PHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD

Size: px
Start display at page:

Download "PHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD"

Transcription

1 PHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD April 2013 As cybercriminals will have it, phishing attacks are quite the seasonal trend. It seems that every April, after showing a slight decline in phishing in the first quarter of the year, they wake up and get back to work on vast spam campaigns that take advantage of tax-filing season. This time of year brings a few flavors of spam into the mailboxes of online users, including malware attachments that appear as communications such as tax statements or unclaimed refunds. In this special highlight, we will cover the main types of online threats we often see during the tax filing season, most of which are already rampant in the wild. Tax Authority Phishing Themes Although phishing is most often a direct attack, targeting account holders by presenting them with messages from their online banking provider, indirect phishing can be just as efficient, if not more. In these scams, phishers will create an appearing to come from the local tax authority, encouraging taxpayers to browse to a (phishing) page where they will be tricked into believing they are opening an online account, updating their personal information, contesting a fraudulent statement or receiving a refund. Phishers use the taxation entity s credibility and authority in order to ask victims to part with their personal information, address and phone details as well as account information, access to online and phone banking, as well as complete credit card details. Those attacks can be very elaborate and eventually allow criminals to devise a wider array of identity theft scenarios, including loan and credit card application, fraudulent ecommerce purchases, fraudulent tax filing, and bank account takeover. FRAUD REPORT

2 Tax-Themed Phishing Elaborate phishing page designed to steal access credentials and personal financial information Malware Hidden In Tax-Themed s Another very popular threat during tax season is malware-laden , purporting to come from a tax authority, usually with a threatening message urging the user to download and open an attachment. The file is actually a Trojan executable, which can sometimes be revealed by simply looking at the file extension, like in the image below. Note that the file extension is.pdf followed by.exe a Trojan executable file. One of the malware campaigns currently active in the wild is spreading the Brazilian Banker Trojan ( Bancos ) under the guise of a message from the fiscal authority in Brazil. Tax-Themed Malware Spam purporting to come from tax authorities, urging users to download and open an attachment. page 2

3 Here too, it is easy to see that the fake file extension is not really a Microsoft Word document (.docx), but rather an.exe hiding the Trojan s executable. Tax-Themed Malware Spam purporting to come from Brazilian tax authorities, urging users to download and open the concealed Bancos Trojan Online Tax-Filing Scams Since tax authorities have been allowing taxpayers to file their annual declarations with online service providers, criminals have been increasingly interested in phishing for access credentials to victims user accounts in hopes of rerouting the refund payments that may be due. In many cases, fraudsters check if the potential victim has already filed the return, and if not, they will proceed to filing a false declaration in the victim s name, using numbers that will result in a refund, and then attempt to have the expected payment sent to a prepaid card or an account they control. The U.S. Internal Revenue Service reported it saw an 80% increase in tax-return fraud between 2011 and 2012 a number that is likely to continue growing. One of the present campaigns running in the wild falsely alerts taxpayers that their return was rejected, all while delivering a Trojan attachment (.exe) in the guise of an archived file (.zip). Online Filing Scams to tax filers that a refund has been rejected and lures them to download a file with hidden malware. Taxpayer User Account Takeover Attempts In this last example of tax-themed online threats, some riminals, usually operating locally and versed with the regional processes, will attempt to phish a taxpayer for his access credentials to the tax authority s web services. page 3

4 From there, the criminals will attempt to gain insight into amounts possibly due to the victim, find out if they already filed a tax return, attempt to modify the account refund(s) should be sent to, or in other cases, create a fake account with an online tax filing service to submit a bogus return in order to yield a refund. The actual phishing can be carried out online, by directing taxpayers to click and browse to a hyperlink inside an , or by opening the attack locally a local HTML phishing scam that will appear on the victim s PC. In the following image, the taxpayer received an HMTL file inside the containing the phishing page. The URL that will appear when opening that file, will show a local path on the user s PC. Once harvested, data from such standalone attacks will end up being sent to the phisher thereafter. Tax Authority Online Service Takeover Attempt purporting to come from a tax authority, hosting a standalone phishing attack to harvest taxpayer information. CONCLUSION Although phishing attack numbers can fluctuate monthly and depend on factors that are harder to predict, trends such as annual tax filing season remain rather consistent. Tax-filing season is probably one of the most popular times of the year for phishers to hit taxpayers with spam and malware infections since tax authorities can be a driver that would make people react quickly to emotional triggers such as: Entitlement expecting a tax refund and wishing to receive it ASAP Anxiety being faced with the (false) accusation of a rejected/fraudulent statement and wanting to rectify the issue Sense of obligation having to comply with the civil obligation to report to the taxation authorities In terms of the time-span for this seasonal trend, tax deadlines typically fall on April 15, but fraudsters are known to begin sending this type of spam in February and continue spreading the campaigns well into May and June, in the shape of fake returns and bogus rejected/fraudulent statements. This phenomenon is often reflected in phishing attack spikes recorded annually through Q2. Just as financial institutions have been active in educating online users, tax agencies have also started similar campaigns to warn consumers to be alert during tax season. page 4

