Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2012
    S M T W T F S
    « Oct   Dec »
     123
    45678910
    11121314151617
    18192021222324
    252627282930  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for November 21st, 2012




    Who goes on a shopping frenzy when seeing low-priced electronics and houseware just in time for the gift-giving season? Obviously a lot of people, as evidenced by the $1.25 billion total online spending seen on Cyber Monday last year, the heaviest in U.S. history. This year, entrepreneurs and consumers anticipate another record-breaking Cyber Monday as the holiday season approaches.

    What’s more is that this online holiday shopping explosion is slowly spreading across the world. In Australia, a one-day online sale, Click Frenzy, is about to kick off Christmas shopping for the first time. At around the same time as Cyber Monday, online retailers in China offer large discounts on November 11, Singles Day.

    Popular price comparison site, PriceGrabber, predicts that almost two in 10 consumers will shop using a mobile device—and of those mobile shoppers, seven in 10 will actually buy something! Building on the popularity of online shopping, mobile shopping is steadily catching on as a convenient and profitable trend.

    Deal Breakers

    How easy is it to shop on your mobile device? A few steps are all it takes to find a deal and buy it. But risks lie in the nicks and cracks where threat actors can butt in and pretend they care about getting you your product. You might not know it yet, but simply using free Internet connection or clicking paid search links can get you and your financial information into a lot of trouble.

    Even now, we are already seeing product fraud and fake offers that use the US holiday, Black Friday, on spammed messages. Like last year’s fake Black Friday and Cyber Monday discount offers that led to malware, we believe cybercriminals will take advantage of this year’s Cyber Monday.

    Risks Not Taken

    It’s a good thing you’re not entirely powerless against these mobile sniffing dogs. To help you take advantage of online deals minus the fear of information theft, we make sure you are safe every step of the way.

    Our recent infographic, “Manic Monday,” features a flow chart for secure mobile shopping. Here are also some security measures from our helpful e-guide, “Enjoy a Hassle-Free Mobile Shopping Spree!”

    • Go straight to the source for the best deals in town. Deal aggregator apps are convenient, but make sure to download them direct from their developer’s webpages. This eliminates the chances of you downloading a fake app riddled with malicious code.
    • Beware of mobile adware. You may end up getting swindled by one if you’re not careful. A security app like Trend Micro™ Mobile Security Personal Edition can detect these for you.
    • Paying a fee is safer than getting Wi-Fi access for free. Be cautious with connecting to unsecured, ‘free’ Wi-Fi networks, as you may end up giving your personal information away to cybercriminals.Connect to legitimate, secured networks instead, even if it means paying a fee. Your privacy is worth it.

     
    Posted in Bad Sites | Comments Off



    There is another reason why users should be wary of downloading files from file sharing sites – they host PASSTEAL variants. PASSTEAL, as you may recall, are malware using password recovery tools to steal information stored in Internet browsers. This technique is a deviation from previous infostealers that log keystrokes to gather data from infected systems.

    Using feedback from the Trend Micro Smart Protection Network™, we found that several PASSTEAL malware use social engineering lures such as variants disguised as key generators for paid applications or are bundled with tampered paid-installer application as shown below:

    This indicates that PASSTEAL authors’ are targeting file sharers and downloaders who frequently use BitTorrent or visit file hosting sites to get hold of illegal copies of software. Other variants were also found disguised as e-book versions of popular Young Adult (YA) novels.

    Read the rest of this entry »

     


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice