GFI Software recently released its VIPRE® Report, a compilation of the 10 most prevalent threat detections for the previous month. Noteworthy threats in November 2011 included a new Facebook worm; the return of PDF-based malware posing as the U.S. Postal Service; Bank of America and SunTrust Bank phishing scams; and a phony food stamp website.
“Staying vigilant online — especially during the holiday shopping season — is key to not falling victim to scams or infecting a PC by clicking on malicious links or files,” said Christopher Boyd, senior threat researcher for GFI Software. “When in doubt, users should take a page from Santa’s playbook by ‘checking it twice.’ Never open attachments or provide information in response to unsolicited emails, and always remember that a bank will never ask for sensitive information via email.”
In the days leading up to Thanksgiving in the United States, GFI Labs detected an increase in bank-related phishing. Users received emails purporting to originate from SunTrust Bank and Bank of America. Both scams were unique in that they contained an HTML attachment which was actually a form asking for banking login information and even driver’s license numbers. Users who doubt the authenticity of an email communication from their bank should call the phone number shown on the back of their issued card to verify.
PDF-based malware made a return in November. This type of attack is not new, but the time of year makes this one particularly effective. Users receive emails from what appears to be the U.S. Postal Service, informing them that they have a package that cannot be delivered due to insufficient address information. The attached PDF appears to be a shipping label which users are instructed to print. Upon opening the file, a variant of FakeSysDef, a rogue malware, is installed.
Targeting the Most Vulnerable
“Underscoring that anyone can be a target of cyber crime and that it’s not just big enterprises and banks that are at risk, last month we found scammers targeting people with limited financial resources,” said Jovi Umawing, threat researcher for GFI Software. “A fraudulent food stamps website was set up to misappropriate the cell phone numbers of those supported by the program. Thinking they were responding to an official request from the government, victims provided their cell phone numbers, which were automatically enrolled in a premium SMS service, placing unauthorized and unwanted charges on their phone bills.”
GFI’s VIPRE Report is compiled from the collected scan data of tens of thousands of VIPRE Antivirus customers who are part of GFI’s ThreatNet™ automated threat tracking system. ThreatNet statistics revealed that Trojans continue to make up a large portion of the most prevalent threats, taking four of the top 10 spots.
Consumers' Increasing Reliance on Facebook and Other Social TrendsNew figures reveal rapid adoption of social media in consumer shopping behaviors.
Five Key Areas to Consider When Implementing Real-Time Processing There are many opportunities to better leverage existing data assets and services in a larger ecosystem by providing real-time access through APIs.
Top Predictions for IT Organizations and Users for 2012 and Beyond Simple but powerful email campaign ideas to build loyalty with customers. Predictions show IT budgets are moving out of the control of IT departments.
Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ... More >>
IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ... More >>
When a security breach occurs, IT teams that are armed with incident response checklists will be better prepared to execute a fast and effective response. ... More >>