Archive: Fraud
Robotraff: A Hacker's Go-To For Clicks
Anyone who doubts that Internet click fraud has become a big money maker should take a look at a Russian Web site called Robotraff.com, which bills itself as "the first stock exchange of Web traffic." Set up a free account...
By Brian Krebs | May 7, 2008; 06:22 PM ET | Comments (2)
Cyber Justice Chronicles
Security Fix is launching a new feature today called Cyber Justice Chronicles, which will periodically provide short snippets of news about individuals who have been arrested or convicted of computer crime offenses. Law enforcement takes its share of lumps for...
By Brian Krebs | May 1, 2008; 05:15 PM ET | Comments (4)
Hundreds of Thousands of Microsoft Web Servers Hacked
Hundreds of thousands of Web sites - including several at the United Nations and in the U.K. government -- have been hacked recently and seeded with code that tries to exploit security flaws in Microsoft Windows to install malicious software...
By Brian Krebs | April 25, 2008; 08:00 AM ET | Comments (62)
Identity Theft Smash & Grab, CEO Style
Tens of thousands of corporate executives were the target of a series of identity-theft scams this week, e-mail-borne schemes that appear to have netted close to 2,000 victims so far. Early Monday morning, according to two security experts with firsthand...
By Brian Krebs | April 15, 2008; 10:44 PM ET | Comments (30)
Online Security: A Closer Look at a Negative Example
It may be easier than you think for someone to steal your wireless phone records. At least, that's the case if you're a Sprint wireless phone user. Sprint makes it very easy for customers to go online to view and...
By Brian Krebs | April 15, 2008; 06:09 PM ET | Comments (7)
Online Banking: Do You Know Your Rights?
The financial industry in the United Kingdom recently reaffirmed a policy that holds online banking customers liable for losses if they fail to secure their personal computers against data-stealing computer viruses. While this policy may seem surprising or even draconian...
By Brian Krebs | April 10, 2008; 08:49 AM ET | Comments (27)
Social Networking Accounts Prized By Cybercrooks
Cyber criminals increasingly are moving away from trying to break into computers directly, choosing instead to target Internet users where they spend much of their time online -- at social networking Web sites, new data suggests. In an analysis of...
By Brian Krebs | April 8, 2008; 12:01 AM ET | Comments (15)
RedBox Warns of Credit Card Skimmers
DVD-rental vending machine maker RedBox today warned customers to be on the lookout for any unusual activity or physical changes to local RedBox kiosks, after the company discovered evidence that criminals had retrofitted at least three of the machines with...
By Brian Krebs | April 7, 2008; 01:55 PM ET | Comments (6)
Consumers Report $239 Million Lost To Cyber Fraud In '07
U.S. consumers reported losing more than $239 million from online fraud last year, up from $198 million in 2006, according to data released today by the FBI. Internet auction fraud (35.7 percent) and merchandise non-delivery (24.9 percent) were the most...
By Brian Krebs | April 4, 2008; 12:49 PM ET | Comments (2)
8.3 Million Records Spilled in Data Breaches This Year
At least 8.3 million personal and financial records of consumers were potentially compromised by data spills or breaches at businesses, universities and government agencies in the first quarter of 2008, according to statistics released today. The San Diego based Identity...
By Brian Krebs | April 2, 2008; 03:00 PM ET | Comments (7)
April Fool's Day Warning, And Some Fun
This post has been updated. Please read through to the end. Original post: The cyber criminal(s) behind the Storm worm want to make an April Fool out of you today. The Storm worm author(s) likes to use holidays and other...
By Brian Krebs | April 1, 2008; 01:50 PM ET | Comments (8)
Cyber Attacks on the Campaign Trail
It is rare for the key topics typically covered in this blog -- cybercrime and computer security -- to be wielded as talking points by a major presidential candidate. But in a foreign policy speech last week, presumptive Republican Party...
By Brian Krebs | March 31, 2008; 03:08 PM ET | Comments (8)
The Curious Case of Dmitry Golubov
Earlier this month, Security Fix took a look at Dmitry Ivanovich Golubov, a Ukrainian politician once considered by U.S. law enforcement to be a top cybercrime boss. Golubov took rather strong exception to the way he was characterized in that...
By Brian Krebs | March 28, 2008; 10:50 AM ET | Comments (16)
Hannaford Breach May Presage '08 Trend
The Hannaford Bros. supermarket chain said Monday that a breach of its computer systems may have given criminals access to more than four million credit and debit cards issued by nearly 70 banks nationwide. While the banks appear all but...
By Brian Krebs | March 18, 2008; 11:08 AM ET | Comments (25)
The Anatomy of a Vishing Scam
A series of well-orchestrated wireless phone-based phishing attacks against several financial institutions last week illustrates how scam artists are growing more adept at fleecing consumers by exploiting security holes in seemingly unrelated Internet technologies. The scams in this case took...
By Brian Krebs | March 15, 2008; 05:54 PM ET | Comments (5)
Ukrainian CyberCrime Boss Leads Political Party
A Ukrainian man once known as one of the top ringleaders in Eastern Europe-based organized cyber crime is now heading up a new political party there. Dmitry Ivanovich Golubov, a 24-year-old from Odessa, is leading the upstart "Internet Party of...
By Brian Krebs | March 13, 2008; 11:02 AM ET | Comments (25)
Six Degrees of E-Separation
If you've ever played the game "Six Degrees of Kevin Bacon," you know there's a lot of truth to it. It's based on the notion that any actor can be linked through his or her film roles to Mr. Bacon....
By Brian Krebs | March 12, 2008; 05:23 PM ET | Comments (8)
When Ads Go Bad
A long-time trusted source recently alerted me that some inappropriate advertisements were running on Neopets.com, a Web site full of addictive Macromedia Flash games aimed at pre-teens. Surprisingly, the curators of Neopets.com -- major media conglomerate Viacom -- are disavowing...
By Brian Krebs | March 10, 2008; 12:34 PM ET | Comments (20)
The FDIC Computer Intrusion Report
Last week, Security Fix featured the highlights from a non-public report by the Federal Deposit Insurance Corp. (FDIC) that examined a huge recent spike in the cost of computer intrusions for banks and consumers. I chose not to publish the...
By Brian Krebs | March 5, 2008; 10:12 AM ET | Comments (8)
When Blocking Porn Isn't Enough
Last year, Security Fix looked at a free service that helps parents and other network administrators block adult Web sites for all of the PCs they control, without installing any software. Now, the company and community that built that service...
