Support our Sponsors

uClip Clipping Path Service

Main Menu
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions

feed-image Feed Entries

ATO asks Taxpayers to be Wary of Tax-themed Scam Emails PDF Print E-mail
Written by Administrator   
Tuesday, 21 October 2014 07:00

Online news website Magnet reported on 14th October, 2014 stating that The Australian Taxation Office (ATO), official taxing agency in Australia, is warning the community to be careful of fraudsters as they are targeting people lodging their income tax returns before the deadline of 31st October (2014).

The Magnet itself was targeted by getting one such scam email on Monday morning, 14th October 2014, which read, as "You are eligible to receive a tax refund of $247.09 according to the last annual calculations of your fiscal activity."

The email also produced a tax file number and asked the recipient to click a link to download the form for refund of tax.

The email was sent from an email address, which did not contain at the end and did not address to any individual but to a generic email address, which has not been use for many years.

Magnet recognized these signs and forwarded the email to ATO, which confirmed it as a scam email.

Magnet published a report on 14th October, 2014 quoting Todd Heather, Chief Technology Officer of ATO, as saying "Scammers are trying to get taxpayers quickly lodge their return by the deadline. People should be careful about tax scams and report them to us directly." published a report during middle of September 2014 quoting a warning of Detective Superintendent Brian Hay as that one should never access personal information on Internet cafes and use only updated operating system to avoid the chances of being victimized by such scam emails.

He added: "You must get latest anti-virus patched so that your system gets scanned regularly on daily basis. And you need to be more disciplined about what information you provide on the Internet so that you don't post too much personal information or photographs on a device which has activated the geo-locator settings as it informs the crooks about your whereabout."

Meanwhile, it is not only the Australian taxing agency which is alerting people about tax-themed emails as Revenue Commissioners, the tax-agency of Ireland, also released similar warnings because scam emails there also promised refund of tax to innocent taxpayers.

Read more... - ATO asks Taxpayers t...
Volexity - Websites of Pro-Democracy in Hong Kong Compromised PDF Print E-mail
Written by Administrator   
Tuesday, 21 October 2014 07:00 reported on 13th October, 2014 quoting Volexity, a security company based at Washington D.C. as "In Hong Kong, four websites which promote democracy, have been rigged to spread malicious software." reported on 13th October 2014 quoting Steven Adair, Founder of Volexity, as saying "Findings reveal that rebellious groups particularly those looking for more freedom are targeted more frequently for surveillance and extraction of information."

Security experts have observed slight increase in attacks targeting activists who have demonstrated in Hong Kong to protest against restrictions placed by China on election for Chief Executive of the territory in 2017.

The websites are the association of True Democracy (ATD), People Power in Hong Kong, the Democratic Party Hong Kong (DPHK) and The Professional Commons and according to Adair browsing to these websites is not advised because some attacks are still alive.

Adair wrote that both DPHK and ATD websites planted code pulling a suspected script from a different domain known as "" that has been linked to nasty activity before and the domain was also used to attack in early September.

The researchers investigated and find themselves in association with People Power, which is popular for its democratic stand.

Volexity analyzed the website and discovered malicious iframes directing to exploit webpages and the malicious links have been cut via the Chinese URL and cut service

The researchers discovered four links of this type out of which three direct to exploits hosted on the same IP address. published a report on 13th October, 2014 quoting Adair as saying "The pages carry scripts profiling the system for different software, plugins and other associated information and also carry Java exploits which is crafted to install malware on the system of the target. If it becomes success, the exploits shall install either a 64-bit or a 32-bit version of the malware."

The Professional Commons website is slightly unclear as it contains a suspicious iframe which guides to a page of a website of a South Korean Hotel. However, the landing webpage doesn't exist and a redirect to the core webpage is executed.

Read more... - Volexity - Websites ...
ANZ Bank Customers Hit with Phishing Scam PDF Print E-mail
Written by Administrator   
Monday, 20 October 2014 11:00

Phishing e-mails are being sent to clients of the banking group of Australia and New Zealand namely ANZ Bank, which is based in Melbourne, Victoria, Australia as the messages masquerade as the famous banking institution, published dated October 13, 2014.

Reportedly, the phishing e-mail tells its recipient that his account with ANZ needs repeat confirmation, the process claimed as necessary for maintaining an up-to-date account.

Further, according to the e-mail, the user doesn't have even 24-hrs for hitting on a given button labeled "Re-confirm" for including his A/C within ANZ's database.

But, in reality, ANZ hasn't sent the e-mail rather it's one phishing scam created for duping accountholders into revealing the login details of their accounts.

Anyone who follows the web-link embedded on the fraudulent e-mail would get led onto a fake site crafted to mimic the real login page of ANZ Bank. Then if the person types in his client reference number as well as password onto that phony login page, his Web-browser would typically divert onto the real site of the bank.

At this instance, the user is likely to think he has effectively fulfilled the 'Re-confirmation' procedure without knowing he has actually been tricked.

Consequently, he is likely not to report the scam thus making sure the malevolent e-mail outbreak continues even longer.

Yet, when the scam may get caught, it'll be too late as already the cyber-criminals would have got hold over the credentials, which they would use to steal from the bank A/C, in case the dual-factor validation from the bank isn't enabled.

Here it's greatly recommended that extra forms of validation be used alongside client number or password-username duo, security analysts of the currently going e-mail scam remark.

Meanwhile, ANZ Bank isn't the only institution to be targeted with a phishing scam, recently. During September 2014, Sydney-based Westpac Australia too cautioned its clients for destroying a spam mail that had a header "Westpac Secure E-mail Notification," while asserted recipients had got one secure message. In addition, there was an attachment in the e-mail that required opening if the secure message was to be read, the fake electronic mail indicated.

Read more... - ANZ Bank Customers H...
Scam Emails Impersonating Chase Online Attacks Customers PDF Print E-mail
Written by Administrator   
Monday, 20 October 2014 11:00 reported on 9th October, 2014 quoting a recent warning of security experts as "Phishing emails impersonating Chase Online are presently targeting innocent users."

This is perhaps one of the oldest swindling tricks in the history of phishing but it could make many victims with cyber attacks affecting JP Morgan Chase.

The phishing email informs the recipient that the financial institution (referring to Chase Online) has decided to block access to his accounts due to irregular activity.

The victim is asked to login to his online bank account and verify the process to sort out the problem. The login website is bogus actually it's a phishing webpage, emulating the bank's original website and hence all the data entered on the said website is automatically sent to crooks.

Security experts observe that the server hosting the fake page is in Santiago situated in Chile. The phishing URL has no link with JP Morgan Chase although the email appears to be from them.

A phishing website is pretty short-lived as its nasty efforts are quickly diagnosed by automated systems which monitor emails and threats carried by them.

However, experts said that even if the hoax website is online for a few hours, some users may get trapped and their online banking data may get stolen by the online criminals.

Security experts analyzed the above phishing attack and issued the following tips to Chase customers to avoid and thwart unwanted threat of phishing.

Firstly, never respond to emails impersonating Chase and claiming via emails that your account has been blocked (like in the above case), compromised or deactivated and direct you to a third-party website. Instead, call up the number given on the back of your bank card or visit the website of the bank to verify the authenticity of any communications and take suitable action, accordingly.

Secondly, you should monitor your accounts regularly and be watchful especially when an institution has been breached. There is no evidence of fraud related to the breach and Chase informed customers that they wouldn't be responsible for any malicious transactions.

Read more... - Scam Emails Imperson...
Fresh Version of Rovnix Malware Identified at CSIS PDF Print E-mail
Written by Administrator   
Monday, 20 October 2014 07:00

CSIS the security company based in Denmark has said that its researchers have uncovered one fresh variant of malware Rovnix which contains two extra features - an algorithm for generating fresh domains and one secure transmission panel to interact with servers that command-and-control the malware.

Reportedly, Rovnix is that malicious program which other malicious programs have been distributing. During 2013, Microsoft cautioned end-users of a malware scam which distributed Upatre another malware served via spam mails. When loaded onto any target computer, Upatre may establish communication with its C&C system followed with downloading Rovnix, which would subsequently attempt at inserting itself inside explorer.exe, name of a Windows process.

Security Expert Peter Kruse at CSIS stated that developers of Rovnix had added the mentioned features to Rovnix for enabling it elude recognition via different security solutions. reported this in news on October 9, 2014.

Kruse explained that the most recent Rovnix version had a different protocol so it could bypass traffic detection. Therefore, currently, it was producing an arbitrary filename whose first letter alone was important. The data that got transmitted had a base64-encoded arbitrarily produced value. published this dated October 10, 2014.

Further according to Kruse, Rovnix creators had erased the bootkit element of the malware, so it now solely aided one user-mode element.

CSIS has identified 3 malware scams distributing Rovnix of the new version, and these scams target users of Norway and Poland of the European Union geography.

As different from earlier Rovnix operations, the malware authors of the newer campaigns have encoded messages exchanged with the C2 infrastructure.

Kruse noted that possibly the C2 structure was again written and differently named following the publicity of a bug that impacted the earlier variant. CSIS was able in getting a manual that was in Russian language with which the C2 structure was set, he added. reported this in news on October 10, 2014.

Meanwhile, it was during May 2014 when according to Microsoft, one fresh Rovnix sample produced a VFS (virtual file system) utilized for stacking all components of the malware as well as the data it stole.

Read more... - Fresh Version of Rov...
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1196
The Spamproblem is
Who's online
We have 22 guests and 1 member online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us