Continue reading »]]> In their latest “Weekly Threat report”,VeriSign’s iDefense Intelligence Operations Team has profiled the underground market proposition of someone claiming to have 1.5 million compromised Facebook accounts available for sale.

The pricing method is based on the number of contacts per compromised account, presumably with the idea to allow easier spreading of related malicious content across Facebook.

Here’s an excerpt from the report, and a brief FAQ on the underground ad.

• “On Feb. 10, 2010, (cybercriminal) stated that he or she is selling 1.5 million compromised Facebook accounts, in bulk quantities, belonging to users in various countries. The price per 1,000 accounts varies based upon the number of friends and contacts that each account possesses. For a purchase of compromised accounts containing 10 contacts or fewer, a buyer must pay $25 per 1,000 accounts. A purchase of compromised accounts containing 10 or more contacts requires a buyer to pay $45 per 1,000 accounts. Accounts containing zero contacts are also available for bulk purchasing from (cybercriminal), at the cost of $15 per 1,000 accounts. The prices of these accounts are presumably in USD or the equivalent amount in some form of electronic currency.”

Sometimes, there’s no honor among cybercriminals (Phishers increasingly scamming other phishers), just like there isn’t among “real life” thieves.

From the distribution of backdoored web interfaces to web malware exploitation kits, to the actual “binding” of additional malware to the original release, sophisticated or at least cybercriminals with experience, have realized that there are thousands of potential cybercriminals that could unknowingly start working for them. The process of “cybercriminals attempting to scam novice cybercriminals” demonstrates just how vibrant the ecosystem has become these days.

With a huge percentage of the underground marketplace driven by reputation, this is exactly what this particular seller of Facebook data is missing. Moreover, with quality assurance now an inseparable part of the cybercrime ecosystem, the seller is not just skipping the time frame in between which the accounts were compromised, he is also not mentioning have many of them are actually verified as working.

These, and several other factors make me skeptical on the quality of this underground proposition.

If we consider that the cybercriminal’s claims to be true, how did he manage to obtain 1.5 million Facebook accounts?

The ad is clearly stating that they are accounts with contacts, meaning they’re compromised, and other which have zero contacts, meaning they’ve been automatically generated by outsourcing the CAPTCHA-solving process to international teams specializing in the process.

The compromised accounts could have been obtained through the emerging Cybercrime-as-a-Service (CaaS) market model. For instance, if he has paid $100 for 3GB of raw crimeware data, and the data mining allowed him to compile a list of 1.5m Facebook accounts, based on the current price, he’ll automatically break-even.

Phishing campaigns shouldn’t be excluded as a possibility, however, it remains unclear whether the seller has launched them personally, or managed to purchase the raw data from someone else.

What kind of a business model within the cybercrime ecosystem would allow him to sell the data so cheaply, and still make a profit?

It’s a business model with an ever-decreasing cost of supply, based on the currently active “malicious economies of scale” phrase. This efficiency-driven cybercrime model is in fact so successful, that whether consciously or subconsciously, cybercriminals are realizing the basics of market liquidity, and the time value of “underground goods”, in particular the decreasing future value of assets like the Facebook accounts — the value becomes zero when the affected user changes his password from a malware-free host.

Why would a cybercriminal want access to your Facebook account?

For a variety of fraudulent reasons, all of them exploiting the already established trust relationship between the compromised account’s holder and his network of friends.

From “money transfer schemes” where the fraudster is supposedly stuck somewhere and requires cash, to a malware campaign relying on nothing else but a status message leading to a client-side exploits serving site. Your network of friends, turns into his network for propagation of fraudulent/malicious schemes and campaigns.

VeriSign’s iDefense also makes an interesting observation.

With Facebook’s user base growing to 300 million people across the globe, this indispensable marketing platform can be easily integrated into the cybercriminal’s arsenal, with localized and targeted social engineering attacks relying on basic market segmentation, launched with the idea to achieve a higher conversion rate, compared to mass marketing approaches.

