Search
Close this search box.

Category: cyren

“Osama Bin Laden Dead – Actual Video” – New Facebook Malware

Last week we described Facebook malware that was distributed via compromised accounts offering “500 free credits on Facebook”. Now the same techniques are being used but the subject matter has changed to the highly topical death of Osama Bin Laden. As described in the last post the malware cycle is

500 free credits from Facebook – malware

There’s no such thing as a free lunch – or free Facebook credits. As proof consider the attack described below which has several stages: 1) Users get messages with offers of “free Facebook credits”   2) These trick users into running a malicious JavaScript 3) The infected user is lead to

FedEx used for continued email malware – Zombies up 70%

It’s been almost one month since we reported about the huge increase of email-borne malware attachments. The outbreaks have continued on an almost daily basis since then and we have noted a corresponding dramatic increase of over 70% in the number of zombies.  The traffic graph below shows the continued

More fake Twitter emails lead to Easter “specials”

It’s been over a month since we wrote about fake Twitter email messages, and if it worked once for scammers/spammers, they’ll certainly try it again. Commtouch labs is seeing large quantities of – you guessed it – fake Twitter email messages, similar to the one here:  How can the uninitiated

April 2011 Internet Threats Trend Report

Statistics related to spam levels feature prominently in this Internet Threats Trend Report, as they did in the report about the fourth quarter of 2010. This is due to the wide variations observed during the first three months of 2011, and the takedown of the Rustock botnet – which we

Email Unsubscribe – the good, bad, ugly, and .. non-existent

Many of us suffer from email overload, even without including the seemingly hundreds of newsletters to which we voluntarily subscribe. Sometimes, we must step in and say “Enough” and unsubscribe from the emails that no longer provide as much value as we’d hoped in the beginning. The Really Good  Clear,

Google’s App Engine proxies HSBC site

Update April 17, 2011: Based on some feedback received offline, I would like to clarify: inetbrowse is a proxy, available on the Google App Engine. In other words, anything can be proxied through it. I did not mean to imply that Google was knowingly hosting a phishing site. The intention

New Adobe Flash Vulnerability (Yes, Another One)

Malicious Adobe Flash files are making the rounds of some lucky individuals that have been targeted for spearphishing, according to news reports. Adobe has confirmed that the vulnerability exists in its Flash program, and that the infected files have been distributed (so far) embedded in a Microsoft Word document sent

Complex – PDF hides Malware inside XFA which is inside PNG – not an image

We recently received an email supposedly from Puremobile – a supplier of unlocked cellphones. Similar emails were also received with “order info” from Bobijou (a costume jewelry designer). The “order confirmation” included a PDF file as shown below.  Our initial analysis of the file found no Javascript. No JavaScript? This