Recent Posts

Recent Blog Posts

The PhishLabs Blog

Phishing @Home, Verizon DBIR, Email Scam Steals Earnest Money | TWIC - April 25, 2014

Posted by Stacy Shelley on Apr 25, '14

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

PhishLabs investigated a wave of phishing attacks using residential PCs to host phish sites. The fraudsters are compromising home PCs via Remote Desktop, installing web server software and then uploading multiple phishing pages. 

Rick Holland does a good job highlighting a few interesting items from this year's Verizon Data Breach Investigations Report. As usual, the report is full of great security incident data that security leaders and practitioners can readily apply. What are you waiting for? Go read it!

It's good to see more major email mailbox providers rejecting mail that doesn't comply with their DMARC policies. While this is causing some discomfort for mailing lists (an issue that can be fixed), it takes big strides towards eliminating spam and phishing attacks that spoof legitimate domains.  

Brian Krebs reports on an email fraud scheme targeting consumers that are in the process of buying real estate. The attackers appear to be monitoring compromised email accounts (either from the real estate agency or the purchaser) and intercepting emails with wire transfer instructions for earnest money deposits and down payments. The attackers then replace the title company's bank account information with their own to trick their victims into wiring the payment directly into their accounts.


 

Topics: The Week in Cybercrime

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Posts by Topic

see all