Fact or fiction, based on the ad’s content, this is perhaps the perfect time to change your Facebook password from a malware-free host, since a strong password is just as weak as the weak one in general if there’s malicious code present on the system.

Written By : Dancho Danchev

Continue reading »]]> Easter egg

For example, follow these instructions to see a list of people who worked on the User Assistance feature of Microsoft Word 2000:

1. Open Microsoft Word2000

2. Press F1 or click the “Office Assistant” button

3. Under the “What would you like to do?”, type “Cast” (No quotes)

4. Click SEARCH

5. Click the MICROSOFT OFFICE 2000 USER ASSISTANCE STAFF topic

6. Click the graphic in the Microsoft Word Help screen

Easter eggs in computer games are quite common and may be funny scenes, hidden levels, or other extras gamers can discover while playing. One of the most popular easter eggs to unlock in video games is the “Dopefish”. This fun, fictional fish first appeared in Commander Keen: Secret of the Oracle (1991). Since that time it has made an appearance as an easter egg in numerous games. In many games you need to unlock a special level or perform a sequence of actions to find the hidden easter egg.

Easter eggs may also be found in movies, music albums, videos and other types of media.

Continue reading »]]> 02 April 2010.

http://www.net-security.org/secworld.php?id=9096&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29

Google analyzes millions of pages per day when searching for phishing behavior. This kind of activity is, of course, not done by people but by computers.

The computers are programmed to look for certain things that will identify the page as a phishing site. Those things are actually the same things that users should check when evaluating if a page is legitimate or not.

According to a post on Google’s official online security blog, the first step is looking at the URL- Does it contain words like “login” or “banking” or trademarks of the phishing target? Does it use an IP address for its hostname? Does it have a large number of host components, making the address unusually long? If the answer is yes to all of these questions, the page could be a phishing one.

The second step consists of analyzing the page – Does it contain a password field? Does the majority of the links point to the phishing target so that the phishing pages functions as the legitimate one would? Google’s computers check also the terms most often used on the page, and a telling terms like “password” raises a red flag.

The third step consists of a look-up of the hosting information – does the institution claim to be based in one country but the webpage is hosted on servers in another country and on a local ISP’s network? If the answer is yes, chances are high it’s not a legal site.

Lastly, checking to see whether the page is popular and checking the spam reputation of the domain on which the page is hosted will give you another clue – phishing pages are usually hosted on domains that have a (bad) reputation when it comes to spam sending.

When all these clues are combined and indicate that the site is likely set up for phishing purposes, it is put on Google’s blacklist that is used by the browsers to warn the users that they have landed on a malicious page.

“False positives” do happen, but they happen once every 10,000 checked pages, and even then it is usually a site set up for some other malicious purpose. The basis on which the classifier is trained to recognize phishing pages is provided by a sample of around ten million analyzed URLs in the last three months and an addition of current features, and it is executed once a day.

Phishers may use a number of techniques to try and bypass this system, but they can’t escape forever. The more people come to their site, the likelihood of someone recognizing it for what it is and reporting it to Google rises, so it’s just a matter of time before it gets flagged.

Continue reading »]]> BANGALORE: An IT security firm, Sophos, is warning that a major attack against Twitter users last weekend that was designed to steal passwords and use hijacked accounts to spread moneymaking spam campaigns.

The attack, which is ongoing, began on Saturday, as Twitter users found members of the micro-blogging network had posted messages disguised as humorous inks, but actually aimed to phish passwords credentials from unsuspecting users.

Messages, which began with phrases such as “Lol. this is me??”, “lol, this is funny.”, “Lol. this you?? ” and “ha ha, u look funny on here”, were accompanied with clickable links which redirected users to a fake Twitter login page hosted on a Web site based in China.

Researchers discovered that although the main wave of poisoned messages has been via private direct messages between individual users on Twitter, dangerous links are also being posted in public feeds. This means that innocent users can stumble across the links even if they are not sent it directly, or even if they are not a signed-up user of Twitter.

