Commtouch Café

Yahoo phishing hides in compromised WordPress websites

2012-04-25T11:09:41Z

Yahoo users have been targeted in a phishing attack that starts with an “avoid account deactivation” email. Mousing over the link shows the non-Yahoo link – an easy way to know that something is amiss. The phishing pages are very authentic looking. Once users have entered their login details (which are collected by the phisher), [...]

Have you seen this picture of yours in attachment?? Three Facebook friends sent it to me today!

2012-04-23T12:23:18Z

A series of emails with malware attachments have been widely distributed in the last few days. The emails alert the recipient about a picture of themselves (or an ex-girlfriend) that has been circulated online. The text from three of the messages is shown below: Sorry to disturb you , – I have a question- have [...]

Phony LinkedIn reminders help users connect with malware

2012-04-19T15:34:44Z

Phony LinkedIn invitations are not a new phenomenon. What tends to change is the underlying delivery method used for the malware distribution – In this case compromised websites that unknowingly host malicious scripts. The LinkedIn reminders that are included in the attack include several variables such as names, relationships, and the number of messages awaiting response. [...]

Phony Verizon Wireless emails follow AT&T wireless emails attack

2012-04-16T15:20:44Z

Less than 2 weeks ago we reported the use of perfectly formatted AT&T Wireless emails that included multiple links to malware infested sites. These have now been followed up with similar emails – but the “carrier” has switched to Verizon Wireless. The Verizon emails also lead to sites hosting malware – although there are far [...]

Phishing attack targets frequent flyers of Brazilian airline TAM

2012-04-08T22:17:51Z

Airlines are the current darlings of malware and phishing gangs, with several campaigns using airline-related themes. The most recent attack attempts to extract the username/password combinations of Brazilian airline TAM frequent flyers. The email promises free miles upon entry of a promotional code. Email and translation follow: Email text TAM Fidelidade. Parabns você acaba de [...]

Your AT&T wireless bill may link to malware

2012-04-05T19:49:29Z

Large outbreaks of phony AT&T wireless emails have been distributed in the last 2 days. The emails describe very large balances ($943 in the example below), that are sure to get aggravated customers clicking on the included links. Every link in the email leads to a different compromised site that has malware hidden inside. In [...]

The Siberian Husky Puppies scam returns

2012-04-03T14:33:15Z

I’m very excited about this email I received: “We have 3 male(Willy) (Ben) and (Max) and 3 Female ((Mimi) (Kiki) and (Baby Tina)ready for re homing to new homes .There are Outstanding AKC registered Siberian husky from multi-championship bloodlines with an awesome pedigree. Gorgeous wrinkles, nice rope across their nose, massive bones structure, compact and [...]

Twitter mention spam goes for the gut

2012-03-14T23:27:18Z

In the swirling seas of spam emails that our analysts come across every day, the anti-stomach-fat/six-pack-abs theme repeats itself quite regularly. Unless they are tricked by some fiendishly clever social engineering (see here and here), most email recipients know better than to follow links to sites promising ultimate-waistline-thin-ness. But what happens when these links are [...]

Infographic: Compromised Websites – An Owner’s Perspective

2012-02-22T12:41:28Z

Beware the amazon.com cancellation email – Valentine’s Day pharmaceuticals await

2012-02-16T15:55:47Z

Maybe recipients of these emails ordered from Amazon recently – or maybe not. Either way we’re betting many people will click on the links out of curiosity or maybe to protest their order cancellation. The outbreak took place earlier today and was quite large (in the high millions). The name of the book that was [...]