The Weekly Top 3 – ED #48.2015

By Jon Phish, Fri 27 November 2015, in category News

bitcoin, malware, phishing, ransomware, weekly

The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to UK Startups, Terrorist Strikes and CryptoWall.

UK Startup Targeted by Spear Phishing Attack

Spear phishing e-mails are harder to detect than normal phishing e-mails because the cyber criminal crafting the e-mail has done research on their target by monitoring their social media accounts and other online company profiles. As a result, these cyber criminals are registering domain names similar to the ones used by their victims. An anonymous web-based internet company told WIRED that they were tricked in a similar fashion when an spear phishing e-mail was sent to their payments department from an sender impersonating their CEO. The spear phishing e-mail stated that the fake CEO needed to make an urgent payment. When the payment department replied by requesting a sort code and account number, the cyber criminal provided this information for an account that they controlled. Unfortunately for the company, the funds were transferred to the cyber criminal's account without them calling the CEO on the phone to verify the payment. Click the link below to read more.

Cyber Criminals Use Terrorist Strikes In New Phishing Campaign

Cyber criminals are now taking advantage of the fear of terrorist attacks to launch phishing campaigns against large companies in Canada and the Middle East. The spear phishing e-mails appear to be sent by real security personnel and even contain legitimate attachments. However, some of these e-mails also contained malware-laced attachments and malicious links to phishing sites used to steal personal information or download malware. The majority of the malware found in these e-mails had remote access tool (RAT) capabilities, which would allow the cyber criminal to remotely access the infected computers. Click the link below to read more.

CryptoWall Ransomware Used In Bitcoin Extortion

CryptoWall ransomware has recently been highlighted as the most dangerous malware used by cyber criminals to extort Bitcoin from their victims. The latest version of the malware encrypts the victim's personal computer files and their respective file names. These file cannot be decrypted unless the victim pays the cyber criminal a certain amount of Bitcoin. If no payment was received, the cyber criminal deletes the private cryptography key and the victim's files are lost forever. This malware is usually distributed in phishing e-mails or SPAM messages, but recently the malware has been known to be used with the Nuclear Exploit Kit that uses zero-day vulnerabilities to force a computer to download malware. This exploit kit is usually placed on phishing sites and only triggers when someone visits the website. Click the link below to read more.