Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2014
    S M T W T F S
    « Mar    
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Author Archive - Ryan Certeza (Technical Communications)

    Whenever something big happens – a celebrity death, a holiday, or even a highly anticipated product release – we at Trend Micro immediately scour the web looking for any ‘traps’. These ‘traps’ are set by cybercriminals in order to prey upon anyone looking for more information about that big news item. The act of tailoring these traps to relevant topics or events is called social engineering. Thousands fall prey to it every time it crops up.

    Social engineering schemes often leverage buzz-worthy events or topics to victimize users. For breaking news like calamities or notable deaths, cybercriminals work hard to churn out social engineering scams hours after the said event occurs. For instance, social engineering scams appeared just two hours after the Japan tsunami and earthquake in March. Some cybercriminals also use social engineering for events long before they occur: spam related to the 2012 Olympics appeared as early as 2008.

    Invariably, we find signs that people have been falling for these schemes time and again. In our e-guide, “5 Reasons Why Social Engineering Tricks Work,” and infographic, “Countdown to System Infection,” we discuss things users need to know about social engineering schemes. We tell what socially-engineered attacks actually look like, what they’ve been about in the past, how fast they can occur, and where you would usually find them. Most important of all, we show you what to look out for, so you can avoid becoming a victim of such scams.

    Posted in Bad Sites | Comments Off

    While it’s always important to take care of our physical bodies in order to enjoy long, fruitful lives with our families and loved ones, we also believe that we must exert as much effort in taking care of our digital selves as well. We came up with these three reminders users can adopt to keep their online health in check:

    • Use your common sense. The adage, “If it’s too good to be true, it probably is,” is applicable both in the real world and on the Internet. Using common sense is your first line of defense online. People who are after you or your money abound on the web via all kinds of scams.
    • Try to maintain a junk-free online diet. You are what you eat or, in this case, you are what you browse. The Internet has its own brand of “unhealthy food” in the form of shady, suspicious, or risqué sites. Common examples of these are online gambling, adult sites, and illegal file-sharing portalsSuch sites are not only inappropriate to some users, these are also very common malware sources. In fact, in one instance, over 137,000 systems were infected in just one month because their users visited a single adult site that secretly hosted malware.
    • Love your online persona. There is such a thing as oversharing and if you’re not careful, the things you say or do online can be used against you. One example is sharing that you’re alone at home, especially if you’re underage, which could attract burglars, robbers, and other unsavory folks. Also, always keep a cool head when sharing personal things online. Users should always ask themselves if anything they’re sharing could pose threats not only to their own reputation but also to their safety and those around them.

    These three simple reminders, as well as other helpful activities to secure your data, reputation, and devices, will certainly help protect users from the worst that cybercriminals can do. For more information about these tips, view our infographic here. Make sure to share this infographic to your friends and family as well.

    Posted in Bad Sites | Comments Off

    Convenience, ease, and better deals are just three of the reasons why more and more users shop online. Users’ level of adoption for online shopping has been increasing the past years. In fact, reports predict that there will be a 78% increase in the US shopper volume by 2014.

    Mobile computing is also starting to play a bigger role in terms of online shopping, as 43% of all Web-enabled smartphone owners said they use their mobile devices to help them shop. This percentage will likely increase in the coming years, or even as soon as the next couple of months considering the upcoming holiday season.

    As online shopping becomes widely preferred as a primary method for purchasing items, online shoppers will also become preferred cybercriminal attack targets. Cybercriminals are continuously launching attacks, any or all of the following shopper information: credit card credentials, online banking personal identification numbers, and other personal data. The attack types seen include:

    • blackhat SEO attacks – search results for hot items such as gadgets and others can be poisoned to lead users to malicious sites
    • scams – coming off as online promos, scams trick users into becoming victims of their malicious schemes that can lead to information and financial theft. A good example of this is a spam run we recently saw leveraging Black Friday.
    • session hijacking – users who do their shopping while connected to unsecure networks put themselves at risk of this attack, which involves sniffing through networks for certain kinds of information such as account credentials, and using the said information to impersonate the users and execute actions

    Shoppers need not be helpless against these attacks, however, as they can implement security measures and can use solutions that help them avoid being victimized. In our guide, “Online Shopping Safety Made Easy,” and infographic, “Online Shopping Tips,” we discuss things online shoppers need to know in order to protect themselves from online shopping-related attacks.

    Click for larger view Click for larger view


    As we get closer to Christmas, instances of the above-mentioned threats increase in number, thus users need to keep themselves protected. For more information on threats leveraging the holidays, and for ways to prevent being victimized, check our reports, and our ebook:


    “[I]‘m going to watch you and monitor your telephone line.”

    “Your internet access is going to get suspended.”

    “Someobdy uplaod a vdieo wtih you on utbue”

    Halloween is fast approaching and it’s that time of the year when scaring people is the most popular form of entertainment. However, not all spooks this season may end up in good-natured merriment. Cybercriminals may take this opportunity to scare users with their tricks, which include spammed messages, poisoned search results, spammed tweets with dubious links and Facebook clickjacking attacks. If not wary of these schemes, users may end up becoming victims of information theft, system infection, and even financial loss.

    These cybercriminal scare tactics are not new. As seen in the links above, for years we have seen attempts to alarm users to trick them to do things they won’t normally do – open attachments, click links, and pay for fake costly items and antivirus software. The truth is that these bad guys have had some level of success in this field. As proof, a recent blackhat SEO campaign that managed to generate 300 million hits from 113 million visitors in just one month of operation.

    It is time for users to conquer their fears. Below is an infographic that provides a quick run-through of common tricks and threats that users may encounter online. We have also included some tips on how to detect and prevent shams to ensure that users’ online experience are safe and spook-free.

    Click here for a detailed look at the thumbnail image below.



    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice