Spyware, Viruses, & Security forum

General discussion

NEWS - August 11, 2005

Lax lured by phishing fax-backs - Sophos warns of latest internet fraud trend
August 10, 2005

Experts at SophosLabs?, Sophos's global network of virus, spyware and spam analysis centers, have warned users about a new phishing campaign which tries to get innocent computer users to fax their credit card and bank information directly to the phishers rather than visit a bogus website.

The emails, which claim to come from Paypal (the payment system used by the popular Ebay auction website), tell users that someone tried to reset their password. The email urge the user to fax back information which will assist in the investigation into the alleged security breach.

more here
http://www.sophos.com/spaminfo/articles/phishfax.html?pl_id=9&lang_id=1&lp_keyword=phishfax
Discussion is locked
You are posting a reply to: NEWS - August 11, 2005
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - August 11, 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
This spammer's stash could be yours

In reply to: NEWS - August 11, 2005

by Anne Broache , Staff Writer, CNET News.com | Published: 8/10/05

Gold bars, cash and a fully loaded Hummer H2 are among the prizes AOL is offering as it celebrates a settlement with a spammer.

Both AOL members and non-members--all of whom will have a chance to win the goods--can thank the Can-Spam Act.

The law, which has not gone without criticism, not only arms Internet service providers with legal weapons against those who fire off unsolicited e-mail, it also allows courts to seize any property that a convicted spammer has obtained using money made through the offense. Any equipment, software, or technology used for illicit purposes is also fair game.

AOL obtained the goods as part of a settlement earlier this year in the first lawsuit it filed under the Can-Spam Act, in a case involving a then-20-year-old New Hampshire resident.

From Wednesday until Aug. 19, people can sign up online for a chance at winning the goods. A winner will be announced shortly after the enrollment period ends.

more here
http://techrepublic.com.com/2100-1009_11-5826897.html?tag=html.alert

Collapse -
Trying to stay a step ahead of Murphy's Law

In reply to: NEWS - August 11, 2005

By New York Times Staff, The New York Times
Published on ZDNet News: August 11, 2005, 6:43 AM PT

Don't put it off any longer.

That is the advice of specialists in planning for disasters, who say too many small businesses are courting ruin by failing to take fuller precautions against fires, floods and, increasingly, the loss of critical data stored in computers that go on the fritz.

Jane Vitart wishes she had acted sooner. When the Delaware River overflowed behind the French bakery and cafe she owns with her husband, Joel, in New Hope, Pa., last September, a retaining wall protected her shop. That lulled the couple into a false sense of security, and when the flood waters rose again in April, they did not bother to evacuate their equipment or their computer as they had seven months earlier.

more here
http://news.zdnet.com/2100-1040_22-5828486.html?tag=zdnn.alert

Collapse -
New scam asks people to fax away data

In reply to: NEWS - August 11, 2005

(different source for another news story already posted)
By Dawn Kawamoto, CNET News.com
Published on ZDNet News: August 11, 2005, 7:48 AM PT

Phishers have added a new lure to their tackle boxes: e-mails that ask people to fax sensitive information to bogus security investigators.

In a new scam, attackers are sending e-mail warnings that appear to come from PayPal, security specialist Sophos said Wednesday. These e-mails say that someone tried to reset the recipient's password and asks him or her to participate in an investigation.

The e-mails direct people to a Microsoft Word document hosted on a Web site and urges them to download the form, fill it out, and fax it to a toll-free number, Sophos said. The form asks for credit card information.

more here
http://news.zdnet.com/2100-1009_22-5828551.html?tag=zdnn.alert

Collapse -
New York law requires notification after data breaches

In reply to: NEWS - August 11, 2005

Published: August 10, 2005, 5:47 PM PDT
By Declan McCullagh
Staff Writer, CNET News.com

New York Governor George Pataki on Wednesday signed a bill that requires businesses and state government agencies to notify consumers if sensitive data is nabbed in a security breach. This places New York on the list of states such as California that have adopted similar rules--while many other states and the federal government are considering them.

