Gawker Duped By Malware Gang, Serves Up Infected Suzuki Ads

Gawker Duped By Malware Gang, Serves Up Infected Suzuki Ads

Scammers pretending to buy ads for Suzuki tricked Gawker’s ad sales team last week into running malware-laced ads that installed spyware and crashed the browsers of some readers before they were caught and pulled.

FBI Charges 100 People In Phishing Investigation

FBI Charges 100 People In Phishing Investigation

Since 2007, the FBI and authorities in Egypt have been running an investigation they’ve called “Operation Phish Phry,” sigh, and this week it paid off with 53 charges against U.S. defendants and 47 against people in Egypt. Three of the 53 in the U.S. have been arrested, and the FBI are looking for the other 50. To prove you’re not one of the remaining 50, please send the FBI your login credentials to your bank. Ha ha, we kid.

Microsoft Turns A Blind Eye To Phishing Scams On Xbox LIVE

Microsoft Turns A Blind Eye To Phishing Scams On Xbox LIVE

William wrote to us this weekend to point out how little Microsoft does to fight phishing attacks on their hugely popular Xbox LIVE network. It’s unfortunate they don’t take this sort of crime more seriously, since so many kids—who by all rights should have less experience with phishing—are on Xbox LIVE. Below is what two different Xbox CSRs told William when he contacted them to complain about phishing attacks.

Ameriprise Bans "Customer Advisor" For Posting Link To Consumerist

Ameriprise Bans "Customer Advisor" For Posting Link To Consumerist

Hey, we helped get an Ameriprise customer banned from the financial company’s consumer advisory panel! Sorry about that, Brendan.

Ameriprise Website Riddled With Security Vulnerabilities For At Least Five Months

Ameriprise Website Riddled With Security Vulnerabilities For At Least Five Months

[Note: The original headline for this post mistakenly identified Ameritrade as the subject of the post. It is actually Ameriprise Financial. I deeply regret the error.] Since March of this year, security expert Russ McRee of HolisticInfoSec.org has sent 6 messages to Ameriprise Financial warning them of easily exploitable security holes on their website. They ignored every request, while at the same time reassuring customers that “No one without the proper web browser configuration can view or modify information contained on our systems.”

Explain Phishing To Your Grandma

Explain Phishing To Your Grandma

Next time you find yourself struggling to explain how phishing works to the less than techno-savvy people in your life, perhaps just fire up this charming little video that explains it in plain English and engaging pieces of cut-out paper.

Amazonfraudcheck.com Is Amazon Fraud

Amazonfraudcheck.com Is Amazon Fraud

No, Amazon is not contacting its members and performing regular fraud checks. Jason received this e-mail, which is associated with a rather convincing Amazon phishing site.

Try These Search Terms If You Want Some Malware

Try These Search Terms If You Want Some Malware

Computer virus company McAfee has assembled a list of the top search keywords that are most commonly linked to malware exposure. The winning phrases are: word unscrambler, lyrics, myspace, free music downloads, phelps, game cheats, printable fill-in puzzles, free ringtones and solitaire. In addition, the general categories that are considered riskiest are: screen savers, free games, work from home, Olympics, videos, celebrities, music and news.

Here's An Example Of A Phishing Attempt On A Steam Account

Here's An Example Of A Phishing Attempt On A Steam Account

Back in March we posted a warning about thieves masquerading as Steam in order to get into customers’ accounts and download games to resell. One reader, Richard, just received this special “alert” on his Steam IM pane this evening.

Here's A Phishing Site Disguised To Trick Wells Fargo Customers

Here's A Phishing Site Disguised To Trick Wells Fargo Customers

Freddie writes that his friend was tricked by a phishing email. All the warning signs were there to tip off his friend—an email saying he needed to click a link, a suspicious url, a page asking for his login info—but he clicked and entered the info anyway. Please do not be like Freddie’s friend, who is now probably on the phone with the real Wells Fargo trying to get his account number changed.

Watch Out For Scammy Swine Flu Email, Websites

Watch Out For Scammy Swine Flu Email, Websites

How can you tell you’ve made it on the Internet? How about if you’re turned into spambait? MSN Money reports that scammers are taking advantage of the sudden interest in swine flu by using it in subject lines to get people to open messages and download attachments. Don’t do it! Tell your friends and relatives not to do it, either!

Beware Of Fake Facebook

Beware Of Fake Facebook

Reader Eric says he got a fairly realistic-looking Facebook phishing email and wanted to warn others not to click.

http://consumerist.com/2009/04/13/beware-tax-themed-spam-feeding-on/

Beware tax-themed Spam Feeding on the usual American anxiety over the annual April 15 income tax filing, online scam artist are flooding electronics inboxes with messages that “guaranteed tax rebate” or help you “get your tax refund faster” or even “get tax relief.” [Consumer Reports]

Reader Receives Three Phishing Attempts In One Week

Reader Receives Three Phishing Attempts In One Week

DoomNasty tells us he’s been hit three times in the past week with phishing attempts. The first two were text messages from Alarion Bank, asking him to call 1-877-240-6149 “to find out why my debit/atm card was blocked. I do not have an account, and Privacy Assist shows no account was created behind my back.” The third was from 201-968-0007, but no message was left. He traced the number to Liquidity Solutions, Inc., who told him that “one of their numbers got hijacked and the hijacker is phishing for banking info.”

8,000 Comcast Passwords Exposed, Phishing Scam Suspected

8,000 Comcast Passwords Exposed, Phishing Scam Suspected

The New York Times has reported that a list of over 8,000 Comcast user name and passwords were available to the public via Scribd for two months, before a Wilkes University professor discovered it over the weekend after doing a search for his identity online. Comcast is saying it looks like the result of a phishing scam and isn’t an inside job, and that there are so many duplicate entries on the list that it’s closer to 4,000 customers.

Watch Out For These Phishing Attempts On Your Steam Account

Watch Out For These Phishing Attempts On Your Steam Account

PC World notes that phishers are now targeting Steam account holders. Games are an easy target because you can make quick money off of them and the security isn’t as high as with, say, credit cards. The site that first reported this, SpywareGuide, demonstrates two examples—steamgift.com and steamverification.com—that will attempt to trick you into giving them access to your digital library of games.

http://consumerist.com/2009/02/02/text-message-phishing-scam-hits/

Text message phishing scam hits U.S. Cellular customers in Des Moines. [WHOTV.com] (Thanks to David!)

Play Anti-Phishing Phil And Learn How To Spot Phishing Attacks

Play Anti-Phishing Phil And Learn How To Spot Phishing Attacks

Phishing attacks are pretty cleverly designed, because they skip most virus checkpoints altogether and go for the true weak spot in human-computer interaction, the human. Lorrie Faith Cranor, a computer security researcher at Carnegie Mellon University, has been studying phishing attacks to identify new ways to fight them.