Spam in Q Contents. Fake notifications from mobile applications. Darya Gudkova

Size: px
Start display at page:

Download "Spam in Q1 2014. Contents. Fake notifications from mobile applications. Darya Gudkova"

Transcription

1 Spam in Q Darya Gudkova Contents Fake notifications from mobile applications... 1 Hot topics in spam: the Olympic games... 5 Spammer tricks: creating background noise with HTML tags... 6 Statistics... 8 The percentage of spam in traffic... 8 Sources of spam by country... 8 Sources of spam by region The size of spam s Malicious attachments in Phishing Conclusion Fake notifications from mobile applications The widespread use of mobile devices has triggered the emergence of spam targeting smartphone and tablet users. We have already written about mass mailings containing malware for Android-based devices. Currently these programs are not appearing in huge numbers, but they are sent out regularly. In Q1 we saw yet another trend: fake notifications distributed in spam are now imitating messages from mobile applications. Spammers especially like the cross-platform mobile application WhatsApp: notifications sent on behalf of this application were used by spammers to spread both malware and standard adverts. In January, we registered a mass mailing which supposedly contained an image sent to the recipient via WhatsApp. An alert user would have queried why this notification had arrived via as the WhatsApp account is not directly associated with the box. However, many users are used both to synchronization of their contacts and to the fact that messages from mobile applications can arrive via so this notification would not surprise the majority of users.

2 In fact, the attached archive contained a malicious program detected by Kaspersky Lab as Backdoor.Win32.Androm.bjkd. It is a well-known backdoor whose main function is to download other malware onto the victim computer. In March, we came across yet another mass mailing which also exploited the popularity of mobile applications. The recipient was informed about an allegedly missed WhatsApp voice message and was invited to click the link to hear it. After clicking Autoplay, the user is directed to a hacked legitimate site that had been injected with the following Javascript:

3 Translating the hexadecimal gives: This means the hacked site was a redirector, i.e., it redirected the user to another site, in this case to one advertising Viagra. Noticeably, a similar scheme was used to distribute fake notifications from other popular mobile messengers Viber and Google Hangouts.

4 The rising popularity of mobile devices mean that phishing attacks aimed at stealing Apple ID are becoming more frequent:

5 In the first quarter of 2014, Apple ranked 17th among the organizations most often attacked by phishers. Hot topics in spam: the Olympic games In February, the Winter Olympic Games took place in Russia. Of course, this event attracted the attention of spammers, who used the theme in a variety of mass mailings even if the spam hype around the Games was slightly less than might have been expected. Chinese entrepreneurs offered different products decorated with the symbols of the Olympics, "Nigerian" scammers exploited the Olympic theme to lure money from users. We also registered several major mass mailings promoting replica watches for a trip to the Olympics" and offering private helicopter services in Sochi. Interestingly, this is not for the first time that spammer activity accompanying such a high-profile event has been subdued: during the Summer Olympics in London we registered fraudulent mailings about

6 "Olympic" lottery wins while the Winter Games in Vancouver in 2010 were almost completely ignored by cybercriminals. Noticeably, during the football World Cup the amount of associated spam mailings is always higher. In addition to the Olympic theme, spammers (mostly "Nigerian" scammers) exploited news events such as the death of the former Prime Minister of Israel Ariel Sharon. Fraudsters also continued to spread "Nigerian" spam supposedly sent on behalf of close friends of Nelson Mandela, South Africa s former president, who died in December. Spammer tricks: creating background noise with HTML tags To create unique s in a large mailing, spammers often create background noise in the text, i.e. adding random characters, words or text fragments. Obviously, the message becomes less readable and therefore less interesting for the user. That s why spammers usually try to hide the random text from the user. These old methods, such as placing white text on a white background or simple separation of the noisy text from the main content by numerous line breaks, are still widely used by spammers even though these tricks are as old as spam itself. However, some spammers are using more advanced techniques. One of them is to create background noise with HTML tags. This method ensures that the user will not see anything other than the main content while for the spam filter each will be unique. This is what the user sees: In the source code, the body of the looks like this:

7 The HTML text is mostly meaningless, except for the links highlighted in red and images. In particular, we often see span tags with different attributes. This is a tag container used mainly for designing and/or assigning a unique identifier to a specific text fragment. In this case, there is no real text between the opening and closing tags, so these tags just create background noise in the . It s worth noting that the link itself also contains noise. The sequence = EF = BB = BF is inserted several times in random places between standard letters. This sequence, in the hexadecimal system, refers to one UTF-8 character used to indicate the byte order of a text file. However, this is only true if it is used for its intended purpose and is placed at the beginning of the text. According to the Unicode specification, a character in the middle of the data flow should be interpreted as a "zero-width nonbreaking space" (essentially, a null character). That means that an client will simply ignore this sequence and open the link or download the image. However, for the spam filters each link will be unique. In addition, the last piece of the link (highlighted in orange) is also random. As a result, the noiseless source code of the looks like this: In terms of volume, the obfuscated part significantly exceeds the content part of the . All this noise is randomly generated and is unique for each in the mailing. Having opened the in the mail client, the recipient only sees a perfectly designed message without any trace of any spammer tricks.

