DarkFiber Consulting – IT Managed Services

H1N1 Malware Campaign Circulating

December 10th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a malware campaign circulating. This campaign is circulating via email messages offering information regarding the H1N1 vaccination. This email messages contain a link to a bogus Centers for Disease Control and Prevention website. Users who click on this link may become infected with malware. Public reports indicate that these email messages are noted as having subject lines such as: “Governmental registration program on the H1N1 vaccination” and “Your personal vaccination profile.” Please note that subject lines may change at any time.

DarkFiber Consulting encourages users to take the following precautions to help mitigate the risks:

  • Install antivirus software, and keep the signature files up to date.
  • Do not follow unsolicited links and do not open unsolicited email messages.
  • Use caution when visiting untrusted websites.
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
  • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on avoiding social engineering attacks.

Malicious Code Circulating via Social Security Administration Phishing Messages

December 10th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of malicious code circulating via phishing email messages that appear to come from the Social Security Administration. The messages indicate that the users’ annual Social Security statements may contain errors and instruct users to follow a link to review their Social Security statement. If users click this link, they will be redirected to a seemingly legitimate website that prompts them for their Social Security number. If users enter their Social Security number and continue to the next page, they will be given an option to generate a statement. If users attempt to generate a statement, malicious code may be installed on their systems. This malicious code attempts to collect online banking traffic to gain access to the users’ bank accounts.

DarkFiber Consulting encourages users and administrators to take the following preventative measures to help mitigate the security risks:

  • Install antivirus software, and keep the virus signatures up to date.
  • Do not follow unsolicited links and do not open unsolicited email messages.
  • Use caution when visiting untrusted websites.
  • Use caution when entering personal information online.
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
  • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

DarkFiber Consulting will provide additional information as it becomes available.

Federal Bureau of Investigation Warns Public of Fraudulent Spam Email

October 14th, 2009 . by DarkFiber Consulting

The Federal Bureau of Investigation (FBI) has released information warning the public about fraudulent email messages purporting to come from the FBI or the Department of Homeland Security. These email messages contain a malicious attachment that claims to provide an intelligence report or bulletin, but in reality attempts to launch malware on the user’s system.

More information regarding these messages can be found in the Federal Bureau of Investigation’s New E-Scams and Warnings web site.

To help protect against this type of attack, DarkFiber Consulting recommends that users avoid opening attachments contained in unsolicited email messages. Additional tips regarding email attachments can be found in the DarkFiber Consulting Cyber Security Tip – Using Caution with Email Attachments.

Malicious Code Spreading via IRS Scam

October 14th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of malicious code circulating via spam email messages related to the IRS. The attacks arrive via an unsolicited email message and may contain a subject line of “Notice of Underreported  Income.” These messages may contain a link or attachment. If users click on this link or open the attachment, they may be infected with malicious code, including the Zeus Trojan.

DarkFiber Consulting encourages users and administrators to take the following measures to protect themselves:

Swine Flu Phishing Attacks and Email Scams

May 9th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of email scams circulating related to the Swine Flu. The attacks arrive via an unsolicited email message typically containing a subject line related to the Swine Flu. These email messages may contain a link or an attachment. If users click on this link or open the attachment, they may be directed to a phishing website or exposed to malicious code.

DarkFiber Consulting encourages users to take the following measures to protect themselves:

UPDATE: Due to these potential phishing attacks and email scams, DarkFiber Consulting encourages users to visit the Center for Disease Control (CDC) website for trusted information regarding the Swine Flu.

US Tax Season and Phishing Scams

May 9th, 2009 . by DarkFiber Consulting

In the past, DarkFiber Consulting has received reports of an increased number of phishing scams that take advantage of the United States tax season. Due to the upcoming tax deadline, DarkFiber Consulting would like to remind users to remain cautious when receiving unsolicited email that could be a potential phishing scam.

Phishing scams may appear as a tax refund, an offer to assist in filing for a refund, or contain details about fake e-file websites. These messages may appear to be from the IRS and directly ask users for personal information. These messages may also contain a link and instruct the user to follow the link to a website that requests personal information or contains malicious code.

DarkFiber Consulting encourages users to take the following measures to protect themselves from this type of phishing scam:

Bank Acquisitions and Phishing Scams

October 6th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of an increase in public reports of phishing scams related to recent bank acquisitions. Due to an increase in this activity, DarkFiber Consulting would like to remind users to remain cautious when receiving unsolicited email that could be a potential phishing scam.

Phishing scams may appear as requests for users to verify personal and bank account information, enroll in additional bank services, or activate new security features. The email messages may contain a link that, when clicked, will take the user to a fraudulent web site that appears to be a legitimate bank web site. The users may be asked to provide personal information or that can further expose them to future compromises. Additionally, these fraudulent web sites may contain malicious code.

Users are encouraged to take the following measures to protect themselves from phishing scams:

DHS Email Scam

September 11th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware that spam email messages are being sent that appear to come from high-level DHS officials, some of which attempt to entice the user into an advance fee fraud scam. In some cases, the sender’s address has been spoofed so that the email appears to come from a legitimate dhs.gov address.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

Hurricane Gustav and Phishing Scams

September 1st, 2008 . by DarkFiber Consulting

In the past, DarkFiber Consulting has received reports of an increased number of phishing scams that take advantage of natural disasters. Due to the current situation involving Hurricane Gustav, DarkFiber Consulting would like to remind users to remain cautious when receiving unsolicited email that could be a potential phishing scam.

Phishing scams may appear as requests for donations from a charitable organization asking users to click on a link that will take them to a fraudulent website that appears to be a legitimate charity. The users are then asked to provide personal information that can further expose them to future compromises.

Users are encouraged to take the following measures to protect themselves from this type of phishing scam:

  • Do not follow unsolicited web links received in email messages.
  • Review the Federal Trade Commission’s Charity Checklist.
  • Verify the legitimacy of the email by contacting the organization directly through a trusted contact number. Trusted contact information can be found on the Better Business Bureau National Charity Report Index.

For additional information regarding phishing, DarkFiber Consulting recommends reading the following documents:

Airline E-ticket Email Attack

July 31st, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports indicating that a new email attack is circulating. This attack uses email messages that appear to be from legitimate airlines and contain information about a bogus e-ticket. These email messages instruct the user to open the attachment to obtain the e-ticket. If a user opens this attachment, a file may be executed to infect the user’s system with malicious code.

Reports, including a posting by Sophos, indicate that these messages have the following characteristics. Please note that these attributes may change at any time.

  • The subject line “E-Ticket#XXXXXXXXXX”
  • An attachment named “eTicket#XXXX.zip”

DarkFiber Consulting encourages users and administrators to take the following preventative measures to help mitigate the security risks:

« Previous Entries