Beware of emails with resume attachments as Phishers still use JavaScript attachments


Beware of emails with an attached resume from a job applicant because some of the hackers are still using old JavaScript attachments to deliver the CryptoWall which could leave people in great trouble.

In an article by Brian Bebeau posted on SpiderLabs Blog (Trustwave SEG Cloud), mentioned that recently, it was noticed that a spam run of emails which contained an attached resume from a job applicant. The attachment, with a file extension ‘.js’, was in plain-text and consisted of JavaScript.

After some days, the next spam was noticed which looked more serious and zipped the attachment. The hackers tried to give the attachment a MIME type of "image/png" in order to appear it as an image among the people.

If anyone retrieves the picture, it will turn out to be a Windows executable.

Bebeau wrote that after analysing the file, they came to know that this is a Cryptowall ransomware variant. So, if anyone opens the attachment to look a resume or picture, he/she could end up with his/her entire system in trouble.

He added that some group of spammers also uses JavaScript to hide their phishing attachments. Instead of a resume, they used that old standby, the common account phish.

Bebeau wrote that people can verify an email by looking at the header addresses, before opening the attachments.

Subject lines include:

- Un-authorized User
- Verification Required
- Must verify your account
- Validate account

He said that it is said that people’s account has been limited or disabled, and that to restore their account, they must follow some steps in the attachment.

Now, the attachment is an HTML file with a JavaScript section which instructs people to turn on JavaScript. If they view the attachment in a JavaScript-enabled browser, it creates a form which asks for their personal information.

The form asks for peoples’ social security number and their credit card number along with their name and address. And if anyone fills it and clicks submit button, his/her all data goes to a server in Russia.

According to Bebeau, if people can examine an attachment carefully, it can be a useful to pull JavaScript code for content blocking.

He wrote that, Trustwave SEG Cloud, blocked around 200 of these phishing messages within three days. People should not turn on JavaScript even if some email asks them to do so.

Fake Facebook: Don't give your details away


A new phishing scam designed to steal your Facebook data has come to light. You might be receiving a mail or a message on social media asking you to recover your Facebook account, before it is permanently closed.

The scam is focused on getting Facebook credentials, along with phone number and date of birth of a user. The scam came to light beacuse of the bad English in the message.

Aside from that, the page where you enter your details (the phishing page) is hosted on cloud sharing website Dropbox, allowing for all data you input to be conveniently for the hacker or hackers.

The details are then posted online on a .PHP page, preferably to be sold. No official word is yet out from Facebook on the matter, but www.blog.malwarebytes.org has cautioned users to be careful before responding to any such message, suspected to be from hackers.

Employee email accounts of Children's National Health System targeted with Phishing emails


Children's National became a victim of a cyber-attack, after its employees responded to phishing emails by hackers believing they were legitimate.

The issue came to light on December 26 last year and Children's National believes that any potential unauthorized access of its employees email accounts could have taken place between July 26 and December 26 last year.

Children's National has come out to say that Patient History Information of various patients in the affected email accounts has been put at risk, and although it has not received any information regarding the misuse of this information, affected people are being informed to stay on the lookout for discrepancies in their insurance statement.

On learning of the incident, Children's National immediately secured the emails accounts of the affected employees and began an investigation into the matter. They hired an external forensics firm to carry out their investigation into the matter.

They implemented new safety features and reviewed its systems to upgrade the security of their network. They have also setup a dedicated call centre with a helpline number for getting in touch with the affected patients.

Don't cook your iPhone with Microwave oven


There is an Internet hoax circulating around claiming users of Apple's IOS 8 can charge their iPhone by putting it in the microwave oven.

The hoax ad was posted in 4chan and stated "Wave is our latest and greatest addition to iOS8. Wave allows your device to be charged wirelessly through microwave frequencies.  Wave can be used to quickly charge your device's battery using any standard household microwave"

I don't think anyone fall for this hoax. But it is funny to read the ad and tweets about it.

Last year, when iOS7 was first launched, some pranksters made a similar fake ad claiming updating to the iOS7 made phones waterproof.  Many people reportedly fell for that hoax.

Facebook hoax "Prayers for Like"


The message is a disgraceful hoax designed to get maximum number of likes for a facebook page and further promote it through sharing the message.

A baby's photograph was taken out illegally from a personal facebook profile and is circulated without the parents permission. Unfortunately the baby from the photograph died two weeks after her birth. As the baby's picture is being circulated without the parents permission, it is causing great pain to them. If this hoax message comes your way, do not like or share it. Advisory, report this particular message to Facebook.

According to the facebook's currently distributed hoax message, you can offer prayers to this baby girl by liking or sharing the picture. However, liking or sharing the particular message would not help the baby, infact would cause considerable distress to the parents and make them belligerent.

The people who create these messages are highly motivated by the green eyed monster and look through the children whose pictures they misuse. Facebook pages with large number of likes are a source of black market and can also be sold to inhumane internet marketers and used to make further scam and hoax messages.

Believes of offering prayers for someone who is unfotunate is sane but reciprocating it through social networking sites is simply absurd. Are we to believe on a denigrating fact that, “almighty has a deal with facebook that one shrare contributes hundred prayers?”

Not only this it can also be seen on other pages including images of God and Godesses and they ask for a like or comment to seek There blessings.Well its ironical that even the Almighty now needs likes, shares and comments on their images for blessing the mankind.Huh.Well my suggestion is open up your eyes and think broadly.

If this message comes your way, do not like, share or comment on such a post. It plays in favour of inhumane and immoral people who earn from such hoaxes.

The company needs to take action that ensures that these scam messages are removed from the network as quickly as possible.

Moreover, facebook has actually removed some of the messages, as they have been reported a number of times. The company should ensure that these hoaxes are removed from the network as quickly as possible.

Phishing mail says 'DSVX virus' detected in Your Yahoo Mail


If you are getting emails saying that a virus detected in Your Yahoo Email account, ignore the emails.  It is none other than another tricky method used by cybercriminals to fool users.

Hoax-slayer has spotted a fake email claiming to be from Yahoo informs recipients that it has detected a so-called DSVX virus in your yahoo mail account and you have to update your account.

The email warns the recipients that if they failed to update, they will lose access to their email address.

It also claims the update will give latest spam protection, faster email and unlimited storage facility. 

To update their email, it asks the recipients to send their username, email id, password, email security question and answer, country, phone number and Date of Birth by clicking the Reply Button.

Keep in mind that Yahoo or any other organizations are never going to ask you to send your username and passwords or any other sensitive data via an unsecured email.