Phishing
Monday review - the hot 13 stories of the week
Catch up with everything we've written in the last seven days with this handy weekly roundup
Spring ushers in US tax scam season
To remind taxpayers to be on the lookout for scams ranging from identity theft to return-preparer fraud, the IRS posted its Dirty Dozen list of tax scams for 2013.
Spicing up phishing attacks
Phishing is often regarded as old hat. From a technical perspective, it's a case of 'been there, done that'. Sometimes however, we come across attacks that are just a little bit more interesting (or at least different) from the norm.
Five Slovenians arrested for $2.5M email banking fraud
Slovenian police on Thursday raided 12 homes and arrested five Slovenian citizens in connection with sending malware-packed email to small and medium businesses' accounting departments.
How to protect yourself from debit-card fraud
How's this for a phone call you don't want on a Sunday night: Visa's fraud unit, calling to ask whether you're aware that $1,371 has been wired from your bank account via Western Union.
Unfortunately, it's far from a rare occurrence...
Tumblr, Twitter and Pinterest users warned after Zendesk support site hack
Hackers have broken into Zendesk's systems, and accessed the email addresses of Tumblr, Twitter and Pinterest customers who had attempted to get support.
Oxford University blocks Google Docs because of phishing attacks.. for 2.5 hours
Flooded with phishing attacks, which staff and students were falling for, the IT team at Oxford University blocked access to Google Docs - hoping to wake up users to the threat..
Would such a technique work in your organisation?
Google says it is winning the war against Gmail account hijackers
Account takeovers are down a mammoth 99.7% compared with what they were at the height of the spear-phishing plague of 2011, the company (rightfully) brags.
Do not relax: such success doesn't let us users off the hook when it comes to account security beef-up.
Facebook Class Action email - it looks like a phish but it's the real deal
A number of you have asked about a Facebook-related email that's doing the rounds lately.
It certainly has some of the hallmarks of a phish.
But is it? And how can you tell?
Anatomy of a phish - how crooks hack legitimate websites to steal your details
Are you a "safe surfer"?
What about sites that were perfectly good yesterday, but today are serving phishing pages for the crooks?
Paul Ducklin takes you on a four-country phishing trip...
Phishing attack attempts to steal Google passwords via Red Cross website
"Please log into Google Docs, and then you'll be able to read my message."
"I've provided a handy link..."
PayPal phishing scams - take care of yourself online this Christmas
PayPal users are being targeted in what is a now-typical pattern of phishing against the global payment service.
The trick is short and simple: you receive an email "acknowledging" a smallish payment. It's $79 to an eBay advertising service in our example...
Sophos Security Threat Report 2013 - the safest and riskiest countries revealed
Download the free Sophos Security Threat Report, looking back over 2012 and exploring what security threats and trends we will all be facing tomorrow.
Facebook hacks its workers into Hacktober smithereens
Slimy worms! Disguised as Facebook news! Unleashed on unsuspecting Facebook employees - by its own engineering team! This was the second year that Facebook celebrated Hacktober, a month-long feast of self-inflicted cyberattacks designed to tune staff's threat perception.
Goatse hacker Auernheimer found guilty of breaching AT&T to access customer iPad data
A hacker claims he was disclosing a security flaw responsibly.
But IRC transcripts show that the Goatse hacking group was instead musing about shorting AT&T stock, discussed selling 120,000 email addresses to spammers, and never told AT&T about the vulnerability in the first place.
How to report a computer crime: Phishing attack
What would you do if you unwittingly became a victim of a phishing attack? Do you know how you'd go about reporting the phishing to the authorities?
Phishing attack promises a free version of Windows 8
On Friday, Microsoft launched Windows 8 to consumers.
Today, the experts at SophosLabs have intercepted a phishing attack which plays upon interest in the new operating system.
Huawei UK makes a blunder with its online careers page
Chinese technology giant Huawei, under the spotlight following US concerns that its technology could be used for undercover surveillance, has made an elementary mistake in regards to its UK careers page.
Spammers exploit open redirects on US government websites
Would you trust a URL which ends with .gov?
US government websites have been left with egg on their faces, after spammers exploited sloppily coded redirect code to redirect gullible internet users into visiting "make money fast" websites.
India spews more spam than ever before, report finds
You can thank India for one out of six spam messages in your inbox, up from one in 10 when SophosLabs last put out its list of the Dirty Dozen top spam-relaying countries. The UK has upped its spam output as well, meaning it's rejoined the dirty dozen after an 18-month hiatus.
