We've found a new phishing technique targeting online shopping sites that may significantly change the threat landscape for phishing sites. Conventional phishing sites require an attacker to replicate the targeted site; a more accurate copy is more likely to fool intended victims.
This technique we found allows for the creation of nearly perfect copies - because the attacker no longer needs to create a copy of the site at all. Instead, the phishing page only contains a proxy program, which acts ...
Malicious browser extensions bring about security risks as these often lead to system infection and unwanted spamming on Facebook. Based on our data, these attacks have notably affected users in Brazil.
We have previously reported that cybercriminals are putting malicious browsers in the official Chrome Web store. We also came across malware that bypasses a Google security feature checks third party extensions. For this blog entry, we performed an in-depth analysis of malicious Chrome browser extension and its evasion tactics, after receiving samples ...
In the two previous parts of this series of blog posts, we discussed the kinds of threats that we're seeing on Twitter, as well as the scope and scale of these threats. In this part, we will discuss their motivations, and what end users can do.
The first question is: why do cybercriminals bother doing this? Social media accounts are valuable in their own right. These accounts can typically be used to make money in many ways for cybercriminals; any form of ...
In the previous blog post of this series, I introduced our paper titled An In-Depth Analysis of Abuse on Twitter that looked at the threats in the Twitter landscape, and explained the various kinds of malicious tweets we've seen. In this post, we look at the scope and scale of these threats.
Malware Tweets
Users in the United States generally click the most links that go to malicious URLs from Twitter, whether it be phishing Tweets, Tweets with shortened URLs, or traditional spam. In one category, ...
Twitter is an important means of communication for many people, so it shouldn't be a surprise that it has become a medium that is exploited by cybercriminals as well. Together with researchers from Deakin University, we have released an in-depth paper titled An In-Depth Analysis of Abuse on Twitter that looks at the scale of this threat.
To gather this information, we analyzed publicly accessible Tweets from a two-week period in 2013. Many of these we discarded, as they did not have ...
