zvelo’s Phishing Detection systems leverage human-supervised machine learning and crowd-sourced continuous ActiveWeb monitoring in order to identify and track millions of active phishing URLs. Stay up to date and protect your networks and users with the latest targeted and “Zero-Minute” phishing URLs and campaigns.
zveloLABS detected a suspicious-looking email purporting to come from the Electronic Federal Tax Payment System (EFTPS) of the U.S. Treasury Department. This email is fraudulent and claims that “Your Federal Tax Payment ID has been rejected.” The payment rejection is falsely attributed to the use of an invalid identification number. Here is an example of the actual phishing email (see image 01), followed by some observations that should raise red flags about its validity.
With the increasing complexity of threats appearing on the Internet, coupled with the rapid development of security products designed to mitigate them, the number of phishing-based attacks have grown. In the first half of 2011 and compared to the second half of 2010, the Anti-Phishing Working Group (APWG) reported a 62% increase in unique phishing attacks worldwide in 200 top-level domains (TLDs).1 This trend warrants swift action to address the growing threat.
The 2011 Anti-Phishing Working Group (APWG) eCrime Researchers Summit, out of San Diego, California, moved fast with a number of interesting presentations and fascinating people. The APWG is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and identity theft that results from phishing, pharming, malware and e-mail spoofing of all types. The eCrime Researchers Summit brings together malware researchers, counter-eCrime developers and responders, and includes the 2011 Fall General Meeting. Here are some highlights from the event.
The newest phishing scam on Twitter has snared thousands of users hoping to increase their number of followers. Instead, users are sent off to a phishing page where cybercriminals steal their Twitter logins using them to generate more spam.