8 Statistics The percentage of spam in traffic The percentage of spam in total traffic during the first quarter this year came to 66.34%, down 6.42 percentage points from the previous quarter. However, compared with the same period of Q1 2013, the share of spam in Q barely changed, falling by only 0.16 pp. Percentage of spam in traffic in Q The level of spam fluctuated significantly during the quarter, reaching a low of 61% in the last week of the quarter. Sources of spam by country The geographical distribution of spam by country saw little change in Q

9 Distribution of spam sources by country in Q The top three spam sources remained unchanged: China (-0.34 pp), the US (+1.23 percentage points) and South Korea (-0.91 pp). Russia outstripped Taiwan and moved to fourth place, one position up from the previous quarter (+0.34 pp) The share of the other countries did not vary significantly.

10 Meanwhile, a shift in the second half of the Top 20 is more noticeable. The Philippines (+0.67 pp) climbed from 20th to 11th position. The share of Kazakhstan decreased by 0.76 pp which saw it fall from 11th to 17th place. Canada could not maintain its 10th place from the previous quarter and dropped to 27th its contribution declined from 1.73% in Q to 0.49% in Q Sources of spam by region Distribution of spam sources by region in Q In Q1 2014, the rating of the top sources of spam by region did not undergo any major changes from the previous quarter. Asia remained the number one regional source of spam although its share decreased by 3.2 pp. It is followed by North America (-0.01 pp). The share of the other regions grew slightly.

11 The size of spam s Small spam s weighing in at under 1 KB are well ahead of their competitors. Size of spam s: Q In January we registered some growth in the proportion of KB s. This might be caused by holiday spam mass mailings which usually contain lots of pictures.

12 Malicious attachments in Top 10 malicious programs spread by in Q Trojan-Spy.HTML.Fraud.gen remained the most popular malicious program spread by in the first quarter of the year. This malicious program is designed to look like an HTML page used as a registration form for online banking services. It is used by phishers to steal financial information. In second and seventh places came the Net-Worm.Win32.Aspxor worms. These net worms are designed to spread spam. They automatically infect sites, load and run other programs, and collect valuable information stored on the computer such as passwords and other data to access and FTP accounts. -Worm.Win32.Bagle.gt, a long-time resident of the Top 10, came third. The main functionality of any worm is to harvest addresses found on an infected computer. The Bagle worm can also accept remote commands to download malicious files from the Internet without the user's knowledge. Fourth and eighth places were occupied by Fareit family Trojans, which were most actively distributed in January. These programs were designed to steal user logins and passwords, launch DDoS attacks and download and run random software. The two samples from our rating could download and run Zbot Trojans. In addition, Fareit Trojans can steal Bitcoin wallets as well as other crypto-currency wallets (about 30 in total) Trojan.Win32.Bublik.bwbx is in fifth. This program downloads other malware, specifically the Zbot family of Trojans, onto the victim computer. Backdoor.Win32.Androm.bngy came sixth. The Andromeda family of malware consists of backdoors that allow cybercriminals to secretly control a compromised computer. Machines infected by these programs often become parts of botnets. -Worm.Win32.Mydoom.l, a well-known mail worm, was ninth in the rating.

13 The Top 10 for Q1 was completed by a notorious Trojan from the Zbot family. Zbot is a family of Trojans that steal confidential user information. It can also install CryptoLocker, a malicious program that demands money to decrypt user data. Distribution of antivirus detections by country in Q The list of countries most frequently targeted by malicious s has undergone some changes since the third quarter of last year. The US s share grew 3.68 pp while the contribution of the UK, Germany

14 and Hong Kong decreased by 2.27, 1.34 and 2.73 pp respectively. As a result, the US, which was only third in the previous quarter, returned to the top of the rating in Q The share of the other countries did not vary significantly. Phishing As of Q1 2014, we decided to merge two categories and IMS and Search engines in one and search portal category. These portals often have one common account which is responsible both for settings and search history; it is also a mail account as well as providing access to cloud services and other features. Distribution of the Top 100 organizations most frequently targeted by phishers,* by category Q * This rating is based on Kaspersky Lab's anti-phishing component detections, which are activated every time a user attempts to click on a phishing link, regardless of whether the link is in a spam or on a web page.

