Archive for the Malicious websites Category

Looking forward to the DEF CON 25 Hacking Conference

Looking forward to the DEF CON 25 Hacking Conference

Two large annual security conferences are taking place in Las Vegas this week and I will be attending the second one.

Read more

InfoSecurity Magazine Features How IoT Device Discovery and Activity Detection Can Work by Jeff Finn of zvelo

InfoSecurity Magazine Features How IoT Device Discovery and Activity Detection Can Work by Jeff Finn of zvelo

*****The following article, by Jeff Finn, appears as an online article in the Opinion section on InfoSecurity Magazine Home’s web site and was originally published on July 13, 2017. In InfoSecurity Magazine: How IoT Device Discovery and Activity Detection Can Work by Jeff Finn, CEO of zvelo Even as IoT […]

Read more

Full Path URL Categorization and Content Distribution Networks (CDNs)

Full Path URL Categorization and Content Distribution Networks (CDNs)

By Eric Watkins, Senior Malicious Detection Researcher at zvelo Earlier this  month, I came across a use case that capitalizes on the value of full path content categorization. Before discussing this use case in detail, let’s go over the definition of a content distribution network (CDN) and […]

Read more

Best Practices You Can Adopt to Help Protect Against Router Vulnerabilities

Best Practices You Can Adopt to Help Protect Against Router Vulnerabilities

About two months ago, I posted a video blog showing how easy it is to obtain unauthenticated root access on a very popular Netgear router. This Netgear vulnerability received overwhelming news coverage and the urgent call went out across the Internet to patch all of their routers […]

Read more

Bot Fraud: Malware bots vs. Ad-fraud bots

Bot Fraud: Malware bots vs. Ad-fraud bots

Bot Fraud: Malware Bots vs. Ad-fraud Bots The size and magnitude of the Malware and Ad-fraud bot problem is immense and growing. And, as bots continue to proliferate, there’s important distinctions to point out between Malware bots and Ad-fraud bots.  At zvelo, we’re always looking for ways […]

Read more

Ad Fraud Q&A: Partner SpotX Talks Ad Fraud with zvelo

Ad Fraud Q&A: Partner SpotX Talks Ad Fraud with zvelo

Partner SpotX holds Q&A with zvelo Business Development Vice President, Cordell BaanHofman, on all things ad fraud related. SpotX recently sat down with Cordell BaanHofman, our VP Business Development here at zvelo to discuss the current state of fraud in the industry, including brand safety challenges and […]

Read more

Phishing Websites Detected by zvelo

Prior to this blog post, zveloLABS published a phishing URL alert about fake Apple account verification websites. Now, zvelo’s team of engineers and researchers has unearthed a new phishing attack campaign using fraudulent Facebook log-in sites.

Read more

WaterHole Attacks – Compromised Websites

Instances of large-scale compromises of both private industry and public institutions in 2013 prompted a flurry of activity among security researchers to identify emerging and established threats. Commonly identified as Advance Persistent Threats (APTs), this phenomenon is expected to continue well into the foreseeable future. Fundamental to the spread of these threats is one of their foremost methods of propagation – a water hole attack.

Read more

Phishing Website Alert: Fake My Apple ID Account Verification URL

zveloLABS discovered a phishing website masquerading as an account verification page for Apple IDs, as depicted in the following screenshot and explained in this blog post.

Read more

Phishing Website Detections Down, Financial Industry Biggest Target

The Anti-Phishing Working Group (APWG) released their quarterly Phishing Attack Trends Report for the first quarter of 2013. Payment Services were reported as the most phished industry sector, followed by Financial Services. When considering the goal of cyber-criminals behind such scams – typically usernames, passwords and credit card information for monetary gains – these industries certainly make sense. While the total number of reported phishing website detections is seemingly on the decline, as illustrated in the trend line below, actual attacks may tell a different story.

Read more

PayPal Phishing Attack Example: Warns Your Account Has Been Limited

I received an email seemingly from PayPal informing me that access to my account has been limited. It threw me off because I received this at my work email, which is not registered with PayPal. I immediately wondered if my account got hacked. Here is a screenshot of the email:

 

Read more

Most Common Malicious Websites in Q3 of 2012

zveloLABS® has reported statistics and trends about the most visited types of malicious URLs by the international end users of zvelo’s technology partners. These OEM Partners include well over 100 of the world’s leading service providers, UTM and gateway appliance vendors, web filtering and parental controls solutions software makers, online advertising and brand safety technology providers, web analytics firms and many more. The data sample was extracted from actual URLs queried to and contextually categorized by the zveloNET® cloud systems during Q3 of 2012, and numbered in the tens of millions, yet far from the billions of non-malicious queries seen daily. The findings, statistics and trends shed new light on the seriousness, frequency, and negative consequences of compromised (hacked) websites hosted worldwide, and more importantly, accentuates the importance of adequate web filtering and network security.

 

Read more

zvelo Newly Enhanced Phishing Website, Attack Detection System

With the increasing complexity of threats appearing on the Internet, coupled with the rapid development of security products designed to mitigate them, the number of phishing-based attacks have grown. In the first half of 2011 and compared to the second half of 2010, the Anti-Phishing Working Group (APWG) reported a 62% increase in unique phishing attacks worldwide in 200 top-level domains (TLDs).1 This trend warrants swift action to address the growing threat.

 

Read more

Anti-Phishing Working Group (APWG) 2011 eCrime Researchers Summit Highlights

Anti-Phishing Working Group (APWG) - official logo'

The 2011 Anti-Phishing Working Group (APWG) eCrime Researchers Summit, out of San Diego, California, moved fast with a number of interesting presentations and fascinating people. The APWG is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and identity theft that results from phishing, pharming, malware and e-mail spoofing of all types. The eCrime Researchers Summit brings together malware researchers, counter-eCrime developers and responders, and includes the 2011 Fall General Meeting. Here are some highlights from the event.

 

Read more

Fraudulent Websites: Spammers Shift Tactics

Viagra’s days may be numbered, at least when it comes to being the drug-of-choice on fraudulent pharmacy websites. Recently, zveloLABS™ noticed a strong shift to another lifestyle drug named Adipex–a brand name alternative to the weight-loss drug phentermine. It suppresses the appetite and when combined with a healthy diet and exercise regimen can be an effective weight-loss stimulant.1 Spammers thrive from the emergence of such drug alternatives and have adapted their campaigns accordingly in order to continue making money from online prescription drug seekers.

 

Read more

“You-Just-Won” Gift Card Scam Continues to Proliferate the Web

zveloLABS™ has been tracking a “You-Just-Won” gift card scam that continues spreading all over the Internet.  This gift card scam prompts users to surrender credit card information in exchange for falsely promised winnings through numerous contests and lotteries unofficially tied to popular brand names like Apple, Wal-Mart and Best Buy.

 

Read more

zveloLABS® Identifies Sites with Work-at-Home Scams

zveloLABS® researchers recently identified numerous, fictitious 7 News websites promoting work-at-home jobs.  These bogus news sites unethically target stay-at-home moms, and falsely promise the discovery of a newfound money-making path in life.  Considering the natural appeal of making an honest buck, while being loving care providers at home, it’s certainly easy to understand how unsuspecting mothers could fall for such “recession busting” opportunities.

Read more

Adobe CS7 Searches Saturated With Dangerous Results

Looking to save a few bucks on software will almost always lead users down a dangerous path.  Users either end up at “OEM Software” sites offering unlicensed and illegal software, or to downloading cracks or keygens laced with malware.

 

Read more

Malware for Twitter Users through Phishing

A new twitter spam campaign is making rounds, infecting users with rogue anti-virus malware. The spam mail attempts to convince the user that someone was trying to steal their Twitter account information, and to download a “secure module” to protect their account.

 

Read more

Phishing Scams Lure Twitter Users

The newest phishing scam on Twitter has snared thousands of users hoping to increase their number of followers.  Instead, users are sent off to a phishing page where cybercriminals steal their Twitter logins using them to generate more spam.

Read more

Tiger Woods Poisoned Searches

Tiger Woods’ personal life and marital affairs have attracted constant attention from the press and has certainly damaged his public reputation.  With his return to the Masters only days away, Nike has released a new commercial in an effort to rebuild Woods’ image.  This compelling commercial is intended to spark a reaction, and may well be the next thing you talk about at the office water cooler.  Anyone who hasn’t seen it will go right back to their desk and search for the video. Blackhats have once again worked their way into these search results, leading users to malicious sites and Rogue Anti-Virus downloads.

 

Read more

Google Users Targeted By New Malicious Websites

zveloLABS™ has been tracking compromised sites that host PageRank Bombs since 2008.  The attacker hacks a site, but instead of putting exploits on the hacked site, they put links to other websites in order to boost the search result ranking on various search engines.  Initially this was being used for ad sites, porn sites, and pharma fraud sites.  Now, however, it is being used to boost the results of malicious sites, but with a new twist that targets Google users.

 

Read more