Browse by Tags

All Tags » Security, safety and privacy on the Internet » Malvertizing (RSS)
Fri, Jun 22 2012 12:02

Scareware makes it way to mobile devices…

  Well, I suppose it had to happen sooner or later http://krebsonsecurity.com/2012/06/beware-scare-tactics-for-mobile-security-apps/   Image source: krebsonsecurity   According to Brian’s article, the advertisement linked to in the overlay...
Posted by sandi | 1 comment(s)
Filed under: ,
Sat, Jun 16 2012 8:17

Fake Verizon Wireless emails

As always, please don’t click on the links.
Posted by sandi | 1 comment(s)
Filed under: ,
Sat, Jun 16 2012 8:13

Fake UPS email

Don’t click on the links!
Posted by sandi | with no comments
Filed under: ,
Tue, Jun 5 2012 12:24

Non-English (Dutch) Mastercard spam

Rough translation…   Spam email: As always, when you hover over a link, it becomes obvious that the email is not legitimate: If you give in to temptation (of course, never do so unless you are working within a properly sandboxed virtual machine that...
Posted by sandi | 1 comment(s)
Filed under: ,
Mon, Jun 4 2012 13:33

Twitter spam…

  After bouncing through various URLs (including one in Russia) you end up at a fake Twitter log in page: http://wepawet.cs.ucsb.edu/view.php?hash=a9f9677418fa2d11d0b6eddda93e6e3b&t=1338784045&type=js   Note the non-Twitter URL.  
Posted by sandi | with no comments
Filed under: ,
Sat, Jun 2 2012 11:57

“Wire Transfer Confirmation” spam

It’s not real – honest.  And the email isn’t from LinkedIn.
Posted by sandi | with no comments
Filed under: , ,
Sat, Jun 2 2012 11:55

Fake Linked In emails

 
Posted by sandi | with no comments
Filed under: , ,
Thu, May 31 2012 14:21

That which is old is new again–Ecard spam

  You don’t really have a secret admirer, honest…  don’t try this at home unless you have a sandboxed VM that you can trash at will.    
Posted by sandi | with no comments
Filed under: , ,
Sat, May 26 2012 10:59

A sophisticated, and detailed (but fake) Amazon Kindle purchase spam

Check it out at the bottom of this post. Interestingly, several different URLs are used in the spam email, scattered around several countries – somebody’s put a nice bit of effort into this one…
Posted by sandi | with no comments
Filed under: , ,
Sat, May 19 2012 11:43

Problems at metacafe.com?

Cite: http://www.google.com/safebrowsing/diagnostic?site=metacafe.com   “Of the 15199 pages we tested on the site over the past 90 days, 5944 page(s) resulted in malicious software being downloaded and installed without user consent. The last time...
Posted by sandi | with no comments
Filed under: , ,
Sat, May 19 2012 10:17

adultfriendfinder.com spam

Subject: “FWD: ALERT: You have an E-Card from your Secret Admirer.   Clicking on the URL leads you here – just so we’re all clear, nobody actually has a crush on you (sorry):   Click on “My Profile and Pics” and you end up at adultfriendfinders...
Posted by sandi | with no comments
Filed under: ,
Sat, May 5 2012 15:13

Users of OpenX versions 2.8.0 - 2.8.8–please read!!

http://blog.openx.org/05/security-update-for-openx-28-users/   “A recent security issue with OpenX versions 2.8.0 - 2.8.8 means users of these versions of the platform should take the following steps: 1. Secure their servers by removing the files...
Posted by sandi | with no comments
Filed under: , ,
Tue, Jul 19 2011 15:22

Security alert for visitors to SBS.COM.AU and HERALDSUN.COM.AU

  SBS Alert here: http://www.sbs.com.au/article/124519/SBS-website-statement-July-18-2011 “ Over the last 2 days, the SBS website has been the victim of a hacking attack. This is the first time that the SBS site has suffered any sort of attack, however...
Posted by sandi | with no comments
Filed under: , ,
Mon, Jul 18 2011 15:32

Security Intelligence Report v10 – A Deeper Look at “Scareware”

Microsoft released their latest Security Intelligence Report back in June.  You can find a copy here: http://www.microsoft.com/security/sir/default.aspx The most worrisome thing that I read in a discussion about the latest report (you can find the...
Posted by sandi | with no comments
Filed under: ,
Mon, Mar 9 2009 10:04

ALERT: Please treat the domain statisticsishere.com and measurehits.com with extreme caution

I received this email a short while ago: “ We have been getting a lot of ads accessing scripts from this domain statisticsishere.com. So far there is no malware redirect or download but this domain looks suspicious having been created less than a week...
Posted by sandi | with no comments
Filed under: , , ,
Thu, Feb 26 2009 23:46

Interesting comment – Best Western malvertizing

The comment was posted here .  I quote: “ My company was approached by a client claiming to represent Best Western with a lower tech version of this.  We were give a static JPG, third one from the top and instructions to paste some odd-looking...
Posted by sandi | with no comments
Filed under: , , ,
Tue, Feb 10 2009 16:42

Lifestyles of the Rich and Infamous, and an update about the status of the FTC versus Innovative Marketing et al lawsuit

I'll include some history of events so that you can get a sense of perspective with regards to the time frame around these events.   It is especially important to note that the FTC lawsuit is not the only problem that Jain is facing. ...
Posted by sandi | 1 comment(s)
Filed under: , , ,
Mon, Feb 2 2009 15:54

More information about Olympic Media shenanigans

Ok, when the hijack triggered via the Olympic Media supplied javascript URL that I mentioned in my previous article triggers successfully we hit: admediastats.com/ts/in.cgi?{{redacted}} From there we end up at sg12scanner.com/{{redacted}} From there to...
Posted by sandi | with no comments
Filed under: , ,
Mon, Feb 2 2009 13:50

Olympic Media are still active

I’ve warned about Olympic Media several times – they continue to be active. The latest reports indicate they are claiming to be operating out of Canada and are supplying javascript code referring to admin.securityclick.net as follows:     Other...
Posted by sandi | 3 comment(s)
Filed under: , ,
Tue, Jan 27 2009 9:42

DIRECTI responds re inaccurate WHOIS complaint time frames

15 days, so they say:   My response? “ This is not good enough.  The domains can be used to facilitate fraud for 15 days? At the very least, posnerpromotion.com should have been isolated before now. posnerpromotion.com redirects to posneradv...
Posted by sandi | 1 comment(s)
Filed under: ,
More Posts Next page »