05 Mar AlbaBotnet, another new crime wave in Latin American cyberspace Jorge Mieres
11 Jul Yes to tweeting, no to phishing Dong Yan
04 Mar Phishing for dummies Aleks
Join our blog
You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.
After the recent emergence of the criminal PiceBOT in Latin America, AlbaBotnet has joined the growing ranks of regional IT crime. It revolves around online pharming, with a view to delivering targeted phishing attacks which steal information from the online accounts of two major Chilean banks.
According to the data we have processed, this campaign is part of a trial stage of this botnet: up to now there has been no monetization of AlbaBotnet. We do know that the author of this threat began testing it in early 2012.
The botnet appears to have a similar structure to its Latin American counterparts. As well as the default automated malware builder, it includes a package which automatically sends emails. Thus, the botmaster can customize infection campaigns through the classic mechanisms of visual social engineering:
“Weibo”, a micro blog in Chinese, is really hot and has become fashionable in China lately. The number of users of the largest Weibo site Sina Weibo (www.weibo.com) has already reached 140 million. As usual, where there is popularity, there will be security concerns.
Today I found someone referring to my latest tweet, saying that I had won a big prize and needed to click the link to see the details. The guy’s name only consisted of some random letters, which made me cautious. Apparently this is a phishing URL.
I checked this randomly named user and found that he was newly registered but had already sent phishing URLs to lots of users.
Yesterday we published our annual report, which includes my favourite topic - how the threat landscape’s going to change in 2009. One of the things we expect to see is an increase in the number of phishing attacks and scams on the Internet:
"Secondly, the technical sophistication needed to develop and spread new malicious programs will force many cyber criminals to search for simpler and cheaper ways of making a profit. Phishing may be one of the more attractive solutions."
And, whether by coincidence or design, yesterday I got an email which is just what I’m talking about above – a scam that’s easy and cheap to implement.
Subject: please see the attachment
Sender (fake): Internal Revenue Service [firstname.lastname@example.org]
Message: Please see the attachment make sure you fill all the columns and send fax to: +1-646-308-1145.
This type of phishing has been around for a while, but it’s the first time I’ve received a message like this - maybe I’ve just been lucky, because I know my address is all over spammer databases :)
This is so-called offline phishing; the bad guys don’t even go to the trouble of making a fake site, but just ask you to fax through all your details. Using a fax number gives an additional aura of credibility to the whole thing – most people have heard of phishing sites, but a lot of them won’t have heard of phishing by fax. And the combination of a government department and a fax number fits perfectly with the perception that public institutions are more than a bit behind the times.