phishing posts

Twitter Hit by Another Direct Message Phishing Scam

by Caleb Johnson (RSS feed) — Oct 29th 2009 at 11:01AM

It seems like every day that a new phishing scam hits Twitter, and Wednesday was no different. According to CNET News, Twitter warned its users to be on the lookout for a phishing scam that attacks via direct messages. "[If] you've received a strange (direct message), and it takes you to a Twitter log-in page, don't do it!," Twitter warned in a post.

Of course, this isn't the first scam that disguises itself in a direct message. But this message attempts to fool you by posing as a dear friend. According to Sophos, the message reads: "hi. this you on here?" and is followed by a link to the phishing site. The link, if clicked, redirects you to a fake Twitter log-in page, where the phishers intend to steal your user name and password. If you enter both, you'll see a faux over-capacity page that's supposed to make the scam seem more real. When Sophos logged in to the false page, it was directed to the over-capacity page, and then to a blog by someone called NetMeg99. It's unclear as to whether or not that blog is part of the scam, too.

Tags: microblogging, password, phishing, scam, security, socialnetworking, top, twitter, web

Advice, Editor's Picks, Web

10 Ways to Spot an E-Mail Scam

by Chris Morris (RSS feed) — Oct 26th 2009 at 12:24PM

The increasing flood of e-mail hitting your inbox can lower the guard of even the most cautious person. In the rush to keep up with important notes, it's easier than ever to fall prey to the scam artists and identity thieves who lurk online.

E-mail scams and phishing attempts evolve constantly, hoping to take advantage of the latest trends and current events. Although the e-mails change, the people behind them inadvertently send up the same warning signs again and again. We dug through mountains of spam to find the most prevailing trends. We've collected some actual scam e-mails and highlighted the warning signs to help you spot a hustle the next time one lands in your inbox.

Tags: e-mail, e-mailscams, features, phishing, scams, security, top, web

Web, Social Networking

Twitter Lets Users Fight Back as Phishing Scams Spread

by Terrence O'Brien (RSS feed) — Oct 15th 2009 at 6:34AM

As Phishing Scams Proliferate Twitter Fights Back

The pool of phishing scams on Twitter is seemingly bottomless. Every time we turn around, there is a new one popping up, or an old one reemerging, or some other unfortunate development that sends us rushing to the presses only to give users the same advice over and over again: Don't click on that link.

The most recent scam comes in the form of a direct message declaring "you're on this vid!" followed by a link. Click the link and you'll be led to a page that looks an awful lot like the login page for Twitter. But don't be fooled. Check that address bar and you'll quickly see that you are not, in fact, on Twitter. If you make the mistake of trying to log into the fake page, your account will be hijacked and used to send the same message to all of your followers.

Tags: phishing, scam, security, spam, top, twitter

Web

FBI Busts Up Worldwide Phishing Ring

by Terrence O'Brien (RSS feed) — Oct 9th 2009 at 6:28AM

The FBI has busted up a major spam and bank fraud ring that spanned from coast to coast, and even had ties to Egypt. Fifty-three suspects in Los Angeles, Las Vegas, and Charlotte, North Carolina have been indicted, with dozens of them already in police custody. An additional 47 Egyptian suspects have been named, and authorities there are working to apprehend them now.

The scam centered around phishing spam e-mails, in which the crooks posed as representatives from a bank and asked the victims to update their personal information by following a link. If targets followed the link, they were taken to a bogus banking site that harvested their personal and banking account information. The 100 criminals, working in concert, immediately withdrew money from their victims' accounts, transferring their spoils to fraudulent accounts.

Tags: crime, fraud, identity theft, IdentityTheft, phishing, scam, top

Web

After Phishing Attempt, Wife Bans FBI Head From Online Banking

by Caleb Johnson (RSS feed) — Oct 8th 2009 at 12:35PM

Don't feel bad if you've recently fallen for an e-mail scam. They're not always easy to identify. Just ask FBI Director Robert Mueller. Mueller received an e-mail from his bank asking him to verify some account information. After entering said information, Mueller says he realized that the e-mail was part of a phishing scam. According to CNET News, he immediately changed his passwords and breathed a sigh of relief.