more here
http://news.com.com/New+York+law+requires+notification+after+data+breaches/2110-7348_3-5827712.html?tag=fd_nbs_ent&tag=nl.e703

Collapse -
NIST releases vulnerability database

In reply to: NEWS - August 11, 2005

The National Institute of Standards and Technology (NIST) has launched a cybersecurity vulnerability database that will be updated every day. The National Vulnerability Database (NVD), funded through the Department of Homeland Security’s National Cyber Security Division, will provide information on security vulnerabilities and will be published at http://www.nvd.nist.gov
The NVD also provides such features as a statistics generation engine that allows graphing and is provided free to the public.

http://www.fcw.com/article89852-08-10-05-Web

Collapse -
FBI director criticizes companies' code of silence

In reply to: NEWS - August 11, 2005

FBI Director Robert Mueller said that many companies are maintaining a code of silence by not reporting cyberattacks. Such behavior will harm companies and the nation, he added.

A recent exception was Atlanta-based Card Systems, which quickly reported the theft of hundreds of thousands of records to the FBI, Mueller said. But many other incidents haven't been reported, he said.

“According to a survey by the Computer Security Institute and the FBI, only 20 percent of companies that experienced computer intrusions in 2004 reported those incidents to law enforcement,” Mueller told attendees at the InfraGard’s annual national conference yesterday in Washington, D.C.

He said most companies believe that reporting a security breach will harm their image or competitive advantage in the marketplace or expose confidential information.

More in http://www.fcw.com/article89853-08-10-05-Web

Collapse -
Microsoft fixes delivery of IE patch

In reply to: NEWS - August 11, 2005

By Dawn Kawamoto, CNET News.com
Published on ZDNet News: August 11, 2005, 12:55 PM PT

Microsoft on Wednesday fixed a glitch in delivery of a critical IE patch, which had prevented people from installing it from the company's Download Center Web site. The update addressed an error in a security bulletin released by Microsoft earlier this week as part of its monthly patch cycle.

more here
http://news.zdnet.com/2110-1009_22-5829102.html?tag=zdnn.alert

Collapse -
Hackers slam 'Everquest II' economy

In reply to: NEWS - August 11, 2005

Published: August 11, 2005, 4:51 PM PDT
By Daniel Terdiman
Staff Writer, CNET News.com

Sony claims that a group of hackers illegally created a huge amount of "Everquest II" currency over the weekend, and says the players caused the game's economy to suffer 20 percent inflation in just 24 hours before being caught.

According to Chris Kramer, director of public relations for EQ2 publisher Sony Online Entertainment, the players had on Saturday begun using their so-called "duping bug" to make large quantities of platinum, the game's currency. (A duping bug is a hack that exploits a weakness in online games' code to effectively create counterfeit currency or other goods.)

The players then began trying to sell the ill-gotten plat on Station Exchange, the official auction exchange for EQ2 weapons, armor, currency and other virtual goods. "The amount of money in the game increased by a fifth in about 24 hours," Kramer said. "We have a lot of alarms for this kind of thing, and they all went off on Saturday."

more here
http://news.com.com/Hackers+slam+Everquest+II+economy/2100-1043_3-5829403.html?tag=html.alert

Collapse -
Lavasoft Research: Den of thieves

In reply to: NEWS - August 11, 2005

"During the past few weeks there has been a buzz within the antispyware industry as a particularly malicious keylogger was found poaching into private bank and online accounts. The application has already probably succeeded in pervading to various accounts, stealing considerable amounts of money and credit card details.

On July 28th, our researchers came across this keylogger, named Dumador.df, when they discovered a Trojan dropper stchost.exe during an analysis of files. The Trojan was found to log keys, looking for eBay information in particular as well as bank information amongst numerous other things. The Trojan was added to the Beta SE1B59 definition file on the 29th of July. According to the latest information in the Whois database, the information was transmitted to a web server located in China, although the actual ISP seems to be located in Singapore
"

http://www.lavasoftresearch.com/blog/?p=53

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

DEALS, DEALS, DEALS!

Best Black Friday Deals

CNET editors are busy culling the list and highlighting what we think are the best deals out there this holiday season.