Malware served up by Bing Ads...
FYI...
Malware served up by Bad Bing Ads
- http://www.threattracksecurity.com/i...-bad-bing-ads/
Oct 10, 2013 - "We’re seeing our old friend “rogue ads in Bing” doing the rounds – should you go searching for “Youtube” and click on the rogue ad (in this case, the one in the bottom right hand corner under “Ads related to Youtube”) you’ll be taken to a site which redirects to an exploit.
> http://www.threattracksecurity.com/i...ngexploit1.png
The scammers behind this could well be targeting other keywords... The exploit attempts to drop Sirefef, which we’ve seen being used in malicious Bing adverts back in March 2013..."
___
Fake Payroll Intuit email
- http://security.intuit.com/alert.php?a=89
10/10/13 - "Here is a copy of the phishing email people are receiving. Be sure -not- to click any links in the email.
Dear,
We received your payroll on October 9, 2013 at 4:59 PM .
Attached is a copy of your Remittance. Please click on the attachment in order to view it.
Please note the deadlines and status instructions below:
If your payroll is received BEFORE 5 p.m., your Direct Deposit employees will be paid two (2) banking days from the date received or on your paycheck date, whichever is later.
If your payroll is received AFTER 5 p.m., your employees will be paid three (3) banking days from the date received or on your paycheck date, whichever is later.
YOUR BANK ACCOUNT WILL BE DEBITED THE DAY BEFORE YOUR CHECKDATE.
Funds are typically withdrawn before normal banking hours so please make sure you have sufficient funds available by 12 a.m. on the date funds are to be withdrawn.
Intuit must receive your payroll by 5 p.m., two banking days before your paycheck date or your employees will not be paid on time.
Intuit does not process payrolls on weekends or federal banking holidays. A list of federal banking holidays can be viewed at the Federal Reserve website.
Thank you for your business.
Sincerely,
Intuit Payroll Services
__
This is the end of the fake email.
Steps to Take Now:
Do -not- open the attachment in the email...
Delete the email..."
___
Fake 'Companies House' SPAM
- http://blog.dynamoo.com/2013/10/comp...use-phish.html
10 Oct 2013 - "This fake Companies House spam appears to be some sort of phishing attempt:
Date: Thu, 10 Oct 2013 11:57:31 +0300 [04:57:31 EDT]
From: Companies House [contact@ companieshouse .co .uk]
Subject: Compulsory Companies House WebFiling Update #90721
Compulsory Companies House WebFiling Update #90721
This is an important notice to inform you as a registered company to update your details.
This will make it easier to update our database and keep records of our company...
Screenshot: https://lh3.ggpht.com/-KaNlD25nUrA/U...es-house-1.png
The link in the email goes to [phish]www.misspanama .net/respaldo/ukcompany/CompaniesHouse.htm which asks only for a Company Name, email address and password.
> https://lh3.ggpht.com/-1wLNfJ2PxG8/U...es-house-2.png
Once the credentials have been harvested, the victim is sent to a genuine Companies House webpage at www.companieshouse .gov .uk/forms/introduction.shtml
> https://lh3.ggpht.com/-5V2piX6jidM/U...es-house-3.png
So, what is being harvested here? There seems to be no malware involved, so perhaps the bad guys are actually trying to hijack company identities for some evil purpose. It turns out that Companies House have a webpage all about this type of threat and recommend that you forward offending emails to phishing@companieshouse .gov .uk. Just remember.. sometimes phishers are after something a lot less obvious than your bank details!"
