Browsing Category: Social Engineering

Google Password Generator in the Works

Google is in the process of developing a tool to help users generate strong passwords for the various and sundry Web sites for which they need to register and authenticate. The password-generator is meant to serve as an interim solution for users while Google and other companies continue to work on widespread deployment of the OpenID standard.

Read more...

Infographic: How To Spot A Fake Facebook Friend Profile

A whopping 97 percent of fake Facebook profiles purport to be female, according to this infographic based on a new study, announced today, from security firm Barracuda Networks. In order to expand their networks and entice would-be victims, 58 percent of the phony profiles also claim to be bisexual and on average, have 726 friends while 68 percent claim to have attended college.

Read more...

How to Win Friends and Steal Their Facebook Accounts

CANCUN–Facebook is a lot of things, and one of the things that it’s become of late is a fertile green field for attackers and scammers of all stripes. The Koobface worm is perhaps the most famous threat to hit the network, but the more mundane ones, such as scammers generating fake profiles automatically to spread spam and malicious URLs are becoming more and more prevalent, researchers say.

Read more...

Ongoing Targeted Attack Campaign Going After Defense, Aerospace Industries

Researchers have identified a strain of malware that’s being used in a string of targeted attacks against defense contractors, government agencies and other organizations by leveraging exploits against zero-day vulnerabilities. The attacks may have been going on since 2009 in some form and the emails containing the malicious attachments are specifically targeted at executives and officials in various industries using fake conference invitations.

Read more...

Google, Facebook and Others Join to Write New Email-Authentication Spec Called DMARC

Categories: Social Engineering

Google, Yahoo, AOL and a group of other large email senders and receivers have banded together to develop a new framework for sending and receiving email that is designed to stop phishing attacks and other email-borne scams. Called DMARC.org, the new group has come up with a specification called Domain-based Message Authentication, Reporting and Compliance that implements message authentication through the mail-transport agent and not the sender or user agents.

Read more...