The FBI chief avoided the wrath of phishers, but not his wife (video after the break). She nixed online banking in their household and said, "It is our money. No more Internet banking for you!" During a speech Wednesday in California, Mueller said that he'd tried to explain to his wife, promising that he'd learned his lesson and calling the near slip-up a "teachable moment." He was taught a lesson, alright, and one he should have learned long ago, at that. "If Mama ain't happy, ain't nobody happy." [From: CNET News]

Tags: banks, expire-images:2010-10-8, fbi, hack, money, online banking, OnlineBanking, phishing, scam, web

Web

Hotmail Password Scam Spreads to Gmail, AOL Mail, Yahoo!

by Warren Riddle (RSS feed) — Oct 6th 2009 at 4:05PM

Yesterday, reports emerged that 10,000 Hotmail account addresses and passwords had been posted to the site PasteBin.com. Today, BBC News revealed that it has discovered another incriminating list containing log-in information for 20,000 additional e-mail addresses. The new batch, though, not only includes information from compromised Hotmail accounts, but also from Gmail, Yahoo!, AOL, and several other major e-mail providers.

Some of the accounts are dormant and unused, making them easy marks for scammers, but the BBC says that it has confirmed the authenticity of many of the addresses. A Google spokesperson said the lists were the fruits of an "industry-wide phishing scheme," and that the passwords for all of the compromised Gmail accounts have been forcibly reset.

Tags: AOL mail, AolMail, e-mail phishing scam, E-mailPhishingScam, Gmail, Hotmail, password protection, PasswordProtection, phishing, safety, security, top, yahoo mail, YahooMail

Web, Social Networking

Colon Cleansing Spam Running Through Facebook

by Warren Riddle (RSS feed) — Oct 2nd 2009 at 6:38AM

Grifters love Facebook, and there seems to be no limit to the ingenuity and creativity of the shadowy con-artists. According to the Counter Measures blog, a new scam has emerged, which may be connected to previous schemes, incorporating hacked accounts, new phishing techniques, and status updates that falsely appear to be posted via SMS.

The scam began with phony spam status updates, actually posted through the Facebook mobile portal (m.facebook.com), that touted the colon cleansing benefits of ColonRevi.com (which has been disabled). The link actually redirects people to another supplement-shilling site where the new phishing lure would appear. Leaving the page causes what appears to be a real-time support chat window to launch, offering discounts for the products. Instead, the chat window was actually a scripted part of the scam intended to snare more victims.

Tags: facebook, facebook phishing, FacebookPhishing, phishing, scams, top

Computers, Web

'Chat-in-the-Middle' Phishing Scam Tricks You With Instant Messages

by Warren Riddle (RSS feed) — Sep 18th 2009 at 3:35PM

The RSA FraudAction Research Lab has uncovered a sophisticated and tricky new phishing scheme. Dubbed the 'Chat-in-the-Middle' scam, the new attack targets the online customers of a specific U.S. financial institution and begins, as many scams do, as an apparently innocent log-in screen.

The new twist, though, appears after the marks have entered their log-in information. Typically, once phishing victims enter their ID and password, they're redirected to a dummy Web site created by the grifters. The Chat-in-the-Middle scheme, though, incorporates a fake real-time support chat window (even if you don't have an IM service installed), through which the scammers try to dupe their targets into divulging pertinent personal information like names, addresses, and phone numbers.

Tags: Chat-in-the-Middle, identity theft, IdentityTheft, im, phishing, scam, security, top

Computers

New York Indicts Five More in International Credit Card Sting

by Warren Riddle (RSS feed) — Sep 2nd 2009 at 6:22PM

In 2007, a two-year identity theft investigation operated by the Secret Service and the Manhattan District Attorney's office culminated with the arrests of 17 people. The sting focused on Western Express International, a now exposed crime syndicate that operated two dummy Web sites.

