1600 Burrstone Road, Utica, NY 13502
(315) 792-3006
webmanager@utica.edu

Tag: Social Engineering

Malicious email that recipient is on “Prism watchlist” linked to just-uncovered espionage campaign

(SC Magazine) The group behind the “NetTraveler” espionage malware campaign is now sending emails claiming the recipient is on the “Prism” watch list, according to researchers. Prism is a recently outed U.S. surveillance program run by the National Security Agency that collects data from internet giants such as Google, Facebook and Apple. On Tuesday, the 9b+…
Read more

Malware Alert: “Hey User Your Facebook Account Has Been Closed!”

(Softpedia) Security experts from Avast! have come across an interesting malware distribution spam campaign that exploits Facebook’s popularity.  It all starts with emails entitled “Hey <name> your Facebook account has been closed!” or “Hi <name> your Facebook account is blocked!” The bogus Facebook emails instruct users to download and execute an attachment to unlock their…
Read more

Phishing Alert: Automated Tax Refund Notification from HMRC

(Softpedia) Emails purporting to come from HM Revenue and Customs (HMRC) inform recipients that they have an unclaimed tax refund. In reality, the notifications have nothing to do with HMRC.  Entitled “Automated Tax Refund Notification,” the bogus messages read something like this: “Unclaimed Tax Refund Notification You are Receiving this Notification Because you are yet…
Read more

Yahoo, Bing Found Directing to Bitcoin Phishing Site

(Threatpost) It looks like phishers have started poisoning Bing and Yahoo search results in hopes of duping users of the Bitcoin exchange site MtGox.com into giving away their log-in credentials. KrebsonSecurity.com reported that both the search engines have been redirecting unsuspecting clickers to MtPox.com – a domain set up two days ago that looks almost…
Read more

Flash Player Clickjacking Flaw Allows Hackers to Hijack Your Webcam

(Softpedia) Back in October 2011, Adobe reported fixing a clickjacking issue in the online Adobe Flash Player Settings Manager. However, experts say that the flaw can still be leveraged, at least with some web browsers, to allow access to a user’s webcam and microphone. According to security researcher Egor Homakov, the exploit he has developed…
Read more

Cyberespionage Operators Work In Groups, Process Enormous Data Workloads

(Dark Reading) In a study of the lifecycle of cyberespionage attacks, a group of researchers at a Taiwanese security startup have found that the nation’s major government agencies encounter a dozen such attacks each day and that the operators behind the attacks have virtual data centers that appear to be processing enormous workloads. The research,…
Read more

Phishing attacks on Iranian Gmail users jump before Iranian election

(Ars Technica) Google researchers have detected phishing attacks originating inside Iran that target tens of thousands of Gmail users from that country, a company official said in a blog post published Wednesday. The attacks appear to come from the same group that pulled off a much more sophisticated attack in 2011 involving a forged secure…
Read more

419 Scam Alert: You Won a Camry Solara from the International Cricket Council

(Softpedia) The International Cricket Council (ICC) Champions Trophy 2013 is taking place these days in England and Wales and, as with most major events, cybercriminals are leveraging the occasion in one of their scam campaigns. Symantec experts have spotted scam emails that purport to come from the ICC. “International Cricket Council. Open attached file for…
Read more

“You’re Pretty—You Could Make Some Money”

(Washingtonian) by Marisa M. Kashino – In the affluent Northern Virginia suburbs, a shocking problem has taken root: Police and federal agents have taken down dozens of juvenile sex traffickers in the last two years alone. Here’s how one gang recruited teenagers through Facebook, at Metro stations and shopping malls—even in the halls of Fairfax…
Read more

Ticketmaster warns phishers using tickets as bait

(The Register) Australian online ticketing service Tickemaster has been hit by a phishing raid that has defeated Spam filters. Several Reg readers report receiving multiple emails yesterday (Vulture South received nine), all purporting to report newly-purchased tickets…read full article