Symantec Connect
  • Login
  • Register
  • All of Connect
    • All of Connect
    • Backup and Archiving
    • Endpoint Management & Virtualization
    • Storage and Clustering
    • Security
    • Inside Symantec
    • Vision User Conference
    • Partners
    • Developers
    •  
  • Overview
  • Forums
  • Articles
  • Blogs
  • Downloads
  • Events
  • Videos
  • Groups
  • Ideas

Security Response: Showing posts tagged with Security Response: Showing posts by Sai Narayan NambiarSyndicate content

Login to participate
Flash Phishing
Sai Narayan Nambiar | January 30, 2009
0 comments

Phishers always try to come up with new tricks to bypass phishing toolbars. So, it’s not really surprising that we've now seen several phishing websites that are using Flash-based content instead of normal HTML. The main objective for the use of Flash-based content is to avoid phishing detection by toolbars that analyze page content.

Symantec has observed some recent examples all targeting reputable brands. These sites look like genuine front pages, but they are actually Flash recreations.

 

 

 

 

As shown in the above snapshot, if we right click on the Web page it reveals some program options such as "Zoom In," "Show All," and "play" options in the menu instead of the normal options you would see on an HTML page. When you type...

Read more
Tags: Endpoint Protection (AntiVirus), Online Fraud, Security, Security Response
Phishing Attacks Utilizing Port Numbers
Sai Narayan Nambiar | December 23, 2008
0 comments

There are varying types of technologies used by online attackers these days. There are old tricks and of course new ones, but it is the newer ones that make it even more difficult to handle the dilemmas faced in the world of Internet security. One of the trends of attack that was noticed a little while ago was an attack based on a website’s “port number.” A port number is a way to identify a specific process to which an Internet or other network message is to be forwarded when it arrives at a server. We can identify a port number after a colon (“:”) following the host name. For example, consider http://1.1.1.1:8080/, in which the port number in the URL is 8080.

According to the IANA (Internet Assigned Numbers Authority), the port numbers are divided into three ranges: well known ports, registered ports and the dynamic and/or private ports.

 

1.    The...

Read more
Tags: Endpoint Protection (AntiVirus), Online Fraud, Security, Security Response
Getting Acquainted With Rock Phishing
Sai Narayan Nambiar | December 18, 2007
0 comments

Antiphishing filters basically work eitheron block listing or on heuristics. "Rock phish" attacks are quite arecent phenomenon that has posed a major challenge to both of the abovementioned antiphishing filters, simply because the unique structure ofa Rock phish attack circumvents antiphishing filters. This phishingtechnique can be traced back to somewhere around August 2006. The URLstructure was comparatively simpler then, consisting of a randomizedroot domain and three sub folders. But the principle cause in therecent surge in the number of such attacks is traced to the botnetphenomenon. So, what then is so special about Rock phish? Well, thistechnique has a trademark method of striking naïve targets.

The URLs that navigate to the fraudulent Web sites have a uniquestructure. For example, the structure of this URL is Rock phishingspecific: http://www.xxx.xxx.user123990.com/login/challange/2b593cba/login.php.As a matter of fact,...

Read more
Tags: Endpoint Protection (AntiVirus), Emerging Threats, Security, Security Response
Getting Acquainted With Rock Phishing
Sai Narayan Nambiar | December 18, 2007
0 comments

Antiphishing filters basically work eitheron block listing or on heuristics. "Rock phish" attacks are quite arecent phenomenon that has posed a major challenge to both of the abovementioned antiphishing filters, simply because the unique structure ofa Rock phish attack circumvents antiphishing filters. This phishingtechnique can be traced back to somewhere around August 2006. The URLstructure was comparatively simpler then, consisting of a randomizedroot domain and three sub folders. But the principle cause in therecent surge in the number of such attacks is traced to the botnetphenomenon. So, what then is so special about Rock phish? Well, thistechnique has a trademark method of striking naïve targets.

The URLs that navigate to the fraudulent Web sites have a uniquestructure. For example, the structure of this URL is Rock phishingspecific: http://www.xxx.xxx.user123990.com/login/challange/2b593cba/login.php.As a matter of fact,...

Read more
Tags: Endpoint Protection (AntiVirus), Online Fraud, Security, Security Response
Attacks on Credit Unions and Community Banks
Sai Narayan Nambiar | December 11, 2007
0 comments

The second half of 2007 has seen a suddensurge in the number of phishing attacks on financial puddles likeregional banks, credit unions, and small- to mid-sized credit unions.But why are fraudsters focusing on localized financial institutions?The answer is simple; they are highly profitable and have lessresources to protect them from phishing when compared to largerinstitutions. Larger institutions have secured themselves byimplementing stronger Internet security measures. Even the customersfrom larger financial institutions are quite familiar with phishing.

Furthermore, credit unions have always been major competitors withlarger financial institutions. The sub-prime problem in the UnitedStates has triggered a financial stress. To give some respite to thisdifficult situation the Feds had planned out cuts in interest rates.These cuts in interest rates have become a blessing in disguise forcredit unions because valuations of the first three quarters of...

Read more
Tags: Endpoint Protection (AntiVirus), Online Fraud, Security, Security Response

About Security Response Blog

Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.
Filter by:

Blog Tags

10.x 11.x 9.x and Earlier Antivirus2010 Backdoor.Tidserv Brightmail Gateway Emerging Threats Endpoint Encryption Endpoint Protection (AntiVirus) Endpoint Protection Small Business Enterprise Security Manager Evolution of Security General Symantec IT Healthcare Landscape IT Risk Management Internet Security Threat Report Live PC Care Malicious Code Misleading Applications Mobile & Wireless Online Fraud Password Management Restore Security Security Risks Spam Sykipot SymbOS.Exy Symbian Trojan.FakeAV Trojan.Zbot VirusDoctor Vulnerabilities & Exploits Windows Zeus
© 2010
  • Symantec Corporation
  • Contact Us
  • Get RSS
  • Privacy Policy
  • Symantec.com