Category Archives: Sophos blog

Sophos describes some other telephone scams

On this site, I tend to focus on tech support scams in the context of telephone scams. However, here’s an interesting article by Bill Brenner for Sophos that focuses on other types of telephone scam:

  • IRS tax scams
  • Immigration scams
  • Payday loan scams
  • Government grant scams

The callers seem to be based in India and tend to impersonate government officials, and either threaten victims with tax-related fines and penalties or deportation, or promise services such as grants or loans (on payment of a ‘worthiness’ fee. Here’s the article:

Anatomy of a scam: how phone frauds harvest millions from us

David Harley

Blackhat SEO and other nuisances

The horrific Russian suicide bombings have, inevitably, generated a load of blackhat SEO (search engine optimization) attacks, not to mention Twitter profile attacks, using topical keywords to lure victims into running malicious code. I’ve blogged on that elsewhere recently – e.g. “Here come (more of) the Ghouls”, at http://www.eset.com/blog/2010/03/30/here-come-more-of-the-ghouls – so I won’t repeat myself here.

However, I hear from that nice Mr. Cluley at Sophos that there’s an awfully good paper available about “Poisoned search results: How hackers have automated search engine poisoning attacks to distribute malware”, by Fraser Howard and Onur Komili.  

It is a good paper, and it will interest a lot of the people who read this blog. And it should interest quite a few people who probably won’t read it. 🙁

David Harley FBCS CITP CISSP
Security Author/Consultant at Small Blue-Green World
Chief Operations Officer, AVIEN
ESET Research Fellow & Director of Malware Intelligence

Also blogging at:
http://www.eset.com/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com
http://macvirus.com