5 Phishing Attacks per Month RSA identified 24,347 phishing attacks launched worldwide in March, marking an 11% decrease in attack volume from the previous month, yet a 27% increase yearover-year in comparison to March Mar Apr May Jul 12 Jun Aug Nov 12 Oct 12 Sep Dec 12 Jan Mar 13 Feb 13 Source: RSA Anti-Fraud Command Center Number of Brands Attacked In March, 260 brands were targeted in phishing attacks, marking a 1% increase from February. Of the 260 targeted brands, 46% suffered five attacks or less Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb 13 Mar 13 Source: RSA Anti-Fraud Command Center page 5

6 US Bank Types Attacked U.S. nationwide banks saw a slight decline in attack volume in March decreasing 6%. However, credit unions saw a relatively sharp increase, more than doubling from 8% to 17%. On occasion, phishers like to change up their attack methods and go after less targeted financial institutions, attempting to see if online/phone banking security measures with these banks could be more easily exploited % 7% 20% 10% 11% 11% 9% 9% 12% 6% 15% 8% 17% 30% 11% 18% 12% 15% 15% 14% 14% 9% 15% 15% 23% 23% 58% 82% 62% 78% 74% 74% 77% 77% 79% 79% 70% 69% 60% Source: RSA Anti-Fraud Command Center Mar 13 Feb 13 Jan 13 Dec 12 Nov 12 Oct 12 Sep 12 Aug 12 Jul 12 Jun 12 May 12 Apr 12 Mar 12 a Australia South Korea Canada China India 4% Germany UK Top Countries by Attack Volume The U.S. was targeted by about half of all phishing volume in March. The UK accounted for 13% of attack volume while South Africa experienced an increase with 9% of attack volume. After the UK, the Netherlands was the country in Europe that endured the second highest attack volume in March at 5%. Canada 4% Netherlands 5% South Africa 9t% United Kingdom 13% U.S. 49% 38 Other Countries 16% page 6

7 a US S Africa China India 3% Italy Canada Netherlands India Bra Top Countries by Attacked Brands U.S. brands were once again most targeted by phishing in March, experiencing 27% of attack volume. Together, brands in the UK, Australia, India and Brazil accounted for 25% of attack volume. United Kingdom 12% Australia 5% Brazil 4% 39 Other Countries 48% U.S. 27% a US S Africa Netherlands 3% China Italy Colombia 3% Canada Netherlands India B United Kingdom 4% Top Hosting Countries Canada 5% In March, the U.S. hosted just over half of all global phishing attacks, followed by Germany 6% Germany, Canada and the UK. Colombia hosted 3% of phishing attacks during the month. U.S. 51% 57 Other Countries 28% page 7

8 CONTACT US To learn more about how RSA products, services, and solutions help solve your business and IT challenges contact your local representative or authorized reseller or visit us at EMC Corporation. EMC, RSA, the RSA logo, and FraudAction are trademarks or registered trademarks of EMC Corporation in the U.S. and/or other countries. All other trademarks mentioned are the property of their respective holders. APR RPT 0413

EMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER

EMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER EMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER March 2013 Phishing attacks are notorious for their potential harm to online banking and credit card users who may fall prey to phishers looking to steal information

More information

BUGAT TROJAN JOINS THE MOBILE REVOLUTION

BUGAT TROJAN JOINS THE MOBILE REVOLUTION BUGAT TROJAN JOINS THE MOBILE REVOLUTION June 2013 RSA researchers analyzing Bugat Trojan attacks have recently learned that Bugat s developers managed to develop and deploy mobile malware designed to

More information

PHISH LOCKERS OUT IN THE WILD

PHISH LOCKERS OUT IN THE WILD PHISH LOCKERS OUT IN THE WILD August 2013 RSA researchers have been increasingly witnessing the activity of highly targeted Trojans, dubbed Phish Lockers, used at the hands of cybercriminals to steal credentials.

More information

DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS

DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS December 2011 November saw DNS Poisoning, aka Pharming, making the headlines on more than one occasion: To name a few, the online threat

More information

CITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS

CITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS CITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS May 2012 As of April 30th, 2012 the Citadel Trojan was at its fourth upgrade with Version 1.3.4.0 already in the hands of its customers. Citadel s features, bug

More information

CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP

CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP August 2014 RSA agents recently traced a threat actor advertising a mobile credit card store application. The cybercriminal shared the information

More information

BEHIND THE SCENES OF A FAKE TOKEN MOBILE APP OPERATION

BEHIND THE SCENES OF A FAKE TOKEN MOBILE APP OPERATION BEHIND THE SCENES OF A FAKE TOKEN MOBILE APP OPERATION December 2013 In the last few years, we have seen the mobile space explode with malware. According to a recent report by Trend Micro, the number of

More information

MALWARE TOOLS FOR SALE ON THE OPEN WEB

MALWARE TOOLS FOR SALE ON THE OPEN WEB MALWARE TOOLS FOR SALE ON THE OPEN WEB May 2014 RSA Research, while investigating a Zeus Trojan sample, discovered an additional drop server used by a fraudster who is offering a set of spyware tools for