15 As expected, the and search portals category topped the rating of the phishers most popular targets. Despite the fact that user accounts for the and search portals offer many opportunities, most of these attacks are aimed at gaining access to the service. As well as using for their own purposes, attackers can scour its content for other logins and passwords. This, after all, is where many sites send log-in details if users forget their passwords sometimes including all the information directly in the message body. Other sites go even further, sending the user an containing the login and password immediately after he registers on the portal. To avoid the loss of confidential information, modern mail systems offer a method of two-factor authentication: in addition to the login and password, users have to enter a code sent to their phones by text message. Users should also delete any messages containing confidential information from their account. Social networking sites remain popular with phishers. Although they came second, their share dropped by 1.44 pp from the previous quarter. The most noticeable growth was around Online stores (+2.47 pp). This was caused first of all by increased attacks on coupon services as well as on ticket agencies. The latter saw greater phishing activity in March. The percentage of attacks targeting IT vendors slightly declined (-2.46 pp). The share of the other categories did not change significantly. Conclusion These days almost everyone has a "smart" mobile device and nearly every popular Internet resource has a mobile version. In addition, there are special mobile applications that are increasingly popular. Attackers are exploiting this popularity by spreading fake notifications from mobile applications. In future, this will only become more common. We also expect an increase in the volume of phishing mailings which target passwords for mobile app accounts. Malicious applications for Android OS are being distributed via , but so far they are quite rare. We can expect an increase in the amount of mobile malware in the near future. The main goal of most malicious programs distributed via mail is to steal confidential data. However, in Q1 malware capable of spreading spam and launching DDoS attacks was also popular. Most popular malicious programs are now multifunctional: they can steal data from the victim computer, make the computer part of a botnet, or download and install other malicious programs without the user s knowledge. To bypass filtering, spammers continue to use a variety of tricks. One of the fastest-growing is creating background noise in messages with the help of HTML tags as well as obfuscating links in s. The latest similar trick was to add a UTF-8 symbol to links. This symbol, when it is not placed at the beginning of the text, is interpreted as a null character. In fact, there are loads of such tricks in UTF-8 and the fraudsters make use of them every now and then. The majority of phishing attacks targeted accounts. Users are often lax when it comes to their accounts: many of them use simple logins and passwords. We would like to remind users that a hacked account can allow attackers access to all the information stored in your mailbox including other logins and passwords. We recommend you use strong passwords and two-factor authentication if possible.

SPAM AND PHISHING IN Q2 2015. Tatyana Shcherbakova, Maria Vergelis, Nadezhda Demidova

SPAM AND PHISHING IN Q2 2015. Tatyana Shcherbakova, Maria Vergelis, Nadezhda Demidova SPAM AND PHISHING Tatyana Shcherbakova, Maria Vergelis, Nadezhda Demidova 2 CONTENT SPAM: FEATURES OF THE QUARTER 3 Noising domains 3 World events in Nigerian spam 4 The Google search algorithm update

More information

SPAM AND PHISHING IN Q3 2015. Tatyana Shcherbakova, Maria Vergelis, Nadezhda Demidova

SPAM AND PHISHING IN Q3 2015. Tatyana Shcherbakova, Maria Vergelis, Nadezhda Demidova SPAM AND PHISHING Tatyana Shcherbakova, Maria Vergelis, Nadezhda Demidova 2 CONTENTS SPAM: FEATURES OF THE QUARTER 3 Online dating 3 Seasonal malicious spam 5 Spammer tricks 7 STATISTICS 9 Proportion of

More information

SPAM AND PHISHING IN Q3 2016

SPAM AND PHISHING IN Q3 2016 SPAM AND PHISHING IN Q3 2016 Darya Gudkova, Maria Vergelis, Nadezhda Demidova Contents Spam: quarterly highlights... 3 Malicious spam... 3 Methods and tricks: links in focus... 4 IP obfuscation... 4 URL

More information

Practical tips for a. Safe Christmas

Practical tips for a. Safe Christmas Practical tips for a Safe Christmas CONTENTS 1. Online shopping 2 2. Online games 4 3. Instant messaging and mail 5 4. Practical tips for a safe digital Christmas 6 The Christmas holidays normally see

More information

Kaspersky Lab. Contents

Kaspersky Lab. Contents KASPERSKY DDOS INTELLIGENCE REPORT Q3 2015 Contents Contents... 1 Q3 events... 2 Attacks on financial organizations... 2 Unusual attack scenario... 2 XOR DDoS bot activity... 2 DDoS availability... 3 Statistics

More information

DDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest

DDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest DDoS Attacks: The Latest Threat to Availability Dr. Bill Highleyman Managing Editor Availability Digest The Anatomy of a DDoS Attack Sombers Associates, Inc. 2013 2 What is a Distributed Denial of Service

More information

Malware & Botnets. Botnets

Malware & Botnets. Botnets - 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online

