phishing

(get it in RSS or Atom)

Microsoft Windows Update emails try to steal your Gmail, Yahoo, AOL passwords...

by Graham Cluley on September 24, 2012 | 8 Comments
Microsoft Windows Update emails try to steal your Gmail, Yahoo, AOL passwords...

Beware any emails which claim to come from privacy@microsoft.com - it could be that you're being targeted in an attack designed to steal your AOL, Gmail, Yahoo or Windows Live password.

Facebook glitch lets spear phishers impersonate users' friends and family

by Lisa Vaas on August 31, 2012 | 9 Comments
Facebook glitch lets spear-phishers impersonate users' friends and family

Facebook blames a "temporary misconfiguration" for allowing spammers to get their hands on users' personal details and then pose as trusted friends to lure victims into clicking.

But is the problem properly fixed yet?

Phishing without a webpage - researcher reveals how a link *itself* can be malicious

by Paul Roberts on August 31, 2012 | 13 Comments
Phish without a web page? Yes you can!

Can you phish without a phishing page? Research by a student at the University of Oslo in Norway finds that, with the help of a trusty URI, ‘Yes, you can.’

How to report phishing to Facebook

by Graham Cluley on August 9, 2012 | 16 Comments
How to report phishing to Facebook

Facebook has today announced a new way in which it hopes to combat phishing scams targeting its 955 million users.

Exploits posing as messages from payroll company ADP

by Lisa Vaas on August 8, 2012 | 2 Comments
Exploits posing as messages from payroll company ADP

The bogus messages contain links to Java exploits that some anti-virus products struggle to detect.

O2 phishing emails pose as network disruption apology

by Graham Cluley on July 31, 2012 | 3 Comments
O2 phishing emails pose as network disruption apology

Phishers have taken advantage of the network disruption suffered by the O2 mobile network earlier this month.

BlackHat conference in giant phishing gaffe

by Paul Ducklin on July 22, 2012 | 9 Comments
bh2012-gaffe-250

The annual BlackHat conference in Las Vegas prides itself as "the best and biggest event of its kind, unique in its ability to define tomorrow's information security landscape."

That may well be. But this year's event has kicked off with a giant security boo-boo.

Is security training futile?

by Lisa Vaas on July 20, 2012 | 8 Comments
teacher_thumb

Phishing attacks succeed against even those who should know better.

Which all begs the question, "Why bother with security training?"

Prison for phishers who targeted university students to the tune of £1.5 million

by Graham Cluley on July 10, 2012 | 4 Comments
student-loan-thumb

Two British men have been sent to prison for their involvement in a criminal scheme that targeted students and managed to steal £1.5 million.

What you need to know about Facebook sneakily swapping users' default email addresses to @facebook.com

by Graham Cluley on June 26, 2012 | 23 Comments
fb-contact-thumb

Have you checked the contact information you list on your Facebook profile? Chances are that it's now listing an @facebook.com email contact address for you.

Learn how to change your settings to make the email address invisible, and to control who can message you.

Twitter account hack epidemic - Don't fall for "CNBC" spam!

by Joshua Long on June 20, 2012 | 9 Comments
cnbc-twitter-thumb

Throughout the month of June, Twitter accounts have been getting hacked and have subsequently been sending spam that links to fake CNBC news articles. Be cautious about links in direct messages or tweets, even if they're sent from a friend's account!

Online romantics targeted by dating site phishing attack

by Graham Cluley on June 6, 2012 | 1 Comment
cursor-heart-thumb

More and more people are looking for love online.

Be careful not to find yourself reeled in by a phisher.

Phishing with help from Google Docs

by Graham Cluley on May 30, 2012 | 9 Comments
Google Docs phishing

It's child's play to create a Google account, and use the Google Docs facility to host an online form.

But scammers are exploiting Google Docs to phish for passwords and sensitive information.

Is it a Norton or an AOL phishing scam?

by Joshua Long on May 22, 2012 | 4 Comments
Is it a Norton or an AOL phishing scam?

A recent phishing scam targets Norton users... or is that AOL users?

It seems the cybercriminals can't quite decide.

US man confesses to part in $1.3M bank and payroll phishing scam

by Lisa Vaas on May 8, 2012 | 1 Comment
phishing-250sq

A 31-year-old US man from Atlanta, Georgia, admitted last week that he and his gang stole more than $1.3 million USD by phishing confidential account information from e-commerce sites.

Intruder compromises user database for Star Trek Online and other MMORPGs

by Lisa Vaas on April 30, 2012 | 7 Comments
Intruder compromises user database for Star Trek Online

The studio behind Star Trek Online, City of Heroes, City of Villains, and Champions Online suffered a user account database breach 16 months ago... and is only warning users about it now.

India becomes the king of the spammers, stealing America's crown

by Graham Cluley on April 23, 2012 | 8 Comments
spam-thumb

SophosLabs reports on the top twelve spam relaying countries for January - March 2012.

Apple ratchets up security on App Store and iTunes

by Lisa Vaas on April 16, 2012 | 10 Comments
Apple ratchets up security on App Store and iTunes

Apple is prompting some of its iTunes/App Store/iOS customers to set up three new security questions and an alternate email, in an attempt to smother a growing wave of phishing and fraud.

Phishing for passwords of unwary Google users

by Graham Cluley on April 10, 2012 | 8 Comments
Phishing for passwords of unwary Gmail users

A phishing campaign is spammed out, tricking users into handing over their Google login credentials to fraudsters.

IRS releases its top 'Dirty Dozen' tax scams

by Lisa Vaas on February 22, 2012 | 2 Comments
Hiding bank

Ushering in tax season, the U.S. Internal Revenue Service (IRS) has released its annual "Dirty Dozen" tax scams for 2012.