By Brian Krebs | February 26, 2008; 01:28 PM ET | Comments (32)
Wall Street Reports Increase In PC Intrusions In '07
On Thursday, Security Fix featured an exclusive look at data pulled from an unreleased government report showing a steep increase in the amount of funds that banks, businesses and consumers lost last year due to computer hacking and malicious software...
By Brian Krebs | February 22, 2008; 09:40 AM ET | Comments (0)
Banks: Losses From Computer Intrusions Up in 2007
U.S. financial institutions reported a sizable increase last year in the number of computer intrusions that led to online bank account takeovers and stolen funds, according to data obtained by Security Fix. The data also suggest such incidents are becoming...
By Brian Krebs | February 20, 2008; 10:40 AM ET | Comments (19)
Fake Prez. Campaign Video Spreads Malware
Spammers are taking advantage of public awareness about the U.S. presidential race to trick people into installing malicious software. A recent blast of spam purports to contain links to a video of Sen. Hillary Clinton (D-N.Y.) on the campaign trail,...
By Brian Krebs | February 14, 2008; 04:50 PM ET | Comments (10)
Beware Bogus E-Valentines
If you want to express your affection for someone this Valentine's Day, try to find a more original way to do it than by sending e-greeting cards. You could be training your loved one to respond to scammers who are...
By Brian Krebs | February 13, 2008; 11:17 AM ET | Comments (26)
Hackers Exploit Adobe Reader Flaw
Security Fix has learned that at least one of the security holes in the popular Adobe Reader application that was quietly patched by Adobe this week is actively being exploited to break into Microsoft Windows computers. On Wednesday, we alerted...
By Brian Krebs | February 9, 2008; 08:55 AM ET | Comments (25)
The Storm Worm's Family Tree
New research suggests that the infamous Storm worm has its roots in a computer worm that first surfaced as early as 2004, two-and-a-half years prior to Storm's widely-recognized birthday. The findings come from security researchers at Damballa, a start-up in...
By Brian Krebs | February 7, 2008; 03:05 PM ET | Comments (5)
Just Say No To Work-At-Home Money Mule Scams
washingtonpost.com today ran a story I wrote that examines the ever-evolving scams that organized cyber thieves are coming up with to con people into laundering stolen funds on their behalf. The piece features interviews with a couple of unfortunate victims...
By Brian Krebs | January 25, 2008; 11:00 AM ET | Comments (31)
Report: 51 Percent Of Malicious Web Sites Are Hacked
The number of legitimate Web sites that have been hacked and seeded with code that tries to infect the visitor's PC with malware now exceeds the number of sites specifically created by cyber criminals, according to a report released today....
By Brian Krebs | January 22, 2008; 09:29 AM ET | Comments (5)
Drawing a (Scary) Face On Malicious Software
If the phishing scams, computer viruses and worms that land in our inboxes each day take the form of hostile-looking beasts, we might all want to avoid them like the plague. Such is the vision of Romanian artist Alex Dragulescu,...
By Brian Krebs | January 18, 2008; 01:10 PM ET | Comments (6)
Wishing an (Un)Happy Birthday to the Storm Worm
This week marks the one-year anniversary of the emergence of the spam-enabling Storm worm, a tenacious strain of malicious software that probably speaks more about the future of online crime than almost any other malware family circulating online today. This...
By Brian Krebs | January 17, 2008; 09:37 AM ET | Comments (26)
Scareware Program Targets Mac Users
The same tried-and-true social engineering tactics traditionally wielded against Windows users to frighten people into buying bogus security software are now being employed to target Mac users. Security experts say the curators of macsweeper.com warn visitors that their machine is...
By Brian Krebs | January 15, 2008; 01:50 PM ET | Comments (4)
New Nasty Hides From Windows, Anti-Virus Tools
A new family of malicious software that runs before Windows even boots up has infected thousands of PCs worldwide and remains undetected by virtually all of the commercial anti-virus tools, security experts warn. The newly-discovered malware is what's known as...
By Brian Krebs | January 8, 2008; 02:10 PM ET | Comments (67)
The Mysterious Unsent 'Bounced' E-mail
The subject line from the e-mail that just landed in your inbox indicates the message was returned because it could not be delivered. Upon closer inspection, the message -- hawking cheap designer watches -- doesn't look like any message you've...
By Brian Krebs | January 2, 2008; 11:15 AM ET | Comments (27)
'Pinch' Authors Pinched?
A few weeks ago, Security Fix profiled a ubiquitous (but lesser known) class of malicious software called "Pinch," a malware creation kit that is highly sought after on hacker forums because of its adaptability and multitude of features. According to...
By Brian Krebs | December 20, 2007; 11:15 AM ET | Email a Comment
Study: $3.2 Billion Lost to Phishing in 2007
U.S. consumers were scammed out of roughly $3.2 billion over the past year from phishing scams, a significant increase over last year, according to a survey released this week. The estimate, produced by Stamford, Conn.-based research firm Gartner Inc., was...
By Brian Krebs | December 19, 2007; 05:58 PM ET | Comments (8)
Top 10 Best & Worst Anti-Phishing Web Registrars
Web site domain name registrars are increasingly finding themselves at the forefront of the never-ending slog against online con artists and phishers. But there is little consensus on how far registrars should go to police their pool of names for...
By Brian Krebs | December 11, 2007; 08:30 AM ET | Comments (35)
Malware Targets E-Banking Security Technology
A new class of malicious software contains a feature specifically designed to thwart online security technology implemented by Bank of America and many other financial institutions that allow their customers to monitor and make changes to their accounts via the...
By Brian Krebs | November 30, 2007; 05:33 PM ET | Comments (27)
Feds Put More Botmasters, Phishers Behind Bars
The FBI today released details of several cybercrime cases against individuals accused of defrauding banks, companies and consumers of more than $20 million with the help of "botnets," large groupings of hijacked personal computers. The computer crime crackdown is Part...
By Brian Krebs | November 29, 2007; 01:00 PM ET | Comments (17)
Credit Card Thieves Flood Wikimedia With Pennies
The Wikimedia Foundation, the parent organization of the free online encyclopedia Wikipedia and other open-source projects, recently increased the minimum amount it will accept in donations after scammers apparently began testing the validity of stolen credit cards by sending a...
By Brian Krebs | November 20, 2007; 02:57 PM ET | Comments (31)
Security Pro Admits to Hijacking PCs for Profit
A Los Angeles security professional has admitted to infecting more than a quarter million computers with malicious software and installing spyware that was used to steal personal data and serve victims with online advertisements. John Kenneth Schiefer, 26, variously known...
