The Spam Cryer
The Internet Storm Center published a story on the recent Lilupophilupop malware infections.
They had originally written about it back in November. 1 month later, the infections had increased:
- UK – 56,300
- NL – 123,000
- DE – 49,700
- FR – 68,100
- DK – 31,000
- CN – 505
- CA – 16,600
- COM – 30,500
- RU – 32,000
- JP – 23,200
- ORG – 2,690
In order to see if your site has been effected, search for “<script src=”hxxp://lilupophilupop.com/” in google and use the site: parameter to hone in on your domain.
For example, in Google type
site:yoursite.com “<script src=hxxp://lilupophilupop.com/
( note: we changed to hXXp so you don’t actually go there. )
This is a nasty SQL Injection attack, so be careful when doing your investigation.
Original story is here. http://isc.sans.edu/diary/Lilupophilupop+tops+1million+infected+pages/12304
Continue Reading
Shaun
We’ve noticed lately that the recent wave of “Shipping-related” spam has been increasing.
Continue Reading
Shaun
A new fake “LinkedIn Notice” campaign can empty your bank account if you’re not careful. CudaMail protects against this one, but a lot of people can be harmed if they’re not aware.
Continue Reading
Shaun
There’s a new guide available on CudaMail.com that talks about things you need to know before choosing a Spam Filtering service. There are several choices on the web, so it’s important to know what to look for.
Continue Reading
Shaun
The Internet Storm Center recently posted a story about a new email malware scam , where emails appear to show that a company has put a sale on a credit card of yours.
Shaun
US-Cert recently published an article about a new phishing attack, which is aimed as specific targets in the US Government.
The Story:
US-CERT is aware of public reports of a phishing attack that specifically targets US government and military officials’ Gmail accounts. The attack arrives via an email sent from a spoofed address of an individual or agency known to the targeted user. The email contains a "view download" link that leads to a fake Gmail login page. The login information is then sent to an attacker. Google has indicated that this phishing campaign has been disrupted and that affected parties have been notified.
- US-CERT encourages users and administrators to do the following to help mitigate the risks:
- Review the Google blog entry Ensuring your information is safe online.
- Do not follow unsolicited web links or attachments in email messages.
- Use caution when providing personal information online.
- Verify the legitimacy of the email by contacting the organization directly through a trusted contact method.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
- Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
- Refer to the Using Caution with Email Attachments document for more information on safely handling email attachments.
Relevant Url(s):
http://www.us-cert.gov/cas/tips/ST04-014.html
http://www.us-cert.gov/reading_room/emailscams_0905.pdf
http://googleblog.blogspot.com/2011/06/ensuring-your-information-is-safe.html
http://www.us-cert.gov/cas/tips/ST04-010.html
Original Article: http://www.us-cert.gov/current/index.html#gmail_phishing_attack
Continue Reading
Shaun
This new story by US-CERT shows they have become aware of reports on a new phishing attack. Apparently it’s bypassing some of the new phishing protection built-in to many browsers.
Continue Reading
Shaun
US-CERT warns of impending Japan EarthQuake and Tsunami Email Scams
Continue Reading
Shaun
Apparently malware writers have “cranked up” their production this year. Security firm Panda Security has reported that 20 Million new strains of malware have been created by “the badguys” this year already. That includes over 33% of all active malicious programs.
Continue Reading
Shaun
There’s an email worm ( and not kidding here ) circulating that uses the good old infection method of sending emails with malicious executables to all the people in your address book!
Previous Posts
