'Group A' spear-phishing attackers re-emerge
Friday, June 12, 2009
An Eastern European gang of cybercriminals known as Group A has re-emerged after several months without activity to launch a new spear-phishing attack targeting small business owners, the Washington Post reported.
The gang was believed to be responsible for earlier spear-phishing attacks that spoofed websites for the Better Business Bureau and the IRS in order to steal victims' login credentials for bank accounts.
In the latest attack, spotted by IT security firm iDefense, the gang sends out phishing emails to business owners telling them that their money transfer has gone through and they should click a link to confirm, the Post's Security Fix blog reported.
The link downloads a Trojan horse onto the user's computer. When the user attempts to sign on to a bank website, the Trojan steals the password information so the hackers can steal from the user's account.
Phishing attacks are highly effective against users who don't spot the telltale signs of a fake website, such as spelling mistakes or suspiciously altered domain names, according to research from web security firm VeriSign.
Related News:
Web security breaches rock Hotmail - 3.12.2010
Users of Microsoft's free email service are advised by the Redmond, Washington-based software giant to change their passwords and be vigilant as an increase in spam activity on the site has led to web security breaches.
Spam won't go away, but it can be avoided - 3.10.2010
Email filtering works to an extent in ridding computers of spam, but those pesky emails offering millions of dollars for nothing and inexpensive prescription drugs always seem to find a way through even the most stringent filters.
Spammer arrested on extortion charges - 3.9.2010
A California man was arrested and charged with extortion following a threat he made to insurance company New York Life to send spam emails aimed at hurting the company's reputation. Anthony Digati of Chino, California also planned to send spam to the company in hopes of receiving $200,000.
Email filtering recommended as Spamhaus releases spam blacklist - 3.2.2010
Spamhaus, a spam tracking website, has released a list of the worst offenders by domain named currently operating on the web on its domain block list. Aside from being a nuisance, spam is one of the easiest ways for cyber criminals to compromise web security.
Experts doubt Microsoft's claim of reduced spam - 2.25.2010
Computer World reports that several security professionals have contested Microsoft's claims that the company's destruction of the Waledac botnet will alleviate spam spread throughout the web.
|