“Thousands of users being put at risk of having their account broken into,” said Graham Cluley, senior technology consultant at Sophos.

“The cybercriminals behind the attack are creating a zombie network, or botnet, of hacked accounts that they can then abuse to spread spam, distribute malware and steal identities. There’s nothing funny about the LOL attack — you have to be on your guard against clicking on the dangerous messages. If you’ve fallen for it you must change your Twitter password immediately.”

The phishing campaign appears to be already bearing fruit for the hackers as they are now distributing spam selling herbal Viagra from the compromised accounts.

Continue reading »]]>

Continue reading »]]> This post is one of a series devoted to online security.

Millions of people have gotten “urgent” emails asking them to take immediate action to prevent some impending disaster. “Our bank has a new security system. Update your information now or you won’t be able to access your account,” or “We couldn’t verify your information; click here to update your account.” Sometimes the email claims that something awful will happen to the sender (or a third party), as in “The sum of $30,000,000 is going to go to the Government unless you help me transfer it to your bank account.”

People who click on the links in these emails may see a web page that looks like a legitimate site they’ve visited before. Because the page looks familiar, these people enter their username, password, or other private information on the site. What they’ve actually done is given an unknown third party all the information needed to hijack their account, steal their money, or open up new lines of credit in their name. They just fell for a phishing attack.

The concept behind such an attack is pretty simple: Someone masquerades as someone else in an effort to fool you into sharing personal or other sensitive information with them. Phishers can masquerade as just about anyone, including banks, email and application providers, online merchants, online payment services, and even governments. And while some of these attacks are crude and easy to spot, many of them are sophisticated and well constructed. That fake email from “your bank” can look very real; the bogus “login page” you’re redirected to can seem completely legitimate.

The good news is there are things you can do to steer clear of phishing attacks:

• Be careful about responding to emails that ask you for sensitive information.You should be wary of clicking on links in emails or responding to emails that are asking for things like account numbers, user names and passwords, or other personal information such as social security numbers. Most legitimate businesses will never ask for this information via email. Google doesn’t.

• Go to the site yourself, rather than clicking on links in suspicious emails. If you receive a communication asking for sensitive information but think it could be legitimate, open a new browser window and go to the organization’s website as you normally would (for instance, by using a bookmark or by typing out the address of the organization’s website). This will improve the chances that you’re dealing with the organization’s website rather than with a phisher’s website, and if there’s actually something you need to do, there will usually be a notification on the site. Also, if you’re not sure about a request you’ve received, don’t be afraid to contact the organization directly to ask. It takes just a few minutes to go to the organization’s website, find an email address or phone number for customer support, and reach out to confirm whether the request is legitimate.

• If you’re on a site that’s asking you to enter sensitive information, check for signs of anything suspicious. If you’re on a site that’s asking for sensitive information — no matter how you got there — check for the signs that it’s really the official website for the organization. For example, check the URL to make sure the page is actually part of the organization’s website, and not a fraudulent page on a different domain (such as mybankk.com or g00gle.com.) If you’re on a page that should be secured (like one asking you to enter in your credit card information) look for “https” at the beginning of the URL and the padlock icon in the browser. (In Firefox and Internet Explorer 6, the padlock appears in the bottom right-hand corner, while in Internet Explorer 7 the padlock appears on the right-hand side of the address bar.) These signs aren’t infallible, but they’re a good place to start.

• Be wary of the “fabulous offers” and “fantastic prizes” that you’ll sometimes come across on the web. If something seems too good to be true, it probably is, and it could be a phisher trying to steal your information. Whenever you come across an offer online that requires you to share personal or other sensitive information to take advantage of it, be sure to ask lots of questions and check the site asking for your information for signs of anything suspicious.

• Use a browser that has a phishing filter. The latest versions of most browsers — including Firefox, Internet Explorer, and Opera — include phishing filters that can help you spot potential phishing attacks.

All fairly simple, right? What it all comes down to is if someone asks you to share personal or other sensitive information online, take a moment to think through the request carefully. Doing so will help you stay safe online, and help us all put phishers out of business.