On Monday, the Big Apple D.A.'s office indicted five more men who, it believes, played integral roles in the money laundering and identity theft schemes. Wired is reporting that two of the men have been arrested and are in custody in New York, one man was arrested in Greece and is awaiting extradition, and two men are still on the lam. Now dubbed the Western Express Cybercrime Group by authorities, the organization operated between 2001 and 2007, allegedly stealing over $4 million dollars through various credit card scams.

Tags: crime, IDtheft, law, phishing, security, top, Western International, WesternInternational

Web

Is Phishing Finally on the Decline?

by Lee Bains (RSS feed) — Aug 27th 2009 at 6:36AM

It's about time. The Associated Press writes today that mercifully, IBM reports that phishing attacks are on the decline.

Phishing, for the uninitiated, has nothing to do with Vermont hippies. Phishing scams are typically comprised of a sketchy e-mail that links the recipient to a malicious Web page (often disguised as the log-in page of a bank or social networking site). There, the duped Web-surfer is asked for personal information -- an e-mail address, password, account number, or goodness knows what else. If you've ever read Switched, you've read plenty about them and have, hopefully, learned how to steer clear of them.

Tags: ibm, identity theft, IdentityTheft, phishing, scam, security, spam, top

Web, Social Networking

Rogue Phishing Applications Plague Facebook

by Caleb Johnson (RSS feed) — Aug 22nd 2009 at 8:35AM

On Thursday, Facebook removed six malicious applications that stole users' log-in information and spammed their friends via Facebook notifications. These phishing attacks are hardly a surprise considering how popular Facebook apps are these days. Before the first batch of apps was removed, some users were phished with messages saying that a friend had commented on a post, and including a link. After clicking said link, users were sent to a phishing site (styled to look like Facebook) and asked to enter the e-mail address and password they used for logging in to Facebook.

Shortly after the rogue apps were purged, CNET News reports, five more appeared: 'Friends,' 'Friends Gifts,' 'Matching,' 'Pok,' and 'Your Photos.' According to Trend Micro researcher Rik Ferguson, the latest apps were similar in style/functionality to earlier ones, but used different icons, provided "slightly more credible notifications," and sent "bogus" notifications to the victim's inbox. These malicious apps may look (and post notifications) like real apps, so be careful when adding any new app, even when it looks like it's coming from a friend.

There's a lesson here, folks: no matter how bad you want to send your friend that teddy bear, or those dozen roses, don't give out your personal information. [From: CNET News and Trend Micro via DownloadSquad]

Tags: application, facebook, phishing, scam, social networking, SocialNetworking, spam, top

Computers, Web

Vacationers Prime Targets for Cybercriminals

by Kaiser Hwang (RSS feed) — Jul 13th 2009 at 9:30AM

With more and more people using Wi-Fi-enabled devices -- from iPhones to netbooks to standard laptops -- the need for public Internet access is steadily growing. Unfortunately, cybercriminals are very aware of this fact and, according to Fox News, are exploiting it to the best of their ability. By creating phony Wi-Fi networks in places such as hotels and airports, crooks target carefree vacationers who are more more worried about hitting the beach than they are network security. This nonchalance can often find travelers the victims of identity theft.

Wireless security company AirTight Networks conducted a study last year in 27 airports around the world, and the results are borderline horrifying. For instance, the baggage-handling system at JFK International was being run on an insecure network. Other airports' ticketing systems were similarly run on insecure networks. Of the airports that did use encryption, 80-percent of them used the easily cracked WEP standard, as opposed to the more secure WPA and WPA2 protocols. AirTight contacted several airlines regarding the loose security in early 2009, and thankfully, airlines such as American and JetBlue have been swift to remedy the situation.

Tags: free wifi, FreeWifi, identity theft, IdentityTheft, networking, phishing, security, top, travel, wifi

Web

'Twittersblogs' the Latest Phishing Scam to Hit Twitter

by Warren Riddle (RSS feed) — Jun 30th 2009 at 7:15AM

Social networking sites Twitter and Facebook have become popular hunting grounds for scammers, as updates and instant messages provide easy methods of attracting prey. A new phishing scheme has emerged this week, similar to previous Twitter and Facebook phishing scams, that incorporates direct messages with phony links.

