SPAM frauds, fakes, and other MALWARE deliveries - archive

[AplusWebMaster]

FYI...

Recent badware stats
- http://blog.stopbadware.org/2012/04/...badware-stats/
April 27, 2012 - "... Enterprise users experienced an average of 339 Web malware encounters per month in 4Q11 (205% year over year).
• Avg. 20,141 unique Web malware hosts per month in 2011 (vs. 14,217 in 2010)...
• Approx. 30,000 new malicious URLs each day in 2H11; 80% of those are legitimate. 85% of malware comes from the web.
• Malicious sites up 240 percent in 2011...
• 40% of malnet entry points are via search engines/portals...
• 23% of malicious domain registrations could be blocked with basic validation of contact info
• Rogue AV campaign infected 200,000 Web pages, 30,000 unique hosts... geographically dispersed visitors.
• On average, -two- popular websites (among the Alexa top 25,000) serve drive-by downloads each -day-. An estimated 1.6 million vulnerable users were exposed to drive-by downloads in one month across 58 popular (Alexa top 25,000) sites."
(Links to sources available at the stopbadware URL above.)

[AplusWebMaster]

FYI...

Malware attacks on hotel net surfers...
- http://www.ic3.gov/media/2012/120508.aspx
May 8, 2012 - "Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers abroad through pop-up windows while establishing an Internet connection in their hotel rooms. Recently, there have been instances of travelers' laptops being infected with malicious software while using hotel Internet connections. In these instances, the traveler was attempting to setup the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely-used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available. The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products on their hotel Internet connection. Checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor may reveal an attempted attack. The FBI also recommends that travelers perform software updates on laptops immediately before traveling, and that they download software updates directly from the software vendor’s Web site if updates are necessary while abroad..."

> https://krebsonsecurity.com/2012/05/...cess-bad-idea/
May 11, 2012 - "... avoid updating software while using hotel or other public Internet connections... There are a number of free attack tools that can be used to spoof software update prompts, and these are especially effective against users on small local networks. Bear in mind that false update prompts don’t have to involve pop-ups..."

[AplusWebMaster]

FYI...

Bogus emails: Amazon.com - Your Cancellation
- https://isc.sans.edu/diary.html?storyid=13177
Last Updated: 2012-05-09 17:49:29 UTC - "There are bogus order cancellation emails going around claiming to be from Amazon... copy I received linked to the URL... which contains this is in the body:
<script type="text/javascript">window.location="http ://leibypharmacylevitra .com";</script> ... It is probably safe to assume that the content of that site is -not- user friendly..."
(More detail at the ISC URL above.)