Friday, April 20, 2012
Thursday, April 19, 2012
Email Upgrade Phishing
Another example of a fraudulent message intended to capture login credentials.
In this case the website linked to in the message in located in Germany.
In this case the website linked to in the message in located in Germany.
Wednesday, April 11, 2012
Malicious Spoofed Messages
In the last 48 hours we have seen a huge increase in the number and variety of spoofed messages being sent concerning billing, orders or account changes. These messages frequently look quite similar to legitimate messages from well-known businesses. While Postini generally stops most of these messages, a few do seem to get through, especially if the sender address is formatted similar to an commonly-approved sender.
Here are just a few:
One thing that many of these messages have in common is that they are addressed to multiple email addresses. Frequently they are sent to the same domain name (i.e. adams.net).
If you receive such a message your safest course of action is to immediately delete it.
And a reminder -- keep your operating system, security software and all applications up-to-date.
Here are just a few:
- American Express -- Confirmation of email address change
- American Express -- Fraud Protection Alert
- AT&T -- Your AT&T wireless bill is ready to view
- Apple -- Order Acknowledgment
- Digital Insight -- Your Password Expired (online banking)
- Intuit -- Your intuit.com order
- Newegg.com -- Payment Charged
- US Airways -- US Airways reservation confirmation
- Verizon -- Thank You for your Verizon Wireless Payment
- Verizon -- Your Bill is Now Available
One thing that many of these messages have in common is that they are addressed to multiple email addresses. Frequently they are sent to the same domain name (i.e. adams.net).
If you receive such a message your safest course of action is to immediately delete it.
And a reminder -- keep your operating system, security software and all applications up-to-date.
Friday, March 23, 2012
Multi-Recipient Spoofed Messages
When you receive an unsolicited message with alleged account or billing information that purports to be from a well-known business and it shows multiple recipients it's a pretty safe bet to assume that it is fraudulent.
Here are two examples of such messages claiming to be from Bank of America and the US Postal Service. Each contains links to suspicious websites that may try to use your web browser to install malware or direct you to undesirable sites.
Be safe and delete these messages and never click on the links they contain.
Here are two examples of such messages claiming to be from Bank of America and the US Postal Service. Each contains links to suspicious websites that may try to use your web browser to install malware or direct you to undesirable sites.
Be safe and delete these messages and never click on the links they contain.
Thursday, March 22, 2012
Phony Verizon Wireless Phone Bills
It's pretty unlikely that a phone company would send a bill notification to 15 people at once for the same amount. Such a message shouts FAKE!
The email below is a spoof of a Verizon account notification with links to other unknown sites. What is interesting about this one is that every link on the message goes to a different, potentially malicious site, such as the one shown at the bottom.
As always avoid clicking any links on suspicious messages. Delete them.
The email below is a spoof of a Verizon account notification with links to other unknown sites. What is interesting about this one is that every link on the message goes to a different, potentially malicious site, such as the one shown at the bottom.
As always avoid clicking any links on suspicious messages. Delete them.
Sunday, March 11, 2012
Adobe Upgrade 2012 Phishing
Beware of unsolicited upgrade emails for common programs.
Below is one for Adobe Acrobat Reader. The email seems legitimate but the link takes the user to a website with a Swedish domain name that was just registered today.
Clicking on the link caused the security software on our test system to block access via two different browsers.
The bad link:
Blocked access by the site to our PC by our security software:
2012/03/11 15:58:12 HP-PC User IP-BLOCK 115.239.xxx.xxx (Type: outgoing, Port: 64236, Process: chrome.exe)
2012/03/11 16:12:45 HP-PC User IP-BLOCK 115.239.xxx.xxx (Type: outgoing, Port: 64365, Process: firefox.exe)
2012/03/11 16:12:53 HP-PC User IP-BLOCK 115.239.xxx.xxx (Type: outgoing, Port: 64366, Process: firefox.exe)
2012/03/11 16:13:09 HP-PC User IP-BLOCK 115.239.xxx.xxx (Type: outgoing, Port: 64368, Process: firefox.exe)
2012/03/11 16:13:41 HP-PC User IP-BLOCK 115.239.xxx.xxx (Type: outgoing, Port: 64371, Process: firefox.exe)
The destination site as viewed on a secure system shows a fairly convincing web page:
But as Adobe points out on their site, beware of phishing emails.
Below is one for Adobe Acrobat Reader. The email seems legitimate but the link takes the user to a website with a Swedish domain name that was just registered today.
Clicking on the link caused the security software on our test system to block access via two different browsers.
The bad link:
Today's domain registration, hardly seems legit:
Blocked access by the site to our PC by our security software:
2012/03/11 15:58:12 HP-PC User IP-BLOCK 115.239.xxx.xxx (Type: outgoing, Port: 64236, Process: chrome.exe)
2012/03/11 16:12:45 HP-PC User IP-BLOCK 115.239.xxx.xxx (Type: outgoing, Port: 64365, Process: firefox.exe)
2012/03/11 16:12:53 HP-PC User IP-BLOCK 115.239.xxx.xxx (Type: outgoing, Port: 64366, Process: firefox.exe)
2012/03/11 16:13:09 HP-PC User IP-BLOCK 115.239.xxx.xxx (Type: outgoing, Port: 64368, Process: firefox.exe)
2012/03/11 16:13:41 HP-PC User IP-BLOCK 115.239.xxx.xxx (Type: outgoing, Port: 64371, Process: firefox.exe)
The destination site as viewed on a secure system shows a fairly convincing web page:
But as Adobe points out on their site, beware of phishing emails.
Tuesday, March 6, 2012
Sun Outages - First 2012 Instance
Twice per year many satellite-based services are affected by interference from the sun.
Sun outages affect all satellite-based communications and occur when the sun is located directly behind the satellite and in-line with the antenna on the ground. At that point, the noise energy from the sun is often greater than the communication signal level and may result in loss of signal.
Sun outages will affect our cable television service (as we receive our cable television programming from satellites), along with satellite-based services such as WildBlue.
Additional details on the specific product impacts are:
Adams Cable Television
· Beginning on Friday, March 2, and running through Thursday, March 8 we will experience cable television interruptions due to the sun being directly in line with the satellite and our dishes.
· As we have satellites pointing 7 different directions, the interruptions will begin around noon and end around 3:30 p.m. in the afternoon.
WildBlue
· Sun outage interference with WildBlue started on Friday, March 2 and will run through Thursday, March 8, with outages occurring from 1:30 p.m. to 2:00 p.m.
· Outages will depend on which WildBlue satellite the customer is receiving their service from.
Sun outages affect all satellite-based communications and occur when the sun is located directly behind the satellite and in-line with the antenna on the ground. At that point, the noise energy from the sun is often greater than the communication signal level and may result in loss of signal.
Sun outages will affect our cable television service (as we receive our cable television programming from satellites), along with satellite-based services such as WildBlue.
Additional details on the specific product impacts are:
Adams Cable Television
· Beginning on Friday, March 2, and running through Thursday, March 8 we will experience cable television interruptions due to the sun being directly in line with the satellite and our dishes.
· As we have satellites pointing 7 different directions, the interruptions will begin around noon and end around 3:30 p.m. in the afternoon.
WildBlue
· Sun outage interference with WildBlue started on Friday, March 2 and will run through Thursday, March 8, with outages occurring from 1:30 p.m. to 2:00 p.m.
· Outages will depend on which WildBlue satellite the customer is receiving their service from.
Subscribe to:
Posts (Atom)
Posts
