Internet Scams
eBay phishing scam      
As with the SunTrust example, this eBay phishing email includes the eBay logo in an attempt to gain credibility. The email warns that a billing error may have been made on the account and urges the eBay member to login and verify the charges.
 
Citibank phishing scam      
There is no shortage of irony in the Citibank phishing example below. The attacker claims to be acting in the interests of safety and integrity for the online banking community. Of course, in order to do so, you are instructed to visit a fake website and enter critical financial details that the attacker will then use to disrupt the very safety and integrity they claim to be protecting.
 
Charter One phishing email      
As seen with the previous Citibank phishing scam, the Charter One phishing email also pretends to be working to preserve the safety and integrity of online banking. The email also includes the Charter One logo in an attempt to gain credibility.
 
PayPal phishing email      
PayPal and eBay were two of the earliest targets of phishing scams. In the example below, this PayPal phishing scams tries to trick recipients by pretending to be some sort of security alert. Claiming that someone 'from a foreign IP address' attempted to login to your PayPal account, the email urges recipients to confirm their account details via the link provided. As with other phishing scams, the displayed link is bogus - clicking the link actually takes the recipient to the attacker's website.
 
IRS Tax Refund Phishing Scam      
A security flaw on a US government website has been exploited by a phishing scam claiming to be an IRS refund notification. The phishing email claims the recipient is eligible for a tax refund of $571.94. The email then tries to gain credibility by instructing recipients to copy/paste the url rather than clicking it. That's because the link actually does point to a page on a legitimate government website, http://www.govbenefits.gov. The problem is, the page being targeted on that site allows the phishers to 'bounce' the user to another site altogether.
 
Reporting phishing scams      
If you believe you have been the victim of fraud, contact your financial institution immediately via phone or in person. If you have received a phishing email, you can usually send a copy to abuse@DOMAIN.com where DOMAIN.com signifies the company to which you are directing the email. For example, abuse@suntrust.com is the email address for sending phishing emails purporting to be from SunTrust Bank. If in the United States, you can also forward a copy to the Federal Trade Commission (FTC) using the address spam@uce.gov. Be sure to forward the email as an attachment so that all important formatting and header information is preserved; otherwise the email will be of little use for investigative purposes.
 
AVIRA reveals new details on the online fraud attempt implying the name of the National Bank of Romania      
Yesterday morning, AVIRA specialists noted the e-mail spreading of a message that seemed to be part of a donations campaign, initiated by BNR (National Bank of Romania) in order to uphold the reconstruction of areas severely hit by floods this summer. The authors of this message were clearly taking advantage of the compassion and sympathy proven by the people after the recent devastating floods, in order to get card details and other personal information for identity theft purposes. Although this would be a first time for Romania, such practices are no longer new to the international IT environment, where they go by the name of phishing.
 
Spammer vs. Microsoft      
Robert Soloway hates Microsoft. Or so it seems. Soloway lost a court battle to the software giant, who accused Soloway of illegal spamming. According to Brian McWilliams, investigative journalist and author of Spam Kings, Soloway is allegedly one of the world's dirty dozen of top spammers.
 
Virus writers/hoaxsters exploit Tsunami      
Virus writers are now exploiting the December 2004 Tsunami disaster. The most recent example, the Zar worm (a.k.a. VBSun), is a mass-mailing email worm that sends itself to everyone listed in the Global Address Book. The subject of that email is "Tsunami Donation! Please help!" and the body reads simply "Please help us with your donation and view the attachment below! We need you!". The attachment is named TSUNAMI.EXE.
 
Scam emails deliver Trojaned goods      
Criminal emailers are increasingly exploiting MS04-013, an MHTML URL Processing vulnerability which allows a remote attacker to automatically and surreptitiously download and execute arbitrary code via miscreant websites or email. In many cases, the scammer uses a common phishing technique, composing an email that masquerades as correspondence from a legitimate financial institution. As with phishing scams, the email claims there is a problem with the user's account in an attempt to entice them to click the link and visit the spoofed website. Once on the site, the phishing scam ends and the malware takes over - a downloader Trojan is forced onto the victim's computer and executed, which in turn can be exploited to download other malicious code.
 
« Start Prev 1   2   3   4   5   Next  End»