By Brian Krebs | November 10, 2007; 06:03 PM ET | Comments (140)
Russian Business Network: Down, But Not Out
A major Russian Internet service provider whose client list amounted to a laundry list of organized cyber crime operations appears to have closed shop. But security experts caution that there are signs that the highly profitable network may already be...
By Brian Krebs | November 7, 2007; 12:31 PM ET | Comments (11)
Salesforce.com Acknowledges Data Loss
Business software provider Salesforce.com acknowledged that a recent spate of targeted e-mail virus and phishing attacks against its customers resulted from one of its own employees falling for a phishing scam and turning over the keys to the company's customer...
By Brian Krebs | November 6, 2007; 11:34 AM ET | Comments (19)
Deconstructing the Fake FTC E-mail Virus Attack
A targeted e-mail virus disguised as an identity theft inquiry from the Federal Trade Commission appears to have successfully compromised more than 500 PCs, including victims at banks, real estate brokerages, law firms and marketing companies. Each of the victims...
By Brian Krebs | November 5, 2007; 06:00 AM ET | Comments (28)
Anti-Virus On A Mac?
Every other week, I host a Security Fix Live chat with readers, and almost invariably, one of the questions that comes up is: "Hi. I'm a Mac user. Should I be using anti-virus software?" I usually answer that while there...
By Brian Krebs | October 31, 2007; 06:00 PM ET | Comments (35)
Hiding In Plain Sight
Security Fix pop quiz, here. Is the document pictured in the image to the right the depiction of a text document, or is it an executable malicious program disguised as a harmless text file? It's actually an executable file (one...
By Brian Krebs | October 31, 2007; 11:42 AM ET | Comments (19)
Spammers Tempt Surfers to Help Solve Captchas
Call it an online game of strip poker, only spammers are the ones walking away with all the winnings. The latest innovation in malicious software takes the form of shapely "Melissa," an alluring, scantily clad blond who requests the victim's...
By Brian Krebs | October 30, 2007; 10:20 AM ET | Comments (10)
Equifax Details Credit Freeze Plans
Big three credit reporting bureau Equifax on Wednesday detailed its plan to offer certain consumers the ability to freeze their credit files as a means of preventing identity theft. The offering provides a clearer picture of how the credit bureaus...
By Brian Krebs | October 25, 2007; 04:00 PM ET | Comments (13)
TJX Breach Was Twice as Bad as First Reported
The largest digital data theft ever recorded was bigger than originally thought. TJX, the Massachusetts retail giant that earlier this year disclosed that a series of network and computer intrusions had compromised more than 45 million credit- and debit-card numbers,...
By Brian Krebs | October 24, 2007; 11:37 AM ET | Comments (7)
Should E-Mail Addresses Be Considered Private Data?
A database of e-mail addresses and other contact information stolen from business software provider Salesforce.com is being used in an ongoing series of targeted e-mail attacks against customers of several Salesforce.com business clients, including SunTrust and Automatic Data Processing Inc....
By Brian Krebs | October 19, 2007; 06:00 PM ET | Comments (19)
Stock Spammers Pump It Up With MP3 Files
Spammers involved in pump-and-dump scams touting penny stocks now are using MP3 music files to lure investors, a switch security experts say is the latest tactic designed to sneak the messages past spam filters. According to e-mail security provider MessageLabs,...
By Brian Krebs | October 18, 2007; 01:48 PM ET | Comments (5)
The Russian Business Network Responds
An individual claiming to represent the Russian Business Network has denied media reports (including a Washington Post story I wrote that ran last week) the company provides Web hosting services to numerous cyber criminal operations. Experts quoted in my story...
By Brian Krebs | October 16, 2007; 03:45 PM ET | Comments (6)
Taking on the Russian Business Network
The text below was originally included as part of the story The Washington Post ran today on the Russian Business Network. The content below was cut for space reasons, but I thought the anecdote was interesting and timely enough to...
By Brian Krebs | October 13, 2007; 12:01 AM ET | Comments (13)
A Year's Worth of Phish Facts
Phishtank.com, a volunteer effort to identify phishing e-mails and associated Web sites, released its first annual report today, providing one of the most comprehensive data sets ever published on the subject and offering fascinating insights on the scope and increasing...
By Brian Krebs | October 9, 2007; 07:54 AM ET | Comments (7)
A Notable Step in the Fight Against Phishing
Yahoo! e-mail users should soon start noticing the disappearance of scam e-mails that try to steal PayPal and eBay account information. eBay and Yahoo! announced a partnership today that involves a technology developed by Yahoo! called "DomainKeys" to filter out...
By Brian Krebs | October 4, 2007; 04:51 PM ET | Comments (8)
Just How Bad Is the Storm Worm?
The Storm worm has earned its share of superlatives, but security experts disagree over just how many computers running Microsoft Windows have been compromised by the e-mail worm. Some new figures released from Microsoft and estimates obtained by Security Fix...
By Brian Krebs | October 1, 2007; 10:31 AM ET | Comments (11)
Calculating the Costs of Cyber Crime
On Monday, Security Fix looked at figures published by the Justice Department suggesting that the FBI had between 3 and 6 percent of its field agents dedicated to fighting cyber crime. On the surface, that number may seem low for...
By Brian Krebs | September 27, 2007; 11:25 AM ET | Comments (6)
Is Cyber Crime Really the FBI's No. 3 Priority?
The Federal Bureau of Investigation says that its No. 3 priority is protecting the United States "against cyber-based attacks and high-technology crimes." Given the increasing pervasiveness and costs associated with such crime, FBI Director Robert Mueller should be commended for...
By Brian Krebs | September 24, 2007; 03:14 PM ET | Comments (16)
The Threat of Reputation-Based Attacks
CastleCops.com is accustomed to being attacked by online crooks: The volunteer-led cybercrime-fighting group has endured nearly a month long siege by thousands of criminally-controlled PCs aimed at crippling its Web site. So when the latest attack failed to prevent legitimate...
By Brian Krebs | September 18, 2007; 10:00 AM ET | Comments (20)
Report: Four Percent of E-Crime From Fortune 100
Roughly four percent of all spam, malicious software attacks, phishing Web sites and other cyber crime activities detected in the first half of 2007 emanated from the networks controlled by the world's 100 highest-grossing companies, according to a new report...
