Recent Posts

Recent Blog Posts

The PhishLabs Blog

2014 US State of Cybercrime, Adios TrueCrypt, USPS Malware Lure Spam | TWIC - May 30, 2014

Posted by Stacy Shelley on May 30, '14

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

This year's US State of Cybercrime Survey reinforces two key points that business leaders should take to heart. The first is that "The cybersecurity programs of US organizations do not rival the persistance, tactical skills, and technological prowess of their potential cyber adversaries."  

The second is that the correlation between how much you invest in cybersecurity and the strength of your security posture is significant. "Those that demonstrate a more advanced cybersecurity posture are not necessarily smarter. They have simply invested more and have learned from experience." The odds aren't in favor of those that skimp on security spending...

The Zscaler team has published a good analysis of a recent US Postal Service malware lure spam campaign. As with similar campaigns that have impersonated shipping companies and postal services, this attack disguises a malicious link as a shipping receipt to lure victims into downloading malware (Asprox in this case). 

Facebook scams aren't limited to malicious content shared to timelines. Fraudsters are also using compromised Facebook accounts to phish via chat sessions. In this example, the attacker sends a malicious link that redirects to a spoofed login page, which then directs to malware.

The anonymous developers behind the TrueCrypt encryption suite have called it quits and are encouraging TrueCrypt users to switch to BitLocker (for Windows systems). The reasons are unclear at this point and likely will remain so considering how well the developers maintained their anonymity. That being said, there's some speculation that the retirement of TrueCrypt is related to a crowdfunded audit of the software that began this year.

Topics: The Week in Cybercrime

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all