Facebook phishes are getting better. Compare this one: and this: Notice how the key bit, supposedly defining that it’s a legit email, is successfully and convincingly faked: The only difference that stands out is the domain: facebookembody.com. Although Google classified it as spam they didn’t warn that it would go to a website that contains malware. So be warned. Notification emails aren’t such a good idea anymore, if they ever were.
By Jeremy Wagstaff (This is a copy of my weekly syndicated column) You really don’t need to thank me, but I think you should know that for the past 10 years I’ve been fighting a lonely battle on your behalf. I’ve been taking on mighty corporations to rid the world of spam. Not the spam you’re familiar with. Email spam is still around, it’s just not in your inbox, for the most part. Filters do a great job of keeping it out. I’m talking about more serious things, like eye spam, cabin spam, hand spam, counter spam and now, my most recent campaign, ATM spam.
Officials and delegates from APEC economies were targeted ahead of last year’s Singapore meeting with malware-laden emails faked so they appeared to have been sent by Singapore government officials on the Organising Committee. Singapore officials have said the attacks were not the first on the country. Although Singapore regularly highlights threats to national security—including Islamic terrorism—the admission that it has been the victim of cyber attacks is, according to the Straits Times, its most detailed account. Although it’s hard to read too much into the statements made to judge who may have been behind the attacks, it’s interesting that Singapore is drawing attention to this—not
This podcast is from my weekly slot on Radio Australia Today with Phil Kafcaloudes and Adelaine Ng, wherein we discuss HP buying Palm, students going cold turkey on social media, and China no longer being the spam capital of the world? To listen to the podcast, click on the button below. To subscribe, click here. Loose Wireless 100430 I appear on Radio Australia Today every Friday at about 9.15 am Singapore time (that’s 0.15 GMT/UTC.) There’s a live stream of the broadcast here, or find out your local frequencies here.
illustration fron Arbor Networks There’s some interesting writing going about the Georgian Cyberwar. This from VNUnet, which seems to confirms my earlier suspicion that this was the first time we’re seeing two parallel wars: “We are witnessing in this crisis the birth of true, operational cyber warfare,” said Eli Jellenc, manager of All-Source Intelligence at iDefense. “The use of cyber attack assets in conjunction with kinetic military operations in the current crisis now stands among the most significant developments ever seen in the field of information security or cyber conflict studies.” Others suggest that in fact there are examples of earlier parallel conflicts: Kosovo, among
Singapore appears to be the source of a virus cleverly designed to hoodwink U.S. executives by appearing to be an emailed subpoena which mentions them by name, as well as their title. The SANS Storm Center said three days ago that We’ve gotten a few reports that some CEOs have received what purports to be a federal subpoena via e-mail ordering their testimony in a case. It then asks them to click a link and download the case history and associated information. One problem, it’s total bogus. It’s a “click-the-link-for-malware” typical spammer stunt. So, first and foremost, don’t click on such links. An interesting component
Is business networking site Congoo resorting to spam to build its user base? I suspect it is. Congoo is on one hand a good idea — a place to gather and monitor content on your industry, including content that is usually subscription only (like WSJ.com, who publish my weekly Loose Wire column.) But it’s also a networking tool — indeed, its blurb emphasizes that over the content: But I don’t like being spammed, and I think Congoo may be doing that. Of course, they’re not alone in being accused of spamming — the likes of Plaxo, Zorpia and other networking services make it overly easy
Phone spam feels like it’s getting worse. I and my wife have been receiving numerous calls from the local arm of ANZ Bank — a bank I am happy to identify by name because I’ve sought comment from them without reply for nearly a week now. Our mobile phone numbers were probably sold by another bank or possibly by the cellphone company. Nokia researcher Jan Chipchase starts picking up SMS and phone spam on Hutch in India within a day of activating his SIM card, and finds that the company is three times as slow at removing his number from their spam lists: Locals in
I really hate being asked for lots of private details just to download a product. In short: People shouldn’t have to register to try something out. An email address, yes, if absolutely necessary. But better not: just let the person decide whether they like it. It’s the online equivalent of a salesperson shadowing you around the shop so closely that if you stop or turn around quickly they bump into you. (One assistant in Marks & Spencer the other day tailed me so closely I could smell his breath, which wasn’t pleasant, and then had the gall to signal to the cashier it was his commission when
This week in the WSJ.com (subscription only, I’m afraid) I wrote about web spam — the growing penetration of faux websites that ride up the search engines and muddy the Internet for all of us. I based it around the recent case of subdomain spam, well documented by the likes of blogs like Monetize. Briefly websites controlled by one Moldovan hit the high rankings on several major search engines using techniques that are imaginative, but not exactly beyond the intelligence of savvy search engine builders. It’s not as intrusive as spam in your inbox but it’s trashing the web and undermining the usefulness of search