Blog

Lesson one: The IRS is a confirmed favorite of spammers, phishers and malware distributors. As an example consider the attacks from the last few weeks that have targeted users of the IRS’s electronic payment portal. This time the attack starts with an email about tax forums to train and serve

In our most recent report, we describe our observations about phishing, BEC, and malware attacks including: Per capita, malicious inbox content has more than doubled within the past two years Almost 80% of malicious inbox threats are phishing attacks  Phishing attacks have been known as the origin of large breaches

Tumblr is a microblogging platform that allows users to post text, images, videos, links, quotes and audio to their short-form blogs. The last few days have turned up Tumblr accounts being used by scammers to redirects users to their work-from-home sites. The redirection is based on functionality provided by Tumblr.

Cybercriminals targeting US taxpayers have launched a second wave of phony “tax payment rejected” emails. The first major outbreak started around June 21st. As before the emails warn recipients that their tax payments, submitted via the IRS’s electronic payment system, have been rejected. To understand why, recipients are provided with

The LoveGame virus gets hearts racing  The concept sounds interesting: A new game called “lovegame” which is still freeware has been received as an email attachment. Email text: Hello Dear! Do you play games ? lovegame. us present new project This game is still freeware. You can find it in

Last week we reported about a large outbreak of emails that inform recipients of rejected IRS payments. The IRS theme has now been replaced with NACHA-themed emails that contain virtually identical content – including links to malware executable s that are presented as “self-extracting” PDF files. NACHA manages the development,

“Your federal tax payment was rejected”. We imagine that the sight of these words would make even the most security-aware individuals click on anything in sight as they race to resolve this troubling news. In the last 24 hours Commtouch Labs has detected vast quantities of emails that inform recipients

YeheyTV is an Internet site offering Filipino television shows online. The site has been around since 2009 and is frequented by Filipinos around the world. FakeAV distributors have exploited this popularity by using a Search Engine Optimization (SEO) poisoning attack directed at Internet users looking for the YeheyTV site.  Searching

Statistical arbitrage (abbreviated as Stat Arb or StatArb) as opposed to (deterministic) arbitrage, is associated with the statistical mispricing of one or more assets based on the expected value of these assets. (So now you know…). The attachment in the high-priority email below claims to be a plan for foreign