Continue reading »]]> Phishing, a topic that’s been in the news, is unfortunately a common way for hackers to trick you into sharing personal information like your account password. If you suspect you’ve been a victim of a phishing attack, we recommend you immediately change your password, update the security question and secondary address on your account, and make sure you’re using a modern browser with anti-phishing protection turned on.

Creating a new password is often one of the first recommendations you hear when trouble occurs. Even a great password can’t keep you from being scammed, but setting one that’s memorable for you and that’s hard for others to guess is a smart security practice since weak passwords can be easily guessed. Below are a few common problems we’ve seen in the past and suggestions for making your passwords stronger.

Problem 1: Re-using passwords across websites
With a constantly growing list of services that require a password (email, online banking, social networking, and shopping websites — just to name a few), it’s no wonder that many people simply use the same password across a variety of accounts. This is risky: if someone figures out your password for one service, that person could potentially gain access to your private email, address information, and even your money.

Solution 1: Use unique passwords
It’s a good idea to use unique passwords for your accounts, expecially important accounts like email and online banking. When you create a password for a site, you might think of a phrase you associate with the site and use an abbreviation or variation of that phrase as your password — just don’t use the actual words of the site. If it’s a long phrase, you can take the first letter of each word. To make this word or phrase more secure, try making some letters uppercase, and swap out some letters with numbers or symbols. As an example, the phrase for your banking website could be “How much money do I have?” and the password could be “#m$d1H4ve?” (Note: since we’re using them here, please don’t adopt any of the example passwords in this post for yourself.)

Problem 2: Using common passwords or words found in the dictionary
Common passwords include simple words or phrases like “password” or “letmein,” keyboard patterns such as “qwerty” or “qazwsx,” or sequential patterns such as “abcd1234.” Using a simple password or any word you can find in the dictionary makes it easier for a would-be hijacker to gain access to your personal information.

Solution 2: Use a password with a mix of letters, numbers, and symbols
There are only 26^8 possible permutations for an 8-character password that uses just lowercase letters, while there are 94^8 possible permutations for an 8-character password that uses a combination of mixed-case letters, numbers, and symbols. That’s over 6 quadrillion more possible variations for a mixed password, which makes it that much harder for anyone to guess or crack.

Solution 3: Create a password that’s hard for others to guess
Choose a combination of letters, numbers, or symbols to create a unique password that’s unrelated to your personal information. Or, select a random word or phrase, and insert letters and numbers into the beginning, middle, and end to make it extra difficult to guess (such as “sPo0kyh@ll0w3En”).

Problem 4: Writing down your password and storing it in an unsecured place
Some of us have enough online accounts that we may need to write our passwords down somewhere, at least until we’ve learned them well.

Solution 4: Keep your password reminders in a secret place that isn’t easily visible
Don’t leave notes with your passwords to various sites on your computer or desk. People who walk by can easily steal this information and use it to compromise your account. Also, if you decide to save your passwords in a file on your computer, create a unique name for the file so people don’t know what’s inside. Avoid naming the file “my passwords” or something else obvious.

Problem 5: Recalling your password
When choosing smart passwords like these, it can often be more difficult to remember your password when you try to sign in to a site you haven’t visited in a while. To get around this problem, many websites will offer you the option to either send a password-reset link to your email address or answer a security question.

Solution 5: Make sure your password recovery options are up-to-date and secure
You should always make sure you have an up-to-date email address on file for each account you have, so that if you need to send a password reset email it goes to the right place.

Many websites will ask you to choose a question to verify your identity if you ever forget your password. If you’re able to create your own question, try to come up with a question that has an answer only you would know. The answer shouldn’t be something that someone can guess by scanning information you’ve posted online in social networking profiles, blogs, and other places.

If you’re asked to choose a question from a list of options, such as the city where you were born, you should be aware that these questions are likely to be less secure. Try to find a way to make your answer unique — you can do this by using some of the tips above, or by creating a convention where you always add a symbol after the 2nd character in the answer (e.g. in@dianapolis) — so that even if someone guesses the answer, they won’t know how to enter it properly.

