Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2013
    S M T W T F S
    « Mar   May »
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for April 4th, 2013




    The Internal Revenue Service (IRS) opened up the filing season on January 30, 2013 to help taxpayers prepare for the looming April 15 tax deadline. April 15 or colloquially known as Tax Day is when individual income tax returns are due to the federal government. Typical of cybercriminals, they have also prepared their own tax-related scams for taxpayers with scams that aren’t a far cry from the usual attempts.

    Tax-themed attacks usually arrive in the form of spammed messages claiming to be from the IRS or other government-related entities. In order to appear a little more convincing, the messages are crafted in order to intimidate and scare users into to acting on it immediately, without having the chance to verify whether the these emails are legitimate. Below are some of the common trends in tax-themed messages seen in 2012:

    • Rejected Federal Tax Transfer
    • Rejected Federal Tax Transaction
    • Rejected Federal Tax Payment
    • Federal Tax Payment returned
    • Federal tax transfer canceled
    • Federal tax transfer rejected
    • Federal tax transfer returned
    • Your IRS federal tax transfer is cancelled
    • Your federal tax transaction has been not accepted
    • Your transaction is cancelled
    • IRS report of not accepted tax bank transfer
    • Report of tax transaction decline
    • Report of tax bank transfer decline
    • Income Tax Refund CANCELED
    • Income Tax Refund RETURNED
    • Income Tax Refund TURNED DOWN
    • Income Tax Refund NOT APPROVED

    …And the list goes on. Notice that these messages are made to warn users of their “negligence” in terms of payment. Due to the serious penalty involved and to avoid any kind of scuffle with the law, people would naturally try to remedy the situation by clicking the links or downloading attached files, only because the email instructed them to.

    IRS_phishing_URLs

    Figure 1. Detected phishing URLs related to the IRS

    Read the rest of this entry »

     
    Posted in Bad Sites, Spam | Comments Off


    Apr4
    7:52 am (UTC-7)   |    by

    Two of the hottest buzzwords circulating in the IT world today are “SCADA” and “cloud computing.” Combining the two technologies has been talked about and is starting to garner more attention because of the potential cost savings, system redundancy, and uptime benefits.

    Like most IT companies, industrial control system (ICS) devices can benefit from cloud use. The cloud is and will remain a viable business additive for traditional IT worldwide. SCADA devices do not differ from IT devices in that they also require redundancy, security, reduced costs, and uptime. There are several ways that SCADA in the cloud can be approached and installed, but each has their own potential security issues.

    Figure 1. Example of SCADA application hosted in the cloud

    Read the rest of this entry »

     
    Posted in Exploits, Vulnerabilities | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice