Welcome!

Machine Learning Authors: Elizabeth White, Liz McMillan, Yeshim Deniz, Corey Roth, Pat Romanski

News Feed Item

GFI Software Uncovers Bogus Credit Card Notifications and Shipping Scams as Holiday Season Begins

Users also encountered malicious links in Twitter direct messages and a Trojan posing as a popular mobile application

CLEARWATER, Fla., Dec. 10, 2012 /PRNewswire/ -- GFI Software™ today released its VIPRE® Report for November 2012, a collection of the 10 most prevalent threat detections encountered last month. In November, GFI threat researchers encountered email threats disguised as notices from American Express®, DHL® and UPS® as the holiday season kicked into full gear, as well as a phony Twitter® Video application on Facebook and mobile malware disguised as the latest Angry Birds® game.

(Logo: http://photos.prnewswire.com/prnh/20121204/MM23629LOGO )

"One unfortunate reality about the holiday season is that while many people choose to spread good cheer, Internet users can also count on cybercriminals to spread malware. They prey on the stresses of last-minute gift buying, hoping to distract consumers from being cautious with their personal information online," said Christopher Boyd, senior threat researcher at GFI Software. "Cybercriminals have a large pool of potential victims at this time of year as more and more people flock to online shops to buy holiday gifts and ship them with their favorite package delivery company. No matter how crazy the season gets, users need to remember to practice the same good habits such as double checking the source of email messages and confirming the destination of links before clicking."

One cybercrime campaign delivered fake DHL Express delivery notifications to users' inboxes claiming that DHL was unable to make a delivery to the victims' addresses and that they needed to go to their local DHL office to present a postal receipt and claim the package. Users attempting to print their receipt were redirected to a number of websites leading to a phony antivirus program which infected users' machines, blocked other applications from running, caused pop-ups and redirected victims to messages designed to scare them into purchasing the fake antivirus software. Another international shipping company, UPS, also had its brand hijacked for a similar malware campaign.

American Express customers were targeted with malicious email campaigns designed to infect users' systems. One claimed that a money transfer had been aborted and contained a number of links to "review the billing statement" and "set alert preferences." If a user clicked any of these links, they were redirected to a malicious site and infected with Cridex if the Blackhole exploit kit housed there detected any unpatched vulnerabilities on their machine.

GFI found that users also continued to be at risk of falling for other familiar scams in November. Twitter users were the victim of malicious direct messages linking to a phishing page disguised as a "Twitter Video" application on Facebook. Users who clicked on the link and submitted their login credentials to the cybercriminals were also infected with a Trojan disguised as an Adobe® Flash® Player update. Elsewhere, Android™ users looking to try the new Angry Birds Star Wars® game without visiting the legitimate Google Play™ store may have also come across a fake version of the game that contained a Boxer Trojan. Users who installed the application had their phones hijacked to send premium SMS messages before being redirected to a legitimate download of the actual game.

Top 10 Threat Detections for November
GFI's top 10 threat detection list is compiled from collected scan data of tens of thousands of VIPRE Antivirus customers who are part of GFI's ThreatNet™ automated threat tracking system. ThreatNet statistics revealed that Trojans once again dominated the list taking half of the top ten spots.

Detection

Type

Percent

Trojan.Win32.Generic

Trojan

22.9

GamePlayLabs

Adware (General)

3.48

Yontoo  (v)

Adware (General)

2.49

Trojan.Win32.Sirefef

Trojan

2.85

Win32.Malware!Drop

Trojan

1.26

Wajam

Adware (General)

2.1

BProtector

Misc (General)

1.85

Trojan.Win32.Ramnit.c (v)

Trojan

1.15

INF.Autorun (v)

Trojan

1.10

Virus.Win32.Sality.at (v)

Virus.W32

1.04

About GFI Labs
GFI Labs specializes in the discovery and analysis of dangerous vulnerabilities and malware. The team of dedicated security specialists actively researches new malware outbreaks, creating new threat definitions on a constant basis for the VIPRE home and business antivirus products.