Continue reading »]]> http://www.computerweekly.com/Articles/2009/09/18/237757/behind-the-times-it-managers-leave-systems-dangerously.htm

IT departments are fighting the security battles of five or 10 years ago, unaware that their IT systems are dangerously exposed to computer hackers.

That was the message from a study published this week by the US security education and research body the Sans Institute and security suppliers Tippingpoint and Qualys.

The study is the first to analyse systemically how cybercriminals are breaking into corporate IT systems. It draws on attack patterns recorded by intrusion detection systems in 6,000 organisations and software vulnerabilities detected in a further 9,000 firms.

Its findings will lead to a widespread reassessment of how companies spend their IT security budget, says Allen Paller, director of research at the Sans Institute.

Fundamental error

The study shows that chief security officers are spending most of their budgets ensuring that the operating systems of their PCs and servers are patched. But many hackers are directing their attacks against vulnerabilities in web applications and common desktop software, bypassing the operating system entirely.

Vulnerabilities in commonly used desktop software programs, including Adobe PDF, QuickTime, Adobe Flash and Microsoft Office, and in web applications accounted for 60% of hacking attacks recorded over the past five months.

“IT departments are still celebrating their success at patching operating systems. They think they are doing great, but they are using the wrong metrics,” says Rob Lee, faculty leader in forensics at the Sans Institute.

The greatest risk to corporate IT systems, comes form hackers exploiting vulnerabilities in popular websites to plant and spread malicious code on a huge scale.

Employees feel safe visiting trusted sites from their work places, but they are easily fooled into opening documents, music and video files that contain malicious code.

Once downloaded, the code exploits vulnerabilities in unpatched applications on their desktops, allowing hackers to plant backdoors that can provide them access to corporate networks.

Spear phishing

Hackers are using another technique known as spear phishing – targeted e-mails containing malware – to exploit the same application vulnerabilities.

Over the past year, the Sans team has responded to 40 major security incidents in businesses and government departments. Two-thirds have been spear phishing attacks.

“We have recently seen financial attackers using spear phishing campaigns against chief financial officers to get them to click on a link. They install a key logger. Once an individual logs into the bank account, the hackers get in and start moving funds,” says Lee.

There are some straightforward measures that business can take to protect themselves, says the Sans Institute.

Small businesses can deploy a separate hardened PC for staff to use for financial transactions online. And for all companies, deploying a web application firewall will help to protect web applications from malicious attacks.

“For the client side, get code patched and get it patched more quickly. The idea that you can patch operating systems in a week is great news. But that is focusing on the attacks of a couple of years ago,” says Ed Skoudis, security consultant at the Internet Storm Centre, which monitors hacking activity.

The other point, he says, is that companies should redouble their efforts to make sure users do not log into their machines with administrator privileges. “That way, if there is some sort of exploit, and the bad guys get a toe hold, it is only with limited privileges,” he says.

SQL injection attacks

SQL injection is the most common technique used by hackers to compromise web applications. The technique can be blocked by careful coding, but the Sans Institute warns that some programmers are creating applications that use SQL injection, leaving their networks open to attack from hackers.

“People writing these applications do not realise that they have put SQL injection in code as a feature. We find a lot of these applications in company networks. Things that people have put together quickly,” says Rohit Dhamankar director of security research at Tippingpoint.

Continue reading »]]> By: Shashank Shekhar

Mid Day, Delhi

2009-08-20

Online job frauds just got bigger, smarter and more authentic.

A new batch of fake job offer letter emails specifically targets young IT professionals, and is being circulated by scamsters posing as HCL and Wipro employees.

The emails, promising job-seekers interview calls from these two IT giants, carry seemingly authentic employee codes, hologram of the companies and even the designation of the persons who have sent the letters.

The mails direct interested employees to deposit a nominal fee as ‘refundable interview security’ in a specific bank and also include the account number to make it look real.

