The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing scams related to YouTube, Facebook and nefarious digital spy campaign named Grabit.
Earlier this week, a SMS spam marketing campaign being monitored by Symantec, was found to involve YouTube videos as a method of directing recipients to Adult websites. The campaign used SMS messages that disguised the sender as a woman trying to date with the recipient. The message directed the recipient to a YouTube video that contained another link that requested them to “get verified”. The new link forwarded the viewer to the signup page of an Adult website. This method of using links in YouTube videos to direct victims to other websites can also be used to direct them to phishing sites. Click the link below to read more.
A phishing e-mail purporting to be from the “Facebook Recovery” team has been sent to several Facebook users recently. The phishing e-mail tricks the user into thinking that their Facebook account has been locked because their account abused Facebook’s User Agreement. The phishing e-mail continues to convey to the user that the account is blocked and in order to unblock it, the user must click on a link in the e-mail. This link forwards the victim to a fake Facebook login website that is used to steal the user’s login credentials. Click the link below to read more.
Researchers at Kaspersky Labs have discovered a phishing campaign focused on stealing information from small and medium businesses (SMB). The name of the campaign was Grabit and its purpose was to spy on SMB and steal any sensitive data. Companies from the United States of America to as far as Thailand were targeted by these hackers. The attack involved the use of phishing e-mails with a malicious Microsoft Word document attachment. Once the attachment was opened, additional malware would be downloaded to the infected computer. This malware could allow the hacker to log keystrokes, remotely control the infected computer and/or steal electronic files from the company. Click the link below to read more.