February 7,2012
|
Emails from Intuit... |
It appears that there are scam emails circulating purportedly from Intuit.
Some of the message lines contain:
“Tax information needed within 30 days”
“Name and Social Security Number Mismatch”
Some of the return email addresses are:
security, admin, or antifraud @ intuit.com
We recommend not opening any Intuit emails and to delete them.
If you use any Intuit product, such as Quicken or Turbo Tax and have issues; call the appropriate support department directly.
January 31, 2012
|
A new method of infecting PCs with malware... |
|
|
Researchers have discovered a new method of infecting PCs with malware, this time no web browser is required. This new method of drive-by infection occurs in your Inbox and no attachments are necessary. This latest form of e-mails uses JavaScript to automatically download malware whenever the email is opened. The current emails being spotted have the subject "Banking security update" and appear to come from fdic.com. This only proves the need for anti-malware tools and the importance of keeping them up to date.
January 9, 2012
|
Another Version of Zeus is on the Loose |
|
|
|
The Federal Bureau of Investigation (FBI) recently issued an alert on a new version of the Zeus Trojan called Gameover, which is distributed via spear phishing attacks aimed at commercial accounts and ultimately lead to account takeovers. Emails purporting to be from NACHA (The Electronic Payments Association) inform the victim organizations of a failed ACH transaction. The victim’s computer is infected with the Trojan when they click on the link contained in the email. |
The Ramnit Worm
This brief article will validate why it is essential to use strong login credentials and to NOT use the same credentials for more than one application. Please read on:
Researchers at Seculert say the Ramnit worm is now targeting Facebook.
Lab researchers working for the Israel-based provider of cyberthreat management services say Ramnit has been linked to the compromise of more than 45,000 Facebook log-in credentials, primarily hitting users in the United Kingdom and France.
We suspect that the attackers behind Ramnit are using the stolen credentials to log in to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further.
In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks.
Ramnit is a worm, which means, unlike malware, it can spread to other computers without being sent through e-mail or a malicious website. Ramnit, which surfaced in April 2010, continues to evolve.
~~~~~~~~~~ ~~~~~~~~~~~~
December 28, 2011
In an ironic twist, a new phishing scheme, purporting to be from the Federal Deposit Insurance Corp., actually claims to offer assistance with ACH and wire fraud, but instead delivers malware that could enable fraud.
The FDIC issued a new alert about an attack that claims retail and commercial accounts have been suspended because of suspected ACH and wire fraud. The e-mails state, "Your account ACH and WIRE transaction has been temporarily suspended for security reasons due to the expiration of your security version." The messages then go on to say that an attached PDF document contains instructions about how the business or consumer can download and install updated security versions.
The e-mails contain the attachment "FDIC_document.zip," which the FDIC warns likely unleashes malware to be installed on the recipient's PC. The fraudulent e-mails about ACH and wire accounts could be used to commit bogus ACH and wire transactions, leading to the siphoning of customer accounts.
"Financial institutions and consumers should be aware that these fraudulent e-mails may be modified over time with other subject lines, sender names and narratives," the FDIC states.
The FDIC has recently seen a number of targeted phishing scams. On Aug. 17, the FDIC was the target of a similar attack, with the subject line, "FDIC: Your business account"
