Posts Categorized: social engineering


Malicious DIY Java applet distribution platforms going mainstream

by

Despite the fact that on the majority of occasions cybercriminals tend to rely on efficient and automated exploitation techniques like the ones utilized by the market leading Black Hole Exploit Kit, they are no strangers to good old fashioned ‘visual social engineering’ tricks. Throughout 2012, we emphasized on the emerging trend of using malicious DIY Java applet distribution tools for use in targeted attacks, or widespread campaigns. Is this still an emerging trend? Let’s find out. In this post, I’ll profile one of the most recently released DIY Java applet distribution platforms, both version 1.0 and version 2.0. More details:

Continue Reading »

‘Please confirm your U.S Airways online registration’ themed emails lead to Black Hole Exploit Kit

by

In 2012, fake flight reservation confirmations and bogus E-ticket verifications were a popular social engineering theme for cybercriminals. On numerous occasions, we intercepted related campaigns attempting to trick customers into clicking on malicious links, which ultimately exposed them to the client-side exploits served by the latest version of the Black Hole Exploit Kit. Apparently, the click-through rates for these campaigns were good enough for cybercriminals to resume spamvertising related campaigns. In this post, I’ll profile the most recently spamvertised campaign impersonating U.S Airways. More details:

Continue Reading »

Spamvertised AICPA themed emails serve client-side exploits and malware

by

Certified Public Accountants (CPAs) are a common target for cybercriminals. Throughout 2012, we intercepted several campaigns directly targeting CPAs in an attempt to trick them into clicking on the malicious links found in the emails. Once they click on any of the links, they’re automatically exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. In this post, I’ll analyze one of the most recently spamvertised campaigns impersonating the American Institute of Certified Public Accountants, also known as AICPA. More details:

Continue Reading »

‘Attention! Changes in the bank reports!’ themed emails lead to Black Hole Exploit Kit

by

Cybercriminals are currently spamvertising tens of thousands of emails in an attempt to impersonate the recipients’ bank, tricking them into thinking that the Ministry of Finance in their country has introduced new rules for records keeping, and that they need to print and sign a non-existent document. Once users click on the links found in the malicious emails, they’re automatically exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

Fake BBB (Better Business Bureau) Notifications lead to Black Hole Exploit Kit

by

Cybercriminals have recently launched yet another massive spam campaign, impersonating a rather popular brand used in a decent percentage of social engineering driven email campaigns – the BBB (Better Business Bureau). Once users click on any of the links in the malicious emails, they’re automatically exposed to the client-side exploits served by the Black Hole Exploit kit. More details:

Continue Reading »

Spamvertised ‘Your Recent eBill from Verizon Wireless’ themed emails serve client-side exploits and malware

by

Throughout 2012, we intercepted two malicious campaigns impersonating Verizon Wireless in an attempt to trick its customers into clicking on links pointing to fake eBills. It appears that cybercriminals are back in the game, with yet another Verizon Wireless themed malicious campaign, enticing users to click on the malicious link found in the email. Once users click on the link, they’re automatically exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

Webroot’s Threat Blog Most Popular Posts for 2012

by

It’s that time of the year! The moment when we look back, and reflect on Webroot’s Threat Blog most popular content for 2012. Which are this year’s most popular posts? What distinguished them from the rest of the analyses published on a daily basis, throughout the entire year? Let’s find out.

Continue Reading »

Fake ‘UPS Delivery Confirmation Failed’ themed emails lead to Black Hole Exploit Kit

by

Continuing their well proven social engineering tactic of impersonating the market leading courier services, cybercriminals are currently mass mailing tens of thousands of emails impersonating UPS, in an attempt to trick users into clicking on the malicious links found in the legitimate-looking emails. Once they click on the links, they’re automatically exposed to the client-side exploits served by the Black Hole Exploit kit. More details:

Continue Reading »

Cybercriminals resume spamvertising British Airways themed E-ticket receipts, serve malware

by

British Airways customers, watch out! Cybercriminals have resumed spamvertising fake British Airways themed E-receipts — we intercepted the same campaign back in October — in an attempt to trick its customers into executing the malicious attachment found in the emails. More details:

Continue Reading »

Pharmaceutical scammers spamvertise YouTube themed emails, entice users into purchasing counterfeit drugs

by

Pharmaceutical scammers are currently spamvertising a YouTube themed email campaign, attempting to socially engineer users into clicking on the links found in the legitimately looking emails. Upon clicking on the fake YouTube personal message notification, users are redirected to a website reselling popular counterfeit drugs. The cybercriminals behind the campaign then earn revenue through an affiliate network. More details:

Continue Reading »