Author: tetiana.vashchenko@data443.com

FedEx used for continued email malware – Zombies up 70%

It’s been almost one month since we reported about the huge increase of email-borne malware attachments. The outbreaks have continued on an almost daily basis since then and we have noted a corresponding dramatic increase of over 70% in the number of zombies.  The traffic graph below shows the continued

More fake Twitter emails lead to Easter “specials”

It’s been over a month since we wrote about fake Twitter email messages, and if it worked once for scammers/spammers, they’ll certainly try it again. Commtouch labs is seeing large quantities of – you guessed it – fake Twitter email messages, similar to the one here:  How can the uninitiated

April 2011 Internet Threats Trend Report

Statistics related to spam levels feature prominently in this Internet Threats Trend Report, as they did in the report about the fourth quarter of 2010. This is due to the wide variations observed during the first three months of 2011, and the takedown of the Rustock botnet – which we

Email Unsubscribe – the good, bad, ugly, and .. non-existent

Many of us suffer from email overload, even without including the seemingly hundreds of newsletters to which we voluntarily subscribe. Sometimes, we must step in and say “Enough” and unsubscribe from the emails that no longer provide as much value as we’d hoped in the beginning. The Really Good  Clear,

Google’s App Engine proxies HSBC site

Update April 17, 2011: Based on some feedback received offline, I would like to clarify: inetbrowse is a proxy, available on the Google App Engine. In other words, anything can be proxied through it. I did not mean to imply that Google was knowingly hosting a phishing site. The intention

New Adobe Flash Vulnerability (Yes, Another One)

Malicious Adobe Flash files are making the rounds of some lucky individuals that have been targeted for spearphishing, according to news reports. Adobe has confirmed that the vulnerability exists in its Flash program, and that the infected files have been distributed (so far) embedded in a Microsoft Word document sent

Complex – PDF hides Malware inside XFA which is inside PNG – not an image

We recently received an email supposedly from Puremobile – a supplier of unlocked cellphones. Similar emails were also received with “order info” from Bobijou (a costume jewelry designer). The “order confirmation” included a PDF file as shown below.  Our initial analysis of the file found no Javascript. No JavaScript? This

“Advice” after the Epsilon breach

Should I feel left out? I didn’t receive an apology letter from my bank, broker or grocery store this week. In case you are wondering what they should be apologizing about – besides the weak dollar or the price of tomatoes — the online marketer Epsilon was breached this week

UPS malware now sent via DHL!

For the 3rd day running we are seeing vast quantities of email-attached malware. Today the spoofed sender was DHL with subjects like “DHL Express Service”. The emails included standard test such as:  Dear customer. The parcel was sent your home address. And it will arrive within 3 business day. More