Search Results for: phishing

Phishing boom in China bucks global trends

Fish. Image courtesy of Shutterstock.

There's been a sharp upturn in the numbers of phishing pages observed, with the majority of them hosted in China and targeting Chinese victims and sites, according to analysis of world phishing trends from the Anti-Phishing Working Group (APWG).

SSCC 139 - PWN2OWN, browser updates, Target alerts, PCI DSS and phishing [PODCAST]

sscc-139-thumb-250

Is a browser less secure if more people like to hack it? Is it OK to ignore alerts simply because you get too many? Do you back yourself to spot every single phish? And just how smart is the Google Play Store?

Chester and Duck dissect these issues with their usual style in this week's Chet Chat podcast...

Our brains work hard to spot phishing scams, but still often fail

Our brains work hard to spot phishing scams, but still fail

Scientists have found a significant increase in brain activity related to problem-solving and decision-making when spotting fake sites. But despite the extra brain-power, it seems we're still pretty bad at it, averaging just a 60% accuracy rate.

Jail for phishing gang member who stole £393k from students

Jail for man who phished £393k from UK students

Olajide Onikoyi was one of many criminals who tricked students via a phishing campaign. Victims received emails prompting them to visit a fake student loans website.

Making phishing more complex - on purpose

postepay-170

A threat that doesn't just attack, but asks you to put in a password first?

Sounds weird, but the trick worked for malware in the past, and is now being used in phishing

Fraser Howard of SophosLabs explains...

SSCC 116 - Google Authenticator, Apple bugs, Facebook data probes, WordPress phishing [PODCAST]

sscc-116-250

Here you are! Episode #116 of the Sophos Security Chet Chat.

News, opinion, advice and research: Chet and Duck bring you their unique and entertaining combination of all four in their regular podcast.

Humans still the weakest link as phishing gets smarter and more focused

apwg-250

The latest figures from the APWG show a decline in phishing reports. Verizon, on the other hand, implies that almost all incidents of cyber espionage reported in the last year included some phishing component.

This seems to confirm that phishing attacks are becoming less scatter-gun, focusing more on specific targets.

Viber admits to swallowing 'Syrian Electronic Army' phishing bait

Viber admits to swallowing Syrian Electronic Army phishing bait

The Syrian Electronic Army (SEA) claimed on Tuesday that it had taken over the support page for instant messaging/VoIP service Viber.

Viber itself announced that the claims are overblown and that only two minor systems were breached - a customer support panel and a support administration system.

Google adds (some) malware and phishing info to Transparency Report

Google adds (some) malware and phishing info to Transparency Report

Google has expanded its Transparency Report data to include stats from their 'Safe Browsing' system, which keeps tabs on where malware and phishing sites are hosted. The data is a little short on definition, but shows which hosting providers are doing the worst job of keeping their IP space clean.

It's VKontakte, *not* Vikontakte. Twitter phishing, Soviet-style

It's VKontakte, *not* Vikontakte. Twitter phishing, Soviet-style

With a cybercrime plan as poorly thought out as this, maybe it's no wonder the Soviet Union didn't survive.

Spicing up phishing attacks

Spicing up phishing attacks

Phishing is often regarded as old hat. From a technical perspective, it's a case of 'been there, done that'. Sometimes however, we come across attacks that are just a little bit more interesting (or at least different) from the norm.

Oxford University blocks Google Docs because of phishing attacks.. for 2.5 hours

Oxford University blocks Google Docs because of phishing attacks.. for 2.5 hours

Flooded with phishing attacks, which staff and students were falling for, the IT team at Oxford University blocked access to Google Docs - hoping to wake up users to the threat..

Would such a technique work in your organisation?

Phishing attack attempts to steal Google passwords via Red Cross website

Phishing for Google passwords

"Please log into Google Docs, and then you'll be able to read my message."

"I've provided a handy link..."

Phishing attack against MSN/Hotmail users - a new year, but old tricks still persist

MSN and Hotmail

You would like to think that computer users are getting smarter about securing their systems, and not falling for the age-old tricks used by cybercriminals.

However, we still see our fair share of elementary unsophisticated attacks designed to steal credentials from the unwary.

PayPal phishing scams - take care of yourself online this Christmas

paypal-scam-login-250

PayPal users are being targeted in what is a now-typical pattern of phishing against the global payment service.

The trick is short and simple: you receive an email "acknowledging" a smallish payment. It's $79 to an eBay advertising service in our example...

How to report a computer crime: Phishing attack

How to report a computer crime: Phishing attack

What would you do if you unwittingly became a victim of a phishing attack? Do you know how you'd go about reporting the phishing to the authorities?

Phishing attack promises a free version of Windows 8

Phishing attack promises a free version of Windows 8

On Friday, Microsoft launched Windows 8 to consumers.

Today, the experts at SophosLabs have intercepted a phishing attack which plays upon interest in the new operating system.

Phishing without a webpage - researcher reveals how a link *itself* can be malicious

Phish without a web page? Yes you can!

Can you phish without a phishing page? Research by a student at the University of Oslo in Norway finds that, with the help of a trusty URI, ‘Yes, you can.’

How to report phishing to Facebook

How to report phishing to Facebook

Facebook has today announced a new way in which it hopes to combat phishing scams targeting its 955 million users.

How to explain phishing to your Grandma [VIDEO]

threatsaurus-threat-in-jar-250

Have you ever had to explain phishing to your Grandma? Are you tech support for friends and family?

If so, then the Sophos Threatsaurus is just what you need. The 2012 edition is hot off the press - get it for free today!