Spam

Smashing Security podcast #190: Twitter hack arrests, email bad behaviour, and Fawkes vs facial recognition

Special guest Geoff White can’t resist using the podcast to promote his new book, “Crime Dot Com”, but other than that we also discuss the creepy (and apparently legal) way websites can find out your email and postal address even if you don’t give it to them, take a look at how the alleged Twitter hackers were identified, and learn about Fawkes – the technology fighting back at facial recognition.

Coronavirus phishing attack disguises as a message from the Center for Disease Control

Once again we’re reminded that cold-hearted scammers and fraudsters don’t have any qualms about exploiting human misery, and are prepared to do anything if it might net them a rich reward.

Coronavirus – hackers exploit fear of infection to spread malware

With sad predictability cybercriminals are exploiting the Coronavirus outbreak that occurred in Wuhan, mainland China, and is now causing new infections around the world.

Exams cancelled? University closing due to Brexit? A mischievous email from Southampton’s Vice-Chancellor

Clues sprinkled through the poorly-written email, however, reveal that its author has not done his homework.

Jail for bomb hoaxer who targeted Super Bowl, Houses of Parliament, and schools for Jewish children

Andreas Dowling used accounts and text-to-speech software to hide his identity as he caused 35,000 pupils to be evacuated from their schools.

Toms Shoes newsletter “hacked by a nice man”

Footwear retailer Toms has had its email newsletter compromised by someone who calls himself “a nice man”.

And he has strong opinions on the behaviour of other hackers…

Won a free iPhone? No, it’s Calendar spam

An increasing number of people are reporting that their calendars are being bombarded with spam invitations. Here is how to stop them appearing in your Google calendar.

Email blackmailer threatens to have your website blocked forever

Scammers have contacted websites demanding a ransom message be paid or else they will ensure the site will be blacklisted for aggressive spamming activities.

Read more in my article on the Hot for Security blog.

Extortion emails a go-go

Recent months seem to have seen a rise in extortion emails, designed to scare users into handing over their money.

Hacker arrested for wave of fake bomb and shooting threats against schools

FBI agents have arrested a 20-year-old man alleged to have been part of a hacking gang which not only launched distributed denial-of-service (DDoS) attacks, but also launched a wave of chilling bomb and shooting threats against thousands of schools in the United States and United Kingdom.

Read more in my article on the Tripwire State of Security blog.

British TV viewers targeted by email fraudsters

TV fraudsters are using the disguise of emails from the TV Licensing authority to steal large sums of money from the bank accounts of unwary Brits.

International email bomb hoax proves to be a spectacular failure

Authorities in the United States, Canada, Australia, and New Zealand are said to be investigating a wave of bogus bomb threats that have been sent to a variety of organisations late on Thursday.

But if the hoaxer thought they were going to make a lot of money through the scam, they’re going to be disappointed.

Three years in jail for teenager who spammed out school bomb threats

British teenager George Duke-Cohan has been jailed for three years for making hoax bomb threats that closed hundreds of schools up and down the UK.

Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw

Security researchers are warning that a botnet has been exploiting a five-year-old vulnerability to hijack home routers over the last couple of months.

Read more in my article on the Tripwire State of Security blog.

WannaCry ransomware scam tries to extort money without actually infecting your computer

Someone is trying to pull a fast one, attempting to trick unsuspecting users into paying a ransom… even though they *haven’t* infected your computer with ransomware.

Hackers continue to exploit hijacked MailChimp accounts in cybercrime campaigns

MailChimp, a service that millions of people around the world use to send out email newsletters, is being abused by hackers to spam out malware.

Read more in my article on the Hot for Security blog.