Weekly Top 3 - ED #10.2015

By Jon Phish, Sun 08 March 2015, in category News

phishing, weekly, whatsapp

The Weekly Top 3 are the three most relevant news for the week that are related to phishing scams reported in the media, security blogs and security magazines on the internet. This week, we look at phishing scams related to Tollway, WhatsApp and a mind-reading DNS service called NLPRank.

Phishing scam targets Tollway riders

Tollway I-PASS users were warned that a phishing e-mail was sent to them asking them to repay the company for erroneous missed tolls. The company has stated that no personal customer information has been stolen thus far, but they have highlighted that someone is using a general e-mailing list to distribute these phishing e-mails. Furthermore, the e-mail has a link that directs the customer to a fake Tollway E-ZPass site that allows the hackers to obtain the victims personal information. Click on the link below to learn more.


WhatsApp Voice Calling Scam

The popular instant messaging service, WhatsApp is currently in the process of adding a new voice calling feature that lets you make voice call over the Internet to your contacts that already have the feature enabled on their phones. Scammers are now sending messages via WhatsApp taking advantage of people who wish to adopt this new feature. The phishing message asks the victim to click on a link, which directs them to a website and tricks them into downloading an unwanted app that exposes the victim's contact list to scammers. Click on the link below to read more.


Mind-reading DNS security service: NLPRank

Natural Language Processing (NLP) is primarily used by search engines to give user's better results. OpenDNS has decided to use this technique to identify potentially malicious typo-squatting/targeted phishing domains, which are used by scammers to set up fake websites for their phishing schemes and C&C servers. The name given to this pre-cognitive service was NLPRank. This service makes use of the fact that domains associated with these schemes are constructed in similar lexical fashion and therefore spoofing legitimate domains (e.g. adobe.com). Click on the link below to read more.