More information

Top Cyber Threats Of 2009

Top Cyber Threats Of 2009 Top Cyber Threats Of 2009 Who were the top 5 riskiest celebrities in 2009? Did spammers really know who killed Michael Jackson? Data from Symantec Security Response November 2009 Top 5 Riskiest Celebrities

More information

The State of Spam A Monthly Report August 2008. Generated by Symantec Messaging and Web Security

The State of Spam A Monthly Report August 2008. Generated by Symantec Messaging and Web Security The State of Spam A Monthly Report August 2008 Generated by Symantec Messaging and Web Security Doug Bowers Executive Editor Antispam Engineering Dermot Harnett Editor Antispam Engineering Joseph Long

More information

Security A to Z the most important terms

Security A to Z the most important terms Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from

More information

WEB ATTACKS AND COUNTERMEASURES

WEB ATTACKS AND COUNTERMEASURES WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in

More information

PHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD

PHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD PHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD April 2013 As cybercriminals will have it, phishing attacks are quite the seasonal trend. It seems that every April, after showing a slight decline

More information

Phishing Scams Security Update Best Practices for General User

Phishing Scams Security Update Best Practices for General User Phishing Scams Security Update Best Practices for General User hishing refers to the malicious attack Pmethod by attackers who imitate legitimate companies in sending emails in order to entice people to

More information

SPAM AND PHISHING IN 2015

SPAM AND PHISHING IN 2015 Kaspersky Security Bulletin SPAM AND PHISHING IN 2015 Maria Vergelis, Tatyana Shcherbakova, Nadezhda Demidova, Darya Loseva #KLReport KASPERSKY SECURITY BULLETIN CONTENT THE YEAR IN FIGURES... 3 NEW DOMAIN

More information

DDoS Attacks Can Take Down Your Online Services

DDoS Attacks Can Take Down Your Online Services DDoS Attacks Can Take Down Your Online Services Dr. Bill Highleyman Managing Editor, Availability Digest Continuity Insights New York 2014 October 8, 2014 editor@availabilitydigest.com Who Am I? Dr. Bill

More information

Security guide. small businesses and freelancers. Security guide 1

Security guide. small businesses and freelancers. Security guide 1 Security guide small businesses and freelancers Security guide 1 1. Introduction 3. The most dangerous types of threats 5. Will you let us protect you? 2. Where is the danger and how can we protect ourselves?

More information

CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP

CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP August 2014 RSA agents recently traced a threat actor advertising a mobile credit card store application. The cybercriminal shared the information

More information

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details: Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for

More information

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Today s bank customers can perform most of their financial activities online. According to a global survey

More information

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know

More information

DON T BE FOOLED BY EMAIL SPAM FREE GUIDE. Provided by: Don t Be Fooled by Spam E-Mail FREE GUIDE. December 2014 Oliver James Enterprise

DON T BE FOOLED BY EMAIL SPAM FREE GUIDE. Provided by: Don t Be Fooled by Spam E-Mail FREE GUIDE. December 2014 Oliver James Enterprise Provided by: December 2014 Oliver James Enterprise DON T BE FOOLED BY EMAIL SPAM FREE GUIDE 1 This guide will teach you: How to spot fraudulent and spam e-mails How spammers obtain your email address How

More information

Digital Consumer s Online Trends and Risks

Digital Consumer s Online Trends and Risks Digital Consumer s Online Trends and Risks Modern consumers live a full-scale digital life. Their virtual assets like personal photos and videos, work documents, passwords to access social networking and

More information

Phishing Activity Trends

Phishing Activity Trends Phishing Activity Trends Report for the Month of, 27 Summarization of Report Findings The number of phishing reports received by the (APWG) came to 23,61 in, a drop of over 6, from January s previous record

More information

Malware Trend Report, Q2 2014 April May June

Malware Trend Report, Q2 2014 April May June Malware Trend Report, Q2 2014 April May June 5 August 2014 Copyright RedSocks B.V. 2014. All Rights Reserved. Table of Contents 1. Introduction... 3 2. Overview... 4 2.1. Collecting Malware... 5 2.2. Processing...

More information

Practical guide for secure Christmas shopping. Navid

Practical guide for secure Christmas shopping. Navid Practical guide for secure Christmas shopping Navid 1 CONTENTS 1. Introduction 3 2. Internet risks: Threats to secure transactions 3 3. What criteria should a secure e-commerce page meet?...4 4. What security

More information

The Increasing Threat of Malware for Android Devices. 6 Ways Hackers Are Stealing Your Private Data and How to Stop Them

The Increasing Threat of Malware for Android Devices. 6 Ways Hackers Are Stealing Your Private Data and How to Stop Them The Increasing Threat of Malware for Android Devices 6 Ways Hackers Are Stealing Your Private Data and How to Stop Them INTRODUCTION If you own a smartphone running the Android operating system, like the

More information

Perception and knowledge of IT threats: the consumer s point of view

Perception and knowledge of IT threats: the consumer s point of view Perception and knowledge of IT threats: the consumer s point of view It s hard to imagine life without digital devices, be it a large desktop computer or a smartphone. Modern users are storing some of

More information

December 2010 Report #48

December 2010 Report #48 December 2010 Report #48 With the holidays in full gear, Symantec observed an increase of 30 percent in the product spam category as spammers try to push Christmas gifts and other products. While the increase

More information

Phishing Activity Trends Report June, 2006

Phishing Activity Trends Report June, 2006 Phishing Activity Trends Report, 26 Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers' personal identity data and financial account

More information

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination

More information

Protection for Mac and Linux computers: genuine need or nice to have?

