Hello friends, Please read this carefully.
---------- Forwarded message ---------- From: Accessible Devices <[email protected]> Date: Mon, 22 Mar 2010 08:21:36 -0500 Subject: Accessible Devices Beware FaceBook Users and College Basketball fans To: Accessible Devices List <[email protected]> We believe this is well worth reading. Cybercriminals have been busy this week running scams that target Facebook users, college basketball fans, and celebrity gossip watchers. Security experts are warning about recent attacks with nasty payloads. One widespread attack was a common ploy security researchers call the Facebook Password Reset Scam. The cybercriminals send an e-mail addressed to "user of Facebook" that reads, "Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in the attached document." McAfee reports that this scam is global. The attachment is malware with downloaders, password-stealing Trojans, fake antivirus software, or bots. The scam ranked six on McAfee's Global Virus Map Top 10, and accounted for as much as 10 percent of the infected e-mail that its software-as-a-service unit is witnessing. "As we had previously discussed in our 2010 Threat Predictions, social-networking sites will continue to be a favorite social-engineering lure for cybercriminals to distribute malware," said David Marcus, research labs manager at McAfee. "Make sure you are protected and educated." March Virus Madness At a time when college basketball fans are going wild, cybercriminals are actively pursuing opportunities for scams. Basketball fans go online to fill out bracket selections, and when they do, hackers are also playing their own game of spamdexing, i.e. manipulating search results to promote sites, according to James Duldulao, a security researcher at McAfee. In this case, he explained, cybercriminals are spamdexing malware-infected sites. This week, the top results for terms like "ncaa bracket" and "march madness predictions" were poisoned. McAfee reports that five out of the first 10 hot searches on Google Trends are being promoted by a network of legitimate sites that were hacked to serve malware. One site had an embedded Flash file that downloads malware from another site and installs it without user interaction. "Who would have thought that a simple, harmless-looking site with only a bunch of March Madness-related texts as content and not even a single pop-up or web ad could be that dangerous?" Duldulao said. "This simple, yet very sneaky and effective technique of downloading malware through exploitation, also called a 'drive-by download,' will surely infect a lot of users, especially users with no virus and malware protection." Gossip Doesn't Pay Celebrity news is also driving malware. Sophos senior security consultant Graham Cluley noted how the Internet is full of gossip about the marriage between Sandra Bullock and Jesse James after accusations that James was having an affair with tattoo model Michelle McGee. "With such a hot-trending story, it's no surprise that hackers have not been slow in exploiting the interest to their own advantage, taking the opportunity to spread their attacks disguised as content related to the breaking news," Cluley said. "Sure enough, we are seeing web pages appearing high in search results -- through the hackers' use of search-engine optimization techniques -- which point to dangerous web pages." Warm Regards, Have a nice day Hozefa... Mobile No: +919930408514 To unsubscribe send a message to [email protected] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in