More information

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks White paper Phishing, Vishing and Smishing: Old Threats Present New Risks How much do you really know about phishing, vishing and smishing? Phishing, vishing, and smishing are not new threats. They have

More information

AT&T Global Network Client for Windows Product Support Matrix January 29, 2015

AT&T Global Network Client for Windows Product Support Matrix January 29, 2015 AT&T Global Network Client for Windows Product Support Matrix January 29, 2015 Product Support Matrix Following is the Product Support Matrix for the AT&T Global Network Client. See the AT&T Global Network

More information

Who Is Fighting Phishing

Who Is Fighting Phishing Who Is Fighting Phishing An Overview of the Phishing Lifecycle and the Entities Involved White Paper Who Is Fighting Phishing An Overview of the Phishing Lifecycle and the Entities Involved Contents Introduction

More information

Analysis One Code Desc. Transaction Amount. Fiscal Period

Analysis One Code Desc. Transaction Amount. Fiscal Period Analysis One Code Desc Transaction Amount Fiscal Period 57.63 Oct-12 12.13 Oct-12-38.90 Oct-12-773.00 Oct-12-800.00 Oct-12-187.00 Oct-12-82.00 Oct-12-82.00 Oct-12-110.00 Oct-12-1115.25 Oct-12-71.00 Oct-12-41.00

More information

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS* COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) 2 Fixed Rates Variable Rates FIXED RATES OF THE PAST 25 YEARS AVERAGE RESIDENTIAL MORTGAGE LENDING RATE - 5 YEAR* (Per cent) Year Jan Feb Mar Apr May Jun

More information

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS* COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) 2 Fixed Rates Variable Rates FIXED RATES OF THE PAST 25 YEARS AVERAGE RESIDENTIAL MORTGAGE LENDING RATE - 5 YEAR* (Per cent) Year Jan Feb Mar Apr May Jun

More information

Phishing Activity Trends

Phishing Activity Trends Phishing Activity Trends Report for the Month of, 27 Summarization of Report Findings The number of phishing reports received by the (APWG) came to 23,61 in, a drop of over 6, from January s previous record

More information

SYMANTEC INTELLIGENCE REPORT NOVEMBER 2013

SYMANTEC INTELLIGENCE REPORT NOVEMBER 2013 SYMANTEC INTELLIGENCE REPORT NOVEMBER 2013 p. 2 CONTENTS CONTENTS 3 Executive Summary 4 BIG NUMBERS 7 TARGETED ATTACKS 8 Targeted Attacks in 2013 8 Targeted Attacks per Day 8 First Attacks Logged by Month

More information

Using big data analytics to identify malicious content: a case study on spam emails

Using big data analytics to identify malicious content: a case study on spam emails Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime

More information

Dragonfly: Energy Companies Under Sabotage Threat Symantec Security Response

Dragonfly: Energy Companies Under Sabotage Threat Symantec Security Response Dragonfly: Energy Companies Under Sabotage Threat Symantec Security Response Dragonfly: Western Energy Companies Under Sabotage Threat 1 What is Dragonfly? Ongoing cyberespionage campaign Targeting the

More information

Phishing Activity Trends Report for the Month of December, 2007

Phishing Activity Trends Report for the Month of December, 2007 Phishing Activity Trends Report for the Month of December, 2007 Summarization of December Report Findings The total number of unique phishing reports submitted to APWG in December 2007 was 25,683, a decrease

More information

September 2009 Report #23. There was a 11 percent increase from the previous month in non-english phishing sites

September 2009 Report #23. There was a 11 percent increase from the previous month in non-english phishing sites September 2009 Report #23 The data in this report is aggregated from a combination of sources including Symantec s Phish Report Network (PRN), strategic partners, customers and security solutions. This

More information

Phishing Activity Trends Report. 1 st Half 2009. Committed to Wiping Out Internet Scams and Fraud

Phishing Activity Trends Report. 1 st Half 2009. Committed to Wiping Out Internet Scams and Fraud 1 st Half 2009 Committed to Wiping Out Internet Scams and Fraud January June 2009 Phishing Report Scope The quarterly APWG analyzes phishing attacks reported to the APWG by its member companies, its Global

More information

Phishing Activity Trends Report June, 2006

Phishing Activity Trends Report June, 2006 Phishing Activity Trends Report, 26 Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers' personal identity data and financial account

More information

Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8

Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8 Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138 Exhibit 8 Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 2 of 138 Domain Name: CELLULARVERISON.COM Updated Date: 12-dec-2007

More information

Phishing Trends Report

Phishing Trends Report Phishing Trends Report Analysis of Online Financial Fraud Threats Second Quarter, 2009 For more information, please contact: info@internetidentity.com 888.239.6932 www.internetidentity.com Internet Identity

More information

Phishing Scams Security Update Best Practices for General User

Phishing Scams Security Update Best Practices for General User Phishing Scams Security Update Best Practices for General User hishing refers to the malicious attack Pmethod by attackers who imitate legitimate companies in sending emails in order to entice people to

More information

DETECT MONITORING SERVICES AND DETECT SAFE BROWSING: Empowering Tools to Prevent Account Takeovers

