Category: Phishing

Active Storm Worm Domains – Christmas, New Year’s Campaign

Based on a bunch of sources: familypostcards2008.com freshcards2008.com happy2008toyou.com happycards2008.com happysantacards.com hellosanta2008.com hohoho2008.com merrychristmasdude.com newyearcards2008.com newyearwithlove.com parentscards.com postcards-2008.com santapcards.com santawishes2008.com uhavepostcard.com All of these are worth blocking by DNS methods (become the local SOA, NXDOMAIN them) and looking for in your emails (look for a […]

Read more

Peeling The Covers Off of Rock

For the past couple of years, at least, we have been watching a sophisticated, disciplined phishing scheme targeting dozens of banks around the world. By some estimates, “Rock” is responsible for about half of all phishing in the world. Rock phishes have a pretty simple […]

Read more

Phriday Phishing

I sure do post a lot about phishing here, don’t I? It’s because it’s such a fascinating subject, mixing the motives of the attacker, sometimes some code analysis (ie deconstructing their JavaScript), and victim analysis. I had a look at the recent data shared by […]

Read more

Blacklist Attacks

You know you’re doing something right when you get attacked. Shortly after their appearance, specifically their widespread appearance in browsers such as FireFox 2 and Internet Explorer 7, anti-phishing toolbars have come under attack. The attacks are pretty much what you would expect: move quickly […]

Read more

Multi-stage Phishing

I got an interesting phish this morning for Amazon. What makes it interesting is that it uses not one but two different redirectors, one from Yahoo! and one from Google, and then what appears to be a bot in Chinese IP space before it finally […]

Read more