Be warned: The advisory against fake job offers posted by HCL on its website.

Mail order

The email being circulated offering jobs at HCL, a copy of which is with MiD DAY, comes with the subject: “HCL Direct Recruitments Offer.” It reads, “The company has selected 32 candidates’ list for IT, Administration and Production departments, as well as is offering you to join as an executive/manager post in respective department.”

The email carries the contact details of two people K Rangnathan and Vikas Mehta who mention the mail is ‘confidential’ and is being sent to ‘candidates chosen from a well-known job portal’. The mail also mentions the two are part of the ‘HCL Human Resource Department’ and includes an employee code ID-11538 as well. “We are sending this mail on behalf of the IT company,” the letter adds.

The email asks professionals to deposit Rs 5,250 (in cash) as ‘refundable security’ in favour of the company’s senior Human Resource Department official Ajay Kumar Jha at any branch of the Punjab National Bank. The account number mentioned is 7200002466100.

It instructs job seekers to inform the department about the payment made by writing in at hcl.appointment@dr.com

The mail says after the fee has been deposited, the applicant will receive an offer letter with air tickets for the final interview at the HCL headquarters in Noida on August 24.

The alleged mail from Wipro says, “Wipro has 45 job vacancies in its facilities in Delhi, Bangalore, Noida and Pune.” This mail too includes similar cash deposit instructions. It also promises to repay expenditures the candidate incurs during the direct interview with company officials.

Almost real

Cyber security experts are alarmed at this smart duplicity. They point out that fraudsters have created a database and are selectively targeting a specific audience, in this case, software engineers.

“Scamsters are cashing in on the economic slowdown. But they have become smarter. These mails are so authentic it is hard to make out they are fake.”

Worried firms

While the emails fool youngsters, the companies being framed are worried as well. The two IT firms have strongly condemned the mails. A senior HR official from HCL confirmed they have received complaints and queries about fake job offers. “Criminals are tarnishing our image even though the company has no role in it. We welcome people to approach us to complain against such nuisances. We take such matters very seriously and are working with the police to curb such malpractices,” said the official.

A vice-president of Wipro’s Talent Acquisition department, said, “Wipro advertises job openings on its career website, on registered job portals, staffing partners and through media advertisements.

The advertisements carry the Wipro logo and the Wipro email ID.”

Even HCL has posted an advisory warning against fake job offers on its official website. The advisory says, “It has been found that unscrupulous individuals/ placement agencies have been enticing candidates with job opportunity at HCL. HCL wishes to state that the company has never charged money for recruiting candidate nor does the company have authorised agency or firm for recruiting candidate.”

Continue reading »]]> The problem of phishing is becoming a major problem on the mobile phones these days. So better be alert the next time you receive a message or a call from your mobile operator asking you to call a certain number to unsubscribe a certain service. There is a strong possibility of it being a phishing message. 

The SMS phishing or simply SMiShing is similar to spam emails that take computer users to illegitimate website posing as an authentic one. SMS phishing too is designed to fool the mobile user into visiting a phished site by sending an SMS falsely appearing to be from a trustworthy entity.

 Many people in India assume that when an SMS displays a particular name in the from field. It has to be from that person, what people dont know that for as little as INR 1000 you can have your own name in the from field and the SMS can be sent for as low as INR 0.08 per SMS.

There have been many cases when mobile owners have fallen in this SMS phishing trap that led to the leakage of crucial information like user names, passwords and credit card numbers. SMS phishing or SMiShing is designed to misguide a person into visiting a website, whereas vishing will instruct him / her to call a number such as the customer care number of a telecom service provider and so on. In reality such a call is routed to a hacker. 

The increasing popularity and use of the mobile phone has resulted in the rise of crimes like SMiShing and voice phishing alongside. The previous year India ranked third as it witnessed about 9.39 per cent of the total phishing incidents reported globally.