By Brian Krebs | September 17, 2007; 03:27 PM ET | Comments (10)
Skype Users: Beware of Instant Message Worm
Skype, the eBay-owned Internet telephone service, is warning users to be on guard against a new computer worm that arrives disguised as a chat invitation via Skype's built-in instant messaging feature. The worm, which goes by the names "W32/Ramex.A," "W32/Pyskpa.D"...
By Brian Krebs | September 11, 2007; 09:10 AM ET | Comments (4)
Hacking Groceries: Internet Coupon Fraud
Over the weekend, my wife and I were shopping at Magruder's, a local grocery chain to which we're fiercely loyal, and we noticed a handwritten sign attached to the credit-card reader in the checkout line: "Attn customers: Due to coupon...
By Brian Krebs | August 27, 2007; 12:15 PM ET | Comments (19)
Storm Worm Authors Turn to YouTube Lures
Security Fix has spilled quite a bit of digital ink warning readers about the ever changing tactics of criminals behind the the indefatigable "Storm worm." This week's tactic (or today's as the case may be) involves e-mailed Web links disguised...
By Brian Krebs | August 27, 2007; 10:22 AM ET | Comments (8)
Don't Join the Club
The great Groucho Marx once quipped, "I don't want to belong to any club that will accept me as a member." E-mail users would do well to adopt this attitude with respect to unsolicited invites to join members-only Web sites,...
By Brian Krebs | August 22, 2007; 03:33 PM ET | Comments (14)
Beware of Five-Star Vaporware
U.K. computer programmer Andy Brice was proud of the awards and accolades his software had won from his peers online. That is, until he noticed that pretty much everyone else's software received the same "5-star" rating and high praise from...
By Brian Krebs | August 20, 2007; 10:08 AM ET | Comments (8)
Would You Like A Job With That Virus?
Cyber crooks are targeting a wave of new attacks at people searching for jobs online, security experts warn. Oddly enough, the criminals behind this scam appear to be just as interested in hiring you as they are in hijacking your...
By Brian Krebs | August 17, 2007; 04:20 PM ET | Comments (12)
Watch Out for Fake Tax 'Rebate' Sites
It's not exactly tax-filing time in the United States, but that doesn't mean online scammers aren't out to capture the money owed to you by Uncle Sam. A scam Web site spotted recently by Security Fix is one of a...
By Brian Krebs | August 8, 2007; 08:51 AM ET | Comments (5)
New Tool Automates Webmail Account Hijacks
LAS VEGAS -- Logging into your MySpace, Facebook, Yahoo!, Gmail or Hotmail account over a wireless connection just got a lot more dicey, as researchers here at the Black Hat hacker conference today demonstrated a new set of tools...
By Brian Krebs | August 2, 2007; 03:16 PM ET | Comments (22)
Florida Counterfeit Credit Card Ring Busted
Six individuals in Florida have been indicted for running an organized credit card counterfeiting ring that netted more than 200,000 stolen account numbers, the U.S. Secret Service said today. Julio Lopez, 30, and his girlfriend, Anett Villar, 26, were arrested...
By Brian Krebs | July 9, 2007; 12:33 PM ET | Comments (17)
Scammers Play Robin Hood to Test Stolen Credit Cards
The Symantec security blog today talks about a trend its authors are seeing more of: Scammers using stolen credit cards to make small donations to online charities. The prevailing theory is not that the criminals are being altruistic Rather, security...
By Brian Krebs | July 6, 2007; 01:15 PM ET | Comments (9)
A Word of Caution About Google Calendar
I've been playing around with Google Calendar, a beta service from the search-engine giant that lets users store -- and share -- calendar data online. It's a great Web-based tool, but in experimenting with it I found that far too...
By Brian Krebs | July 6, 2007; 06:00 AM ET | Comments (11)
Web Worm Whacks MySpace Users
A complex, ongoing attack on MySpace.com users is turning victim's sites and computers into hosts for serving phishing scams and computer viruses. Earlier this week, some MySpace user pages were seeded with computer code seeking to exploit one of three...
By Brian Krebs | June 27, 2007; 01:52 PM ET | Comments (21)
Social Networking on Internet Scammer Forums
With social networking sites like MySpace and Facebook all the rage among the 18 to 24 set, it's not hard to see why so many young people are drawn into hacking and online crime: After all, most criminal hackers learn...
By Brian Krebs | June 26, 2007; 04:30 PM ET | Comments (6)
Red Cross Scam Targets Military Families
Low-life scam artists have sunk to new depths by posing as American Red Cross workers in an effort to steal personal information from military families with loved ones in Iraq. The caller, who sounds like a young American, calls a...
By Brian Krebs | June 22, 2007; 04:34 PM ET | Comments (4)
LexisNexis Warns of Consumer Database Breaches
Last month, Security Fix wrote that scam artists were trying to steal the login credentials that law enforcement officers use to access their accounts at Accurint, a database operated by LexisNexis owner ReedElsevier that contains highly detailed and personal files...
By Brian Krebs | June 21, 2007; 09:34 AM ET | Comments (6)
Mpack Exploit Tool Slips through Security Holes
Researchers have been charting the rise in threats created by a new software exploit tool known as "Mpack," a virtual attack kit designed to be embedded in hacked or malicious Web sites. It targets security holes in multiple software products,...
By Brian Krebs | June 18, 2007; 04:15 PM ET | Comments (10)
PayPal to Roll Out Buyer Vetting Service
In a move designed to attract more online sellers to accept its virtual payment service, PayPal this year plans to roll out a voluntary service designed to warn merchants if a transaction presents a fraud risk. Merchants who adopt PayPal's...
By Brian Krebs | June 18, 2007; 01:55 PM ET | Comments (3)
House Approves Anti-Caller ID Spoofing Bill
The U.S. House of Representatives on Wednesday approved legislation that would make it a crime for someone to fake their phone's outgoing Caller ID information for nefarious purposes. The "Truth in Caller ID Act of 2007" would make it "unlawful...
By Brian Krebs | June 14, 2007; 05:01 PM ET | Comments (8)
FBI Unveils Movable Feast with 'Operation Bot Roast'
The FBI said today it has identified more than 1 million personal computers that have been infected with computer worms enabling the attackers to control PCs for criminal purposes such as sending spam, spreading spyware and attacking Web sites. The...
By Brian Krebs | June 13, 2007; 05:03 PM ET | Comments (6)
Yahoo! IM Users Should Upgrade Immediately
People who chat online using Yahoo! Messenger software should upgrade their program. The company has pushed out a fix to plug two newly discovered security holes. The two critical vulnerabilities reside in Yahoo! Messenger versions 8.1.0.249 and earlier. The flaws...
