Cybersecurity for Messaging Services & App Developers

WhatsApp exposes users to malicious shortened links

June 30, 2016

WhatsApp exposes users to malicious shortened links

Overlay malware has emerged as one of the more pernicious threats on mobile devices, particularly Android phones, and researchers have now discovered a new SMS phishing campaign that uses overlay malware to steal credentials for mobile banking apps and messaging apps. The attackers behind the campaign are using a wide range o...

Phishing campaign strikes U.K. and U.S. companies

August 3, 2015

Phishing campaign strikes U.K. and U.S. companies

A phishing campaign of millions of messages has been aimed at organisations in the UK and US. Discovered by Proofpoint, the campaign employs bait via an authentic voice message containing an LNK attachment—an unusual method of delivering malware. The technique was used in a relatively restricted manner. Only one unique file...

TD Bank warns of text phishing scam

July 8, 2015

TD Bank warns of text phishing scam

TD Bank is warning customers to beware of a fake mass text sent out Wednesday morning telling people — including those who don’t even bank with TD — that their accounts are suspended and to immediately provide their personal information. The phishing text, which includes a link, reads as follows: “From: 16193633585 ...

A nasty malware masking as a 7-Eleven voucher is spreading via WhatsApp in Singapore

July 1, 2015

A nasty malware masking as a 7-Eleven voucher is spreading via WhatsApp in Singapore

Another phishing attack on WhatsApp users. A nasty malware has been spreading among WhatsApp users in Singapore over the past few days. It masks itself as a bitly link to a 7-Eleven voucher, and when you click on the link, it sends you to a spoofed page which appears to be harmless. In actual fact, your device has already be...

Silicon Valley Bank Warns Clients About a Fraudulent Email and Payment/Wire Scam

June 29, 2015

Silicon Valley Bank Warns Clients About a Fraudulent Email and Payment/Wire Scam

Here's a good example of a malicious attack that banking customers receive on a regular basis. I received this one because MetaCert is a Silicon Valley Bank customer and apparently customers like us are being targeted with this scam. Most people worry about clicking the wrong links and submitting their passwords to the wro...

How banks can help prevent phishing scams

May 13, 2015

How banks can help prevent phishing scams

Frank Abagnale is one of the most famous fraudsters in America. Leonardo Dicaprio portrayed him in the movie "Catch Me If You Can." After spending 12 years in prison for stealing millions of dollars, he has been working for the FBI for 40 years. Abagnale is even considered a rockstar in the cyber security industry, speak...

Video: A Phishing Attack Inside a Productivity App

May 12, 2015

Video: A Phishing Attack Inside a Productivity App

Opening web links received by email can be problematic. They’re mostly safe, but sometimes they’re not. Sometimes emails take you to malicious websites, waiting to steal your login or credit card information. Sometimes the intention is to infect your computer or corporate network with malware, spyware or ransomware. If y...

Chrome extension, ‘Password Alert,’ to mitigate phishing attacks. But still no protection for mobile users

May 1, 2015

Chrome extension, ‘Password Alert,’ to mitigate phishing attacks. But still no protection for mobile users

As the number one target of phishing attacks, Google has responded to the ongoing threat with the release of a new browser extension, dubbed ‘Password Alert.' The free, open-source Chrome extension is designed to protect its users from phishing attacks with a pop-up warning should a user attempt to type their Google password i...

Phishing email targets Tesco Bank customers

April 27, 2015

Phishing email targets Tesco Bank customers

A new phishing email bearing the subject 'Tesco Bank Changes to Interest rate' is currently targeting Tesco Bank's customers. The email tells its recipients that they can have a look at the most recent interest-rates and modifications from the Bank by simply opening an attachment, reported hoax-slayer.com. I picked up on the pos...

Why Secure Mentem needs should look at apps and not just email for potential phishing attacks

April 24, 2015

Why Secure Mentem needs should look at apps and not just email for potential phishing attacks

According to a post on ComputerWeekly, Ira Winkler, president of Secure Mentem, told attendees of the RSA Conference 2015 in San Francisco that humans represent only two of ten potential kill points for phishing attacks. A phishing attack can only be successful if eight possible layers of technological controls are missing or h...