phishing

A major new malware spam campaign mimicking invites sent via business networking site LinkedIn.com leverages user trust and a kitchen sink of browser exploits in a bid to install the password-stealing ZeuS Trojan.

The spam campaign began Monday morning, according to security experts at networking giant Cisco Systems, and for a while the fake LinkedIn invitations accounted for as much as 24 percent of all spam. Recipients who click links in the message are taken to a Web page that reads, “Please Waiting, 4 seconds,” and then sent on to Google.com.

On the way to Google, however, the victim’s browser is silently passed through a site equipped with what appears to be the SEO Exploit Pack, a commercial crimeware kit that tries to exploit more than a dozen browser vulnerabilities in an attempt to install ZeuS.

Twitter users are being warned of a new phishing scam that has emerged in the last 24 hours. The official Twitter Trust and Safety account issued the warning yesterday that read "If you receive a DM asking "LOL is this you," it's not. It's phishing. Don't enter your password!" A follow-up tweet directed Twitterers who think their account might have been phished to its support website bit.ly/SecureMyAccount, which contains tips on how to determine if your account has been compromised.

It was a nice day as every other day. The only thing troubling me was I had to make some urgent calls and my balance ran out. As expected I rushed to the nearest top-up vending machine. A note posted outside said “out-of-service”.

Well to give you a brief about the place I live in a small town (if I can call it that) near London where one has to literally “work” to get even his/her daily needs stuff. As it happens I stay in the campus and there is just one top-up vending machine which was “broke” as of now. The nearest cash top-up is around 2-3 miles down to the town centre. Walking 5 miles to get a top-up would have been the last thing I could have imagined.