A reader of our blog recently informed me that Chase is requiring its customers to “update their profiles.” Shady enough, this was the first thing he saw when logging into his account yesterday.

Isn’t this a common phishing ploy? “Please come update your account info.” This clearly makes recognizing phishers hard, since now they’re not the only one directly asking for your private info.

(Link to a screengrab of the site)

Read More… (From Stop-Phishing @ IU)

Welcome to the blog at stop-phishing.com! We will be posting information about new attacks, solutions, and other stuff here. Be sure to visit often or subscribe to the RSS feed for updates!

Read More… (From Stop-Phishing @ IU)

Phishing scams in which people use fake e-mails to steal financial information online are a growing problem, experts said.
Read More… (From Phishing News)

New UK phishing laws will allow prison sentences of up to 10 years for phishers.
Read More… (From Phishing News)

Scammers posing as company executives are on the rise.
Read More… (From Phishing News)

The internet’s leading anti-phishing site - MillerSmiles.co.uk - is looking for news writers and editors for its new phishing news service - news.millersmiles.co.uk
Read More… (From Phishing News)

Figures from an anti-phishing group show increasing sophistication in phishing.
Read More… (From Phishing News)

Phishers are increasingly targeting smaller companies with their email scams.
Read More… (From Phishing News)

PayPal scams are some of the most reported scams at MillerSmiles but this one employs a new tactic.
Read More… (From Phishing News)

A new survey demonstrates how easy it is for employees to fall foul to phishing scams.
Read More… (From Phishing News)

Several websites have been shuit down after a credit card harvesting operation was discovered.
Read More… (From Phishing News)

Phishers are now attempting to attack Wi-Fi networks.
Read More… (From Phishing News)

The June State of Spam Report highlights the ongoing trend in the decline of image spam first reported last month in the May State of Spam Report. Image spam, which reached a high of 52 percent of overall spam in January, has shown a noticeable decline in most recent months, dropping around 10 percent each month in March and April to just 16 percent in May. One reason for the drop image spam is that spammers are always going to follow the money. The drop in image spam over the last two months tells us they think they can find a more effective way to get their messages into inboxes. While we have seen this decrease in image spam, the percentage of overall spam continues to remain the same at an average around 65 percent of email traffic for May. While image spam continues to show a marked decline, spammers are implementing new tactics for driving traffic to images. One trend we have noticed is an increase in spam that uses links and embedded URLs to reference images hosted elsewhere. This particular tactic is very similar to the traditional image spam, but whereas traditional image spam consisted of a raw image embedded in the body of the spam message, this new tactic embeds links to image hosting sites to reference the spam images. Additional highlights in the June State of Spam Report include:Scams and fraud spam on the rise. Combined, these two categories of spam continued to rise from 9 percent in March to 13 percent in May. This upward trend is indicative of the continued shift in spammer behavior to targeted, financially-motivated attacks and the success that they are generating. Spam trends in Asia Pacific and Japan (APJ). This regional focus sheds light on the differences in the percentage of spam in specific categories we have seen globally and that is local to APJ. While the percentage of spam in specific categories seen in APJ is very similar to the global market, there are a few exceptions. The two main exceptions are the higher percentage of scams and the lower percentage of health-related spam seen in APJ. One reason for the higher percentage of scams is a spam type referred to as invoice spam” which is unique to the APJ region. The purpose of this spam is to create fake invoices from a legitimate” company and sell them to generate a profit. These invoices come complete with directions on how to complete the transaction. For additional insights into these highlights, as well as graphics and samples, refer to the June State of Spam Report.

Read More… (From Security Response Weblog)

The need for accurate risk assessment

Dr Neal Krawetz takes a look at the numbers behind reports of laptop thefts and phishing attacks, showing inconsistent metrics and the difficulty in using numbers to determine the real level of threat.
Read More… (From The Register - Security: Spam)

Online shoppers are warned against phishing attacks over Christmas.
Read More… (From Phishing News)

Many of us have been having discussions and arguments over if the recent BBB phishing attacks are targeted or not.Thinking on this, I believe the better equivalent which may solve our terminology disagreements on if these BBB phishing emails were targeted or not would be “targeted spam” as a tried concept. We can assume, although […]
Read More… (From SecuriTeam Blogs)

MillerSmiles has received reports of two variants of a new TCF bank phishing scam.
Read More… (From Phishing News)