By Brian Krebs | June 9, 2007; 02:30 PM ET | Comments (13)
High Court Ruling Could Be Boon for Retailers
A Supreme Court ruling handed down Monday could be good news for more than 100 major retailers targeted by class-action lawsuits alleging that the companies failed to comply with a law designed to protect consumers from identity theft. The retailers...
By Brian Krebs | June 5, 2007; 10:35 AM ET | Comments (2)
Report Shows 7 Percent of Sponsored Links Dangerous
Clicking on a search engine's results of popular computer terms like "wallpaper" or "screensaver" remains a fairly risky endeavor when it comes to security, according to an updated study. The second annual State of Search Engine Safety report from McAfee...
By Brian Krebs | June 4, 2007; 10:52 AM ET | Comments (5)
Spy vs. I-Spy: A Tale of Dueling Anti-Spyware Bills
The House of Representatives last week passed a bill called the "I-SPY Act" -- a.k.a. the "Internet Spyware Prevention Act of 2007." I believe it's important to highlight the benefits and limitations of this measure. For starters, I-SPY is an...
By Brian Krebs | May 29, 2007; 08:43 AM ET | Comments (3)
Phishing Attacks Soar as Scammer Nets Widen
Some of the Web's most prolific organized online criminals are starting to step up the frequency and sophistication of phishing attacks, targeting commercial banks, job hunting sites and data brokers, Security Fix has learned. Typically, phishing scams involve phony e-mails...
By Brian Krebs | May 24, 2007; 05:20 PM ET | Comments (9)
Cyber Crooks Hijack Activities of Large Web-Hosting Firm
Organized crime groups have modified a significant share of the Web sites operated by one of the Internet's largest Web hosting companies to launch cyber attacks against visitors, Security Fix has learned. Last month, Phoenix-based IPOWER Inc. was featured prominently...
By Brian Krebs | May 23, 2007; 10:30 AM ET | Comments (21)
Scammers Target Elderly With Aid of Data Brokers
Consumer data broker infoUSA reaped huge profits selling lists with the names of elderly individuals and others likely to be easy targets for identity thieves and con artists, according to a harrowing story in Sunday's New York Times. The newspaper...
By Brian Krebs | May 21, 2007; 02:15 PM ET | Comments (1)
Tuning Up Uncle Sam's Cyber Crime Laws
Lawmakers in the House of Representatives on Monday introduced a bill that seeks to modernize the nation's computer crime laws and give prosecutors more leeway and resources in going after cyber crooks. The Cyber-Security Enhancement Act of 2007, authored by...
By Brian Krebs | May 15, 2007; 11:34 AM ET | Comments (4)
The Politics of Identity Theft
Washingtonpost.com today ran an in-depth story I wrote examining the politics behind the identity theft problem in one state. It is told through the eyes of a Delaware resident who championed a measure and ultimately won passage of a law....
By Brian Krebs | May 9, 2007; 11:25 AM ET | Comments (22)
Federal Data Breach Bills Clear Senate Panel
Update, May 13: Please read the entire post, which has been updated. Original post: A key Senate committee today approved two bills that would force businesses to notify consumers if their personal or financial data is lost or stolen. The...
By Brian Krebs | May 3, 2007; 04:55 PM ET | Comments (4)
Building A Web-Based Neighborhood Watch
At any given time, tens of millions of personal computers around the globe are infected with malicious software that criminals use to turn them into spam-relaying "zombies." But many machines could be inoculated if there was a distributed, Internet-wide system...
By Brian Krebs | April 30, 2007; 12:18 PM ET | Comments (9)
Smile, You're on Criminal Camera
Security Fix recently highlighted a pair of surveillance devices that criminals had attached to an automated teller machine in Tyson's Corner, Va., to steal financial data from unsuspecting bank machine customers. A few readers responded by asking why they should...
By Brian Krebs | April 18, 2007; 04:44 PM ET | Comments (8)
Data Breach Aided University Phishing Scam
A highly targeted phishing attack last year that scammed dozens of Indiana University students out of their personal and financial data appears to have been aided in part by a previously undisclosed hacker break-in at one of the school's main...
By Brian Krebs | April 16, 2007; 04:30 PM ET | Comments (9)
Practicing Street Smarts at the ATM
Each time I pull money out of a bank's automated teller machine -- even if it's an ATM that is very familiar to me -- I always use caution to ensure that no one or thing is surreptitiously trying to...
By Brian Krebs | April 16, 2007; 10:30 AM ET | Comments (20)
Tax Time Means Fraud Time
The arrival of tax season brings the inevitable scam e-mails and Web sites claiming to be affiliated with the Internal Revenue Service, the Treasury Department, or an online tax refund or preparation service. Here's the latest scam: Members of Phishtank,...
By Brian Krebs | April 13, 2007; 04:39 PM ET | Comments (1)
Research Suggests Weakness in Anti-Phishing Technology
Security experts have warned for some time now that certain anti-online-fraud technology deployed by many major financial institutions may be lulling online banking users into a false sense of protection. Today, two university researchers released a demo in an attempt...
By Brian Krebs | April 10, 2007; 10:01 AM ET | Comments (10)
I'd Like a Double Espresso and Your Password, Please
One of the perennial questions I get from readers is whether it is safe to log into personal e-mail accounts at the local coffeehouse or even via a neighbor's wireless network. My answer remains the same: If you do not...
By Brian Krebs | April 9, 2007; 01:30 PM ET | Comments (18)
Microsoft Rushes Out a Security Update
Microsoft Corp. yesterday said it plans to issue a software update on Tuesday to fix a dangerous security flaw in its Windows operating system -- a flaw that cyber criminals are actively targeting to gain access to computers across the...
By Brian Krebs | April 2, 2007; 01:20 PM ET | Comments (51)
Attackers Exploit Unpatched Explorer Flaw
Microsoft is warning Windows users that hackers are exploiting a newly discovered flaw. It enables criminals to hijack Windows PCs if users merely visit a hostile Web site with an Internet Explorer browser or open a specially crafted e-mail message....
By Brian Krebs | March 29, 2007; 03:10 PM ET | Comments (22)
Fortune 500s Unwittingly Become Spammers
The next time you receive a piece of junk e-mail touting penny stock, pimping Rolex watches, or lauding a work-at-home scam, consider investigating who really sent it. You may be surprised. Security Fix reviewed spam samples captured in the last...
