The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to Siri, Chip cards and Adobe.
Siri is you personal assistant; now she is likely to become your personal hacker. Researchers at ANSSI have shown that they could send radio waves to silently trigger voice commands on any Android or iPhone. This hack allowed a hacker to tell Siri to dial a number, open the phone's browser to a phishing site or send SPAM messages via e-mail, Facebook or Twitter. The phone must have Google Now or Siri enabled to perform the hack, but the fact that the hacker can turn the phone into an eavesdropping device without saying a word, makes extremely dangerous. Click the link below to read more.
EMV Chip cards are very new to the credit card market. They were created for the express purpose of stopping credit card fraud. Unfortunately, scammers are using the opportunity to trick new cardholders through a phishing scheme. The phishing e-mail involved in this scam, requested a potential cardholder to update their account information in order to obtain their new chip card. However, the phishing e-mail contained a link that either forwarded the victim to a malicious website or downloaded malware to infect their computer. This allowed the scammers to steal their personal and financial information. Click the link below to read more.
Pawn Storm, the cyber espionage group based in Russia has been using a new Adobe Flash zero-day attack to infect the computers of foreign affairs ministries. Security researchers at Trend Micro stated that the group has been using spear phishing e-mail attacks against various foreign affairs ministries around the globe. The e-mails contained malicious links that lead to a website that hosts an Adobe Flash malware. This malware exploited version 220.127.116.11 of the Adobe Flash Player. Once a victim visited the site, the malware executed and allowed the hacker to take over the infected computer. Click the link below to read more.