The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to Amazon, LinkedIn and the 'most sensational celebrity' in cyberspace.
Did you order an iPhone from Amazon? If you did not order a phone then you should be wary of the latest phishing scam involving the popular online retailer, Amazon. Earlier this week, a phishing e-mail appearing to be sent by Amazon, was being used to infect computers with malware. The phishing e-mail tried to trick its victim by thinking that an order was placed on the Amazon website for an expensive iPhone 6 with their credit card. The phishing e-mail continues to state that the billing confirmation receipt is attached. However, the attachment is a malicious Microsoft Word document that contains malware. Once the victim opens the attachment, their computer was infected with a Trojan horse, which can be used to download more malware or allowed further exploitation of the victim's computer. Click the link below to read more.
https://grahamcluley.com/2015/10/amazon-iphone-order-email-malware/
Security researchers at Dell SecureWorks recently discovered that an Iranian hacking group was behind a phishing scheme on LinkedIn. The researchers released an analysis detailing the scheme involving over 25 fake LinkedIn profiles that were developed to draw potential targets. Using these recruiter profiles, the hacker group used a recruitment ruse to infect and phish details from their targets. The hacker group was known to use fake resume submission systems that were actually malware in disguise. This malware was used to log keystrokes, capture screenshots and even disable a victim's anti-virus. Click the link below to read more.
Bollywood actress Priyanka Chopra now tops the list of "most sensational celebrity", but not in a good way. Unfortunately, her fame is being used by cyber criminals to lure their victims to malicious websites. According to Intel Security, cyber criminals are constantly on the lookout for new ways of scamming people. One of the methods involve using consumer interest around popular celebrities, cultural events and award shows. Through an evaluation of the top ten most searched celebrity names, the company found that there were several malware ridden or suspicious sites claiming to offer music and videos involving the actress. Some of these sites also required their visitors to provide information such as their credit card, e-mail, name and address. Click the link below to read more.