Symantec has observed a sudden rise in phishing on Indian brands recently. The number of phishing URLs on Indian brands in the first two weeks of August was nearly 2% of all phishing attacks. In the past, the usual average was typically 0.5%. This means that the rise has grown four fold in just two weeks.
The geo-location of each phishing site was examined and it was observed that none were in India. But, it is likely that at least some of the phishers involved are in India since the confidential data stolen can be used for specific Indian needs. For instance, there are several websites dedicated to the purchasing of Indian goods and articles, which accept net banking payments only from a given list of Indian bank accounts. Hence, the attackers may be employing every means of masking their location by creating their website elsewhere and not on Indian servers.
There were five brands targeted that were all in the banking sector for the given time period. Among...
Recently, Twitter implemented technology to help stem the threat of malicious URLs being propagated though its service. This approach seems to be a great effort on the part of Twitter to prevent attackers from tweeting malicious links.
It appears as if the tool is filtering tweets and comparing any embedded URL to their list of known malicious sites. Trying to determine whether a URL points to a malicious website in a large-scale automated fashion, especially in today’s threat landscape, is a challenging problem. From my perspective, there are a few issues that need to be worked out. Twitter is likely in the nascent stages of addressing these types of issues and we expect they will try to overcome the associated limitations.
To date we've only seen a relatively small number of attack attempts involving malicious URLs on Twitter. URL-shortening services are often at the heart of these types of attacks as bad guys try to take advantage of the system to disguise...
The fraudsters are constantly coming up with innovative ways to deceive innocent users of the Internet. Symantec recently observed an increase in phishing attacks facilitated by spam email messages that are targeted towards a popular email client application. The spam message requests the intended victims to re-configure the email client application by clicking on the link provided in the email. The phishing spam messages previously in circulation had a malicious file attached as a setup for the bogus update.
The recent spam email messages, in an attempt to make appear legitimate, also provide a contact number for any queries regarding the update:
“If you have received this message in error, please notify us immediately by calling (310) xxx-6428 and destroy the related message.”
While overall spam volumes averaged 89 percent of all email messages in July 2009, spam volumes continue to fluctuate. During July 2009 image spam continued to have an impact, reaching 17 percent of all spam during one point in July. Health spam decreased by 17 percent, while product and 419 spam both saw increases of eight and three percent, respectively, month over month. Similar to tabloid magazines, spammers continue to have a fascination about certain celebrities such as President Obama, Michael Jackson, and Emma Watson (from the Harry Potter franchise)—they all featured in spam attacks in July 2009.
Click here to download the August 2009 State of Spam Report, which highlights the following trends:
· Spammer’s Opinion Poll: President Obama and Michael Jackson...
