Fraudsters limber up for World Cup themed scams

0 comments

Posted on by admin in Spam Firewall |Web Filter |Web Site Firewall

, ,

An interesting article from The Register, on the upcoming FIFA World Cup, and how we can expect a whole variety of scams themed on the event.

Fraudsters as well as footballers are gearing up for this month’s World Cup extravaganza in South Africa.

Football governing body FIFA has already warned [1] supporters to be wary over various forms of scams that are likely to crop up in the run-up to the start of the tournament, which kicks off in ten days.

FIFA lottery, prize draw or competition scams are likely to abound. All represent types of advanced fee fraud where fraudsters attempt to trick people into paying "administrative fees" supposedly needed to secure non-existent World Cup tickets or cash prizes.

"Prize draws and competitions offering tickets to the 2010 FIFA World Cup can only be held by companies who are commercially affiliated with FIFA, such as, for example, sponsors," it said.

FIFA also used the notice to issue a warning against ticket touts and unauthorised agents, a more standard message that has preceded every recent World Cup.

Spam emails touting 419-lite lottery scams themed around the World Cup are already in circulation (as recorded by Trend Micro here and
here). More can be expected to follow as excitement builds toward the start of the tournament next month.

Security watchers report that scam emails seen thus far have not been sent through botnet networks of compromised PCs but via direct spamming from known Nigeria-based 419 scam-friendly IP addresses.

Search engine manipulation, themed around events at the World Cup and designed to divert users searching for video clips and news towards scareware portals, is also likely to crop up, among other types of malware attack, especially once the tournament kicks off.

MessageLabs, Symantec’s hosted security division, has already begun intercepting World Cup-themed email-borne malware attacks. Infected email blocked by MessageLabs were sent from an IP address in Macau, China, and composed in Portuguese (targeting fans of Brazil and Portugal). The infected messages posed as emails from one of the event’s soft drink sponsors.

Football fans receiving the email were encouraged to download a hacking tool that posed as a football-themed application.

“Once downloaded and activated, the malware produces files that generate pop-up messages and in the background collects information on what other machines are on the same network, enabling the attacker further access to the compromised networks,” explained Paul Wood, MessageLabs Intelligence senior analyst.

Symantec has set up a dedicated website that aims to track and warn football fans about net threats connected with the World Cup, as they arise. 2010NetThreat will also feature security advice, competitions and news on the tournament itself. ®

The original article is on The Register

Popularity: 11% [?]

Post to Twitter

Surfing Porn Still Popular at Work

0 comments

Posted on by admin in Barracuda Web Filter |Featured |Web Filter

, ,

**excerpt from Globe & Mail Article. Original can be found here.

Barracuda Web Filter

Marco Bonanni of Optrics Engineering, a diamond partner of Barracuda Networks, which specializes in e-mail and web security, said workers should be aware everything they’re doing is marked and logged — even things they might think are innocent.

The equipment that most organizations install nowadays have months and months of logged data and information about every single message that goes in and out of the company, or every single URL or website that’s been visited” he said from Edmonton.

What’s more, some filters are set or configured to display a message notifying users that a particular website they’re trying to visit has been blocked.

Even though it is blocked, it still logs the fact that they attempted to go to it” he said.

In most cases, Bonanni said companies are trying to protect themselves against virus infection, but in some instances they’re looking for something specifically to prevent abuse.

**excerpt from Globe & Mail Article. Original can be found here.

Popularity: 8% [?]

Post to Twitter

The dangers of weak passwords on Social sites (Facebook / Linkedin)

0 comments

Posted on by admin in Barracuda Web Filter |Fortinet |Web Filter

Phishers Used Facebook to Penetrate Financial Firm’s Computer System (March 4, 2010)

Phishers used Facebook to burrow their way into the network of a large US financial company last year.

The attackers took control of one employee’s Facebook account and using information culled from that individual’s friends’ profiles, sent what appeared to be personal messages to several other company employees about pictures taken at a company picnic.

The phishers learned of the picnic through postings on the hijacked account.  When one of the other employees received a message asking her to click on a link that would allow her to view the pictures, her computer became infected with keystroke logging malware.

When that employee logged in to a VPN account to access the company network, the attackers were able to capture the necessary information to gain access to that network.  The intruders managed to get deeper into the network and take control of two servers before they were detected.

Original Story: http://lastwatchdog.com/facebook-phishers-breached-corporate-network/

Use a different hard password for each publicly accessible website service you use and be suspicious of links in e-mail even if they appear to be from friends.

Popularity: 13% [?]

Post to Twitter

Google Acting Slow?

10 comments

Posted on by admin in Web Filter

(An interesting article by Joel Esler, published on the Internet Storm Center):

Everyday we receive about 20 reports of “www.xwebsitehere.com” being slow.  Today we’ve received a few reports about Google being slow.  One reader (thanks Neal) even wrote in to say that after he did some monitoring on his connections, he isolated it down to “pagead2.googlesyndication.com”.  Obviously, from the hostname being one of the servers that serves ads to lots of websites. 

Neal stated that after he blacklisted this hostname, his browsing went back to normal.  Anyone else experiencing similar?

(Yes we have received several reports of Google being slow, I’m asking if you can replicate the “pagead2″ issue.)

 Update:  We haven’t heard any more about this today, so, I’m not sure of the end result.  Personally, if my Google Ads are a little slow in loading…  I’m not sure I mind much.

Update 2:  We just received an email from a reader in Denmark, using Everydns.net, is having his Google DNS queries redirected to a Yahoo server.  No more info than that at this time.

– Joel Esler http://www.joelesler.net

 

Popularity: 100% [?]

Post to Twitter

Barracuda Web Filter Firmware Release 4.0 Now Available

0 comments

Posted on by admin in Barracuda Networks |Featured |Network Security |Web Filter

, , ,

Barracuda Web Filter firmware release 4.0 is now generally available to all customers.  This major release includes powerful new features and enhancements, including:

  • Support for Cisco WCCP v1 and v2 enabled routers/switches; allows forwarding of HTTP traffic via a single WCCP-enabled router.
  • Integration with the Barracuda Control Center (BCC); enables administrators to control multiple units from a single location.
  • Expanded Reporting Capabilities; offers 8 new time-based reports including “Top Users by Session Time” and “Top Domains by Session Time.”

To view detailed firmware release notes, click here.

Popularity: 81% [?]

Post to Twitter