Cisco Blogs


Cisco Blog > Threat Research

Your Files Are Encrypted with a “Windows 10 Upgrade”

This post was authored by Nick Biasini with contributions from Craig Williams & Alex Chiu

Update 8/1: To see a video of this threat in action click here

Adversaries are always trying to take advantage of current events to lure users into executing their malicious payload. These campaigns are usually focussed around social events and are seen on a constant basis. Today, Talos discovered a spam campaign that was taking advantage of a different type of current event.

Microsoft released Windows 10 earlier this week (July 29) and it will be available as a free upgrade to users who are currently using Windows 7 or Windows 8. This threat actor is impersonating Microsoft in an attempt to exploit their user base for monetary gain. The fact that users have to virtually wait in line to receive this update, makes them even more likely to fall victim to this campaign.

win10_blacked_out

Read More »

Tags: , , , , , , ,

Big Data: Observing a Phishing Attack Over Years

google_drive_attack

Overview

Phishing attacks use social engineering in an attempt to lure victims to fake websites. The websites could allow the attacker to retrieve sensitive or private information such as usernames, passwords, and credit card details. Attacks of this kind have been around since 1995, evolving in sophistication in order to increase their success rate. Up until now, phishing attacks were generally viewed as isolated events that were dealt with on a case-by-case basis. The dawn of big data analysis in computer security allows us to store data indefinitely and watch the changes and growth of attacks over long periods of time. In 2012, we began tracking a sophisticated phishing campaign that is still going strong.

 

The Target

Google, one of the largest players in the cloud business, offers dozens of free cloud services: Google Email, Google Drive, Google Docs, Google Analytics, YouTube, etc. To enable easy access across all of these properties, Google built what they call, “One account. All of Google.”   Read More »

Tags: , , , , , , , , ,

The Highs and Lows of the Pump and Dump Scam

The Internet remains an environment where it is important to keep your wits. The recent indictment of nine individuals on stock fraud charges reminds us that the pump and dump scam continues to be perpetrated [1][2]. Stock spam emails were particularly prevalent during the mid-2000’s, with these messages reportedly comprising 15% of all spam in 2006 [3]. These messages sought to artificially increase demand for infrequently traded stocks so that fraudsters could unload cheaply bought shares at a profit to unsuspecting investors.
Read More »

Tags: , , ,