Scam Of The Week

A very-large extortion phishing scam began hitting inboxes early Wednesday AEST. There are several variations of the email scam, each attempting to blackmail their target. The theme is the same – telling victims that sensitive, often deeply personal and embarrassing, information has been obtained, and threatening to publish the content unless a ransom payment is made in bitcoin. Three variations of the scam are described below: 1) Stolen passwords The first variation involves extortion emails...

Read more
Image of Apple

As cybercrime evolves and becomes more complex, cybercriminals are increasingly mimicking well-known brands and trusted companies, brandjacking them in a bid to infect computer systems and to steal sensitive data. Apple Pay is the latest victim, with legitimate-looking receipts purporting to be from the company hitting inboxes Thursday morning (AEDT). These are actually phishing emails designed to steal confidential personal and billing credentials, like the victims’ Apple ID and password, mobile phone numbers, credit card...

Read more

Financial phishing campaigns are still a very common attack vector for cyber criminals looking to exploit consumers and businesses alike. Every year, thousands of individuals fall prey to these types of attacks and the financial repercussions are devastating. This week’s Threat Thursday post takes a look at a spam campaign aimed at Citibank customers. The email blast was spotted by our security research department late Monday evening in the final hours of Halloween. The campaign attempts to use...

Read more

This week’s scam focuses on a social engineering campaign in an attempt to impersonate the United States Postal Service. The security research team at AppRiver first spotted this phishing blast late last week. In the campaign, an email contains fraudulent information about a package delivery. The message states that there is an issue with the package and in order to resolve this, the email recipient must click on the link provided. The cyber criminals use URL obfuscation in the message to deceive recipients into thinking the...

Read more

This week’s Threat Thursday is from AppRiver, and focuses on a newly spotted social engineering campaign targeting American Express customers. The email blast seeks to trick users into providing highly sensitive information such as their social security number, credit card information and other personal identifiers. The email informs the recipient that a phone call requesting a one-time password was made to them in regards to a recent transaction. Those who did not receive a phone call are...

Read more

There’s little doubt that Netflix is a major competitor in the video streaming industry by a wide margin. It should also come as no surprise that cybercriminals view their customers as prime targets for phishing campaigns. With the recently announced Netflix service fee hike, the ever-adaptable spammers has found an opportunity to exploit the video-on-demand company. At AppRiver, their security research team has been monitoring a Netflix phishing blast. The campaign attempts to impersonate a Netflix account verification email. The email...

Read more

How would you like to make over $1100 DAILY using a system with a  97%+ proven success rate, 24/7 support and all while sitting back and letting the money earn itself? Sound too good to be true? Logic dictates that it probably is. This is what one email campaign is promoting and is our spotlight spam in this week's Threat Thursday series. The AppRiver security research team has spotted the "Get Rich" campaign a few days ago. Stock trading spam isn't...

Read more

A while ago, ESET warned about a Ray-Ban scam campaign flooding Facebook via hacked profiles. Using fake ads that offered massive discounts, attackers tried to lure users into “buying” branded sunglasses, thus giving up their payment card details via an unsecured channel. Spread mostly via posts disguised as ads for Ray-Bans, the scam also tags a small group of the intended victim’s friends. Attackers have also created a lot of bogus Facebook pages and events indirectly leading...

Read more

Leading provider of email messaging and web security solutions, AppRiver, has warned of an 'old fashioned' but equally effective phishing campaign currently circulating that is impersonating PayPal. Troy Gill, manager of security research at AppRiver explains, "Over the past few years we have seen explosive growth in malware and targeted spear phishing attacks being distributed via email. While those threats have necessarily garnered a lot of attention, it’s important to stay aware that other more...

Read more

Researchers from ESET are today revealing their discovery of a new Facebook scam campaign that spreads a malicious browser plugin via social engineering techniques. The attack starts by luring a Facebook user into playing a video, most often titled “My first video”, “My video” or “Private video”. After clicking on the link, the victim is directed to a fake YouTube website where, instead of downloading and playing the video, he/she is requested to install an additional...

Read more
Page 1 of 5 1 2 5