DETECT MONITORING SERVICES AND DETECT SAFE BROWSING: Empowering Tools to Prevent Account Takeovers DETECT MONITORING SERVICES AND DETECT SAFE BROWSING: Empowering Tools to Prevent Account Takeovers SUMMARY The Federal Financial Institutions Examination Council (FFIEC) is planning to update online transaction

More information

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent

More information

2012 NORTON CYBERCRIME REPORT

2012 NORTON CYBERCRIME REPORT 2012 NORTON CYBERCRIME REPORT 2012 NORTON CYBERCRIME REPORT 24 COUNTRIES AUSTRALIA, BRAZIL, CANADA, CHINA, COLOMBIA, DENMARK, FRANCE, GERMANY, INDIA, ITALY, JAPAN, MEXICO, NETHERLANDS, NEW ZEALAND, POLAND,

More information

Win the Internet Security War. Keep Internet Criminals Out of Your Network and Protect Your Business

Win the Internet Security War. Keep Internet Criminals Out of Your Network and Protect Your Business Win the Internet Security War Keep Internet Criminals Out of Your Network and Protect Your Business Takeaways Cyber-criminals are using emails & social engineering to infiltrate your network Your team

More information

Recognizing Spam. IT Computer Technical Support Newsletter

Recognizing Spam. IT Computer Technical Support Newsletter IT Computer Technical Support Newsletter March 23, 2015 Vol.1, No.22 Recognizing Spam Spam messages are messages that are unwanted. If you have received an e-mail from the Internal Revenue Service or the

More information

Enhanced Vessel Traffic Management System Booking Slots Available and Vessels Booked per Day From 12-JAN-2016 To 30-JUN-2017

Enhanced Vessel Traffic Management System Booking Slots Available and Vessels Booked per Day From 12-JAN-2016 To 30-JUN-2017 From -JAN- To -JUN- -JAN- VIRP Page Period Period Period -JAN- 8 -JAN- 8 9 -JAN- 8 8 -JAN- -JAN- -JAN- 8-JAN- 9-JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- 8-JAN- 9-JAN- -JAN- -JAN- -FEB- : days

More information

SPAM: 101 Cause and Effect

SPAM: 101 Cause and Effect SPAM: 101 Cause and Effect Table of Contents Background: JARING SPAM 101 Effects Lesson Learned Challenges and Propositions 1 Part I: Background on JARING (We're the good guys.) What is JARING? The first

More information

Fraud and Phishing Scam Response Arrangements in Brazil

Fraud and Phishing Scam Response Arrangements in Brazil Fraud and Phishing Scam Response Arrangements in Brazil Marcelo H. P. C. Chaves mhp@cert.br Computer Emergency Response Team Brazil CERT.br http://www.cert.br/ Brazilian Internet Steering Committee http://www.cgi.br/

More information

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015 The Cost of Phishing Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015 Executive Summary.... 3 The Costs... 4 How To Estimate the Cost of an Attack.... 5 Table

More information

Consumer ID Theft Total Costs

Consumer ID Theft Total Costs Billions Consumer and Business Identity Theft Statistics Business identity (ID) theft is a growing crime and is a growing concern for state filing offices. Similar to consumer ID theft, after initially

More information

Executive Summary. McAfee Labs Threats Report: Third Quarter 2013

Executive Summary. McAfee Labs Threats Report: Third Quarter 2013 Executive Summary McAfee Labs Threats Report: Third Quarter Although summer can be a relatively slow season for cybercriminal activity (even the bad guys need a break occasionally), the third quarter of

More information

Phishing Activity Trends Report. 1 st Half 2011. Unifying the. Global Response To Cybercrime

Phishing Activity Trends Report. 1 st Half 2011. Unifying the. Global Response To Cybercrime 1 st Half 2011 Unifying the Global Response To Cybercrime January June 2011 Phishing Report Scope The APWG analyzes phishing attacks reported to the APWG by its member companies, its Global Research Partners,

More information

Spam in Q1 2014. Contents. Fake notifications from mobile applications. Darya Gudkova

Spam in Q1 2014. Contents. Fake notifications from mobile applications. Darya Gudkova Spam in Q1 2014 Darya Gudkova Contents Fake notifications from mobile applications... 1 Hot topics in spam: the Olympic games... 5 Spammer tricks: creating background noise with HTML tags... 6 Statistics...

More information

The State of Spam A Monthly Report August 2008. Generated by Symantec Messaging and Web Security

The State of Spam A Monthly Report August 2008. Generated by Symantec Messaging and Web Security The State of Spam A Monthly Report August 2008 Generated by Symantec Messaging and Web Security Doug Bowers Executive Editor Antispam Engineering Dermot Harnett Editor Antispam Engineering Joseph Long

More information

WHITE PAPER. The Cost of Phishing: Understanding the True Cost Dynamics Behind Phishing Attacks

WHITE PAPER. The Cost of Phishing: Understanding the True Cost Dynamics Behind Phishing Attacks WHITE PAPER The Cost of Phishing: Understanding the True Cost Dynamics Behind Phishing Attacks A Cyveillance Report October 2008 EXECUTIVE SUMMARY How much do phishing attacks really cost organizations?

