News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • Patch Watch: Office 365 – The trendy new phishing target

    Posted on March 25th, 2019 at 06:48 woody Comment on the AskWoody Lounge

    Here phishy, phishy, phishy…..

    Attacking Windows 10 is so yesterday. Malicious hackers have known for some time that phishing is a fruitful and cheap method for stealing data. And the bigger the mark, the better the returns. So it should be no surprise that Office 365 has become a tempting target.

    Patch Lady Susan Bradley offers the first in a series of articles about Office 365’s vulnerable underbelly, and what you can to do protect yourself and your organization.

    Details in this week’s AskWoody Plus Newsletter 16.11.0, out this morning to AskWoody Plus Members.

  • Microsoft targeted by phishing attack

    Posted on January 27th, 2014 at 20:34 woody Comment on the AskWoody Lounge

    Probably by Syrian Electronic Army.

    Man, if MS can’t protect itself, how can any organization?

    InfoWorld Tech Watch

  • How well does IE’s phishing filter work?

    Posted on April 25th, 2012 at 12:23 woody Comment on the AskWoody Lounge

    This will undoubtedly change shortly, but…

    In the past hour I’ve received several messages from people here in Thailand saying that they’re receiving phishing mail from their bank, SCB. The mail instructs people to click  on a link and log in. The link goes to the site new11010scb dot com (no, I’m not going to link to it).

    If you go to that location with either Firefox or Chrome, you get the standard phishing warning message. But if you go there with either IE 9 or IE 10 (on Windows 8), you sail right on through to an ad…

    #Fail IE Smart Screen.

  • PayPaI phishing scam

    Posted on May 16th, 2010 at 06:44 woody Comment on the AskWoody Lounge

    I don’t write about phishing messages that I receive very frequently because most of them are poorly done, amateurish and (even if they’re enticing) you can see through most of them in a New Yawk minute.

    Not so this one. I just got a message, seemingly from PayPal Inc. [noreply1@paypal-community.com], titled “Your regularly scheduled account maintenance !” In typical phishing fashion, it says that my PayPal account needs to be verified “to protect your identity.”

    Attached to the message is an HTML file called “PayPal_Limited_From.html” The mis-spelling was the first thing that tipped me off.

    I double-clicked on the HTML file and up came a form inviting me to provide my credit card information and click a button marked Submit Form. The form admonishes “By clicking the button “Submit Form” you confirm your identity with us. The form is submitted instantly. Your session will be closed after you verify your information.”

    Of course I didn’t fill in any of the information, but for the heck of it, I clicked the Submit Form button. The screen flashed a little bit and I ended up on the PaylPal Refund page. Not a bogus page. The real thing.

    Delving a little deeper, I looked at the program behind that Submit Form button, and discovered all sorts of references to a site called vitgrim.org. Sure enough, vitgrim.org is registered to a fellow in GyeonGi, Korea.

    The moral of the story is the same as always: don’t click on anything you receive in the mail. But this particular man-in-the-middle phisher is particularly well done.

  • 100 arrested in giant phishing sting

    Posted on October 8th, 2009 at 22:12 woody Comment on the AskWoody Lounge

    Wired reports that 100 phishers have been arrested in a sting spanning the US and Egypt.

    A gang of more than 100 alleged phishers has been charged in the U.S. and Egypt in connection with a global scheme to steal bank credentials of victims and siphon money from their accounts.

    A total of 53 defendants ranging in ages 18 to 44 are charged in a thick indictment unsealed Wednesday in federal court in Los Angeles. An additional person is being charged at the state level, and another 47 alleged co-conspirators have been charged in Egypt.

    The indictment is the culmination of a two-and-a-half-year investigation, dubbed Operation Phish Phry.

  • Beware phishers

    Posted on October 7th, 2009 at 05:06 woody Comment on the AskWoody Lounge

    I”m always admonishing people to be careful about phishers, but it looks like Hotmail, Yahoo Mail and Gmail are getting a particularly nasty dose at the moment. Neowin reports that 20,000 Hotmail users have already given up their userids and passwords. BBC says that they have “seen two lists that detail more than 30,000 names and passwords from e-mail providers, including Yahoo and AOL, which were posted online.”

    It’s always been a problem, but the phishers are getting much more clever these days.

    Of course, you’re savvy enough to pass by those emails that say you underreported your income to the IRS, the ones that say your package couldn’t be delivered because it had the wrong address, and the ones that say you better pay for that new Mac or else…

    I’ve tried clicking through on several of those phish mails as soon as I get them (hey, who can resist running down somebody who says I’m due a tax refund?), and have been pleasantly surprised to discover that Firefox is blocking the sites, just like it should.

    SANS Internet Storm Center recommends that you immediately change your passwords on Hotmail, Gmail, Yahoo Mail and AOL accounts.