Continue reading »]]> Article taken from IT and Related Security News Update from

BEWARE : New wave of SMS Phishing

Ankur and Pallavi with CRPCC Team

29 March 2009

Just yesterday, Sudha got an SMS on her mobile, stating

You have won GBP 500,000.00 in 2009 on going (o2TELECOMS)INT’L mobile draws in UK. To claim contact: Dr. Steve Mark on +447031844919 ormobile.draw@live.com

On reading the message, she was very happy and distributing sweets.

On asking the reason for distribution of sweets, she showed the above message.

I told her to keep away from this as this is pure SMS 419 (Advance Fee) and Phishing scam. It was explained to her and all of a sudden, she felt sad to loose the happiness of winning a lottery.

This is the new wave of Phishing and 419 (Advance fee) frauds, started by fraudsters in India.

Another person, Manish, responded with a e-mail and get a reply to furnish –

1.    A proof of your identity [copy of your driver's license or international passport]

2.    Proof of winning [the certificate of award issued to you by (o2tele)

3.    A fund Release Order [F.R.O] from the financial services authority.

He mailed again to the said sender. The sender sent him proof of winning and asked to contact a so-called lawyer to get FRO. On sending e-mail to the said lawyer, the said lawyer asked him to send Rs. 33,000. For the details of Manish Complaint, visithttp://www.complaintsboard.com/complaints/o2-telecom-c177205.html.

“People should be beware of these SMS frauds and should not respond to these at all”, saidShashin Lotlikar, Chairman of Cyber Security firm ISAAC at Mumbai. Anjay Agarwal, CMD of AAA Consulting hold the same views and warned “The best way to deal these frauds is just delete the SMS message”.

“Nobody give you free money. Fraudsters devise newer methods to attract your attention by playing with human psychology and greed. People should just think straight – why any person is offering you the lottery money, when he does not know even your name and you have not purchased any ticket?”, said Rakesh Goyal, Director-General of CRPCC and MD of Sysman Computers, a Mumbai based IT Security Company. “+44-70xx are Personal numbering in theFind me anywhere range in UK. Charges for calls to these numbers are not distance-dependent. They can cost as much as INR 45 (GBP 0.50) per minute to call and can forward the call to virtually any phone number in the world. Forwarding numbers can be set up for free and completely anonymously via websites such as uknumbers.com. Thus, these numbers are used by 419 fraudsters, mostly based in Nigeria and nearby West-African countries, giving these countries a bad name. Further, why a genuine organization use e-mails like @live.comor @yahoo.com, or a similar e-mail provider”, said Rakesh Goyal

Continue reading »]]>

Continue reading »]]>

Continue reading »]]> Phishing scams attempt to trick people into providing sensitive personal information such as credit card or banking details. In order to carry out this trick, the phishing scammers send a fraudulent email disguised as an official request for information from the targeted company. Generally, they also create a look-a-like website that is designed to closely resemble the target company’s official site. The fake website may appear almost identical to the official site. Style, logos, images, navigation menus and other structural components may look the same as they do on the genuine website.

Recipients of the scam email are requested to click on an included hyperlink. Once at this fake website, the user may be presented with a web form that requests private information such as credit card and banking details, and other account data such as a home address and phone number. Often, the visitor is requested to login using his or her username and password. All information entered into this fake website, including login details, can subsequently be collected and used at will by the criminals operating the scam.

A variation of the scam involves using an embedded form within the bogus email itself. Victims are instructed to enter details such as a password and bank account number into the form provided and return the email to the sender. Another variation attempts to trick recipients into installing a trojan on their computer, either by opening an email attachment or downloading the trojan from a website. The scammers can then use the trojan to collect information from the infected computer. The scam emails are randomly mass-mailed to many thousands of Internet users in the hope of netting just a small number of victims. The majority of people who receive these scam emails will probably not even be customers of the targeted institution. However, the scammers rely on the statistical probability that at least a few recipients will:

1. Have accounts with the targeted institution.
2. Will be unaware of such scams and believe the email to be a legitimate request.

The scam can prove to be a lucrative exercise for the scammers even if only a very small percentage of recipients ultimately become victims.