Video Screencast Help
Search Video Help Close Back
to help

Security Response

Showing posts tagged with phishing
Showing posts in English
Spammers Pay Tribute to Icons with Atrocious Malware
Samir_Patil | 12 Oct 2011 01:07:37 GMT | 0 comments

Contributor: Christopher Mendes

When stalwarts pass away the world mourns their loss, tributes flow and emotions run high. Whenever we lose a legendary figure, their death brings shock or grief and people are hungry for any and every available piece of information about the "How" and the "Why" and the "When" related to the death of these important figures. We studied the aftermath of these icons’ passing and the eulogy written by spammers. The spammer’s sole motive is to use incidents to compromise weak systems.

On further examination of the collected data we traced a predictable pattern, the details of which are given below:

Michael Jackson Subject: Michael Jackson not dead
Subject: Michael Jackson seen alive
Subject: Michael Jackson lives		 ...
Read more
What’s On the Spammers’ Menu This Holiday Season?
Samir_Patil | 27 Sep 2011 15:41:19 GMT | 0 comments

The holiday season is about to commence and spammers have resurfaced with new offers well in advance. We have already observed spam for Christmas and New Year in the month of September, not to mention spam for Halloween, which is fast approaching!

So, what’s on the spammers’ holiday menu?  Well, there are virus e-cards, bogus meds, some interesting Internet gift offers with crazy discounts, and loans to help you celebrate a spammy whammy Christmas and to welcome the New Year! And don’t despair, because for Halloween you have the much coveted replica products! The list is definitely going to extend as the season comes closer. Discussed in detail below is the spammers’ vacation bonanza.

Here are some of the various spam subject lines being used for the upcoming holiday season:

Subject: Re: Happy new year!!!!
Subject: You have received a Christmas Greeting Card!
Subject: Rolex For You Now -85%
Subject: With...

Read more
Phish Tastes Better Than Spam
Samir_Patil | 23 Sep 2011 21:39:48 GMT | 0 comments

Thanks to Shravan Shashikant and the Norton Confidential Online team for providing the data, and to Christopher Mendes for compiling it.

Does phish taste better than spam? Yes, perhaps it does. Allow me to explain.

The recent past has been one of the most volatile financial periods in history. World economies have reached a very critical stage—sovereign debt crises, bailouts, loan defaulters causing banks to shiver, sales shrinkages causing trade surplus, and bankruptcies. Add to all of this the fears of a double-dip economic recession theory making the rounds and it looks like a really dreadful picture.

But how does this affect the consumer from the point of view of email security? The consumer is the fulcrum point, the hinge of the story! All these negatives hits consumer spending in a very big way. The first wave of recession had definitely dented consumer confidence, and with the “Double Dip” theory lurking on the horizon it...

Read more
Spammers Mark 10th Anniversary of 9/11
Samir_Patil | 09 Sep 2011 21:50:48 GMT | 0 comments

Thanks to Vivek Krishnamurthi for contributing to this blog.

Every sensitive event is an opportunity to exploit. With this motive in the background, it is not surprising to see spammers exploit 9/11.  With the 10th anniversary of the tragedy just a day away, spammers want to make the best use of this emotionally charged environment. 

Here are two examples of scams that Symantec has noticed in recent days that attempt to exploit the emotional scars left by 9/11:
 
First email example exploiting 9/11
Figure 1: First email example exploiting 9/11
 
 
Second email example exploiting 9/11
Figure 2: Second email example exploiting 9/11
 
The first sample tries to entice...
Read more
Be the First to Snatch the Coveted iPhone 5
Samir_Patil | 07 Sep 2011 00:04:33 GMT | 0 comments

Thanks to Amit Kulkarni for his contributions to this blog.

Since its launch, the Apple iPhone has been on the wish lists of most consumers.  The iPhone 4 has already made an impression in the marketplace, so it is obvious that spammers will make the best of this opportunity.  Symantec observed spam tactics just before the release of iPhone 4 and is expecting an even greater spam volume when iPhone 5 is released to the market.

The next generation of iPhone is expected to hit the market in September and spammers don’t want people to wait until the official release. Below is a sample of spammer hype campaigning to lure people into their trap. As usual, the bait is a survey one has to complete to be eligible to own “this coveted piece of art!”