By Brian Krebs | March 29, 2007; 11:11 AM ET | Comments (12)
Enabling the Spammers
Spammers are having a field day with a string of recently discovered security vulnerabilities in MailEnable, an e-mail server program offered by many large, dedicated Web hosting companies. Over the past few months, MailEnable has released updates at least a...
By Brian Krebs | March 27, 2007; 04:52 PM ET | Comments (3)
They Say They Want a Revolution
Educational institutions churn out computer science degrees to fresh faced graduates bursting with new ideas and skills to match, but how well do they hammer home the need to write software securely? Judging from the massive number of software vulnerabilities...
By Brian Krebs | March 26, 2007; 04:45 PM ET | Comments (21)
A Fresh Look at Password Thieves
Security Fix recently published information about thousands of U.S. residents whose passwords and other data had been stolen by nefarious hackers. Last week, I received more data about the number of victims caused by the hackers' Trojan horse computer program...
By Brian Krebs | March 23, 2007; 03:19 PM ET | Comments (4)
Online Trading Firms to Swap Fraud Tips
Washingtonpost.com today ran a story I wrote about representatives from some of the nation's top online stock trading firms who will meet tomorrow with federal law enforcement officials to discuss ways they can work together to combat Internet fraud. From...
By Brian Krebs | March 22, 2007; 08:28 PM ET | Email a Comment
Stolen Identities Sold Cheap on the Black Market
Recovering from identity theft can take years and cost thousands of dollars. But how much is your identity worth to the thieves who sell it to other fraudsters? Turns out, less than the price of two tickets to the movies....
By Brian Krebs | March 19, 2007; 12:01 AM ET | Comments (21)
Task Force Shapes ID Theft Policy
A viral epidemic of consumer identity fraud and data theft prompted President Bush last year to create a task force charged with crafting proposals to marshal Uncle Sam's resources to prevent identity fraud, assist victims and more aggressively prosecute those...
By Brian Krebs | March 15, 2007; 09:36 AM ET | Comments (16)
Tracking the Password Thieves
The Washington Post today ran a story I wrote about an epidemic of data theft being fueled by password-stealing viruses and phishing attacks. In some ways, the story behind the reporting that went into the piece is just as interesting,...
By Brian Krebs | March 14, 2007; 12:01 AM ET | Comments (63)
Vishing: Dialing for Dollars, Part II
Security Fix received a copy of a new scam e-mail targeting Bank of America customers that is likely to con quite a few folks before it is shut down. Sure, Bank of America is hit by this sort of thing...
By Brian Krebs | March 8, 2007; 12:26 PM ET | Comments (7)
They'll Always Have Paris
The young men who reached notoriety for illegally accessing the cell phone of socialite Paris Hilton are now either in federal prison or headed there shortly. Security Fix has learned the whereabouts of the hackers who pleaded guilty last fall...
By Brian Krebs | February 27, 2007; 12:58 PM ET | Comments (5)
Fool Me Once, Shame On You But Fool Me Twice...
In aiming to settle a class action suit, a group of companies is throwing a proverbial pie in the face of affected consumers. A Security Fix reader forwarded an e-mail about a benefit he allegedly was eligible to collect as...
By Brian Krebs | February 26, 2007; 03:35 PM ET | Comments (35)
Mass. Bill Would Make Retailers Pay for Data Breaches
Lawmakers in Massachusetts are poised to consider legislation that would force retailers who suffer data breaches to cover the costs associated with any fraud-related losses by their customers, according to a story in today's Wall Street Journal (link is by...
By Brian Krebs | February 22, 2007; 03:27 PM ET | Comments (2)
Valentine Or Virus?
It could be a Happy Virus Day for you as virus writers love to take advantage of the blizzard of e-greeting cards swirling around the Internet. Finnish anti-virus firm F-Secure warns that the poisoned love letters already are circulating. The...
By Brian Krebs | February 14, 2007; 01:01 PM ET | Comments (5)
FTC Issues Fraud and ID Theft Data for 2006
Unauthorized credit card charges were the leading contributor to more than $1.1 billion bilked in reported consumer fraud complaints last year, according to new figures released today by the Federal Trade Commission. Shop-at-home/catalog sales and prizes and sweepstakes accounted for...
By washingtonpost.com Editors | February 7, 2007; 05:11 PM ET | Email a Comment
Microsoft to Support OpenID
SAN FRANCISCO: Microsoft Chairman Bill Gates today said his company would throw its support behind "OpenID," an open-source, distributed identity management system that seeks give computer users a more secure way to manage their online credentials. "Everywhere you go on...
By Brian Krebs | February 6, 2007; 05:40 PM ET | Comments (4)
Birth of the Verbal Hack?
Microsoft Corp. said Wednesday that a voice-recognition feature built into Vista -- the new version of Windows that went on sale this week -- could be exploited remotely to delete files on a victim's machine if he or she visited...
By Brian Krebs | February 1, 2007; 10:50 AM ET | Comments (18)
In Praise of Phish Fighters
It isn't often that the public is afforded a peek into federal law enforcement efforts to combat "phishing" scams, fraudulent e-mail lures for Web sites created to assume the look of trusted online brands and steal personal information. But February...
By Brian Krebs | January 31, 2007; 05:45 PM ET | Comments (5)
Sony Settles FTC Suit Over Music CD Spyware
Sony BMG Music Entertainment on Tuesday said that it had agreed to settle charges brought by the Federal Trade Commission for shipping dozens of music CDs -- that when played on a Microsoft Windows computer -- installed a hidden anti-piracy...
By Brian Krebs | January 31, 2007; 01:24 PM ET | Comments (2)
Web Advertisers Settle N.Y. Spyware Lawsuit
Three of the most aggressive buyers of online advertising space today agreed to pay fines and reform their advertising practices as part of a landmark anti-spyware settlement. Mobile phone giant Cingular Wireless LLC, and travel sites Priceline.com and Travelocity.com agreed...
By Brian Krebs | January 29, 2007; 06:23 PM ET | Comments (7)
New E-Commerce Identity Tag Makes Online Debut
A long-promised technology for helping consumers verify the legitimacy of commercial Web sites made its debut on the Internet Friday: Visit online security company Entrust's login page with Microsoft's Internet Explorer 7 Web browser and you'll notice that the address...
By Brian Krebs | January 13, 2007; 12:18 PM ET | Comments (37)
Scary Blogspam Automation Tools
As the de facto administrator of the Security Fix blog, I've spent many an hour deleting spammy links left in the comments section -- comments that usually lead back to the same kinds of Web sites you most commonly see...