According to Mashable.com, on Monday morning, hundreds of tweets (reading "omg!! is it true what they wrote about you in their tweet blog?") began to spread through Twitter with a link to twittersblogs.com. The site looks exactly like the Twitter login page, and the messages are intended to attract people into entering their login information. This enables the scammers to hijack the victim's account in order to continue disseminating the fake message to the compromised twitterer's followers.

Tags: facebook, phishing, scams, top, twitter

Social Networking

Hacked High-Profile Twitter Accounts Still Spreading Malicious Links

by Warren Riddle (RSS feed) — Jun 25th 2009 at 8:59AM

Phishing scams involving hijacked accounts continue to sweep through the popular microblogging site Twitter. In January, hackers commandeered the accounts of several high-profile members, including Britney Spears and Barack Obama, and distributed malicious links and spam messages. On Tuesday, scammers used the profile of Guy Kawasaki, a former Apple Fellow with over 100,000 followers, to post a link to a site that claimed to offer a (non-existent) sex tape featuring 'Gossip Girl' star Leighton Meester.

According to PC World, University of Alabama at Birmingham computer forensic scientist Gary Warner believes that over 1,600 people have already followed the link to a fake porn site that links to a Trojan horse program. This software affect both Macs and PCs, and, if downloaded, essentially turns your computer into a zombie that can be controlled from afar, enabling perps to extract valuable personal information. The scheme also leeched off the compromised accounts of a political blogger, a rising musician, and a gay news site, some of which still have the malicious link available on their Twitter pages.

Tags: phishing, scam, security, social networking, SocialNetworking, Twitter

Computers, Web

New E-Mail Scheme Hijacks Your Webmail Account

by Warren Riddle (RSS feed) — Jun 25th 2009 at 8:00AM

Phishing scams involving hijacked accounts and the dissemination of phony links have recently appeared on Facebook and Twitter, but now that strategy is returning -- albeit in a creepy new way -- to its old stomping grounds: e-mail. A group of Net grifters has been breaking into browser-based e-mail accounts (e.g. Gmail, Yahoo! Mail, or AOL Mail), and sending dubious messages to everyone in the account's contact list. According to The Washington Post, the messages typically include a link to an e-commerce site or a message asking that money be wired to a specific location.

The scheme can be particularly effective and dangerous because people typically don't hesitate to open a message from the recognized account of a known friend. The scam can be prevented, though, so it's important to protect your e-mail account information and to always be wary of opening links. If you're going to use a personal account for business or shopping, try to only use your own computer or gadget, as hackers can use keystroke loggers on public devices to steal logins and passwords. It's also important to fortify your e-mail passwords and to definitely change them up if you feel an account may have been compromised. For further in-depth tips on warding off scammers and protecting your personal information, check out our list of 15 Phishing Scams to Watch Out For. [From: The Washington Post]

Tags: hack, identity theft, IdentityTheft, keystroke logger, KeystrokeLogger, phishing, security, top

Most Emailed Stories

Editors' Picks

Deals of the Day

http://xml.channel.aol.com/xmlpublisher/fetch.v2.xml?option=expand_relative_urls&dataUrlNodes=uiConfig,feedConfig,entry&id=758444&pid=758443&uts=1256672453

http://cdn.channel.aol.com/cs_feed_v1_6/csfeedwrapper.swf

'Black Friday' Deals to Watch For

Getty Images

Black Friday' Deals to Watch For

Traditionalists might balk, but the holiday shopping season is already underway. Skeptical? Head to your local department store and you'll be inundated by Christmas trees and ornaments. Bargain hunters, though, know that the real deals are more than a month away.

Black Friday, traditionally, is when retailers truly slash prices. Early birds can save hundreds, if not thousands, of dollars off of their holiday bills. Switched.com checked with a few elves, who gave a sneak peek at what you can expect deal-wise this year.