 
When...

Read more
Fake Offers with Fake Trust Seals
Mathew Maniyara | 05 Sep 2011 21:32:40 GMT | 0 comments

Thanks to the co-author of this blog, Wahengbam RobinSingh.

Phishers are constantly looking for new ideas in their efforts of tricking end users. In August, Symantec observed a phishing site that utilized a number of new tricks. The phishing site masqueraded as a well known software company and claimed to offer associated software products at discounted rates. The phishing page highlighted these fake offers as “summer offerings” and stated that customers could save 80% on their purchases. Users were prompted to enter their billing information, personal information, and credit card details to complete their purchases. The personal information that was requested consisted of the user’s email address and phone number. The credit card details that were asked for were the card number, CVV code, and card expiration date. If any users had fallen victim to the phishing site, the phishers would have successfully stolen their confidential information for...

Read more
Phishing Brazilian Brands
Mathew Maniyara | 28 Jul 2011 17:28:28 GMT | 0 comments

Symantec keeps track of the brands targeted by phishing and monitors trends in the countries in which the brand’s parent company is based. Over the past couple of months, phishing sites have been increasingly targeting Brazilian brands. In May and June, the number of phishing sites on Brazilian brands made up about 5 percent of all phishing sites. This is an increase of nearly three times that of the previous month. The phishing Web pages were in Brazilian Portuguese. The most targeted brand in these phishing sites was a social networking site.

 
Below are some noteworthy statistics on the trend observed:
 
  • The majority of the phishing on Brazilian brands, approximately 58 percent, used IP domains (e.g., domains such as hxxp://255.255.255.255). 
  • Twelve Web-hosting sites were used to host 4 percent of the phishing sites on Brazilian brands.
  • There were several banks attacked in phishing and...
Read more
Operation Phish Phry - Revisited
Kevin Haley | 22 Jul 2011 12:29:14 GMT | 0 comments

Like the career of a one hit wonder pop star, it started with a bang and went out with a whisper. Almost two years ago, the big news was about Operation Phish Phry. In October 2009, the FBI announced that almost one hundred people (half here in the US, half in Egypt) had been arrested for running a phishing ring. At the end of June this year, news reports announced the sentencing of Kenneth Joseph Lucas, who was the key US figure in this crime story. Convicted of 49 counts of bank and wired fraud, Lucas was sentenced to 13 years in federal prison.

Lucas is not a hacker. He ran the money mules in the US who opened accounts for the hackers in Egypt to deposit their stolen money into. The Egyptian hackers stole logins and passwords from the customers of US banks and then transferred people’s money into the accounts the money mules had set up. The money mules withdrew...

Read more
Survey: People Know Online Risks But Often Ignore Them
RyanWhite | 15 Jul 2011 15:20:57 GMT | 0 comments

Surveys are a great window into people’s minds, especially when they can illuminate contrasting, and even contradictory, behaviors in the same group. Results from the Symantec Online Internet Safety Survey have done just that. The most compelling finding—that respondents frequently proceed with online transactions they know might be insecure—inspired me to ask not just, “What are they thinking?” but “What are they thinking?!?”

The survey’s focus must be on many people’s minds, as we’ve had an extraordinary response: 301 people in just a few days! My initial impressions of the results are below. Feel free to share your comments and questions on the original edition of this post.
 

Findings

Risky behavior remains common despite respondents knowing better

...

Read more
A Look Inside Targeted Email Attacks
Shunichi Imano | 15 Jul 2011 10:31:25 GMT | 0 comments

The number of targeted attacks has increased dramatically in recent years. Major companies, government agencies, and political organizations alike have reported being the target of attacks. The rule of the thumb is, the more sensitive the information that an organization handles, the higher the possibility of becoming a victim of such an attack.

Here, we’ll attempt to provide insight on a number of key questions related to targeted attacks, such as where did the malicious email come from, which particular organizations are being targeted, which domains (spoofed or not) sent the email, what kinds of malicious attachments did the emails contain, etc. Our analysis of the data showed that, on average, targeted email attacks are on the rise:

Figure 1. Targeted attacks trend

Origin

For this analysis, we first looked at the origin of the email...

Read more