More information

Computer Software Bugs and Other IT Threats to Critical Infrastructure: A Preliminary Set of Considerations for IT Governance

Computer Software Bugs and Other IT Threats to Critical Infrastructure: A Preliminary Set of Considerations for IT Governance Computer Software Bugs and Other IT Threats to Critical Infrastructure: A Preliminary Set of Considerations for IT Governance Presentation for the Seventh European Academic Conference on Internal Audit

More information

December 2010 Report #48

December 2010 Report #48 December 2010 Report #48 With the holidays in full gear, Symantec observed an increase of 30 percent in the product spam category as spammers try to push Christmas gifts and other products. While the increase

More information

A!Team!Cymru!EIS!Report:!Growing!Exploitation!of!Small! OfCice!Routers!Creating!Serious!Risks!

A!Team!Cymru!EIS!Report:!Growing!Exploitation!of!Small! OfCice!Routers!Creating!Serious!Risks! ATeamCymruEISReport:GrowingExploitationofSmall OfCiceRoutersCreatingSeriousRisks PoweredbyTeamCymru sthreatintelligencegroup Page 1of 14www.team-cymru.com www.team-cymru.com Threat'Intelligence'Group EXECUTIVE

More information

2013 NORTON REPORT 13,022 ONLINE ADULTS AGED 18-64

2013 NORTON REPORT 13,022 ONLINE ADULTS AGED 18-64 2013 NORTON REPORT 2013 NORTON REPORT 24 COUNTRIES AUSTRALIA, BRAZIL, CANADA, CHINA, COLOMBIA, DENMARK, FRANCE, GERMANY, INDIA, ITALY, JAPAN, MEXICO, NETHERLANDS, NEW ZEALAND, POLAND, RUSSIA, SAUDI ARABIA,

More information

CYBERCRIME AND THE HEALTHCARE INDUSTRY

CYBERCRIME AND THE HEALTHCARE INDUSTRY CYBERCRIME AND THE HEALTHCARE INDUSTRY Access to data and information is fast becoming a target of scrutiny and risk. Healthcare professionals are in a tight spot. As administrative technologies like electronic

More information

OIG Fraud Alert Phishing

OIG Fraud Alert Phishing U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION Washington, D.C. 20507 Office of Inspector General Aletha L. Brown Inspector General July 22, 2005 OIG Fraud Alert Phishing What is Phishing? Phishing is a

More information

Learning to Detect Spam and Phishing Emails Page 1 of 6

Learning to Detect Spam and Phishing Emails Page 1 of 6 Page 1 of 6 Email provides us a powerful communication tool. Unfortunately, it also provides scammers an easy means for luring potential victims. The scams they attempt run from old-fashioned bait-and-switch

More information

May 2011 Report #53. The following trends are highlighted in the May 2011 report:

May 2011 Report #53. The following trends are highlighted in the May 2011 report: May 2011 Report #53 The unexpected raid and resulting death of Osama Bin Laden shocked the world. As always, spammers were quick to jump on this headline, and send a variety of spam messages leveraging

More information

Corporate Account Takeover & Information Security Awareness. Customer Training

Corporate Account Takeover & Information Security Awareness. Customer Training Corporate Account Takeover & Information Security Awareness Customer Training No computer system can provide absolute security under all conditions. NO SECURITY MEASURE OR LIST OF SECURITY MEASURES CAN

More information

KASPERSKY LAB REPORT. Financial cyber threats in 2013

KASPERSKY LAB REPORT. Financial cyber threats in 2013 KASPERSKY LAB REPORT Financial cyber threats in 2013 April 2014 2 Kaspersky Lab Report: Financial cyber threats in 2013 TABLE OF CONTENTS Introduction. Money and risks in a multi-device world 3 Methodology

More information

Anti-Phishing Best Practices for ISPs and Mailbox Providers

Anti-Phishing Best Practices for ISPs and Mailbox Providers Anti-Phishing Best Practices for ISPs and Mailbox Providers Version 2.01, June 2015 A document jointly produced by the Messaging, Malware and Mobile Anti-Abuse Working Group (M 3 AAWG) and the Anti-Phishing

More information

Phishing Activity Trends Report. 1 st Quarter 2014. Unifying the. To Cybercrime. January March 2014

Phishing Activity Trends Report. 1 st Quarter 2014. Unifying the. To Cybercrime. January March 2014 1 st Quarter 2014 Unifying the Global Response To Cybercrime January March 2014 Published June 23, 2014 , Phishing Report Scope The APWG analyzes phishing attacks reported to the APWG by its member companies,

More information

January 2011 Report #49. The following trends are highlighted in the January 2011 report:

January 2011 Report #49. The following trends are highlighted in the January 2011 report: January 2011 Report #49 Spam made up 81.69% of all messages in December, compared with 84.31% in November. The consistent drop in spam made us wonder, did spammers take a holiday break? Global spam volume

More information

Don t Fall Victim to Cybercrime:

Don t Fall Victim to Cybercrime: Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security

