This online quiz is now confirmed to be a phishing scam

Credit to Author: Malwarebytes Labs| Date: Thu, 20 Dec 2018 18:30:00 +0000

It’s dubbed the ‘Three Questions Quiz’ scam, and not only are people letting their guard down, but they’re also freely sharing it on social media, too. Do you think you have been duped by this before? Read on.

Categories:

Tags:

(Read more…)

The post This online quiz is now confirmed to be a phishing scam appeared first on Malwarebytes Labs.

Read more

The Year Targeted Phishing Went Mainstream

Credit to Author: BrianKrebs| Date: Thu, 02 Aug 2018 15:11:45 +0000

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason — sex sells (the second most-read piece here was my 2015 scoop about the Ashley Madison hack). But beneath the lurid allure of both stories lies a more unsettling reality: It has never been easier for scam artists to launch convincing, targeted phishing and extortion scams that are automated on a global scale. And given the sheer volume of hacked and stolen personal data now available online, it seems almost certain we will soon witness many variations on these phishing campaigns that leverage customized data elements to enhance their effectiveness.

Read more

Dot-cm Typosquatting Sites Visited 12M Times So Far in 2018

Credit to Author: BrianKrebs| Date: Wed, 04 Apr 2018 13:02:37 +0000

A story published here last week warned readers about a vast network of potentially malicious Web sites ending in “.cm” that mimic some of the world’s most popular Internet destinations (e.g. espn[dot]cm, aol[dot]cm and itunes[dot].cm) in a bid to bombard hapless visitors with fake security alerts that can lock up one’s computer. If that piece lacked one key detail it was insight into just how many people were mistyping .com and ending up at one of these so-called “typosquatting” domains. On March 30, an eagle-eyed reader noted that four years of access logs for the entire network of more than 1,000 dot-cm typosquatting domains were available for download directly from the typosquatting network’s own hosting provider. The logs — which include detailed records of how many people visited the sites over the past three years and from where — were deleted shortly after that comment was posted here, but not before KrebsOnSecurity managed to grab a copy of the entire archive for analysis.

Read more

Omitting the “o” in .com Could Be Costly

Credit to Author: BrianKrebs| Date: Thu, 29 Mar 2018 13:08:16 +0000

Take care when typing a domain name into a browser address bar, because it’s far too easy to fat-finger a key and wind up somewhere you don’t want to go. For example, if you try to visit some of the most popular destinations on the Web but omit the “o” in .com (and type .cm instead), there’s a good chance your browser will be bombarded with malware alerts and other misleading messages — potentially even causing your computer to lock up completely. As it happens, many of these domains appear tied to a marketing company whose CEO is a convicted felon and once self-proclaimed “Spam King.”

Read more

How one letter can lead you to a scam: James Lyne talks typosquatting with NBC News

Credit to Author: matthewphillion| Date: Tue, 09 Jan 2018 18:32:34 +0000

James Lyne talks to NBC Nightly News about the simple, but effective scam, and how you can protect yourself<img alt=”” border=”0″ src=”https://pixel.wp.com/b.gif?host=news.sophos.com&#038;blog=834173&#038;post=45041&#038;subd=sophos&#038;ref=&#038;feed=1″ width=”1″ height=”1″ /><img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/veJXf1ZvclY” height=”1″ width=”1″ alt=””/>

Read more

Out of character: Homograph attacks explained

Credit to Author: Malwarebytes Labs| Date: Fri, 06 Oct 2017 15:00:10 +0000

Online and on traditional media, we hear and read about different kinds of cybersecurity attacks that sometimes we get overwhelmed with the terminologies. Most of us grasp what phishing attacks and denial of service (DoS) attacks are, but how familiar are we wit

Categories:

Tags:

(Read more…)

The post Out of character: Homograph attacks explained appeared first on Malwarebytes Labs.

Read more