Subscribe to the RSA blogs and podcasts for the latest posts and security updates!
Over the weekend, three stories crossed my desk that got me thinking about the challenge that Art Coviello issued to the security industry in his RSA Conference 2012 keynote: to forge a “collective resolve” to stand together against “a host of adversaries who threaten our very trust in the world’s digital economy”. The first of [...]
The fallout from the news of the Global Payments breach may be just subsiding, but one thing can already be said – this probably isn’t the last processor that will be breached.
Mystery shopper scams are nothing new, but I now have the experience of being personally targeted by one. From my research, most of these scams are carried out in a “pull method,” whereby ads are placed in classified sections asking for applicants for a part time job. I was targeted by someone using the “push method,” whereby a live (fraudulent) check was mailed to me in a haphazardly stuffed envelope with an official looking letter and survey form.
They say history repeats itself, or perhaps this is the story of a community recovering from a catastrophe. Either way, the underground is returning to its former glory, and not just in how much business is being conducted – but how it is conducted.
Fraudsters continue to extend their global reach through geo-targeted services and crimeware strains: Country-specific malware-infection services are readily sold to bot-herders via dedicated websites, with rates ranging from $30 to $250 per 1,000 infected computers. Ready-made botnets can be purchased in the underground along with HTML injections that target the region’s largest financial institutions, enabling [...]
Everybody knows that the Russian fraudsters are more sophisticated than their English-speaking counterparts. However, this isn’t the only geographic-related difference between fraudsters.
Most consumers know what a virus or a Trojan is, but if you threw the word “scareware” at them, you might get a look as though you were an alien from another planet. Scareware is no different than any other malicious software that finds its way on to your computer. But the best way to [...]
Over the past few weeks, there have been several reports about the ways in which cybercriminals are making it harder to detect fraud by concealing what they’re doing as evidenced by a new kind of man-in-the-middle attack on Facebook users.
In one of its recent findings, RSA FraudAction Research Labs has uncovered yet another new underground shop which was opened a few weeks ago, selling fraud commodities e-commerce style. The new shop offers access to compromised resources, compromised webmaster credentials, and custom PHP coding for their cybercrime clientele.
Of all the terms describing identity theft methods, “Vishing” (which stands for “Voice Phishing”) is perhaps the most ambiguous one. A simple Google query for the definition of the term shows just some of its multiple interpretations. But why are fraudsters using this type of attack?