More information

Social Intelligence Report ADOBE DIGITAL INDEX Q4 2013

Social Intelligence Report ADOBE DIGITAL INDEX Q4 2013 Social Intelligence Report ADOBE DIGITAL INDEX Q4 2013 ADOBE DIGITAL INDEX Q4 2013 key insights Facebook ad: Click-through-rate (CTR) is up 365% year-over-year and 41% quarter-over-quarter. Cost-per-click

More information

SPAM AND PHISHING IN Q3 2015. Tatyana Shcherbakova, Maria Vergelis, Nadezhda Demidova

SPAM AND PHISHING IN Q3 2015. Tatyana Shcherbakova, Maria Vergelis, Nadezhda Demidova SPAM AND PHISHING Tatyana Shcherbakova, Maria Vergelis, Nadezhda Demidova 2 CONTENTS SPAM: FEATURES OF THE QUARTER 3 Online dating 3 Seasonal malicious spam 5 Spammer tricks 7 STATISTICS 9 Proportion of

More information

Stanford Computer Security Lab. TrackBack Spam: Abuse and Prevention. Elie Bursztein, Peifung E. Lam, John C. Mitchell Stanford University

Stanford Computer Security Lab. TrackBack Spam: Abuse and Prevention. Elie Bursztein, Peifung E. Lam, John C. Mitchell Stanford University Abuse and Prevention Stanford University Stanford Computer Security Lab TrackBack Spam: Introduction Many users nowadays post information on cloud computing sites Sites sometimes need to link to each other

More information

Identity Theft. CHRISTOS TOPAKAS Head of Group IT Security and Control Office

Identity Theft. CHRISTOS TOPAKAS Head of Group IT Security and Control Office Identity Theft CHRISTOS TOPAKAS Head of Group IT Security and Control Office Agenda Identity Theft Threats and Techniques Identity Theft Definition and Facts Identity Theft & Financial Institutions Prevention

More information

THE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness

THE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness THE HOME LOAN SAVINGS BANK Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is

More information

White Paper August 2005. McAfee Phishing/Pharming. Phishing & Pharming Understanding Phishing and Pharming.

White Paper August 2005. McAfee Phishing/Pharming. Phishing & Pharming Understanding Phishing and Pharming. White Paper August 2005 McAfee Phishing/Pharming Phishing & Pharming Understanding Phishing and Pharming Understanding Phishing & Pharming 2 Table of Contents Introduction-Understanding Phishing and Pharming

More information

Practical tips for a. Safe Christmas

Practical tips for a. Safe Christmas Practical tips for a Safe Christmas CONTENTS 1. Online shopping 2 2. Online games 4 3. Instant messaging and mail 5 4. Practical tips for a safe digital Christmas 6 The Christmas holidays normally see

More information

January 2010 Report #27

January 2010 Report #27 January 2010 Report #27 The data in this report is aggregated from a combination of sources including Symantec s Phish Report Network (PRN), strategic partners, customers and security solutions. This report

More information

NAB Community Microfinance. NAB Microenterprise Loans Minimum requirements for business plans

NAB Community Microfinance. NAB Microenterprise Loans Minimum requirements for business plans NAB Community Microfinance NAB Microenterprise Loans Minimum requirements for business plans Money Magazine s Best of the Best Awards 2009 judged NAB Microenterprise Loans for the second year running,

More information

Michelle s Web Side Story. Sandeep Krishnamurthy

Michelle s Web Side Story. Sandeep Krishnamurthy Michelle s Web Side Story Sandeep Krishnamurthy 1 Meet Michelle Michelle is an average Internet user. Michelle loves the World Wide Web. She regularly visits many sites to read the news and to check her

More information

The Pennsylvania Lawyer May June 2012

The Pennsylvania Lawyer May June 2012 20 The Pennsylvania Lawyer May June 2012 How to Avoid Becoming a Victim of Phishing Be aware that scammers often use fake IRS notices or requests as bait By Phyllis Horn Epstein Cybercrime is the evil

More information

Attack Intelligence Research Center Monthly Threat Report MalWeb Continues to Make Waves on Legitimate Sites

Attack Intelligence Research Center Monthly Threat Report MalWeb Continues to Make Waves on Legitimate Sites Attack Intelligence Research Center Monthly Threat Report MalWeb Continues to Make Waves on Legitimate Sites A l a d d i n. c o m / e S a f e Following up on some recent attacks, the AIRC team wanted to

More information

March 2010 Report #39

March 2010 Report #39 March 2010 Report #39 Scam and phishing messages in February accounted for 19 percent of all spam, which is 2 percentage points lower than in January, but nevertheless an elevated level. Spammers continued

More information

2009 Phishing Monthly Report, May. The State of Phishing A Monthly Report May 2009. Compiled by Symantec Security Response Anti-Fraud Team

2009 Phishing Monthly Report, May. The State of Phishing A Monthly Report May 2009. Compiled by Symantec Security Response Anti-Fraud Team The State of Phishing A Monthly Report May 2009 Compiled by Symantec Security Response Anti-Fraud Team Sainarayan Nambiar Principal Author Security Response Suyog Sainkar Principal Author Security Response

