TrendLabs threat analysts found another FAKEAV campaign piggybacking on the Leonid meteor shower and the much-anticipated sequel to the Twilight saga, New Moon. Users searching for news and updates using the keywords “meteor shower tonight november 16 time” and “New Moon premiere live stream” end up with poisoned search results. These results redirect users to fake online scanners, which ultimately lead to the download of a FAKEAV variant detected by Trend Micro as TROJ_FAKEAV.MET. Upon execution, TROJ_FAKEAV.MET drops malicious files and displays ...

Trend Micro threat analysts recently discovered a phishing attack targeting the website of the Capita Group. The said site is dedicated for the company shareholders’ use. It aims to reduce the need for paperwork and provides 24 hour access for greater convenience. The fake Web portal asks users to enter their surname, shareholder reference number, postal code, telephone number, date of birth, and employer. After entering the said information, the page will redirect them to another login page that requires them to enter their account information—first name, middle name, last name, address, city, ...

We often associate Halloween with pumpkins and costumes but for cybercriminals it’s merely another avenue to exploit, steal, and trick users into giving away their personal identities. Treats are fun but we all need to be on the lookout for the sneaky and tricky ways cybercriminals slither into our computers.  Below are the TrendLabs, top 7 scariest threats that might be knocking on your door: Tailor-made ZBOT spam makes its way to employees’ mailboxes The Zeus botnet is well-known for e-banking attacks that ...

Trend Micro researchers found over 200 email samples that spamvertised male sexual enhancement pills. These bore subjects like “Re: Go wild in bedroom,” "Re: Let your lever straight up," and “Re: Be her concrete-rod satisfier” and contains a URL that points to all-too-familiar Canadian pharmacy websites. While spammed messages that lead to Canadian pharma sites are not new, there are notable things in this particular spam run. For one, it employed random messages in the email content to avoid ...

Trend Micro threat analysts found several phishing sites registered in China that target specific people or companies. The said email can customize phishing URLs using the names of intended recipients via a technique called “spear phishing.” Spear phishing has been used by cybercriminals before in attacks that involved specific targets. In the previous post, “So Is It Twitter or Facebook?,” for instance, cybercriminals exploited Twitter’s direct message function to inform users that their pictures were seen on another website, the link to which is ...