Posts Tagged ‘phishing’
Saturday, March 23rd, 2013
It seems that almost every tool Google provides is readily adopted by spammers and scammers alike. Not a day goes by that we don’t see spam and Phishing fraud and other identity theft emails from hacked Gmail and Google Groups accounts and often abusing systems such as Google Docs.
The ubiquity of these free services makes for the perfect no-cost social engineering platform for hackers to use for launching their attacks.
A current Phishing campaign uses stolen Gmail accounts to steal the credentials to other email accounts, allowing spammers to increase their spam volume day over day.
The most common email circulating now comes with a subject that references the sharing of a file though “Google Docs” and often has a subject line of simply:
Subject: Important Document
Since the email comes from a previously hijacked account, the recipients will typically recognize the sender’s address which makes it more likely that they will be taken in by this fraud:
more »
Tags: botnet, fraud, phishing, scam, spoofing, virus
Posted in Email Fraud, Spam Tactics | Comments Off
Wednesday, March 13th, 2013
For the thirteenth consecutive evaluation, OnlyMyEmail has again blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge and secured yet another first place finish.
The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, missing not even one spam email out of 64,988 total. This represents a never before seen spam capture rate of 100%.
In addition, OnlyMyEmail created zero false-positive results (blocking of legitimate emails) during the test, resulting in an overall perfect score.
By comparison, the next best capture rate was a tie between Libra Esva and Scrollout with both missed 17 emails in total and created false-positives of 1 and 25 respectively. The third best blocking rate went to Zerospam which missed 73 spam emails from the same corpus. The worst performers, missing well over 300 spam emails each included: IBM, McAfee SaaS, Sophos, SPAMfighter, Vamsoft, Spamhaus ZEN+DBL and SURBL.
more »
Tags: email, fraud, phishing, scam, spam, Virus Bulletin VBSpam Competition
Posted in All About Email, Spam News, Spam Tactics, Spam-Stats | Comments Off
Sunday, March 10th, 2013
A lot of spam and Phishing campaigns rely upon tricking the recipient into thinking they’ve received a billing error, from an otherwise legitimate source. The latest of these claim to be from ATT Wireless, and arrive with realistic sending addresses and subject lines, such as:
Subject: Your AT&T wireless bill is ready to view
From: “AT&T Customer Care” <icare7@amcustomercare.att-mail.com>
In reality, the sending addresses are spoofed, and these are instead sent by previously infected computers and hijacked servers, but that fact is not readily apparent to the typical email user.
What makes these types of emails so convincing is that the spammers are doing a much better job than they used to in terms of making these faked billing emails appear legitimate, such as this example we’ve seen a lot of lately:
more »
Tags: email, fraud, phishing, scam, spam, spoofing
Posted in Phishing Lessons, Spam Tactics | Comments Off
Monday, March 4th, 2013
We fondly remember the days when PayPal Phishing frauds were easily spotted by their subject line alone. The urgent warnings about your compromised account made identity theft emails almost trivial to identify.
But, as with all things technology, the lame Phishing attempts too have evolved, and they’re snaring even users with moderate technology skills. The latest evolution of the PayPal identity theft fraud relies on the user’s reaction to what appears to be a standard account notice. The subject line is a receipt for payment, but to a seller with which you have not conducted a valid transaction, such as:
Subject: Receipt for your PayPal payment to Soo Duk Lee
The email itself contains standard language like:
You sent a payment of $149.49 USD to Soo Duk Lee (commercializesa8@datkin.net)
Thanks for using PayPal. To see all the transaction details, log in to your PayPal account.
and
It may take a few moments for this transaction to appear in your account.
Here’s a complete copy of such a fraud:
more »
Tags: email, fraud, phishing, scam, spam, spoofing
Posted in All About Email, Email Fraud, Phishing Lessons, Spam Tactics | Comments Off
Thursday, February 21st, 2013
With the fake Better Business Bureau Trojan Horse campaign, we find yet another infectious email that is socially engineered so well, that users often release such messages from quarantine; even after spam filtering has clearly identified the emails as a Virus carrying Trojan Horse.
The emails typically arrive with spoofed headers such as:
Subject: FW: Complaint Case 091921
From: “Better Business Bureau” <Kerri_Rucker@newyork.bbb.org>
In order to appear legitimate and to try and evade simple spam filtering systems, the Complaint Case number will be randomized, and the spoofed sending email address will vary as well.
The content will include vague yet serious sounding allegations, such as:
The Better Business Bureau has received the above-referenced complaint from one of your customers regarding their dealings with you. The details of the consumer’s concern are included on the reverse. Please review this matter and advise us of your position.