About GFI
GFI Software provides web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMB) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States, UK, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold ISV Partner.

For more information
GFI Software
Please email David Kelleher at [email protected]
GFI - Malta: Tel: +356 2205 2000; Fax: +356 21382419.
URL: http://www.gfi.com.

Davies Murphy Group
Please email Jason Gass at [email protected]
GFI – US: Tel: +1-781-418-2439

Disclaimer
Copyright © 2012 GFI Software. All rights reserved. All other trademarks are the property of their respective owners. To the best of our knowledge, all details were correct at the time of publishing; this information is subject to change without notice.

SOURCE GFI Software

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@CloudExpo Stories
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis tool. It is an extremely lightweight tool that can integrate with pretty much any build process right now," explained Andrew Siegmund, Application Migration Specialist for CAST, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
As ridesharing competitors and enhanced services increase, notable changes are occurring in the transportation model. Despite the cost-effective means and flexibility of ridesharing, both drivers and users will need to be aware of the connected environment and how it will impact the ridesharing experience. In his session at @ThingsExpo, Timothy Evavold, Executive Director Automotive at Covisint, discussed key challenges and solutions to powering a ride sharing and/or multimodal model in the age ...
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. Commvault can ensure protection, access and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his general session at 18th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Part...
"Venafi has a platform that allows you to manage, centralize and automate the complete life cycle of keys and certificates within the organization," explained Gina Osmond, Sr. Field Marketing Manager at Venafi, in this SYS-CON.tv interview at DevOps at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
"I will be talking about ChatOps and ChatOps as a way to solve some problems in the DevOps space," explained Himanshu Chhetri, CTO of Addteq, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with extensive global expertise as a strategist, technologist, innovator, marketer, and communicator. For over 30 years across five continents, he has built success with Fortune 500 corporations, vendors, governments, and as a leading research analyst and consultant.
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settl...
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, examined the regulations and provided insight on how it affects technology, challenges the established rules and will usher in new levels of diligence arou...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
Digital transformation has increased the pace of business creating a productivity divide between the technology haves and have nots. Managing financial information on spreadsheets and piecing together insight from numerous disconnected systems is no longer an option. Rapid market changes and aggressive competition are motivating business leaders to reevaluate legacy technology investments in search of modern technologies to achieve greater agility, reduced costs and organizational efficiencies. ...
Organizations planning enterprise data center consolidation and modernization projects are faced with a challenging, costly reality. Requirements to deploy modern, cloud-native applications simultaneously with traditional client/server applications are almost impossible to achieve with hardware-centric enterprise infrastructure. Compute and network infrastructure are fast moving down a software-defined path, but storage has been a laggard. Until now.
DXWorldEXPO LLC announced today that Kevin Jackson joined the faculty of CloudEXPO's "10-Year Anniversary Event" which will take place on November 11-13, 2018 in New York City. Kevin L. Jackson is a globally recognized cloud computing expert and Founder/Author of the award winning "Cloud Musings" blog. Mr. Jackson has also been recognized as a "Top 100 Cybersecurity Influencer and Brand" by Onalytica (2015), a Huffington Post "Top 100 Cloud Computing Experts on Twitter" (2013) and a "Top 50 C...
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smart...
"We were founded in 2003 and the way we were founded was about good backup and good disaster recovery for our clients, and for the last 20 years we've been pretty consistent with that," noted Marc Malafronte, Territory Manager at StorageCraft, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Here are the Top 20 Twitter Influencers of the month as determined by the Kcore algorithm, in a range of current topics of interest from #IoT to #DeepLearning. To run a real-time search of a given term in our website and see the current top influencers, click on the topic name. Among the top 20 IoT influencers, ThingsEXPO ranked #14 and CloudEXPO ranked #17.