Fake Verification of Twitter account could lead to Phishing and Credit Card theft

The verification of somebody's account on Twitter is a pretty big deal as you as an user cannot do anything about it. It is only if you are recognizable by thousands of people that Twitter verifies your account.

The chance to get a verified account on Twitter can seem very tempting and that is how somebody operating Twitter account 'Verified6379' is scamming people into divulging their payment details.

The user which claims to be an 'Official Verification Page' of Twitter redirects you using a shortened Goo.gl URL and lands you on a page that looks like twitter.

The page then demands secure information like username, password, credit card numbers and others to verify your account.

The URL has seen over 18,000 hits over the last month.

British lady lost £50,000 in a “phishing scam”

Beware of doing any Online transaction as a lady from London has claimed that she lost £50,000, her life savings in a “phishing scam”.

According to a report published on BBC, the 59-yeat-old Vivian Gabb told in the Victoria Derbyshire’s, a British journalist and a broadcaster, was in the middle of buying a house when her email got hacked by the crooks.

She said that she was conned out of her life savings by scammers who sent her a 'phishing' email with instructions to wire the money to the “bank”.

She was unaware that every email she wrote and received was being monitored by criminals.

According to her, the criminals sent her a message disguised as a follow-up email from her solicitor and asked her to deposit nearly £50,000 into their account.

According to the news report, the Get Safe Online,  an internet safety advice website, says more than half (51%) of people in the UK have been a victim of an online crime, and 15% of people have been victims of either attempted or successful hacks of their email account.

Fake Facebook: Don't give your details away


A new phishing scam designed to steal your Facebook data has come to light. You might be receiving a mail or a message on social media asking you to recover your Facebook account, before it is permanently closed.

The scam is focused on getting Facebook credentials, along with phone number and date of birth of a user. The scam came to light beacuse of the bad English in the message.

Aside from that, the page where you enter your details (the phishing page) is hosted on cloud sharing website Dropbox, allowing for all data you input to be conveniently for the hacker or hackers.

The details are then posted online on a .PHP page, preferably to be sold. No official word is yet out from Facebook on the matter, but www.blog.malwarebytes.org has cautioned users to be careful before responding to any such message, suspected to be from hackers.

Employee email accounts of Children's National Health System targeted with Phishing emails


Children's National became a victim of a cyber-attack, after its employees responded to phishing emails by hackers believing they were legitimate.

The issue came to light on December 26 last year and Children's National believes that any potential unauthorized access of its employees email accounts could have taken place between July 26 and December 26 last year.

Children's National has come out to say that Patient History Information of various patients in the affected email accounts has been put at risk, and although it has not received any information regarding the misuse of this information, affected people are being informed to stay on the lookout for discrepancies in their insurance statement.

On learning of the incident, Children's National immediately secured the emails accounts of the affected employees and began an investigation into the matter. They hired an external forensics firm to carry out their investigation into the matter.

They implemented new safety features and reviewed its systems to upgrade the security of their network. They have also setup a dedicated call centre with a helpline number for getting in touch with the affected patients.

Phishing mail says 'DSVX virus' detected in Your Yahoo Mail


If you are getting emails saying that a virus detected in Your Yahoo Email account, ignore the emails.  It is none other than another tricky method used by cybercriminals to fool users.

Hoax-slayer has spotted a fake email claiming to be from Yahoo informs recipients that it has detected a so-called DSVX virus in your yahoo mail account and you have to update your account.

The email warns the recipients that if they failed to update, they will lose access to their email address.

It also claims the update will give latest spam protection, faster email and unlimited storage facility. 

To update their email, it asks the recipients to send their username, email id, password, email security question and answer, country, phone number and Date of Birth by clicking the Reply Button.

Keep in mind that Yahoo or any other organizations are never going to ask you to send your username and passwords or any other sensitive data via an unsecured email.

Phishing pages trick Steam users to Upload SSFN file

Is Steam login page asking you to upload SSFN file? Think twice before uploading, because the legitimate steam site never asks you to upload SSFN file.

Steam Guard is extra layer of security.  It will ask you to enter a verification code sent to your email, whenever you try to log in from a computer you haven't used before.

This feature will prevent attackers from taking control of your steam account, even if they know your login id and password. 

However, there is new Phishing scam uncovered by MalwareBytes that bypasses the Steam Guard protection.  It tricks users into handing over their login credentials and the SSFN file.

What is SSFN File?
SSFN is the file that avoids you from having to verify your identity through Steam Guard every time you login to Steam on your computer.  If an user deletes this file, he will be asked to verify again and new SSFN file will be generated and stored in your pc.

If you upload your SSFN file to a phishing page, attackers can use this file with username &password to take control of your account.

In a reddit thread, several users have reported that they got fooled by this phishing scam.

"Steam will never ask you to provide any Steam Guard files. If you upload or give a user your Steam Guard .SSFN file, they can gain access to your account without accessing your email account. However, they must know your Steam account password and username to use this file" Valve article about Steam Guard reads.

