DarkFiber Consulting – IT Managed Services

Haitian Earthquake Disaster Email Scams and Search Engine Poisoning Campaigns

January 27th, 2010 . by DarkFiber Consulting

DarkFiber Consulting would like to warn users of potential email scams and search engine poisoning campaigns that may circulate regarding the Haitian Earthquake disaster. The scam emails may contain links or attachments which may direct users to phishing or malware-laden websites. Fraudulent search engine results may return similar malicious web links to phishing and malware websites.

DarkFiber Consulting encourages users to take the following measures to protect themselves:

IRS Warns of Online Scams

January 27th, 2010 . by DarkFiber Consulting

DarkFiber Consulting is aware of reports of tax season phishing scams. The U.S. Internal Revenue Service has issued a news release on its website warning consumers about potential scams. These scams are circulating via fraudulent email or other online messages appearing to come from the IRS. They attempt to convince consumers to reveal personal and financial information that can be used to gain access to bank accounts, credit cards, and other financial institutions.

DarkFiber Consulting encourages users to do the following to mitigate the risks:

H1N1 Malware Campaign Circulating

December 10th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a malware campaign circulating. This campaign is circulating via email messages offering information regarding the H1N1 vaccination. This email messages contain a link to a bogus Centers for Disease Control and Prevention website. Users who click on this link may become infected with malware. Public reports indicate that these email messages are noted as having subject lines such as: “Governmental registration program on the H1N1 vaccination” and “Your personal vaccination profile.” Please note that subject lines may change at any time.

DarkFiber Consulting encourages users to take the following precautions to help mitigate the risks:

  • Install antivirus software, and keep the signature files up to date.
  • Do not follow unsolicited links and do not open unsolicited email messages.
  • Use caution when visiting untrusted websites.
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
  • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on avoiding social engineering attacks.

Malicious Code Circulating via Social Security Administration Phishing Messages

December 10th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of malicious code circulating via phishing email messages that appear to come from the Social Security Administration. The messages indicate that the users’ annual Social Security statements may contain errors and instruct users to follow a link to review their Social Security statement. If users click this link, they will be redirected to a seemingly legitimate website that prompts them for their Social Security number. If users enter their Social Security number and continue to the next page, they will be given an option to generate a statement. If users attempt to generate a statement, malicious code may be installed on their systems. This malicious code attempts to collect online banking traffic to gain access to the users’ bank accounts.

DarkFiber Consulting encourages users and administrators to take the following preventative measures to help mitigate the security risks:

  • Install antivirus software, and keep the virus signatures up to date.
  • Do not follow unsolicited links and do not open unsolicited email messages.
  • Use caution when visiting untrusted websites.
  • Use caution when entering personal information online.
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
  • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

DarkFiber Consulting will provide additional information as it becomes available.

Federal Bureau of Investigation Warns Public of Fraudulent Spam Email

October 14th, 2009 . by DarkFiber Consulting

The Federal Bureau of Investigation (FBI) has released information warning the public about fraudulent email messages purporting to come from the FBI or the Department of Homeland Security. These email messages contain a malicious attachment that claims to provide an intelligence report or bulletin, but in reality attempts to launch malware on the user’s system.

More information regarding these messages can be found in the Federal Bureau of Investigation’s New E-Scams and Warnings web site.

To help protect against this type of attack, DarkFiber Consulting recommends that users avoid opening attachments contained in unsolicited email messages. Additional tips regarding email attachments can be found in the DarkFiber Consulting Cyber Security Tip – Using Caution with Email Attachments.

Malicious Code Spreading via IRS Scam

October 14th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of malicious code circulating via spam email messages related to the IRS. The attacks arrive via an unsolicited email message and may contain a subject line of “Notice of Underreported  Income.” These messages may contain a link or attachment. If users click on this link or open the attachment, they may be infected with malicious code, including the Zeus Trojan.

DarkFiber Consulting encourages users and administrators to take the following measures to protect themselves:

Spam, Phishing, and Malicious Code Related to Recent Celebrity Deaths

July 2nd, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of an increased number of spam campaigns, phishing attacks, and malicious code targeting the recent deaths of Michael Jackson and Farrah Fawcett. These email messages may attempt to gain user information through phishing attacks or by recording email addresses if the user replies to the message. Additionally, email messages may contain malicious code or may contain a link to a seemingly legitimate website containing malicious code.

DarkFiber Consulting would like to remind users to remain cautious when
receiving unsolicited email. Users are encouraged to take the following measures to protect themselves from these types of attacks:

Swine Flu Phishing Attacks and Email Scams

May 9th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of email scams circulating related to the Swine Flu. The attacks arrive via an unsolicited email message typically containing a subject line related to the Swine Flu. These email messages may contain a link or an attachment. If users click on this link or open the attachment, they may be directed to a phishing website or exposed to malicious code.

DarkFiber Consulting encourages users to take the following measures to protect themselves:

UPDATE: Due to these potential phishing attacks and email scams, DarkFiber Consulting encourages users to visit the Center for Disease Control (CDC) website for trusted information regarding the Swine Flu.

US Tax Season and Phishing Scams

May 9th, 2009 . by DarkFiber Consulting

In the past, DarkFiber Consulting has received reports of an increased number of phishing scams that take advantage of the United States tax season. Due to the upcoming tax deadline, DarkFiber Consulting would like to remind users to remain cautious when receiving unsolicited email that could be a potential phishing scam.

Phishing scams may appear as a tax refund, an offer to assist in filing for a refund, or contain details about fake e-file websites. These messages may appear to be from the IRS and directly ask users for personal information. These messages may also contain a link and instruct the user to follow the link to a website that requests personal information or contains malicious code.

DarkFiber Consulting encourages users to take the following measures to protect themselves from this type of phishing scam:

Airline Ticket Email Scam

December 11th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of an email scam circulating that is targeting holiday travelers. The email messages related to this scam appear to come from legitimate major airlines and contain a .zip attachment.  This .zip attachment appears to contain a purchase invoice and flight ticket. If a user opens this attachment, malicious code may be installed on the system.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

« Previous Entries