We’re currently seeing a spam run which involves a (fake) report from CNN saying that the US have started bombing Syria. Clicking the shortened link will lead to an exploit kit which targets older, vulnerable versions of Adobe Reader and Java. The attackers favor using the Java exploit over the Reader exploit, as Java exploits […]
Spoofing – whether in the form of DNS, legitimate email notification, IP, address bar – is a common part of Web threats. We’ve seen its several incarnations in the past, but we recently found a technique known as header spoofing, which puts a different spin on evading detection.Header spoofing is when a URL appears to […]
Like any other businesses, scammers operate within a certain model to ensure the continuity of their schemes. In my previous post, I discussed in details about a typical scammer’s profile, trust model, and the strategies they use to get hold and sustain customers. This time around, we’ll look into the business model that they use […]
Latest Comments