|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
AplusWebMaster
General
Joined: Mar 14, 2004
Posts: 4829
Location: USA
|
 Posted: Fri Apr 25, 2008 8:27 pm Post subject: Fly Phishing... for -enhanced safety- |
|
|
FYI...
- http://www.f-secure.com/weblog/archives/00001428.html
April 25, 2008 - "Some phishing gangs have a new technique. They're using trojan-spy applications... the message doesn't mention anything about providing an account-name or password. Instead, it attempts to convince the recipient that they need to install a Digital Certificate for enhanced safety. (Anybody want to buy a bridge?)... It's basically a page full of jargon designed to overwhelm the potential victim. What happens if the victim falls for the bait and installs the "certificate"? A trojan-spy will be installed. So now the phishers don't need to ask for passwords anymore, they can just take them. This technique keeps the classic element of phishing by mimicking the trusted institution — the bank. What they've adjusted is the part that people have become skeptical of, which is giving away their password when requested by e-mail."
(Screenshots available at the URL above.)
_________________
AplusWebMaster
~ Are you up to date or vulnerable to Hackers? ...or both?
.
|
|
| Back to top |
|
 |
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2886
|
| Posted: Sat Apr 26, 2008 3:40 am Post subject: |
|
|
I just reported 15 of those 2 hours ago, and they're already down -- kudos register.com which killed all the domains, and iaregistry/spiritdomains that killed the nameservers correctly.
|
|
| Back to top |
|
|
AplusWebMaster
General
Joined: Mar 14, 2004
Posts: 4829
Location: USA
|
| Posted: Wed Apr 30, 2008 1:34 pm Post subject: |
|
|
More...
- http://www.darkreading.com/document.asp?doc_id=152295&print=true
APRIL 28, 2008 - "...Both Trend Micro* and F-Secure** over the past few days spotted new iterations of the attack, which was first reported by RSA last week. The latest tack is phishing emails posing as Comerica Bank and Colonial Bank that ask banking customers to renew their digital certificates. When they click on the link for more information on the phony renewal process, it downloads the nasty Trojan onto their desktops... the Rock Phish group also has been coming out with different versions of the malware each day to try to fly under the radar. It changes the “packer,” encoding, and other characteristics to evade antivirus detection... advice to end users...: be aware that your bank will never send you anything to download, not even a digital certificate, so don’t fall for one of these emails..."
* http://blog.trendmicro.com/rock-phishers-up-the-ante-with-more-digital-certificates/
** http://www.f-secure.com/weblog/archives/00001428.html
_________________
AplusWebMaster
~ Are you up to date or vulnerable to Hackers? ...or both?
.
|
|
| Back to top |
|
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
