Monday 12 May 2014

Netflix “Account Requires Validation” email may catch you out



An email requesting that customers verify their payment information on Netflix is fooling many into a phishing scam.

The general advice to avoid phishing scams or malware scams initiated by emails is to avoid clicking on links inside emails and instead going directly to the relevant website instead.

This way you know you are at the genuine website and not a spoof website designed to look like the Netflix website.

You can also verify the URL web address at the top of your Internet browser screen to ensure you are on the correct domain as well, but be aware – spoof web addresses can look very similar to the real thing.

In the case of the Netflix email scam we received this week, the domain that we were directed to was srv-netflix.com/direct_497.php – on first glance this could appear to be the real site, but it isn’t. (the real site is Netflix.com of course)

So watch out, these emails can look legitimate and clicking on those links can lead to a whole host of problems.

Wednesday 26 March 2014

Huntington Park Homicide Email Scam



Email scammers are always looking for new, inventive ways to lure readers into opening and executing malicious email attachments, and this latest method-operandi is the example to hit inboxes across the globe.

The email (example below) disguises itself as an alert from Critical Reach about a homicide suspect in Huntington Park, though later versions will likely alter that location. (UPDATE: later versions change location to London City) The email attempts to pique the curiosity of the reader or alarm them into opening the attachment which, according to the email contains more details.
 
 
Subject: ALERT@CriticalReach.Org

Bulletin Headline: HOMICIDE SUSPECT
Sending Agency: Huntington Park Police
Sending Location: CA - Los Angeles - Huntington Park
Bulletin DateTime: 2014-03-25 @ 14.32
The bulletin is a pdf attachment to this email.

The Adobe Reader (from Adobe.com) will display and print the bulletin best.
You can Not reply to the bulletin by clicking on the Reply button in your email software.

 
However the email contains a zipped application (.exe) file that harbours malware if it is executed.

Previous emails scams have claimed to come from funeral homes or even emails that claim the recipient may have cancer.

As usual, never open suspicious email attachments and always be wary of attachments in ZIP compressed files.

Think you executed a dangerous attachment? Then run your security software. Don’t have any? Click here for our recommendations.

Using Microsoft Word 2010? Be alert for rogue .RTF files.




If you're still using Microsoft Word 2010, be on the lookout for people asking you to open files with the .RTF extension, as an exploit can give hackers access to your computer.

What's an RTF file? It stands for Rich Text Format, and is a text format that can be opened in programs like MS Word. Legitimate RTF files simply contain text files.

But crafty scammers have found out a way to create malicious RTF files that they then try to send to potential victims across the Internet. (Primary conduit will almost certainly be sending malicious RTF files through email)

So if you're using MS Word 2010, just be on the watch-out for suspicious emails and other communications that implore you to open RTF files (files with a .rtf extension) - users with Word 2003 or 2007 can also be at risk as well.

Following your usual security advice of not opening unusual or suspicious files should be enough to protect yourself from this threat.

This exploit should soon be all patched up by Microsoft soon, so ensure that future Microsoft updates are installed in a timely manner!

Tuesday 25 February 2014

WhatsApp Missed Voice Message Email Scams




After the recent acquisition of WhatsApp by Facebook, hoaxes and scams involving the instant messaging app have been circulating aggressively, including the revival of email scams claiming you have received a “missed voice message”.
 
The email, which contains links to an external website, will lead readers to a website that attempts to lure a visitor into installing malicious software onto their computer.
 
Variants of the email redirect to spammy pharmaceutical websites or contain email attachments that contain malware instead.
 
Be wary of emails that contain links to external websites or email attachments. Just because they appear to have come from a legitimate company or entity, it doesn’t mean that they have.
 
If you do see a link on an email always check the URL web address to ensure you are being taken to a trusted domain. If not, don’t click!
 
Our recommended Internet security software protects from this latest batch of WhatsApp scams. If you are looking to upgrade or improve your security solution, then click here.

Wednesday 29 January 2014

HMRC Gateway Email Malware Spam bombards users


UK email users are being bombarded with malware scams that claim to be from the HMRC Gateway program regarding self-assessment taxes.

The tax deadline day in the UK is the last day of January, meaning many of those who do their own taxes have been filing, submitting and paying their tax returns over the last few days.

And malware scammers have been exploiting this by mass email malware attacks that appear to have been sent from HMRC  (HM Revenue and Customs) or “Gateway UK “.
 
Scam emails assert to be from the UK's HMRC
 
The emails claim that the supplied email attachment contains a copy of the submitted tax return and implores the reader to open it to sort out errors or problems before the deadline expires.

However the email attachment – as typical with these types of scams – contains a ZIP folder harbouring a malicious .exe application file.

If the email user opens the ZIP folder and executes the .exe file within, they are infecting their computer with malware.

If there are problems with your tax return, UK readers are advised to visit the http://www.hmrc.gov.uk site directly to sort out any problems, and NEVER open up attachments from suspicious emails like this.

If you need a copy of your tax return, this can be requested via postal mail or downloaded from the aforementioned website in PDF format.

Sunday 26 January 2014

Malware attack appears to come from Funeral Homes


With malware scams attempting to exploit almost every type of tragedy such as 9/11 and the conflicts in Syria, you may think the level of a scammer’s depravity could not get any lower.
 
However the criminals who produce malware are pushing the boundaries of immorality once again via an email attack that used the social engineering modus-operandi of tricking a recipient into thinking a friend has passed away.
 
The scam email disguises itself as communication from a funeral home, and requests the recipient click a link to an external website and download a file in order to obtain the details on the time and location of the funeral.
 
An example E-mail scam purporting to be from a Eubank Funeral Home
 
 
Recipients, obviously in an attempt to acquire the identity of their recently passed friend as well as the details of the funeral, click the link which leads to a malware infection if the recipient downloads and executes the application file.
 
Remember, there is no moral bar too low for a scammer who will trick a victim into downloading and installing malware onto their computer through any means necessary.
 
Always be suspicious of unsolicited emails, especially emails with links to external sites or attachments.
 
If you downloaded suspicious files onto your computer, remember to always run a full antivirus scan from your reputable security software. If you’re looking to upgrade or change your security software click here for our recommendations.

Thursday 23 January 2014

"Parcel Undelivered" Email spam targets Mac OS X users

One of the advantages that Mac users usually boast about is that the operating system – from a security perspective – is safer than its Windows counterpart.

Mac computers are not immune to malware
After all, it has a secure infrastructure and the majority of threats you face online are designed to work only on the Windows based operating systems.
For the most part, those Mac users are right, but it is important not to get complacent and assume that the Apple operating systems are immune, because they’re not.

This was highlighted by The Naked Security blog from Sophos this week who spotted an email scam doing the rounds that targeted Mac users.

The scam was wholly unoriginal in its design in fact. The email was the classic “parcel undelivered” scam that told the email recipient that they missed a parcel delivery and that they needed to visit a website (or open an attachment) in order to retrieve the parcel. We mentioned the scam in our blog post earlier outlining some common email malware attacks.

Upon visiting the website linked to from the email, the webpage was able to launch a malware attack for those using the Safari web browser, which downloaded an application to the user’s computer disguised as a harmless PDF file. Opening the PDF would execute the malware.
 
Don’t get lulled into a false sense of security if you’re using a Mac. You still need to be cautious and you still need to use antivirus protection.

If you’re looking for good security protection, we generally recommend BitDefender antivirus for Macs if you want to install reputable third party software.