By Brian Krebs | January 8, 2007; 03:55 PM ET | Comments (35)
Internet Explorer Unsafe for 284 Days in 2006
Security Fix spent the past several weeks compiling statistics on how long it took some of the major software vendors to issue patches for security flaws in their products. Since Windows is the most-used operating system in the world, it...
By Brian Krebs | January 4, 2007; 06:45 AM ET | Comments (108)
Grim 2007 Cyber Forecast (and a Nod to Late Pres. Ford)
The Washington Post's Business section today ran a story I wrote last week about the rise in spam and organized cyber crime -- a rise driven principally by a huge uptick in the number of security holes identified in widely...
By Brian Krebs | December 27, 2006; 12:27 PM ET | Comments (2)
Phishing Scams Soared in October
The number of phishing Web sites set up to impersonate banks and steal people's financial and personal data skyrocketed in October to 37,444, the highest on record, according to stats released this week. The Anti-Phishing Working Group reports that 52...
By Brian Krebs | December 12, 2006; 10:50 AM ET | Comments (5)
How Not to Distribute Security Patches
Over the weekend MySpace was hit by a password-stealing computer worm that took advantage of a weakness in Apple's QuickTime media player to spread rapidly among the online community's users. On Tuesday, MySpace administrators sent around a memo urging millions...
By Brian Krebs | December 6, 2006; 09:07 AM ET | Comments (16)
Guidance Software Settles With FTC Over Data Compromise
Guidance Software -- the leading provider of software used to diagnose hacker break-ins -- has settled a case brought by the Federal Trade Commission after a database compromise at the company exposed financial and personal data connected to thousands of...
By Brian Krebs | November 16, 2006; 12:00 PM ET | Comments (5)
Report: Phishers Hooking Fewer (But Fatter) Victims
First the good news: While the number of phishing attacks continues to increase, fewer victims report falling for the scams than a year ago. The bad news: Those who did get hooked by a phishing e-mail lost a lot more...
By Brian Krebs | November 9, 2006; 11:41 AM ET | Comments (11)
'Supercerts' Aim to Highlight Legit Web Sites
Over the past couple of years, dozens of companies have rolled out technologies designed to help computer users and companies better spot "phishing" scams -- Web sites that try to trick people into giving away financial and personal data. But...
By Brian Krebs | November 8, 2006; 03:02 PM ET | Comments (7)
180Solutions/Zango to Pay $3M to Settle FTC Suit
Zango, the company that makes the 180Search Assistant and Zango family of pop-up ad-serving and Web tracking software, has agreed to pay $3 million to settle a suit brought by the Federal Trade Commission. The suit charged that unfair and...
By Brian Krebs | November 3, 2006; 04:55 PM ET | Comments (1)
14 Arrested for Credit Card, Phishing Scams
The Washington Post today ran a story I wrote on the first phase of "Operation Cardkeeper," an international investigation by the FBI into scammers who are using online fraud forums to traffic in stolen credit cards and identities. From the...
By Brian Krebs | November 3, 2006; 07:53 AM ET | Comments (5)
Got Phish? Drop 'Em in the 'Phishtank'
Chances are that you regularly receive "phish" in your inbox -- e-mail messages that try to lure you into giving away your personal and financial data at fake bank or e-commerce Web sites. If you're at all like me, you...
By Brian Krebs | October 5, 2006; 05:16 PM ET | Comments (8)
'Shopadmins' And the ID Theft Cycle
washingtonpost.com today published a story based on the 10 hours of lurking I did on a variety of underground chat and Web channels frequented by identity and credit card thieves. From that research, Security Fix confirmed recent data breaches at...
By Brian Krebs | September 28, 2006; 07:55 AM ET | Comments (33)
Zotob Worm Authors Behind Bars
Two members of a hacking ring responsible for unleashing the disruptive "Zotob" computer worm last fall were sentenced this week by Moroccan authorities to a total of three years in prison. Sentenced were Farid Essebar, 18, a Moroccan national born...
By Brian Krebs | September 14, 2006; 06:48 PM ET | Comments (8)
Don't Be a Pump-and-Dump Chump
Nearly every day when I check out the junk folder in my e-mail inbox, I find at least one unsolicited e-mail trying to convince me that RIGHT NOW is the time buy some cheap penny stock. These kinds of solicitations,...
By Brian Krebs | September 5, 2006; 10:37 AM ET | Comments (11)
Study Analyzes 16 Months of Data Breaches
A new report on consumer data breaches recorded over the past 16 months indicates that hacking remains the most frequent source of data theft and loss, with breaches reported by educational institutions making up 43 percent of all reported data...
By Brian Krebs | September 1, 2006; 09:31 AM ET | Comments (9)
Using Images to Fight Phishing
So-called "phishing" Web sites set up by scammers to mimic financial institutions and swindle unwitting consumes often "inlink" or borrow logos and other images directly from the targeted institution's Web sites as a way of making their scam pages look...
By Brian Krebs | August 31, 2006; 10:45 AM ET | Comments (20)
Botnet Operator Sentenced to 37 Months in Prison
A California man whose online criminal ring hacked into hundreds of thousands of computers and disrupted operations at a U.S. hospital and several military installations was sentenced Friday to 37 months in prison for his crimes. Christopher Maxwell, 21, of...
By Brian Krebs | August 28, 2006; 03:52 PM ET | Comments (11)
P.O.'s P.D. Goes CSI on DVD
I spent some time over the weekend reviewing some free DVDs produced by the U.S. Postal Inspection Service, which is giving away the discs in a campaign to call attention to the dangers that lurk at the intersection of online...
By Brian Krebs | June 5, 2006; 03:03 PM ET | Comments (8)
How Many Spams Can a Scammer Scam If a Spammer Can Scam Spams?
See if you can say that headline three times fast. I absolutely love the scamming-the-scammer stories because they're generally so convoluted that they're almost funny (that is, if you can forget for a moment that there are thousands of victimized...
By Brian Krebs | May 23, 2006; 02:21 PM ET | Comments (14)
Botmaster Sentenced to 57 Months in Prison
A 21-year-old California man was sentenced today to 57 months in prison for hacking into hundreds of thousands of computers and renting the network of hacked PCs out to spyware companies and to people who used the network to send...
By Brian Krebs | May 8, 2006; 06:30 PM ET | Comments (10)
More Spyware, Typosquatting Allegations Against Yahoo
Yet another class action lawsuit has been filed against Yahoo! Inc., accusing the company of bilking advertisers by displaying their online ads via spyware and adware products and on so-called "typosquatter" Web sites that capitalize on misspellings of popular trademarks...