Protection for Mac and Linux computers: genuine need or nice to have? Protection for Mac and Linux computers: genuine need or nice to have? The current risk to computers running non-windows platforms is small but growing. As Mac and Linux computers become more prevalent

More information

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks White paper Phishing, Vishing and Smishing: Old Threats Present New Risks How much do you really know about phishing, vishing and smishing? Phishing, vishing, and smishing are not new threats. They have

More information

Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms

Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms Overview Common Internet Threats Tom Chothia Computer Security, Lecture 19 Phishing Sites Trojans, Worms, Viruses, Drive-bydownloads Net Fast Flux Domain Flux Infiltration of a Net Underground economy.

More information

Overview. Malware Trends. Internet Threats Trend Report - February 2013. 178,000 Android malware samples

Overview. Malware Trends. Internet Threats Trend Report - February 2013. 178,000 Android malware samples Internet Threats Trend Report February 2013 Overview The fourth quarter of 2012 showed exponentially increased levels of Android malware as well as Web threats (phishing) that truly threatened mobile users.

More information

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org INTERNET & COMPUTER SECURITY March 20, 2010 Scoville Library ccayne@biblio.org Internet: Computer Password strength Phishing Malware Email scams Identity Theft Viruses Windows updates Browser updates Backup

More information

Recognizing Spam. IT Computer Technical Support Newsletter

Recognizing Spam. IT Computer Technical Support Newsletter IT Computer Technical Support Newsletter March 23, 2015 Vol.1, No.22 Recognizing Spam Spam messages are messages that are unwanted. If you have received an e-mail from the Internal Revenue Service or the

More information

May 2011 Report #53. The following trends are highlighted in the May 2011 report:

May 2011 Report #53. The following trends are highlighted in the May 2011 report: May 2011 Report #53 The unexpected raid and resulting death of Osama Bin Laden shocked the world. As always, spammers were quick to jump on this headline, and send a variety of spam messages leveraging

More information

Anti-Phishing Best Practices for ISPs and Mailbox Providers

Anti-Phishing Best Practices for ISPs and Mailbox Providers Anti-Phishing Best Practices for ISPs and Mailbox Providers Version 2.01, June 2015 A document jointly produced by the Messaging, Malware and Mobile Anti-Abuse Working Group (M 3 AAWG) and the Anti-Phishing

More information

A TASTE OF HTTP BOTNETS

A TASTE OF HTTP BOTNETS Botnets come in many flavors. As one might expect, these flavors all taste different. A lot of Internet users have had their taste of IRC, P2P and HTTP based botnets as their computers were infected with

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

G Data Mobile MalwareReport. Half-Year Report July December 2013. G Data SecurityLabs

G Data Mobile MalwareReport. Half-Year Report July December 2013. G Data SecurityLabs G Data Mobile MalwareReport Half-Year Report July December 2013 G Data SecurityLabs Contents At a glance... 2 Android malware: share of PUPs increasing significantly... 3 Android.Application consists of

More information

Security Statement. I. Secure Your PC

Security Statement. I. Secure Your PC Security Statement The security of your accounts and personal information is Sonabank s highest priority. Regardless of your preferred method of banking in person, by telephone or online you need to know

More information

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

When you listen to the news, you hear about many different forms of computer infection(s). The most common are: Access to information and entertainment, credit and financial services, products from every corner of the world even to your work is greater than ever. Thanks to the Internet, you can conduct your banking,

More information

STOP Cybercriminals and. security attacks ControlNow TM Whitepaper

STOP Cybercriminals and. security attacks ControlNow TM Whitepaper STOP Cybercriminals and security attacks ControlNow TM Whitepaper Table of Contents Introduction 3 What the headlines don t tell you 4 The malware (r)evolution 5 Spear phishing scams 5 Poisoned searches

More information

March 2010 Report #39

March 2010 Report #39 March 2010 Report #39 Scam and phishing messages in February accounted for 19 percent of all spam, which is 2 percentage points lower than in January, but nevertheless an elevated level. Spammers continued

More information

Computer Security Self-Test: Questions & Scenarios

Computer Security Self-Test: Questions & Scenarios Computer Security Self-Test: Questions & Scenarios Rev. Sept 2015 Scenario #1: Your supervisor is very busy and asks you to log into the HR Server using her user-id and password to retrieve some reports.