More information

The Social Intelligence Report ADOBE DIGITAL INDEX Q3 2013

The Social Intelligence Report ADOBE DIGITAL INDEX Q3 2013 The Social Intelligence Report ADOBE DIGITAL INDEX Q3 2013 Social media reaches far beyond likes and retweets. Social marketing continues to transform the way brands connect with their audiences. Whether

More information

Mifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness

Mifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness Mifflinburg Bank & Trust Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is

More information

Malware & Botnets. Botnets

Malware & Botnets. Botnets - 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online

More information

Operation Liberpy : Keyloggers and information theft in Latin America

Operation Liberpy : Keyloggers and information theft in Latin America Operation Liberpy : Keyloggers and information theft in Latin America Diego Pérez Magallanes Malware Analyst Pablo Ramos HEAD of LATAM Research Lab 7/7/2015 version 1.1 Contents Introduction... 3 Operation

More information

1 st -3 rd Quarters 2015

1 st -3 rd Quarters 2015 1 st -3 rd Quarters 2015 Unifying the Global Response To Cybercrime January September 2015 Published December 23, 2015 , Phishing Report Scope The APWG analyzes phishing attacks reported to the APWG by

More information

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Today s bank customers can perform most of their financial activities online. According to a global survey

More information

Fraud Threat Intelligence

Fraud Threat Intelligence About ERM About The Speaker Safe Browsing, Monitoring Services Product Manager, Easy Solutions Inc. 8+ years anti-fraud, fraud risk, and security intelligence programs Previously licensed Securities Principle

More information

RC284. Protect Yourself Against Identity Theft

RC284. Protect Yourself Against Identity Theft RC284 Protect Yourself Against Identity Theft Identity theft the unauthorized use of your information by third parties involves the collection and use of personal information such as your name, date of

More information

Security and control: The smarter approach to malware and compliance

Security and control: The smarter approach to malware and compliance Security and control: The smarter approach to malware and compliance The continuing evolution of malware threats combined with the demand for increasingly flexible working practices is a significant challenge

More information

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat.

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat. Defeating cybercriminals Protecting online banking clients in a rapidly evolving online environment The threat As the pace of technological change accelerates, so does the resourcefulness and ingenuity

More information

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

PROTECT YOUR COMPUTER AND YOUR PRIVACY! PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That

More information

Corporate Account Takeover & Information Security Awareness

Corporate Account Takeover & Information Security Awareness Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is for information purposes

More information

What s Inside: GET MORE INFO. The Global Email Deliverability Benchmark Report, 2H 2011.

What s Inside: GET MORE INFO. The Global Email Deliverability Benchmark Report, 2H 2011. Research Study GET MORE INFO rpinfo@returnpath.net 1-866-362-4577 The Global Email Deliverability Benchmark Report, 2H 2011. Inbox Deliverability Rates Slump in Second Half of 2011. Deliverability a Bigger

More information

Ashley Institute of Training Schedule of VET Tuition Fees 2015

Ashley Institute of Training Schedule of VET Tuition Fees 2015 Ashley Institute of Training Schedule of VET Fees Year of Study Group ID:DECE15G1 Total Course Fees $ 12,000 29-Aug- 17-Oct- 50 14-Sep- 0.167 blended various $2,000 CHC02 Best practice 24-Oct- 12-Dec-

More information

EUROPEAN MOBILE INSIGHTS 2012 NORTON CYBERCRIME REPORT APRIL 2013

EUROPEAN MOBILE INSIGHTS 2012 NORTON CYBERCRIME REPORT APRIL 2013 EUROPEAN MOBILE INSIGHTS 2012 NORTON CYBERCRIME REPORT APRIL 2013 EUROPEAN MOBILE INSIGHTS: 2012 NORTON CYBERCRIME REPORT 9 COUNTRIES DENMARK, FRANCE, GERMANY, ITALY, NETHERLANDS, POLAND, RUSSIA, SWEDEN,

More information

Banker Malware Protection Test Report

Banker Malware Protection Test Report Banker Malware Protection Test Report A test commissioned by Kaspersky Lab and performed by AV-Test GmbH Date of the report: April 10 th,, last update: April 10 th, Executive Summary In March, AV-Test

More information

CYBERCRIME AND THE HEALTHCARE INDUSTRY

CYBERCRIME AND THE HEALTHCARE INDUSTRY CYBERCRIME AND THE HEALTHCARE INDUSTRY Executive Summary Healthcare professionals are in a tight spot. As administrative technologies like Electronic Health Records (EHRs) and patient and provider portals

More information

Statistical Analysis of Internet Security Threats. Daniel G. James

Statistical Analysis of Internet Security Threats. Daniel G. James Statistical Analysis of Internet Security Threats Daniel G. James ABSTRACT The purpose of this paper is to analyze the statistics surrounding the most common security threats faced by Internet users. There

More information

Spear Phishing Attacks Why They are Successful and How to Stop Them

Spear Phishing Attacks Why They are Successful and How to Stop Them White Paper Spear Phishing Attacks Why They are Successful and How to Stop Them Combating the Attack of Choice for Cybercriminals White Paper Contents Executive Summary 3 Introduction: The Rise of Spear

More information

Zscaler Cloud Web Gateway Test

Zscaler Cloud Web Gateway Test Zscaler Cloud Web Gateway Test A test commissioned by Zscaler, Inc. and performed by AV-TEST GmbH. Date of the report: April15 th, 2016 Executive Summary In March 2016, AV-TEST performed a review of the

More information

Summer 2009. Brandjacking Index

Summer 2009. Brandjacking Index Summer 2009 Brandjacking Index Brandjacking Index Online Risks in Pharmaceutical Market - Summer 2009 Contents Executive Summary... 3 Pharmaceutical Brandjacking... 3 Phishing Trends... 10 Conclusions...

