Wifiphisher is a security tool that mounts fast automated phishing attacks against WPA networks in order to obtain the secret passphrase. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining WPA credentials. From the victim’s perspective, the attack makes use […]
Continue ReadingA new configuration of the Carberp Trojan that targets Facebook users to commit financial fraud. Unlike previous Facebook attacks designed to steal user credentials from the log-in page, this version attempts to steal money by duping the user into divulging an e-cash voucher. Carberp replaces any Facebook page the user navigates to with a fake […]
Continue ReadingA new, unique type of phishing attack targeted against online banking customers was recently discovered by the RSA FraudAction Research Lab. RSA has coined this as a “Chat-in-the-Middle” phishing attack and it is first executed through routine means but then presents a more advanced layer of perpetrating online fraud. The phishing attack may dupe bank […]
Continue ReadingIt would be easy to think that once someone has logged in successfully to Facebook—and not a phishing site—that the security threat is largely gone. However, that’s not quite the case, as we’ve seen before. Earlier this week, however, Trend Micro researcher Rik Ferguson found at least two—if not more—malicious applications on Facebook. (These were […]
Continue ReadingThere has been a phishing scheme running around on Twitter this weekend. But, so far, it’s a relatively easy one to avoid becoming a victim of. Here are some tips on the phishing mess. First, it is okay to check your DMs on Twitter. You don’t need to be afraid to check them. But, be […]
Continue ReadingChristopher Boyd, Director of FaceTime Security Labs, a malware research firm, has found a list of hacked eBay logins. The list includes 121 pages and carries 5,534 eBay accounts, including usernames, passwords and mail address, as reported by ecommerceguide on October 15, 2008. As per reports, some of the stolen accounts were inactive, but also […]
Continue Reading