More information

Cyber Security. Maintaining Your Identity on the Net

Cyber Security. Maintaining Your Identity on the Net Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD

More information

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime sponsored by Introduction

More information

September 2009 Report #33

September 2009 Report #33 September 2009 Report #33 Overall spam volumes averaged at 87 percent of all email messages in August 2009. Health spam decreased again this month and averaged at 6.73 percent, while over 29 percent of

More information

Phishing Activity Trends Report for the Month of December, 2007

Phishing Activity Trends Report for the Month of December, 2007 Phishing Activity Trends Report for the Month of December, 2007 Summarization of December Report Findings The total number of unique phishing reports submitted to APWG in December 2007 was 25,683, a decrease

More information

Protecting against Mobile Attacks

Protecting against Mobile Attacks 2014-APR-17 Protecting against Mobile Attacks Frankie Wong Security Analyst, HKCERT 1 Image source: http://www.techweekeurope.co.uk/news/mobile-malware-record-mcafee-125537 2 Agenda Attacks moving to mobile

More information

STATISTICS ON BOTNET-ASSISTED DDOS ATTACKS IN Q1 2015

STATISTICS ON BOTNET-ASSISTED DDOS ATTACKS IN Q1 2015 STATISTICS ON BOTNET-ASSISTED DDOS ATTACKS IN Q1 2015 www.kaspersky.com 2 CONTENTS Methodology 3 Main findings 4 Geography of attacks 5 Time variations in the number of DDoS attacks 7 Types and duration

More information

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop

More information

How to Identify Phishing E-Mails

How to Identify Phishing E-Mails How to Identify Phishing E-Mails How to recognize fraudulent emails and avoid being phished. Presented by : Miguel Fra, Falcon IT Services (miguel@falconitservices.com) http://www.falconitservices.com

More information

Mobile Security Framework; Advances in Mobile Governance in Korea. TaeKyung Kim tkkim@stu.ac.kr

Mobile Security Framework; Advances in Mobile Governance in Korea. TaeKyung Kim tkkim@stu.ac.kr Mobile Security Framework; Advances in Mobile Governance in Korea TaeKyung Kim tkkim@stu.ac.kr I. e-banking in Korea 1. e-banking? BIS (Bank for International Settlements) - e-finance(electronic banking)

More information

Global Corporate IT Security Risks: 2013

Global Corporate IT Security Risks: 2013 Global Corporate IT Security Risks: 2013 May 2013 For Kaspersky Lab, the world s largest private developer of advanced security solutions for home users and corporate IT infrastructures, meeting the needs

More information

KASPERSKY LAB REPORT. Financial cyberthreats in 2014. #KLReport

KASPERSKY LAB REPORT. Financial cyberthreats in 2014. #KLReport KASPERSKY LAB REPORT Financial cyberthreats in 2014 #KLReport February 2015 2 Kaspersky Lab Report: Financial cyberthreats in 2014 CONTENTS Executive Summary and Main Findings... 3 Financial Phishing...

More information

E-Commerce Security and Fraud Protection CHAPTER 9

E-Commerce Security and Fraud Protection CHAPTER 9 E-Commerce Security and Fraud Protection CHAPTER 9 LEARNING OBJECTIVES 1. Understand the importance and scope of security of information systems for EC. 2. Describe the major concepts and terminology of

More information

Visa CREDIT Card General Guidelines

Visa CREDIT Card General Guidelines Visa CREDIT Card General Guidelines General Account Information Phone Numbers and Addresses It is very important to keep us up-to-date with your correct address and phone number. Card reissues/replacements

More information

KASPERSKY LAB REPORT. Financial cyber threats in 2013

KASPERSKY LAB REPORT. Financial cyber threats in 2013 KASPERSKY LAB REPORT Financial cyber threats in 2013 April 2014 2 Kaspersky Lab Report: Financial cyber threats in 2013 TABLE OF CONTENTS Introduction. Money and risks in a multi-device world 3 Methodology

More information

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,

More information

Statistical Analysis of Internet Security Threats. Daniel G. James

Statistical Analysis of Internet Security Threats. Daniel G. James Statistical Analysis of Internet Security Threats Daniel G. James ABSTRACT The purpose of this paper is to analyze the statistics surrounding the most common security threats faced by Internet users. There

More information

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data Avoiding Malware in Your Dental Practice 10 Best Practices to Defend Your Data Avoiding Malware in Your Dental Practice Like most small business owners, you must protect your dental practice s computer

More information

January 2011 Report #49. The following trends are highlighted in the January 2011 report:

January 2011 Report #49. The following trends are highlighted in the January 2011 report: January 2011 Report #49 Spam made up 81.69% of all messages in December, compared with 84.31% in November. The consistent drop in spam made us wonder, did spammers take a holiday break? Global spam volume

More information

Information Security Threat Trends

Information Security Threat Trends Talk @ Microsoft Security Day Sep 2005 Information Security Threat Trends Mr. S.C. Leung 梁 兆 昌 Senior Consultant 高 級 顧 問 CISSP CISA CBCP M@PISA Email: scleung@hkcert.org 香 港 電 腦 保 安 事 故 協 調 中 心 Introducing

More information

EMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER

EMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER EMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER March 2013 Phishing attacks are notorious for their potential harm to online banking and credit card users who may fall prey to phishers looking to steal information

More information

MALICIOUS REDIRECTION A Look at DNS-Changing Malware

MALICIOUS REDIRECTION A Look at DNS-Changing Malware MALICIOUS REDIRECTION A Look at DNS-Changing Malware What are Domain Naming System (DNS)-changing malware? These recently garnered a lot of attention due to the recent Esthost takedown that involved a

More information

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent

More information

Cryptography and Network Security Chapter 21. Malicious Software. Backdoor or Trapdoor. Logic Bomb 4/19/2010. Chapter 21 Malicious Software

Cryptography and Network Security Chapter 21. Malicious Software. Backdoor or Trapdoor. Logic Bomb 4/19/2010. Chapter 21 Malicious Software Cryptography and Network Security Chapter 21 Fifth Edition by William Stallings Chapter 21 Malicious Software What is the concept of defense: The parrying of a blow. What is its characteristic feature:

More information

TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY

TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY An Inside Job Cyberthreats to your business are usually blamed on outsiders nefarious programmers writing malicious code designed to pilfer your

More information

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc. Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References

More information

Global IT Security Risks: 2012

Global IT Security Risks: 2012 Global IT Security Risks: 2012 Kaspersky Lab is a leading developer of secure content and threat management solutions and was recently named a Leader in the Gartner Magic Quadrant for Endpoint Protection

More information

In 2015, just under half (43%) of the world s population has an Internet connection: 3.2 billion people, compared to 2.9 billion in July 2014.

In 2015, just under half (43%) of the world s population has an Internet connection: 3.2 billion people, compared to 2.9 billion in July 2014. Contents Introduction... 1 Main findings... 2 Methodology... 3 Section 1. Device usage... 4 Section 2. Online and on the move: Internet activity... 6 Section 3. The connected treasure chest: what is stored

More information

Learn to protect yourself from Identity Theft. First National Bank can help.

Learn to protect yourself from Identity Theft. First National Bank can help. Learn to protect yourself from Identity Theft. First National Bank can help. Your identity is one of the most valuable things you own. It s important to keep your identity from being stolen by someone

More information

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

PROTECT YOUR COMPUTER AND YOUR PRIVACY! PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That

More information

Analysis of the Australian Web Threat Landscape Christopher Ke, Jonathan Oliver and Yang Xiang

Analysis of the Australian Web Threat Landscape Christopher Ke, Jonathan Oliver and Yang Xiang Analysis of the Australian Web Threat Landscape Christopher Ke, Jonathan Oliver and Yang Xiang Deakin University, 221 Burwood Highway, Burwood, Victoria 3125, Australia Trend Micro 606 St Kilda Road, Melbourne,

More information

Managing Web Security in an Increasingly Challenging Threat Landscape

Managing Web Security in an Increasingly Challenging Threat Landscape Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.

More information

Don t Fall Victim to Cybercrime:

Don t Fall Victim to Cybercrime: Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security

More information

Phishing Activity Trends Report. 1 st Half 2009. Committed to Wiping Out Internet Scams and Fraud

Phishing Activity Trends Report. 1 st Half 2009. Committed to Wiping Out Internet Scams and Fraud 1 st Half 2009 Committed to Wiping Out Internet Scams and Fraud January June 2009 Phishing Report Scope The quarterly APWG analyzes phishing attacks reported to the APWG by its member companies, its Global

More information

white paper Malware Security and the Bottom Line

white paper Malware Security and the Bottom Line Malware Security Report: Protecting Your BusineSS, Customers, and the Bottom Line Contents 1 Malware is crawling onto web sites everywhere 1 What is Malware? 2 The anatomy of Malware attacks 3 The Malware

More information

Blackhole Exploit Kit: A Spam Campaign, Not a Series of Individual Spam Runs AN IN-DEPTH ANALYSIS

Blackhole Exploit Kit: A Spam Campaign, Not a Series of Individual Spam Runs AN IN-DEPTH ANALYSIS Trend Micro Incorporated Research Paper 2012 Blackhole Exploit Kit: A Spam Campaign, Not a Series of Individual Spam Runs AN IN-DEPTH ANALYSIS By: Jon Oliver, Sandra Cheng, Lala Manly, Joey Zhu, Roland