A full copy of such the bogus email:
more »
Tags: botnet, fraud, phishing, spoofing, virus, zombie
Posted in Email Fraud, Phishing Lessons, Spam Tactics | Comments Off
Sunday, January 20th, 2013
For the thirteenth consecutive evaluation, OnlyMyEmail has again blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge and secured yet another first place finish.
The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, again missing just 1 single spam email out of 92,166 total. This represents a spam capture rate of 99.9989%.
By comparison, the next best capture rate was Libra Esva which missed 44 emails in total. The third best blocking rate went to Zerospam which missed 61 spam emails from the same corpus. The worst performers, missing well over 500 spam emails included: IBM, Sophos, SPAMfighter, Vamsoft, Spamhaus ZEN+DBL and SURBL.
more »
Tags: anti-virus, botnet, email, fraud, malware, phishing, scam, spam, Virus Bulletin VBSpam Competition, zombie
Posted in All About Email, Message Control, Phishing Lessons, Spam News, Spam-Stats | Comments Off
Sunday, November 18th, 2012
One of the most effective tactics in use by spammers today is the hijacking/theft of legitimate user’s email accounts for use in furthering spam campaigns.
There are actually four distinct reasons why it is so powerful for spammers to be able to send spam from a previously legitimate user’s email account:
- Once the account is stolen, the spammer’s software can read through the address book, inbox, sent mail and all other folders scraping the email addresses of people the legitimate user has corresponded with in the past. These emails then make excellent targets for sending spam.
- Email from actual AOL, Gmail, Hotmail, Yahoo and other ubiquitous email services are much less likely to be blocked by spam filtering systems.
- Even when a spam filter correctly recognizes that an email is spam, end users often have added such senders to their Allow or White lists, thus forcing delivery from the now compromised account.
- Further, recipients commonly retrieve spam from their filtering system when they recognize the sending address, but don’t realize the sender’s account has been compromised.
When you add it all up, there really is no better method of getting your spam delivered, and then actually opened by the target recipient.
more »
Tags: fraud, phishing, scam, spoofing
Posted in Email Fraud, Phishing Lessons, Spam Tactics | Comments Off
Tuesday, November 13th, 2012
For the twelfth consecutive time, OnlyMyEmail has again blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge.
The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, missing just 1 single spam email out of 134,418 total. This represents a spam capture rate of 99.9993%.
By comparison, the next best capture rate was Libra Esva which missed 56 emails in total. The third best blocking rate went to Kaspersky LMS which missed 94 spam emails from the same corpus. The worst performers, missing well over 1,000 spam emails included: Bitdefender, IBM, CronLab, Vamsoft ORF and SPAMfighter, Spamhaus ZEN+DBL and SURBL.
more »
Tags: anti-virus, botnet, email, fraud, malware, phishing, scam, spam, spoofing, virus, Virus Bulletin VBSpam Competition
Posted in All About Email, Spam News, Spam-Stats | Comments Off
Sunday, October 7th, 2012
For the eleventh consecutive time, OnlyMyEmail has again blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge.
The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, missing just 12 spam emails out of 242,703 total. This represents a spam capture rate of 99.993%.
By comparison, the next best capture rate was Libra Esva which missed 400% more spam, 50 emails in total. The third best blocking rate went to ZeroSpam which missed 112 spam emails from the same spam corpus. The worst performers, missing well over 1,000 spam emails included: M+Guardian, Halon Security, Vamsoft ORF, IBM, Spamhaus ZEN+DBL and SURBL. more »
Tags: anti-virus, email, fraud, malware, phishing, spam, spoofing, virus, Virus Bulletin VBSpam Competition, zombie
Posted in All About Email, Spam News, Spam Tactics, Spam-Stats | Comments Off
Tuesday, August 7th, 2012
Competing in the Virus Bulletin VBSpam Challenge, OnlyMyEmail has again blocked more spam than any other filtering system, and for the tenth consecutive time.
The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, missing just 12 spam emails out of 242,703 total. This represents a spam capture rate of 99.996%.
By comparison, the next best capture rate was Libra Esva which missed nearly 500% more spam, 77 emails in total. The third best blocking rate went to Spam Titan which missed 183 spam emails from the same spam corpus. The worst performers, missing well over 1,500 spam emails included: Halon Security, CronLab, SPAMfighter, Vamsoft ORF, Spamhaus ZEN+DBL and SURBL.
more »
Tags: anti-virus, email, fraud, malware, phishing, spam, Virus Bulletin VBSpam Competition, viruses
Posted in All About Email, Spam News, Spam Tactics, Spam-Stats | Comments Off
