Category Archives: Latest Warnings

Look-Alike Domains and Visual Confusion

Posted on by

How good are you at telling the difference between domain names you know and trust and imposter or look-alike domains? The answer may depend on how familiar you are with the nuances of internationalized domain names (IDNs), as well as which browser or Web application you’re using.

For example, how does your browser interpret the following domain? I’ll give you a hint: Despite appearances, it is most certainly not the actual domain for software firm CA Technologies (formerly Computer Associates Intl Inc.), which owns the original ca.com domain name:

https://www.са.com/

Go ahead and click on the link above or cut-and-paste it into a browser address bar. If you’re using Google Chrome, Apple’s Safari, or some recent version of Microsoft’s Internet Explorer or Edge browsers, you should notice that the address converts to “xn--80a7a.com.” This is called “punycode,” and it allows browsers to render domains with non-Latin alphabets like Cyrillic and Ukrainian.

Below is what it looks like in Edge on Windows 10; Google Chrome renders it much the same way. Notice what’s in the address bar (ignore the “fake site” and “Welcome to…” text, which was added as a courtesy by the person who registered this domain): Continue reading Look-Alike Domains and Visual Confusion

Financial Cyber Threat Sharing Group Phished

Posted on by

The Financial Services Information Sharing and Analysis Center (FS-ISAC), an industry forum for sharing data about critical cybersecurity threats facing the banking and finance industries, said today that a successful phishing attack on one of its employees was used to launch additional phishing attacks against FS-ISAC members.

The fallout from the back-to-back phishing attacks appears to have been limited and contained, as many FS-ISAC members who received the phishing attack quickly detected and reported it as suspicious. But the incident is a good reminder to be on your guard, remember that anyone can get phished, and that most phishing attacks succeed by abusing the sense of trust already established between the sender and recipient. Continue reading Financial Cyber Threat Sharing Group Phished

How to Fight Mobile Number Port-out Scams

Posted on by

T-Mobile, AT&T and other mobile carriers are reminding customers to take advantage of free services that can block identity thieves from easily “porting” your mobile number out to another provider, which allows crooks to intercept your calls and messages while your phone goes dark. Tips for minimizing the risk of number porting fraud are available below for customers of all four major mobile providers, including Sprint and Verizon. Continue reading How to Fight Mobile Number Port-out Scams

Attackers Exploiting Unpatched Flaw in Flash

Posted on by

Adobe warned on Thursday that attackers are exploiting a previously unknown security hole in its Flash Player software to break into Microsoft Windows computers. Adobe said it plans to issue a fix for the flaw in the next few days, but now might be a good time to check your exposure to this still-ubiquitous program and harden your defenses.

Adobe said a critical vulnerability (CVE-2018-4878) exists in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system. Continue reading Attackers Exploiting Unpatched Flaw in Flash

First ‘Jackpotting’ Attacks Hit U.S. ATMs

Posted on by

ATM “jackpotting” — a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that forces the machines to spit out huge volumes of cash on demand — has long been a threat for banks in Europe and Asia, yet these attacks somehow have eluded U.S. ATM operators. But all that changed this week after the U.S. Secret Service quietly began warning financial institutions that jackpotting attacks have now been spotted targeting cash machines here in the United States. Continue reading First ‘Jackpotting’ Attacks Hit U.S. ATMs

Bitcoin Blackmail by Snail Mail Preys on Those with Guilty Conscience

Posted on by

KrebsOnSecurity heard from a reader whose friend recently received a remarkably customized extortion letter via snail mail that threatened to tell the recipient’s wife about his supposed extramarital affairs unless he paid $3,600 in bitcoin. The friend said he had nothing to hide and suspects this is part of a random but well-crafted campaign to prey on men who may have a guilty conscience. Continue reading Bitcoin Blackmail by Snail Mail Preys on Those with Guilty Conscience

Buyers Beware of Tampered Gift Cards

Posted on by

Prepaid gift cards make popular presents and no-brainer stocking stuffers, but before you purchase one be on the lookout for signs that someone may have tampered with it. A perennial scam that picks up around the holidays involves thieves who pull back and then replace the decals that obscure the card’s redemption code, allowing them to redeem or transfer the card’s balance online after the card is purchased by an unwitting customer. Continue reading Buyers Beware of Tampered Gift Cards

Phishers Are Upping Their Game. So Should You.

Posted on by

Not long ago, phishing attacks were fairly easy for the average Internet user to spot: Full of grammatical and spelling errors, and linking to phony bank or email logins at unencrypted (http:// vs. https://) Web pages. Increasingly, however, phishers are upping their game, polishing their copy and hosting scam pages over https:// connections — complete with the green lock icon in the browser address bar to make the fake sites appear more legitimate. Continue reading Phishers Are Upping Their Game. So Should You.

Kenya Environment Secretary email address & mail system compromised to send spam

Posted on by

We all see loads of spam and scams to our email addresses. Luckily most of it can be filtered or blocked. However there are a range of email addresses and domains that are generally treated as safe. That is .gov domains. Almost all countries use .gov or a variation of Continue reading → Continue reading Kenya Environment Secretary email address & mail system compromised to send spam

remote code execution in the Microsoft Malware Protection Engine CVE-2017-0290

Posted on by

There has been a recently discovered remote code execution in the Microsoft Malware Protection Engine that had the potential to allow an attacker to completely take over affected computers. This has been fixed by Microsoft in an update to the Microsoft Malware Protection Engine in affected programs. This will automatically apply, Continue reading → Continue reading remote code execution in the Microsoft Malware Protection Engine CVE-2017-0290