More information

Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May 2014. TrustInAds.org. Keeping people safe from bad online ads

Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May 2014. TrustInAds.org. Keeping people safe from bad online ads Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams May 2014 TrustInAds.org Keeping people safe from bad online ads OVERVIEW Today, even the most tech savvy individuals can find themselves

More information

Information Security Field Guide to Identifying Phishing and Scams

Information Security Field Guide to Identifying Phishing and Scams Information Security Field Guide to Identifying Phishing and Scams 010001010100101010001010011010101010101010101 01000101010011010010100101001010 1 Contents Introduction Phishing Spear Phishing Scams Reporting

More information

Storm Worm & Botnet Analysis

Storm Worm & Botnet Analysis Storm Worm & Botnet Analysis Jun Zhang Security Researcher, Websense Security Labs June 2008 Introduction This month, we caught a new Worm/Trojan sample on ours labs. This worm uses email and various phishing

More information

September 2009 Report #23. There was a 11 percent increase from the previous month in non-english phishing sites

September 2009 Report #23. There was a 11 percent increase from the previous month in non-english phishing sites September 2009 Report #23 The data in this report is aggregated from a combination of sources including Symantec s Phish Report Network (PRN), strategic partners, customers and security solutions. This

More information

DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS

DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS December 2011 November saw DNS Poisoning, aka Pharming, making the headlines on more than one occasion: To name a few, the online threat

More information

SMALL BUSINESS IT SECURITY PRACTICAL GUIDE

SMALL BUSINESS IT SECURITY PRACTICAL GUIDE SMALL BUSINESS IT SECURITY PRACTICAL GUIDE How to make sure your business has comprehensive IT security protection #protectmybiz Small businesses come in all shapes and sizes. But in today s world, no

More information

OIG Fraud Alert Phishing

OIG Fraud Alert Phishing U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION Washington, D.C. 20507 Office of Inspector General Aletha L. Brown Inspector General July 22, 2005 OIG Fraud Alert Phishing What is Phishing? Phishing is a

More information

Streamlining Web and Email Security

Streamlining Web and Email Security How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Streamlining Web and Email Security sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor

More information

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious programs,

More information

BOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL

BOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL BOTNETS Douwe Leguit, Manager Knowledge Center GOVCERT.NL Agenda Bots: what is it What is its habitat How does it spread What are its habits Dutch cases Ongoing developments Visibility of malware vs malicious

More information

Symantec enterprise security. Symantec Internet Security Threat Report April 2009. An important note about these statistics.

Symantec enterprise security. Symantec Internet Security Threat Report April 2009. An important note about these statistics. Symantec enterprise security Symantec Internet Security Threat Report April 00 Regional Data Sheet Latin America An important note about these statistics The statistics discussed in this document are based

More information

How Attackers are Targeting Your Mobile Devices. Wade Williamson

How Attackers are Targeting Your Mobile Devices. Wade Williamson How Attackers are Targeting Your Mobile Devices Wade Williamson Today s Agenda Brief overview of mobile computing today Understanding the risks Analysis of recently discovered malware Protections and best

More information

SY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

SY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped

More information

Spyware: Securing gateway and endpoint against data theft

Spyware: Securing gateway and endpoint against data theft Spyware: Securing gateway and endpoint against data theft The explosion in spyware has presented businesses with increasing concerns about security issues, from data theft and network damage to reputation

More information

OutbreakShield Effective and Immediate Protection against Email Virus Outbreaks

OutbreakShield Effective and Immediate Protection against Email Virus Outbreaks OutbreakShield Effective and Immediate Protection against Email Virus Outbreaks Ralf Benzmüller G DATA Software AG Introduction The virus protection provided by all current antivirus software products

More information

MITB Grabbing Login Credentials

MITB Grabbing Login Credentials MITB Grabbing Login Credentials Original pre-login fields UID, password & site Modified pre-login fields Now with ATM details and MMN New fields added MITB malware inserted additional fields. Records them,

More information

Kaspersky Security 10 for Mobile Implementation Guide

Kaspersky Security 10 for Mobile Implementation Guide Kaspersky Security 10 for Mobile Implementation Guide APPLICATION VERSION: 10.0 MAINTENANCE RELEASE 1 Dear User, Thank you for choosing our product. We hope that you will find this documentation useful

More information

3 Email Marketing Security Risks. How to combat the threats to the security of your Email Marketing Database

3 Email Marketing Security Risks. How to combat the threats to the security of your Email Marketing Database 3 Email Marketing Security Risks How to combat the threats to the security of your Email Marketing Database Email Marketing Guide June 2013 Security Threats PROTECTING YOUR EMAIL DATABASE FROM HACKERS

More information