European Apple users targeted with phishing emails

A new phishing campaign targeting European users of Apple store which promises to offer a discount.

Security researchers at Kaspersky have spotted a new spam mail targeting Apple users, tricks users into thinking that they can get discounts of 150 euros by just paying 9 euros.

"Apple is rewarding its long-term customers.  Your loyalty for our products made you eligible for buying an Apple discount card" The spam mail reads.

The spam mail asks users to download an attached HTML file and fill the form, where users are being asked to enter personal information as well as credit card information.

The scammers spoofed the email address such that it makes the email pretending to be from informs@apple.com.  They also promised to send the discount card within 24 hours, after filling the form.

If a recipient follows the instructions and fill the form, the phishing file will send the data to the attacker server.  The attacker will use the given financial data. 

Cyber Security Awareness: How a Grandma got phished by a Hacker

Christmas is getting closer, children are expecting gifts from Santa Claus.  I'm not sure whether Santa is going to send gifts to your children but definitely cyber criminals have much interest to send phishing emails for you.

Now you should be extreme caution about the emails claiming to give special Christmas offers or free Christmas gifts.

University IT at The University of Rochester has uploaded a funny video in Youtube called "Grandma Got Phished by a Hacker" to create awareness of cyber security.




They have conveyed the warning message about phishing mails in funny way.

The University also has launched a new service called "Proofpoint Targeted Attack Protection", which is designed to improve the protection of University mail systems against phishing attacks.

Nigerian man jailed for $1.5 m phishing scam targeting students

A Nigerian man has been sentenced to three years and nine months for taking part in a $1.5 m phishing scam targeting UK students.

Olajide Onikoyi, 29-year-old, from Manchester, was one of the person of a criminal group who targeted students by sending phishing emails inviting them to update student load details.

According to SKY News, he laundered £393,000 from 238 victims in total, including one student who had £19,000 taken from his account.

When Metropolitan police central e-crime unit seized his computers, they found a chat logs that revealed he was conspiring with criminals in Russia, Lithuania and UK.

A number of other people have also been jailed in connection with the scam.

Users are all advised to be extreme caution when clicking links in unsolicited emails, log into the websites directly by entering the url of the site instead of clicking the link.

Halifax Bank phishing email claims "3rd party Intrusion detected"


A phishing email targeting UK-based Halifax Bank users attempt to trick recipients into handing over their sensitive information.

The email informs the recipients that "3rd party intrusions" have been detected and their account has been limited for security reasons, according to Hoax-slayer.

To restore the account, it asks recipients to confirm their identify and verify that their account has not been used for fraud purposes, by filling an online validation form.

Once the victim opened the link provided in the email, it will take them to a fake Halifax Bank website where it will ask them to log in.  Then, it will ask victims to enter their personal information such as name, phone number, birth dates.

In next form, they will be asked to enter sensitive information such as Account Number, sort code, card number, expiration date and security code.

As usual in phishing scams, once the form is filled, the victim will be automatically redirected to the legitimate Halifax Bank website.

Brazil and Chinese Government websites host Paypal phishing page



Today, I have come across a phishing page which is surprisingly being hosted in one of the Chinese government website that targets Paypal users.

The paypal phishing page is hosted in the "hxxp://www.121.gov.cn/app/p/index.html" that shows the fake login page of Paypal.

Once the victim enters his credentials and proceed to login, he will be redirected to another page where he will be asked to provide his financial info including name, address, credit card details.

Then users are asked to provide 3 digit secure code, password, security questions.

Once all the details have been entered, you will be redirected to page where it says: "Your information has been sent successfully. For your security, you will be automatically logged out.Thank you for using PayPal". This page redirects to the original paypal login page.

Sub-domain of the Brazilian State of Minas Gerais government website "hxxx://www.camaramontesanto.mg.gov.br" is found to be host same type of phishing page.

PhishTank record shows the 121.gov.cn hosts the phishing page from May 8 and camaramontesanto.mg.gov.br is from May 23.

1.http://www.phishtank.com/phish_detail.php?phish_id=1827926 

2. http://www.phishtank.com/phish_detail.php?phish_id=1857679

Victim fell prey to 'phishing' scam and lost £1 Million to fraudsters


This is another incident that reveals why you should be careful on the Internet. A British woman fell prey to a phishing scam and lost her £1million life savings.

The victim unwittingly handed over her personal details to fraudsters after receiving a bogus bank notification email.

Tamer Abdelhamid, the fraudster who stole the personal data then sold the info to Nigerian national, Rilwan Oshodi.  A 26 year old woman from Sierra Leone used the data to change the bank details by pretending to be the victim.

Detectives seized Oshodi's computer during a raid on his home with details of more than 11,000 credit cards, according to DailyMail report.

The fraudsters purchased cheeseburgers, high-end computers, gold with the stolen money. They are facing jail for their roles in the scam.