It is now known that emails that apparently come from “firstname.lastname@example.org” are fraudulent, especially if they involve subjects such as Microsoft Windows Update. Lately, there has been a rise in the email spam targeting vulnerable users of very popular companies, we reported about Chase bank.
The attack from the “email@example.com” is an attempt to try to steal Yahoo!, Gmail, AOL, or Outlook.com (Windows Live formerly) passwords.
The body text:
Dear Windows User,
It has come to our attention that your Microsoft windows Installation records are out of date. Every Windows installation has to be tied to an email account for daily update.
This requires you to verify the Email Account. Failure to verify your records will result in account suspension. Click on the Verify button below and enter your login information on the following page to confirm your records.
Microsoft Windows Team.
To see an actual image, see the one from Naked Security.
More on this, see the post from Naked Security.
According to ThreatPost, the attack that Hussain admitted to being involved with was a breach of the email account of one of Blair’s former advisers. Hussain, who used the handle “TriCk”, pleaded guilty in early July to the attack and was sentenced Tuesday in England to six months in prison for the attack. He was arrested in April.
According to Sophos’s Naked Security, members of the TeaMp0isoN hacking gang then published the hacked information online, sparking security fears about the safety of the former Prime Minister, his friends and associates.
A time in prison at the start of your adult life is no easy undertaking. Hope the young lad learned his lesson.
Research at seCURE Connexion reveals the top Android Malware currently “trending” (had to use a trendy word). See below!
- Troj.Android-Smspacem – This malware baddie usually arrives as a part of a re-packaged application (app) on the Android Store or can be obtained through SMS Texting. The object of the malware is to change the wallpaper of the Home screen and then send out spam to all the people in the address book of the device. Many people on the other end receive messages from the affected phone. Many times it has to do something about “Jebus” and “apocalypse” blabs.
- Troj.BaseBridgeAndroid – This trojan is known to be installed without knowledge, and steals sensitive data. When the stolen data is indexed, it is sent to a remote server. It also attempts to terminate certain applications. Particularly 360 Mobile Safe. Know that is can also read your sent and received SMS Text Messages, and intercept incoming messages before they are delivered to the device’s inbox.
- Troj.FakeBattAndroid – This is a classic trojan, which acts like a Battery and CPU usage monitor…however, it gathers device data and sends it to a remote server.
- Troj.DDspyAndroid – This baddie is a fake Gmail app, and likes to hide in your App List instead of having a regular appearance. It likes to record SMS Texts, calls, voicemails, etc. It may get into GPS data very soon, which is a scary thought.
- Troj.StiniterAndroid – This new baddie attempts to change device settings and set the device up for remote connection, so data can be sent to their server. It also attempts to run your battery down by keeping the CPU from sleeping, disabling keyguard, and disabling the dimmer. It likes to send the command ACTION_BOOT_COMPLETED, which causes the device to boot slowly.
All in all, Android was built for security…right? However, with their Bouncer system, it is supposed to block bad apps. However, with clever cloaking and social engineering, a malware piece can infiltrate the system and get past Bouncer. Read more about bypassing Bouncer.