Over the last few months I’ve noticed a resurgence of e-card spam scam from our unfriendly neighborhood spammers.

According to security expert Bill Mullins, in the last year, email inboxes have being swamped with similar scamming emails from fraudulent sites like Greetings.com, and 2000Greetings.com, amongst others.

This time around, the domain name being used by these scammers is Greetingcard.org, which is a legitimate site of The Greeting Card Association, a greeting card industry trade association. This organization makes no bones about it when it says on its website, “We do not publish cards, nor do we have an e-card pick up. If you receive an e-card notification from our association, it is fraudulent and should be deleted”.

Read the rest of this entry »

Last week one of my clients received the resurfaced American Express phishing email. And yesterday an associate told me a dastardly story about being fleeced out of $2,700 from his Citibank account.  This was the result of responding to a phishing email.  Although email administrators may be more educated and wiser to phishing emails, we must continue to stick to the basics in reiterating and providing ongoing  education to our email end users.  As mundane and simple as it may be to us, it’s important to stick to the basics.

Educate your email users with the following information in your next phishing alert email or newsletter:

What is phishing?  Phishing is when some one sits there and creates a spam message to fool the user into thinking that they are going to a legitimate web site and ask them to give up personal information, such as their social security, credit card and bank account numbers.  However, this fake web site is only set to steal the user’s information. The email may look like it is coming from a legit company - creating a web site is easy and to make it look like one from a legitimate business is not hard either.

Read the rest of this entry »

 MillerSmiles.co.uk is one of the internet’s leading anti-phishing sites, maintaining a massive archive of phishing and identity theft email scams.  This organizations provides the latest information on phishing scams.  MillerSmiles.co.uk actually keeps its phishing database updated from contributions from people around the world, including email administrators.

Read the rest of this entry »

French president Nicolas Sarkozy is a victim of a phishing scam. French officials confirmed yesterday that he had money stolen from his bank account after inadvertently giving scammers his username and password through what was later found to be a phishing email.

           “[This] proves the system of Internet checking is not infallible,” French secretary of state for consumer affairs Luc Chatel said. “These cases are sufficiently rare that we haven’t had to really organize ourselves, but [are] sufficiently serious for us to reflect on how to improve the system.”

President Sarkozy filed a complaint with police and an investigation is ongoing. The specifics of the attack haven’t been released and officials say the president’s bank could face sanctions if it’s found their security procedures, or lack thereof, contributed to the hacker’s attack. 

While criminals thought it was based in Eastern Europe, the Internet’s top English-speaking cybercrime forum was secretly run by the FBI from this building on the banks of the Monongahela River in Pittsburgh.  Photo: John Monroe Butler/ Wired.com

Kevin Poulsen reports that DarkMarket.ws, an online community center for thousands of identity thieves, hackers and credit card swindlers, has been secretly run by an FBI cybercrime agent for the last two years, until its voluntary shutdown earlier this month, according to documents unearthed by a German radio network.

Reports from the German national police obtained by a Southwest German public radio station, blew the lid off the long running sting by revealing its role in nabbing a German credit card forger active on DarkMarket. The FBI agent is identified in the documents as J. Keith Mularski, a senior cyber crime agent based at the National Cyber Forensics Training Alliance (NCFTA) in Pittsburgh, who ran the site under the hacker handle Master Splynter.

Read the rest of this entry »

Most web browsers are supposed to protect people by implementing security zones. These safe zones use different security settings of a web browser, which can vary based on the location of the web page being viewed. Phishing emails can lure users to a malicious code web site.  These sites attempt to install spyware, malware or both onto the unknowing person’s computer. These web sites rely on weaknesses in web browsers, which will allow installation and execution of harmful programs on a computer.  These web browser vulnerabilities allow overriding settings, even when these sites are located in a security zone that is not trusted and normally would not allow those actions.

Read the rest of this entry »

A new phishing attack has been launched and this time the scammers are exploiting a troubled bank. The spams being sent are purportedly a “Wachovia Corporation Notice” and ask for personal information such as social security numbers and bank account info in order for them to send a “Wachovia Security Plus” certificate. The link in the email redirects to a malicious site that downloads the Gozi Trojan that scans the infected PC for personal info and sends it to the scammers. Experts worry that jittery Wachovia customers, already reeling from the bank’s collapse and takeover by CitiGroip, may fall for the scam.

It’s expected this won’t be the last phishing scam exploiting the current economic crisis. Remember that banks never ever ask for personal info via email, so delete any emails asking for it!

Apple’s popular MobileMe service, which offers Mac and iPhone users webhosting, a personal email address, file sharing, and online data synchronization between their devices, has been hit with a phishing scam. Users received an email that looked like it came from Apple with the following message:

         “We were unable to process your most recent payment. Did you recently change your bank, phone number or credit card?”

The email then prompts the user to click on a link to update their info. The link is actually fake, and leads to a site owned by a Gmail user in Romania. The site steals the personal information of anyone who falls for the ruse and enters it into the phony Apple page.

This is the second time this year that phishers have targeted Apple. In May a similar email was sent to users of the immensely popular iTunes service. Security experts believe that phishers are aiming these attacks at Apple services to take advantage of Apple’s reputation of being more secure than Windows. They are banking on Apple users thinking such attacks could never happen to them and as a result not being wary of such emails. It appears that Apple users are not getting a rather rude wake up call. To scammers, no OS is off limits.

A new report on the state of the net for the first half of 2008 has found that text based spam is increasing in popularity again. 70% of all spam sent over the last 6 months was text spam, compared to 20% at the same time last year. Image based spam is decreasing sharply, accounting for only 3% of spam sent compared to a whopping 60% last year. Read the rest of this entry »

Consumer Reports is recommending Mac users dump Safari due to its lack of protection against phishing. The publication’s annual Internet security survey is recommending Firefox or Opera instead. Safari doesn’t include any anti-phishing tools, while the other browsers-and IE7-warn users when they try to access a known phishing or malware infected site and blocks it. Microsoft says the upcoming IE8 will also include an anti-malware tool as well. Read the rest of this entry »