Blu-ray Players and Movies: Blu-ray is shaping up to be the biggest door buster of this year's Black Friday. de Grandpre expects at least one retailer will offer a Blu-ray player for just $49. Look for bargains on Blu-ray films as well, with last year's hit titles (such as "Iron Man") to fall as low as $5.

Laptops: With the proliferation of Netbooks this year, it's never been easier to find affordable portable computing, but Dan de Grandpre, CEO of DealNews.com says it will get even cheaper on Black Friday. Look for well-equipped Netbooks to sell for $199 – and basic 15" laptops to go for as little as $249.

HDTVs (Pretty big): The holidays are typically the best time to buy a new TV – and Black Friday is the time to do it. If you're looking for a normal sized set, you're in luck. Piper Jaffrey analyst Mitch Kaiser says he expects to see 32-inch LCD sets for as low as $299. GottaDeal.com is estimating 37-inch plasma and LCD sets will fall to $399 or less.

HDTVs (Really big): Need something bigger? How about a 46-47 inch LCD set for $599 – a 25 percent savings? Or a 52-inch LCD for $999? Dealnews says you can expect both. Plasma deals will be a little harder to come by, but a 50-inch set should run roughly $899.

HD Camcorders: You've wanted to shoot your child's school play in HD for a while, but haven't been able to spring for the pricey camcorder. This might be the year. Low-end, flash-based 720p models could drop as low as $60 (though you won't be able to zoom with those). Expect a high quality 1080p HD camcorder for $349.

GPS: While navigation systems have dramatically expanded their reach this year – even making it onto the iPhone – there's still a market for car-based systems. Dealnews predicts you'll be able to find a no-name entry-level system for $49, while a Garmin or Tom-Tom brand will be as low as $69.

Digital Picture Frames: Showcasing your digital pictures consistently gets cheaper. This year, skip the 7-inch screens and focus on the 8- or 9-inch ones, which should be available on Black Friday for as little as $30.

Monitors: Computer monitors might not be the sexiest of gifts, but they're usually welcomed with open arms – and they'll be cheap this year. Name brand 22-inch LCD models may go for as low as $99, while 24-inch models will drop below $150.

Memory: Don't know anyone who needs a monitor? External hard drives are always popular, since they're an easy way to back-up data. Dealnews expects a 1TB drive to fall as low as $49 this year. Gottadeal is looking for 8GB flash drives to hit $15.

Latest Reviews from CNET.com

CNET provides the latest tech news, unbiased reviews, videos, podcasts, software, and downloads, making tech products easy to find, understand and use.

Top Product Reviews

Home Audio Reviews
9.0 out of 10
Definitive Technology BPX
Works great with Dolby Pro Logic and Dolby Digital. Full Review
9.0 out of 10
Denon AVR-4306 (black)
Incredibly well-featured 7.1-channel receiver; excellent sound quality; three HDMI inputs; converts analog video to HDMI output; upconverts analog video to 720p/1080i HD resolution; iPod and USB MP3 player connectivity; Internet radio and MP3/WMA streaming audio via built-in Ethernet port; XM Satellite Radio compatible; touch-screen remote; multizone, multisource operation; browser-based control via home network; accurate autocalibration routine. Full Review
8.8 out of 10
KEF KHT3005 (black)
The KEF KHT-3005 is one compact, beautifully designed speaker package with solid aluminum satellites that feature unique driver technology to produce incredible clarity. Meanwhile, the equally astounding dual 10-inch, 250-watt powered subwoofer delivers ultradeep bass. Full Review
Cell Phone Reviews
Digital Camera Reviews

9.3 out of 10
Canon EOS 1D Mark III
Extremely fast, 10-megapixel continuous shooting; very low noise; highly customizable; well-designed body with weather sealing; 3-inch LCD; abundant optional accessories. Full Review
9.3 out of 10
Nikon D3 (body only)
Full-frame sensor; well designed, pro-level weather-sealed body; very low noise, even at extremely high ISOs; fast. Full Review
9.0 out of 10
Canon EOS-1Ds Mark III
Very low noise, high quality images; 21.1 megapixels; live view shooting; pro-level build-quality and performance. Full Review
Desktop Reviews