By Brian Krebs | May 5, 2006; 12:53 PM ET | Comments (2)
FCC Looking at Abuse of Phone Services for the Deaf
The Federal Communications Commission this week asked for input on ways to curtail the amount of credit card fraud being carried out by criminals abusing Internet-based "telecommunications relay services" designed to help the the deaf and hard-of-hearing make telephone calls....
By Brian Krebs | May 5, 2006; 11:28 AM ET | Comments (5)
Suit Levels Spyware, Typosquatting Allegations at Yahoo
A class-action lawsuit filed Monday against Yahoo! Inc. and group of unnamed third-parties accuses the company of engaging in "syndication fraud" against advertisers who pay Yahoo to display their ads on search results and on the Web pages of partner...
By Brian Krebs | May 2, 2006; 05:36 PM ET | Comments (25)
Hired Internet Gun Sentenced to Two Years
A 31-year-old Ohio man thought to be one of the first U.S. citizens convicted of contracting to organize crippling attacks against commercial Web sites has been sentenced to two years in prison for his crimes. Paul Garrett Ashley was ordered...
By Brian Krebs | May 1, 2006; 03:07 PM ET | Comments (1)
When Macs Attack
A story I wrote this week about "Shadowserver" -- a group of security volunteers who hunt down botnet operators online -- got picked up by "news-for-nerds" blog Slashdot, and since then a few readers and bloggers have been asking for...
By Brian Krebs | March 24, 2006; 09:22 AM ET | Comments (38)
Anti-Spyrus Software and the Keylogger Conundrum
Today we posted a story about the threat from keystroke logging programs and the increasingly sophisticated methods criminals are using to sort through the mountains of stolen password and financial information these eavesdropping devices are phoning home. I contacted dozens...
By Brian Krebs | March 16, 2006; 01:15 PM ET | Comments (25)
Street-Level Credit Card Fraud
Until recently, Las Vegas police officers couldn't figure out why some of the prostitutes and drug addicts they arrested were found carrying multiple hotel room keys and slot machine player's club cards. When confronted, the suspects said they kept them...
By Brian Krebs | March 6, 2006; 08:00 AM ET | Comments (24)
Alarming Phishing Trends
The number of phishing Web sites skyrocketed in December, as did the number of sites designed to spread password-stealing badware, according to the most recent report from the Anti-Phishing Working Group. The number of unique phishing sites jumped from 4,630...
By Brian Krebs | February 22, 2006; 03:10 PM ET | Comments (23)
More 'Rogue' Trouble for 180solutions
Anti-spyware activist and Harvard Ph.D. student Ben Edelman has just put up another one of his "gotcha" videos that he says documents "rogue" -- i.e., non-consensual -- installs of adware, this one from a Web site getting paid by 180solutions...
By Brian Krebs | February 20, 2006; 03:21 PM ET | Comments (16)
Botnets: A Global Pandemic
Below is another excerpt that got cut from my Post magazine story on botmasters and their contribution to the growing adware and spyware problem. Some information security experts say the mainstream Internet security companies have inadvertently yet drastically understated the...
By Brian Krebs | February 18, 2006; 01:25 PM ET | Comments (24)
The New Face of Phishing
Phishing is a difficult enough form of fraud to avoid for most computer users, but when some of the biggest names in the financial industry fail to do their part to detect and eliminate these online scams, consumers often are...
By Brian Krebs | February 13, 2006; 01:50 PM ET | Comments (106)
Security Fix Has Moved - Please Update Your Bookmarks and RSS Feeds
Security Fix's Web address has changed slightly. Please update your bookmarks to the new URL: http://blog.washingtonpost.com/securityfix And this blog's RSS feed has a new address as well: http://blog.washingtonpost.com/securityfix/index.xml The new online home looks pretty much the same, and the entire...
By Brian Krebs | February 10, 2006; 11:39 AM ET | Comments (3)
ChoicePoint to Pay $15M for Privacy Violations
Atlanta-based data aggregator ChoicePoint today agreed to pay $15 million to settle charges that it violated federal consumer protection laws when it allowed criminals to purchase sensitive financial and personal data on at least 163,000 Americans. The settlement addresses a...
By Brian Krebs | January 26, 2006; 12:06 PM ET | Email a Comment
T-Mobile Sues Cell Phone Record Diggers
Wireless provider T-Mobile on Monday sued the owners of several Web sites that have built a business around selling anyone's wireless phone records. The move comes just days after Congressional lawmakers introduced several bills to explicitly make the practice a...
By Brian Krebs | January 25, 2006; 09:52 AM ET | Comments (6)
FTC Urged to Sue Adware Maker 180Solutions
The Center for Democracy & Technology, a Washington-based nonprofit public interest group that's leading the Anti-Spyware Coalition, today urged the Federal Trade Commission to sue adware company 180Solutions Inc., accusing it of routinely allowing distributors to deceptively install its online...
By Brian Krebs | January 23, 2006; 10:17 AM ET | Comments (2)
Hackers Attack Million Dollar Homepage
When you suddenly come into a ton of money, it seems as though everyone always wants a piece of it. Just days after 21-year-old overnight millionaire Alex Tew sold the last piece of digital real estate on his brainchild --...
By Brian Krebs | January 19, 2006; 12:32 PM ET | Comments (7)
Fake Anti-Spyware Makers Settle Fraud Charges
Two supposed anti-spyware companies that used misleading ads to frighten consumers into purchasing software to eliminate non-existent threats have settled deceptive trade practice charges brought by the Federal Trade Commission (FTC). The civil lawsuits targeted the makers of the "SpywareAssassin"...
By Brian Krebs | January 5, 2006; 01:50 PM ET | Comments (1)
Guidance Software's Customer Database Compromised
Read Brian Krebs's latest story: "Hackers Break Into Computer-Security Firm's Customer Database." Here's the story lead: "Guidance Software -- the leading provider of software used to diagnose hacker break-ins -- has itself been hacked, resulting in the exposure of financial...
By | December 20, 2005; 08:38 AM ET | Comments (20)
Prostitution Suspect Used Data Access to Keep Tabs on Cops
A federal government worker who abused her access to sensitive consumer data to try to stave off a prostitution investigation has been sentenced to four months' home confinement with another four years of probation. Candice "Candy" Smith, 44, of Blue...
By Brian Krebs | December 2, 2005; 11:10 AM ET | Comments (3)
FTC Says It Has Shut Down Spyware Ring
The Federal Trade Commission said today its enforcement division had obtai