A Week in Security (April 13 – 19)

A Week in Security (Jun 22 – 28)

Here’s a review of last week’s posts on Malwarebytes Unpacked*:

  • Fake Amazon Local Emails Deliver Malware (Security Threat) Malware Intelligence Analyst Chris Boyd found spam claiming to be from Amazon Local, Amazon’s daily deal service, under the guise of a receipt informing recipients of a purchase they purportedly made. It contained a ZIP-compressed attachment that may have been potentially malicious.
  • This Dropbox Phish is Not After Your Dropbox Creds (Fraud/Scam Alert) The promise of something good behind a link has been a motivation for users. Unfortunately, this is commonly exploited by online criminals. This phish, in particular, advised the curious to login to their emails before they can see an image—a tactic that users must never fall for.
  • Advisory: Seasonal Scam Returns (Fraud/Scam Alert) The Garcinia diet spam campaign is back for the summer holidays, and this time, the scammers banked on the popularity of the TMZ and Good Housekeeping brands to make their sales pitch more believable.
  • Phishy Steam Guard File Steals SSFN (Fraud/Scam Alert) During the Steam Summer Sale, we found a unique yet nasty phish that allows attackers to steal an account’s SSFN, a file that prevents users from always verifying their machines whenever they log in to Steam. The campaign used an infostealer with the name SteamGuard.exe after Steam’s security feature. You can familiarize yourself with Steam Guard here.
  • “Tracy Morgan Is Dead” Fake Video in Circulation (Fraud/Scam Alert) Actor-comedian Tracy Morgan is now part of the long list of fake celebrity deaths that circulated on the Web. This one we found on Facebook, which leads users to download a PUP pretending to be software update that used the Adobe notification interface.
  • A look at a double-dipping advertising network (Malvertising) In this post, Senior Security Researcher Jérôme Segura discussed double dipping, and a particular online advertising company that does just that. This company, he later found, got ad impressions, pay per clicks (PPC), and commissions based on the number of malware they can install onto user systems.
  • Scammers Continue to Hook Users with Free Facebook Hacking (Fraud/Scam Alert) We found, profiled and debunked one of the many Facebook hacking/cracking tools that can be found online with a simple search. Steer clear of FBSniffing(dot)com.

Top news stories:

Stay secure, everyone!

The Malwarebytes Labs Team