Here’s a review of last week’s posts on Malwarebytes Unpacked:
From High Fashion to High Risk?(Fraud/Scam Alert) In the wake of several Fashion Week events, we collectively profiled a number of domains claiming to sell branded products online and cautioned our readers to think twice before trusting them with their personal information and payment details.
We BBC what you did there(Online Security) Fake news websites have been around for quite a while, and they are known for promoting Acai berry diets. Some of the media outlet names they typically pretend to be are CNN and the BBC. Last week, Malware Intelligence Threat Analyst Chris Boyd found several fake BBC domains that not only sport the fake diet fad but also (1) suspicious Adobe Flash Player updates potentially housed on a .gov site that was once compromised and (2) a survey scam.
Watch out for “Amazoon” Phishing(Fraud/Scam Alert) You read that right. Clearly, the phishers were on the prowl for Amazon user details; however, the typo may not be that glaring to users’ eyes, so we opted to give our readers a heads up about this scam’s existence.
FIFA World Cup Scammers Return to Twitter, Steal EA Logins(Fraud/Scam Alert) With the World Cup less that three weeks away, fraudsters continue their game of “phish-the-FIFA-game-fan”. We saw new fake accounts popping up, purporting to be an official presence of EA Sports on Twitter. Sadly, such scams remain convincing since intercepting conversations between Twitter fans and a genuine EA account is proven effective at gaining visits to phishing sites.
eBay Customer Database Compromised(Malwarebytes News) Malwarebytes was on the heels of the eBay hacking last week and witnessed a backlash from known personalities in the security industry. We encouraged users to use password managers as these tools are becoming more and more indispensable in the war against fraud.
Browlock Redirects Via Google Image Search(Fraud/Scam Alert) We found ransomware hosted on a compromised site offering up a “Back to the Future” game. Thankfully, no files were actually encrypted on affected systems and the browser looping can easily be mitigated via Task Manager.
A RAT in Bird’s clothing(Security Threat) We had an unexpected encounter with a Twitter scammer after one of our own received a tweet informing him that “The US Government was working on taking down Bitcoin and included a shortened link for more information”. We found out in the end that the scammer behind this wanted remote administration tool (RAT) software installed onto user systems for their malicious scheme.
Kovter Adult Website Ransomware Doubles. According to a research conducted by our friends at Dambala, recently regular visitors of porn sites are continuing to get plagued by the Kovter ransomware. (Source: Infosecurity Magazine)