zveloLABS detected a suspicious-looking email purporting to come from the Electronic Federal Tax Payment System (EFTPS) of the U.S. Treasury Department. This email is fraudulent and claims that “Your Federal Tax Payment ID has been rejected.” The payment rejection is falsely attributed to the use of an invalid identification number. Here is an example of the actual phishing email (see image 01), followed by some observations that should raise red flags about its validity.
Advanced threat and exploit detection is critical to cybersecurity and network defense. zvelo’s Malicious Detection capabilities empower MSSPs, ISPs, TELCOs, network security providers, and VARs to provide world-class protection. Gain advanced insight with the most accurate URL database for malicious exploit detection to better understand the cyber threat landscape. Categories include Command and Control, Malware, Spyware, Spam URLs, Cryptocurrency Mining, Phishing and Fraud, and more.
The recent crackdown on well-known Torrent services, aided by Internet Service Providers, has led to the increasing use of anonymizers. As the name implies, anonymizers allow for anonymous web browsing and are used by end users to bypass restrictions or blocks to web content. Anonymizers are proxy services, or “proxies,” that receive and execute web requests on behalf of the user, making online activity untraceable. It is the untraceable aspect of anonymizers that has caught the attention of the underground community.
The media consistently warns people that clicking on links within emails from unknown sources can be dangerous. What about links in seemingly harmless emails received from individuals of trust? More so, what if the URL of a said link points to a familiar website? In recent weeks, zveloLABS® has identified several websites that appear benign in nature at first glance, but after further analysis these sites have been categorized as malware distribution points. What made the following case study interesting is that none of the well-known Internet blacklists and malware analysis tools flagged these URLS as being malicious. The following analysis shows how these trusted control mechanisms were circumvented with nothing more than a guise and a fundamental understanding of how the Internet operates.
With the increasing complexity of threats appearing on the Internet, coupled with the rapid development of security products designed to mitigate them, the number of phishing-based attacks have grown. In the first half of 2011 and compared to the second half of 2010, the Anti-Phishing Working Group (APWG) reported a 62% increase in unique phishing attacks worldwide in 200 top-level domains (TLDs).1 This trend warrants swift action to address the growing threat.
The 2011 Anti-Phishing Working Group (APWG) eCrime Researchers Summit, out of San Diego, California, moved fast with a number of interesting presentations and fascinating people. The APWG is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and identity theft that results from phishing, pharming, malware and e-mail spoofing of all types. The eCrime Researchers Summit brings together malware researchers, counter-eCrime developers and responders, and includes the 2011 Fall General Meeting. Here are some highlights from the event.
In mid-September of 2011, I had the privilege of attending a SOPHOS seminar titled, “Anatomy of an Attack – How Hackers Threaten your Security,” hosted by Chester Wisniewski, a highly regarded Senior Security Advisor and frequent contributor to the award-winning Naked Security blog.
Day two of the 2011 Hack in the Box Security Conference closed as quickly as it started. zveloLABS™ has absorbed invaluable information about web threats that parallel the ongoing innovations of today’s Internet. The previous day’s discussions into traditional attacks against Web 1.0 applications have provided a foundation for today’s discussions on the gravity and severity of similar threats executed in the context of the Web 2.0 paradigm.
zveloLABS™ is reporting live from the 2011 Hack in the Box Security Conference, now in its 9th year and arguably Asia’s largest and most popular network security conference, and here is our day one report. HITBSecConf has managed to attract a wide range of participants from many IT industry sectors, including a healthy share of government representatives, hailing from the Asia-Pacific region.
On September 17th of 2011, boxing fans worldwide tuned into what was expected to be one of the more exciting matches of the year. The highly revered and undefeated Floyd Mayweather, Jr. returned to the ring after a 16-month break to face Victor Ortiz, who entered the MGM Grand in Las Vegas as the World Boxing Council welterweight champion.
Black Hat – Las Vegas 2011: Report #4 – DARPA’s “Cyber Fast Track” Program Excites the Private Security Sector
Day one at Black Hat was a hit; so naturally, I looked forward to day two. I sat through a keynote given by Peiter Zatko, better known as “Mudge,” who is a Program Manager at DARPA. Mudge announced a new DARPA initiative called “Cyber Fast Track.”