Smartphones no doubt make our lives easier and it’s great having so many resources available at our fingertips.
Mobile banking is one of those resources, with banks have made very feature rich apps that allow us to access our account, deposit checks, and money transfers.
Malware writers know this and have been trying to make an impact on Android’s banking app for some time now. There have been a several families with some of the same gangs targeting PC’s also targeting mobile such like Zeus and SpyEye.
Over the last few days two popular VOIP apps, Tango and Viber, had their servers breached that compromised customer data and support sites.
The Syrian Electronic Army (SEA), a pro-Assad hacker group known for hacking Western websites, typically defacing and trying to push Syrian propaganda, have claimed responsibility. The group has claimed responsibility for hacking The Onion and The Guardian’s Twitter accounts among others.
We are accustomed to seeing criminals take advantage of big events to push malware, so we always keep an eye out for malicious emails or websites. This one was no exception with customized spam messages and malicious links all leading to nasty infections.
The emails come with a subject line such as “Aftermath to explosion at Boston Marathon” or “Explosions at Boston Marathon” and a single link in the form of an IP address and a html document called news.html or boston.html. Continue reading
A new phishing scam is going around and trying to grab user log-on credentials for popular banks like HSBC, Lloyds TSB & Chase. The phishing emails advertise one of the following reasons in order to trick the user into clicking the provided link:
- There are security Messages available to the user which they need to log in to read
- Log-in credentials need to be verified because of a security breach
- Personal information needs to be updated
Over the last few weeks I have described numerous methods of phishing attacks and a few examples what they do or may look like. In this final installment, I will shed some light on how phishing attacks are done and a few real world examples of techniques used by Phishing scammers. Finally, I will discuss why phishing is still so popular and not only how you can protect yourself but how you can help protect others too.
How it’s done
Most cyber-attacks which are aimed at either gaining access or stealing information are fairly difficult and require a decent level of technical knowledge; this is not the case with Phishing however. Phishing attacks are incredibly easy to both setup and execute. It really only requires a light amount of technical know-how and the ability to do some research as well as think up possible reasons for people to blindly click a link or give up their user credentials.