Video Screencast Help
Search Video Help Close Back
to help

Security Response

Showing posts tagged with Online Fraud
Showing posts in English
Cyber Crooks All Set to Crash the British Royal Wedding
Suyog Sainkar | 28 Apr 2011 08:30:17 GMT | 0 comments

As we have seen with many major events in the past, news of the British Royal Wedding is currently being used by cyber criminals to bolster their spam campaigns and push rogue antivirus software through black hat search engine optimization (SEO) techniques.
 

Spam campaigns

We have blogged previously about “snowshoe” spammers targeting the upcoming British Royal Wedding of Prince William and Kate Middleton. Spam email messages advertising a replica of Princess Diana’s engagement ring that were observed in February are still making the rounds on the Internet, and the eve of the royal wedding is now upon us. Furthermore, as we had anticipated, we have recently observed additional spam campaigns making use of this significant event to promote various products.

In one such recent spam campaign, email promoting a "...

Read more
Spammers Continue to Exploit the Disaster in Japan
Suyog Sainkar | 07 Apr 2011 16:43:21 GMT | 0 comments

Symantec has blogged previously about spammers exploiting the recent catastrophic situation in Japan. Since then, Symantec has observed additional variations in spam attacks in which the spammers are continuing to exploit the tragedy, even as the earthquake and tsunami relief efforts are in progress. Similar to what we have seen in the past, virus attacks in the form of messages containing links to images in the message body were observed in the third week of March. Such attacks, along with scam emails, are usually prevalent after such disasters have occurred. The subject line and screenshot of a sample message body of the virus attack can be seen below.

Subject: Novo tsunami atinge Sendai e Japao declara estado de emergencia em usina nuclear
[Subject: New tsunami hits Japan Sendai and declares state of emergency in nuclear plant]

...

Read more
Another Fake Facebook App is Here to Steal your Passwords
Hardik Shah | 07 Apr 2011 08:45:19 GMT | 0 comments

Recently, we came across an application that displays the message “Tornado Randomly Appears During Soccer Game” on Facebook:

Clicking on the message forces the download of a script from http://<IP Removed>/fb2.js, which displays a Facebook login message. If the user is logged in to Facebook, the malicious app will log the user out and ask him/her to log in again:

When the user clicks on the “Login” button, it will show the login form:


 
When the user enters login details and clicks on the Login button, the fake application sends two POST requests: one to Facebook.com, and the other to the malicious server. The request sent to the malicious server has the...

Read more
Taking the Shortcut to Malicious Attacks
M.K. Low | 07 Apr 2011 03:47:54 GMT | 0 comments

Taking the Shortcut to Malicious Attacks 

Shortened URLs have become popular in recent years as a means of conserving space in character-limited text fields, such as those used for micro-blogging. Some URLs consist of a substantial number of characters that can eat up character limits, break the flow of text, or cause distortions in how Web pages are rendered for users. URL shortening services allow people to submit a URL and receive a second, specially coded shortened URL that redirects to the original URL. When a user clicks on the shortened URL, the service will redirect the person to the submitted Web page.

Attackers are taking advantage of this type of service because it helps to hide the actual destination URL. Attackers use the shortened links, which may or may not be legitimate, to lead unwitting users to malicious websites that are designed to attack any system using a vulnerable browser. 

Social networks are a security concern for...

Read more
Sgt. Scammer’s Lonely Hearts Club
Poul Jensen | 06 Apr 2011 11:44:21 GMT | 0 comments

Internet advertising has the potential to be a very worthwhile method for generating income. However, advertising on the Internet typically produces a higher return of payment if the ads themselves are clicked. Therefore, there is a high incentive for scammers to devise ways to ensure that the ads hosted on sites under their control are clicked – be it through malware, automated scripts, email spam links, or any other method. After all, potential profit drives innovation – for legitimate and illegitimate business alike.

However, advertisement networks are capable of identifying illegitimate activity on their networks, which increases the need for scammers to hide illegitimate activity for as long as possible, thereby allowing them to reap the largest possible profit. In the past, we have observed various Trojans that connect to websites and click on the ads. Recently, however, we have discovered a more elaborate scam that establishes a network of fake dating/...

