Beware unexpected e-Valentines, FBI says
February 15th, 2008 by Shanmuga
"When the FBI issues a press release about Valentine’s Day, you can guess it’s not good news. The feds are warning Internet users about electronic Valentines that are booby-trapped with a computer virus. Computer security firms confirm that they have seen many variations of the virus, which often arrives in e-mail bearing loving subject lines like ‘You Stay In My Heart" and "Hugs And Kisses." The e-mail instructs users to follow a link and pick up an electronic greeting card.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Phishing, Spam | No Comments »
"A recurrent group of Moroccan fraudsters calling themselves Mr-Brain has launched a website dedicated to offering easy-to-use phishing site code, email templates and other hacking tools. The website offers phishing kits for many of the most common targets, such as Bank of America, eBay, PayPal and HSBC.
"According to the FBI’s Internet Crime Complaint Center (IC3), the number of "vishing" complaints received by the center is increasing at what it calls "an alarming rate." Vishing and phishing are related, and both rely on e-mail as a means of delivering bait, but the two use different hooks in order to snag user data.
"A phishing kit targeting the Bank of America contains an interesting insight into the intellectual hierarchy involved in Internet fraud. At first glance, the phishing kit looks attractive to any fraudster – it is straightforward to deploy on any web server that supports PHP, and a single configuration file makes it easy to specify an electronic mail address to receive captured financial details. In addition to requesting the credit card numbers and bank account details, a second form on the phishing site asks for the victim’s SiteKey challenge questions and answers, which can help a fraudster gain access to the victim’s Internet banking facilities.
"Forget the Nigerian prince. Phishing scams are moving beyond the misspelled, far-fetched ruses that clog your in-box and beg for your bank codes. In the year to come, security professionals are warning of bank code-stealing exploits that are much slicker and more convincing–hidden in guises as harmless as a banner ad on a reputable Web site or a message from a friend on a social network.
