Back to SCHOOL? Most school systems in the U.S. will be opening over the next two weeks … beware of spam and phishing. New attacks come every day, and here are just a few from this week . . .
* FBI issues ransom malware warning after being “inundated” by victims
* Why would tech support call you? Don’t fall for phishing
* Facebook Launches New Reporting Tool For Phishing Scams
* Facebook asks users to help it combat phishing
* FTC Finalizes Facebook Settlement over Privacy
* NVidia game pack’ phishing scam in the wild
* Phishing E-mails Spoof Payroll Services
* Anti-phishing phone bug trial begins
* “Phishing” e-mail smells like fraud
and more . . .
NVidia game pack’ phishing scam in the wild
Gaming addicts were warned over the weekend against falling for an online scam offering a “free” three-game pack from graphics card maker NVIDIA. Security vendor GFI Labs said the latest variant of the scam offered three games, but required the user to “log in” with their Steam platform data.
GFI noted makers of graphics cards will occasionally bundle games with their hardware or offer a downloadable version upon purchase of specific models. It added the Steam gaming platform occasionally offers free games to people who already own a brand of card.
Full story : GMA News
“Phishing” e-mail smells like fraud
Scammers are at it once again, this time targeting Earthlink e-mail account holders with threats of closing their accounts if they don’t respond to the request to “update” their account information.
The sender, who claims to be from the “Earthlink Technical Support Team,” warns that if the user does not respond within seven days, he/she will permanently lose their e-mail account. In an effort to confirm the legitimacy of the e-mail, contact was made with a representative from Earthlink’s Fraud Department who confirmed the e-mail is a hoax.
Full story : Beach Bulletin – Fort Myers Beach Observer
Facebook Launches New Reporting Tool For Phishing Scams
Facebook wants to know if people are receiving phishing emails that seek to trick members into revealing their personal account information.
The social network has launched a new email account – email@example.com – that accepts reports of any such phishing attempts, saying they will ‘investigate and request for browser blacklisting and site takedowns where appropriate.’
Full story : RedOrbit
Facebook asks users to help it combat phishing
Facebook has issued a call to its almost 1 billion worldwide users to help the social network combat cyber-attackers seeking to steal usernames and passwords.
On Facebook, this often involves the sending of fake messages or emails made to appear as though they are officially from Facebook, encouraging users to hand over their details to malicious sites posing as legitimate ones.
Full story : Digital Spy
FBI issues ransom malware warning after being “inundated” by victims
The FBI’s Internet Crime Complaint Center (IC3) has issued an urgent warning about a major ransomware campaign after being “inundated” with complaints from US consumers locked out of their PCs.
The malware causing the damage is called Reveton, a drive-by attack incorporating the Citadel bank Trojan platform that has caused a largely unnoticed toll of misery since the beginning of 2012. It weaves its spell by threatening victims with prosecution by the US Department of Justice (DOJ) after – it claims – detecting child porn or other illegal activity.
Full story : CSO Magazine
FTC Finalizes Facebook Settlement over Privacy
The settlement announcement follows news that the FTC this week fined Google $22.5 million this week for failing to comply with an earlier settlement over tracking cookies it installed on Safari users’ machines. Though the Facebook settlement was reached last November, it required a public comment period before it could be approved.
Full story : Threatpost (blog)
Phishing E-mails Spoof Payroll Services
In recent weeks, fraudulent e-mails purporting to be from payroll companies including Automated Data Processing (ADP) have aimed to lure recipients into downloading malware onto their computers.
Message subject lines have included ‘ADP Generated Message: First Notice–Digital Certificate Expiration’ and ‘ADP Security Management Update,’ according to a recent ADP security alert.
Full story : Security Management
Why would tech support call you? Don’t fall for phishing
Some phishing attacks have gotten sophisticated enough to call end users and pretend to be IT support, baiting them into giving up their personal information in the process. Don’t fall for that.
But even though support teams rarely make calls to customers, there has been a rise in a social engineering attack where someone impersonating support staff calls and informs the IT department that there is a bug in such-and-such a system.
Full story : Network World
Anti-phishing phone bug trial begins
A trial of anti-phishing technology has begun in Japan that will allow banks and police eavesdrop on phone calls. A hundred residents of the Okayama prefecture will have bug devices installed on their phone lines that will help identify phishing scams as they happen.
It will detect fraudulent calls by listening to keywords spoken over the phone. When a suspicious call is detected, the victim will receive an automated voice message warning of the scam, while family members, local police and the victims’ bank will be sent emails.
Full story : SC Magazine Australia
If you think you’re a victim, file a complaint with the
FBI Internet Crime Complaint Center : IC3.