Skip to main content

Posts

Showing posts from June, 2011

Skype Phishing from ONLINE HELP

It seems that many users are receiving Phishing phone calls through Skype from a profile called 'ONLINE HELP'. This call, if answered, plays a recorded message telling the user that their computer is not protected and that they must go to visit www.hosog.com. If you do visit this site, it is riddled with malware. This is a phishing scam!

The user account that I have observed is drationlinehelpgb and shows as being registered in the US, but seems to have been taken down now. However, others have reported a user account of drajizonlinehelp, which appears to be registered in Afghanistan. This one is still live at the time of writing and is using the same 'ONLINE HELP' profile name. It would appear that new accounts are being created as the old ones are blocked by people and reported for abuse to Skype.

It is slightly worrying the number of people who are reporting having answered this call. If you receive any unsolicited calls through Skype from users outside your contact…

Google email Accounts Compromise

I was asked to comment yesterday on the story that emerged about the Google mail accounts that were compromised over the last few days, so I thought I'd put some of my answers down here. First off, Google wasn't compromised; a set of phishing emails were sent out and a fake Gmail login set up to harvest login details. These were used to set up forwarding rules to copy mail to another account.

Unfortunately, although a large number of people are aware of phishing and are (to a certain extent) vigilant, it only takes one person within the organisation to fall for the attack to compromise security. The scammers are becoming better at targeting people and making the initial phishing contact more believable to some people. Phishing is not just about email, although that is the most common avenue for the initial contact. Social media is also commonly used and we have seen the use of SEO to force phishing sites to the top of search engine rankings as well. User education is the only …