New year, New threats

User Group Network UGN Safenetting and Cybercrime report Here comes a new year, and here come a slew of new threats for computer users. Big prediction for 2012: China will dominate spam, phishing and malware by virtue of having the most users online world-wide …
* Scammers Using Browser Extensions to Hack Facebook Accounts
* Latest Phishing Scams Target Users of New Christmas Gadgets
* Better Business Bureau: Your online order was canceled
* Chinese Government To Crack Down On Phishing Schemes
* As the new year begins, resolve to be savvy consumer
* Phishing sites using Extended Validation SSL
* Aggressive Phishing Attack Targets Military
* Phishing scam uses official’s email
* Digit’s Top Ten Trends of 2012
* China Has Hacking Problem
. . . and more!

Safenetting

Better Business Bureau: Your online order was canceled

Another shopping season is over, and as expected, we saw some problems, but one of the major tribulations was not anticipated.
      A few days before Christmas, untold numbers of BestBuy.com customers received emails from the company with bad news: your order is being canceled.
READ THIS REPORT Full story : Victoria Advocate


China Has Hacking Problem

What’s Chinese for Anonymous?
      So far, no one calling themselves Bo’zh mo’ng de have taken credit for phishing 45 million bank customers to phoney bank websites in order to hack their credit card and account information. Forty-five million. Anonymous must be so embarrassed today.
READ THIS REPORT Full story : Lez Get Real


As the new year begins, resolve to be savvy consumer

The new year brings opportunity for fresh starts. Unfortunately, the new year also brings opportunity for fresh scams.
      Protect yourself in 2012 by resolving to follow these savvy consumer tips from your Better Business Bureau:
READ THIS REPORT Full story : Dayton Daily News


Aggressive Phishing Attack Targets Military

A recent aggressive phishing attack is making the rounds in an email which appears be from USAA, a financial services company that serves military members, their families, and veterans. The email subject begins with ‘Deposit Posted.’
      Members are asked to open a Zeus-infected attached file. Once opened, it launches a malicious virus which could provide access to personal information and may require a complete reinstall of the computer operating system.
READ THIS REPORT Full story : DoD Live


Phishing scam uses official’s email

A Mansfield city councilwoman had her email address list hacked by scammers hoping to trick friends and acquaintances into “rescuing” her by wiring money to them through Western Union.
      The email message, sent a few days before Christmas, featured more accurate spelling and better grammar than most phishing emails. In part the message read:
READ THIS REPORT Full story : Mansfield News Journal


Chinese Government To Crack Down On Phishing Schemes

The Chinese government is joining forces with the nation’s most popular search engines to combat phishing attacks that have resulted in the theft of the personal details of more than 45 million Internet users in that country.
      According to Sisi Tang and Melanie Lee of Reuters, the Ministry of Public Security announced on Friday that they would be teaming up with 10 Chinese search engines in order to make it more difficult for people to fall victim to the schemes, during which bank customers are tricked into revealing their usernames and passwords by a realistic-looking fake website.
      “The anti-phishing initiative comes at the end of a week in which the personal details of almost 10% of China’s 485 million web users were stolen,” a December 30 BBC News report said.
READ THIS REPORT Full story : RedOrbit


Latest Phishing Scams Target Users of New Christmas Gadgets

Cyber-criminals have launched phishing and malware campaigns to take advantage of users who received new computers or Apple gear for Christmas.
      Malware infections spiked 25 percent on the day after Christmas, according to data released by SpywareRemove.com, a site that tracks malware infections by visits to its site. There was a small jump, about 4 percent, between Dec. 24 and Dec. 25, and a 25 percent spike between Dec. 25 and Dec. 26, according to the site.
READ THIS REPORT Full story : eWeek


Digit’s Top Ten Trends of 2012

#7 Malware takes its toll – Atleast 35% of Indian mobile users will click an unsafe link. Global mobile malware business will turn profitable in 2012.
      While it’s all exciting on the smartphone and tablet roadmap all through this year, there’s a grim forecast emerging from security watchdogs monitoring malware trends. McAfee, Kaspersky, and other security specialists are unanimous in their prediction that Android smartphones will be the most targeted in 2012 — 75 million unique malware samples by December 2011, according to McAfee, and most of them targeting Android. With close to 1 million device activations daily, there’s no wonder why spammers and scammers are targeting Google’s mobile OS.
READ THIS REPORT Full story : Digit


Scammers Using Browser Extensions to Hack Facebook Accounts

Spammers are once again attacking Facebook users through rogue browser extension as a mode for circulating malicious code, claimed researchers at Websense, web security vendor.
      A message saying that the plug-in is required for enabling video content viewing on the social networking site, “facebook” is received by the used. A click to the malicious content immediately enables the downloading of the malware, which is then transferred to all the people added in the Friends’ list. As a result, malware circulation is carried out incessantly at an unbelievable speed.
READ THIS REPORT Full story : SPAMfighter News


Phishing sites using Extended Validation SSL

Netcraft’s anti-phishing toolbar community identified a noteworthy phishing attack against PayPal in December. FasterPay — which describes itself as the UK’s only safe, all-in-one Internet Banking payment service — was apparently hacked, and a subdirectory on the company’s own website at www.fasterpay.co.uk was used to host a PayPal phishing site.
      The veracity of the phishing attack was enhanced by the Extended Validation SSL certificate used by the FasterPay website. This meant that any victims of the phishing attack would have been presented with the reassuring green EV indicator in (or near) the browser’s address bar. This attack acts as a reminder that users must do more than merely look for the presence of an EV certificate when deciding whether or not it is safe to submit personal or financial data to a website.
READ THIS REPORT Full story : Netcraft


What did you miss in the last Safenetting post
GO Send in your items for Safenetting readers
GO Facebook Safe Netting
GO Join / Like / contribute : UGNN FaceBook Group, (ug.netnews)

DO NOT CLICK

If you think you’re a victim, file a complaint with the
GO FBI Internet Crime Complaint Center : IC3.

You can also keep up with the efforts to curb spam and cybercrime by reading the news at
GO Knujon and
GO HostExploit.com. And, you should
GO switch to SpamCop and take a stand against spam.