Read more
The Symantec Internet Security Threat Report (ISTR) Volume 17 Is Here!
Téo Adams | 05 Apr 2011 03:56:08 GMT | 0 comments

We are pleased to announce that Volume 17 of the Symantec Internet Security Threat Report (ISTR) is now available. There are some significant changes to the report this year, including several new metrics, a revamping of existing metrics, and a revised format. Aspects of the new format were first seen in the Report on Attack Kits and Malicious Websites, which was released earlier this year.

One point of interest in this most recent report is the continued prevalence of malicious code propagation through the sharing of malicious executables on removable media. This propagation mechanism has been ranked at the top for quite some time now, with no signs of coming down. However, in February 2011, right in midst of writing the report, we read an...

Read more
2011 Internet Security Threat Report Identifies Increased Risks for SMBs
Kevin Haley | 05 Apr 2011 03:55:29 GMT | 0 comments

2011 Internet Security Threat Report Identifies Increased Risks for SMBs
Kevin Haley, Director, Symantec Security Technology and Response

Small businesses have flexibility that can provide them with a competitive edge in today’s Internet-based market. And, with ever more business being conducted online, keeping your sensitive information safe is more critical than ever.

Hackers do not care what the size of your business is. They only care if they can get past your defenses and relieve you of your valuables. What hackers do like about a small business is that they tend to have more money in the bank than an end-user and less cyber defenses than a larger company. And these hackers are no longer limited to highly skilled computer geeks. Using easily available attack toolkits, even a relative novice can infect your computers and extract all the information they...

Read more
Trojan Express Delivery
Vivian Ho | 30 Mar 2011 12:46:48 GMT | 0 comments

In the past couple of days, Symantec has observed a spike of email attacks that are designed to distribute malicious threats. All of the observed samples are spoofed to appear as if they are legitimate delivery warnings or notifications from UPS or Post Express. The message text asks recipients to open the zipped executable file for further details or actions necessary to take delivery of the item.

Below are the sample headers observed in this spam attack:

From: "United Parcel Service" <info***3@ups.com>
From: "UPS� Customer Services"<***@secureserver.net>
From: "United Parcel Service" <***@dhl.com>
From: "Neil Molina" United Parcel Service  <[Details Removed]@ [Details Removed]>
From: "Kimberley Miner" United Parcel Service  <[Details Removed]@ [Details Removed]>...

Read more
Make St. Patrick’s Day Enjoyable for You and Not the Spammers
Samir_Patil | 17 Mar 2011 13:53:17 GMT | 0 comments

St. Patrick’s Day is a religious holiday celebrated internationally on March 17. Traditionally, this day is celebrated with festive parades and music in Ireland, Europe, and even New York City. Among the many popular traditions that surround St. Patrick’s Day, one cannot miss out on the food, drink, and merriment at local pubs.

Symantec is monitoring St. Patrick’s Day spam, which is, as usual, offering various bogus products. In one such sample, all that the recipient needs to do is to take part in a very simple survey. Upon completion of the survey, the user will receive a $250 gift card reward absolutely FREE! But wait a minute—think twice before you even try clicking that button. Although the offer is perfectly tailored for the occasion, the reward that awaits the tempted is disastrous.

Subject: Are You Celebrating St. Patty.s Day?

Subject: St. Patty's Day Clearance - Huge Discounts on New Cars.

Subject: You have (1)...

Read more
Spammers Exploit Japan’s Catastrophic State
Samir_Patil | 14 Mar 2011 12:33:14 GMT | 0 comments

Only a few days ago, Japan experienced one of the worst earthquakes in its history. The earthquake registered 8.9 on the Richter scale and triggered an enormous tsunami. The heart-wrenching images on television have left the world shaken. It was the worst earthquake and tsunami in the past century and at least 50 countries have since received related tsunami warnings.

As the death and injury tolls continue to rise, one must not forget those who awake to exploit such delicate situations—spammers continue to maintain the guise of charitable institutions and governmental organizations! Don’t be surprised to  suddenly see an email message in your inbox marked as URGENT and pleading with you for "monitory help" [sic] or a phishing mail urging you to donate to the rehabilitation of those affected by the quake and tsunami. Use prudence in finding out the genuine intent of email senders before you reach out or respond.

Within the first few hours of...

Read more