spear-Phishing as Attackers Study Behavior

Scared is a strong word, but the reality, according to a Websense analysis by Patrik Runald, is that spear-phishers, like the ones that compromised a White House network last week, are implementing new evasion tactics, fundamentally changing their attack strategies, and revolutionizing the targeted threat model, giving business executives plenty of reason to worry.

Read more...

Using the Internet to Catch Traditional (Non-cyber) Criminals

It can happen to anyone…and when it does it usually catches everybody – the victim and his relatives – completely unprepared. I’m talking about kidnapping. Twice in my life I’ve been involved in helping the police track down and arrest gangs of kidnappers. The first case didn’t directly affect me or my family, but the second time a close friend of mine was kidnapped. And it turns out that our work in tackling cybercrime can also be useful to catch criminals who seem to have little connection with high-tech wrong-doing.

Read more...

Proof-of-Concept Exploits HTML5 Fullscreen API for Social Engineering

Independent security researcher, web designer, and Stanford Computer Science student Feross Aboukhadijeh has developed an attack concept that exploits the fullscreen application programming interface in HTML5 in order to carry out phishing attacks.

Read more...

Social Engineers Launch New Attack on Embattled Banks

As a number of major U.S. financial institutions deal with the aftermath of what was perhaps the largest DDoS campaign ever, researchers at FireEye are reporting on a separate phishing attack that establishes a channel of malicious communications on its victims’ computers.

Read more...

FTC Takes On Scareware Marketers, Court Imposes $163M Judgment

The United States District Court of Maryland ruled in favor of the Federal Trade Commission on Sept. 24, imposing a judgment of more than $163 million against the managers and directors of an enterprise whose sole function the FTC alleges was to defraud its customers with scareware.

Read more...

How-To Video: Securing Facebook

Facebook’s active-user count is rapidly approaching one billion. The world’s largest social network, which has long been a popular target and platform for attackers, will only become a more relevant outlet for scams and other fraud as it continues to grow.

Read more...

Facebook Timeline Eraser Chrome Plugins Dupe Tens of Thousands of Users

Nearly 100,000 Facebook users have been duped into installing third-party Chrome plugins over the past few weeks that have access to all of their data on every Web site they visit. According to research recently conducted by security firm Barracuda Networks, the unsuspecting users were tricked into thinking the plugins could block Timeline, a new profile feature Facebook first introduced at the end of 2011.

Read more...

Phishing for Fanboys with Phony iPhone 5 Images

There is no such thing as a trivial detail when it comes to the impending release of an Apple product and scammers are well aware of this. A recent attack is exploiting the public’s fascination with all things Apple and the ubiquitous interest in anything iPhone 5-related with an email phishing scam that includes a file that claims to contain pictures of the unreleased iPhone’s battery but actually contains a malicious Word document.

Read more...