Insights on Data Security & Threat Intelligence
Even stock scammers needed to put their plans on hold following the closure of stock markets for 2 days. In the typically worded email shown below, recipients are encouraged to buy into low-priced shares now that Hurricane Sandy has passed and trading has resumed. Interestingly, we see less topical spam
Sometimes the “other side” uses a neat trick that seems so obvious. In these cases we think “they must have done this before” – then we search the archives (Google) for proof that it has indeed been used before. A good example is our post from last year where we
Wednesday the 24th saw huge of amounts of email-attached malware distributed – all with an “office” theme. The attacks pushed the amount of email up by several hundred percent and totaled near five billion emails sent worldwide. The first part of the day saw emails describing an attachment as being
At first glance this looked like a “standard” email-malware attack. As with many similar attacks the email pretends to be carrying an eticket attachment – this time from Delta. The zip file holds executable malware. In case we weren’t sure this is malware here are some of the giveaways: The
We are often asked whether we have any way of knowing how successful a particular malware or spam campaign has been. We assume that the “other side” tracks this sort of thing to see what social engineering works, and which material escapes spam and malware checks. (If any spammer is
A recent collection of malware emails borrows heavily from authentic mailings sent out by Groupon and LinkedIn. The outbreak is different from the blended attacks that have featured regularly in the last few months since it relies on attached malware as opposed to a link to drive-by malware. Using email
OK – so there is a “Facebook Social Reader” for Digg – but “Facebook Social” is a neatly confusing invention of pharmacy spammers. The description of the new service seems to have been lifted more or less from the description of the Reader. The email welcomes users to the new
Classmates.com has become the latest in a series of well-known brands to be abused by a particular gang of malware distributors. The similarities to other outbreaks include: Linking to multiple compromised sites which then redirect to the malware hosting sites Favoring WordPress sites (that can be exploited) Hosting the malware