More information

How to Identify Phishing E-Mails

How to Identify Phishing E-Mails How to Identify Phishing E-Mails How to recognize fraudulent emails and avoid being phished. Presented by : Miguel Fra, Falcon IT Services (miguel@falconitservices.com) http://www.falconitservices.com

More information

P/T 2B: 2 nd Half of Term (8 weeks) Start: 25-AUG-2014 End: 19-OCT-2014 Start: 20-OCT-2014 End: 14-DEC-2014

P/T 2B: 2 nd Half of Term (8 weeks) Start: 25-AUG-2014 End: 19-OCT-2014 Start: 20-OCT-2014 End: 14-DEC-2014 2014-2015 SPECIAL TERM ACADEMIC CALENDAR FOR SCRANTON EDUCATION ONLINE (SEOL), MBA ONLINE, HUMAN RESOURCES ONLINE, NURSE ANESTHESIA and ERP PROGRAMS SPECIAL FALL 2014 TERM Key: P/T = Part of Term P/T Description

More information

P/T 2B: 2 nd Half of Term (8 weeks) Start: 26-AUG-2013 End: 20-OCT-2013 Start: 21-OCT-2013 End: 15-DEC-2013

P/T 2B: 2 nd Half of Term (8 weeks) Start: 26-AUG-2013 End: 20-OCT-2013 Start: 21-OCT-2013 End: 15-DEC-2013 2013-2014 SPECIAL TERM ACADEMIC CALENDAR FOR SCRANTON EDUCATION ONLINE (SEOL), MBA ONLINE, HUMAN RESOURCES ONLINE, NURSE ANESTHESIA and ERP PROGRAMS SPECIAL FALL 2013 TERM Key: P/T = Part of Term P/T Description

More information

P/T 2B: 2 nd Half of Term (8 weeks) Start: 24-AUG-2015 End: 18-OCT-2015 Start: 19-OCT-2015 End: 13-DEC-2015

P/T 2B: 2 nd Half of Term (8 weeks) Start: 24-AUG-2015 End: 18-OCT-2015 Start: 19-OCT-2015 End: 13-DEC-2015 2015-2016 SPECIAL TERM ACADEMIC CALENDAR For Scranton Education Online (SEOL), Masters of Business Administration Online, Masters of Accountancy Online, Health Administration Online, Health Informatics

More information

ACH AND WIRE FRAUD LOSSES

ACH AND WIRE FRAUD LOSSES ACH AND WIRE FRAUD LOSSES Financial Institution Technology Funnel Matthew G. Brenner Date: September 26, 2013 Orlando, Florida www.lowndes-law.com What We Will Cover Why is this important? Who does this

More information

Update on the Latest Developments of the Madrid System Madrid Working Group Roundtable

Update on the Latest Developments of the Madrid System Madrid Working Group Roundtable Update on the Latest Developments of the Madrid System Madrid Working Group Roundtable Asta Valdimarsdottir Director Operations Division Madrid Registry Geneva Ocotber 23, 2014 Main points 2013 2014 Figures

More information

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal WHITE PAPER SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM Why Automated Analysis Tools are not Created Equal SECURITY REIMAGINED CONTENTS Executive Summary...3 Introduction: The Rise

More information

WHITEPAPER. V12 Group www.v12groupinc.com 141 West Front Street, Suite 410 Red Bank, NJ 07701 info@v12groupinc.com 1.866.842.1001

WHITEPAPER. V12 Group www.v12groupinc.com 141 West Front Street, Suite 410 Red Bank, NJ 07701 info@v12groupinc.com 1.866.842.1001 WHITEPAPER Phishing Facts for Email Marketers: Understanding the phishing factor impact on your email programs. Email phishing attacks are destructive for everyone, it s not just the brands (and their

More information

Phishing Activity Trends Report. 1 st Quarter 2016. Unifying the. Global Response To Cybercrime. January March 2016

Phishing Activity Trends Report. 1 st Quarter 2016. Unifying the. Global Response To Cybercrime. January March 2016 1 st Quarter 2016 Unifying the Global Response To Cybercrime January March 2016 Published May 23, 2016 , Phishing Report Scope The APWG analyzes phishing attacks reported to the APWG by its member companies,

More information

Best Practices: Reducing the Risks of Corporate Account Takeovers

Best Practices: Reducing the Risks of Corporate Account Takeovers Best Practices: Reducing the Risks of Corporate Account Takeovers California Department of Financial Institutions September 2012 INTRODUCTION A state led cooperative effort, including the United States

More information