October moves along, as September saw lots of phishing and spam attacks of all kinds. . . .
* Online bank fraud rises as phishing criminals redouble efforts
* Double Tricky Phishing E-mails Masquerade as ADP
* Why American Banks Will Continue to be Breached
* Phishing attacks cast wider nets in businesses
* Phishing Scam Yet Again Targets O2 Subscribers
* The 20 most common words in phishing attacks
* How To Counter Threats Of Cloud Computing
* Scammers pose as BBB in emails
and more . . .
How To Counter Threats Of Cloud Computing
With the popularity of cloud computing, it is not surprising to find out that more and more individuals are being scammed by ‘phishers’ and other cybercriminals. Because not all individuals have the technological know-how, the tendency is for these persons to be duped into providing their personal information through the internet.
According to Intersections Inc. VP for Information Security Tom Rohrbaugh, although cloud data storage provides a lot of savings to firms and can be very convenient to users, it has, however, taken some degree of control which users and firms have over their own personal information.
Full story : CloudTimes
Online bank fraud rises as phishing criminals redouble efforts
A resurgence in phishing attacks has caused a sharp rise in the sums being lost to online credit and debit card fraud, half-year figures from the UK Cards Association have shown.
Between January and June of 2012, online banking losses reached ‘21.6 million ($35 million), a 28 percent rise on the same period a year earlier. Telephone banking fraud reached ‘6.7 million although this represented a 21 percent fall as criminals moved to the preferred medium of web-based fraud.
Full story : Techworld.com
Phishing attacks cast wider nets in businesses
Phishing attacks are moving from targeting a few key employees in businesses to much wider groups of employees, according to corporate security awareness training company PhishMe.
‘Once they are in, attackers are using what they learn about the environment to attack bigger groups,’ said Scott Gr’aux, vice-president of product management and services.
Full story : ComputerWeekly.com
Phishing Scam Yet Again Targets O2 Subscribers
Phishing e-mails posing as messages from O2, the major British company for broadband and mobile-phone services, have been detected online while striking gullible subscribers; published softpedia.com dated September 18, 2012.
Displaying the header “YOUR O2 EMAIL ACCOUNT IS UNSECURED,” the fake electronic mail that addresses the reader like “Dear O2 Online User,” is a persuasive message so the user gets misguided into accessing a spoofed login web-page for O2 e-mail where he’s prompted to provide his credentials.
Full story : SPAMfighter News
Why American Banks Will Continue to be Breached
Last week, it was reported that several major banks in the United States experienced technical difficulties with their websites, and had been subject to a barrage of cyberattacks since late 2011. Shortly thereafter, the FBI, in conjunction with the Internet Crime Complaint Center (IC3), and the Financial Services Information Sharing and Analysis Center (FS-ISAC), issued a Fraud Alert warning banks of an elevated online risk, the result of the surge in cyberattacks.
While some sophisticated technologies were leveraged by the attackers, the report (available here) noted that ‘The actor(s) primarily used spam and phishing e-mails to target their victims. Spam and phishing do not exploit technical vulnerabilities, they leverage a technological medium to exploit human weaknesses. http://www.ic3.gov/media/2012/FraudAlertFinancialInstitutionEmployeeCredentialsTargeted.pdf
Full story : Forbes
The 20 most common words in phishing attacks
When online spies or criminals want to get their hands on sensitive information, they usually start by going phishing, sending e-mails to people inside a government agency or contractor, trying to lure them to a malicious site or download a file where malware awaits.
Many of the high-profile attacks in recent years against agencies and government contractors involved targeted phishing — or spear-phishing — campaigns, from the hack of intelligence analysis company Strategic Forecasting to an attack on Oak Ridge National Laboratory. In fact, according to the U.S. Computer Emergency Readiness Team, 51.2 percent of reported attacks on federal, state and local government agencies in 2011 involved phishing.
Full story : GCN.com
Double Tricky Phishing E-mails Masquerade as ADP
Security investigators from Websense report encountering phishing e-mails, which attempt at duping unwitting recipients as they pose as communications from the Automatic Data Processing Company.
Exhibiting a header, “ADP Invoice Reminder,” the fraudulent e-mail tells the recipient that his up-to-date ADP Dealer Services Bill can currently be viewed online as also similarly paid through ADP’s Online Invoice Management. Moreover, for safeguarding his data, he requires keying in his username and password followed with clicking to open his ‘Access your Online Invoice Management’ A/c. The sum pending till September 12, 2012 amounts to $2,8240.35. However, incase the recipient has already dispatched the due amount he may ignore the current reminder. Finally to end, the e-mail expresses gratitude to the reader for selecting ADP.
Full story : SPAMfighter News
Scammers pose as BBB in emails
The phishing scammers are trying to hook unsuspecting consumers again by using the Better Business Bureau name.
Monica Horton, president of the North Central Texas Better Business Bureau, said there are three phishing scams circulating and she urges consumers to be extremely cautious about responding to emails.
Full story : Times Record News
If you think you’re a victim, file a complaint with the
FBI Internet Crime Complaint Center : IC3.