Posts Tagged: spam


Millions of harvested U.S government and U.S military email addresses offered for sale

by

Remember the underground service offering millions of harvested emails for sale profiled at the Webroot Threat Blog in January? It appears  that cybercriminals are continuing to innovate in this underground market segment by offering geolocated databases of millions of harvested emails for better targeting in their upcoming spam campaigns. In this post, I’ll profile yet another cybercrime underground  service selling millions of harvested emails to potential cybercriminals.

Continue Reading »

Research: U.S accounts for 72% of fraudulent pharmaceutical orders

by

Just how profitable is spam? Who’s buying the counterfeit pharmaceutical items advertised so heavily in a huge percentage of the spam campaigns currently circulating in the wild? According to a newly released report by the University of California at San Diego, although hundreds of thousands of people visit the fraudulent pharmaceutical scam sites, only a small percentage of them is actually purchasing the counterfeit pharmaceutical items. In this particular case, the United States leads with 72% of total purchases from fraudulent pharmaceutical sites. More details:

Continue Reading »

Research: proper screening could have prevented 67% of abusive domain registrations

by

On a daily basis, spammers register thousands of new domains across multiple domain registrars, and take advantage of WHOIS privacy services to ensure that security researchers and anti-spam fighters will have hard time taking them down. So what can we do about it? According to a newly released research by Knujon.com, proper screening could have prevented 67% of those abusive domain registrations. More details:

Continue Reading »

Phishers Cast Their Nets in the Social Media Pool

by

By Ian Moyse, EMEA Channel Director It can seem at times that the only people who like change are Internet attackers. And they don’t just like it—they need it. Technology’s rapid changes give cybercriminals new attack vectors to exploit, and new ways to turn a profit out of someone else’s misfortune. Take phishing, for example. The concept is simple: Send an email disguised as a message from a bank, PayPal, or UPS. Wait for the user to click a link in the message, and enter their private details into a phishing site, and presto! The attacker attains financial or personal […]

Continue Reading »

Webroot Answers Your Security Questions

by

I’m very pleased to present today the first in a series of videos we’ve produced. The videos have the lofty goal of addressing the most pressing questions relating to malware, cybercrime, and online fraud. We’ll take you behind the scenes at Webroot and introduce you to some of our Threat Research team in the process. In this first video, Webroot’s Director of Threat Research, Jeff Horne, answers a question submitted to us via Twitter direct message about the motives behind most cybercrime, and whether there are any examples of malware or other types of malicious online activity that have been […]

Continue Reading »

Fishing for Phishers is a Full-Time Job

by

By Ian Moyse, EMEA Channel Director We seem to take phishing attacks for granted these days, in much the same way that we’ve accepted spam as a natural, and inevitable, by-product of email. Some experts believe that one of the best solutions to thwart phishing attacks is end-user training, but I doubt training alone can be a viable solution. Can we really train every computer user to be sufficiently security literate, such that anyone can distinguish a phishing message from a genuine bank email? I doubt that it is possible, especially given how specific the details in spear phishing (phishing […]

Continue Reading »

Your Federal Tax Payment Has Not Been Rejected

by

It’s been more than a week since we started seeing spam email, supposedly sent by the EFTPS (Electronic Federal Tax Payment System, a division of the US Department of the Treasury), informing recipients in dire, bolded text that Your Federal Tax Payment ID: 01037513 has been rejected. I had hoped it would be a faded memory by now, but apparently it just won’t die. Spam, ladies and gentlemen. It’s a lie, cooked up in a criminal’s troubled mind, with the goal of convincing signficant numbers of people to click a link in the message. It’s a pretty contrived message, which […]

Continue Reading »

Facebook Spam Leads to Viagra Vendor, Drive-by Download

by

Annoying as they are, the spam emails circulating that supposedly come from Facebook don’t merely lead the recipient to one of those so-called Canadian Pharmacy pill-vendor websites. They now come with a bonus: An infection, courtesy of a malicious iframe which attempts a series of exploits against the browser, Adobe Reader, and Adobe Flash in an attempt to push a drive-by download down to the victim’s PC. The messages, which say they come from a service called Facebook Notify (or, sometimes, just Facebook Service) inform the recipient that they’ve received a message. In order to read the message, the recipient […]

Continue Reading »