Fake 'Exceeded Storage Limit' Phish ...
Last updated: July 5, 2014 - "Email claims that the user's email account has exceeded its storage limit and instructs him or her to reply with the account username and password in order to restore full functionality. Some versions ask users to click a link in the message... The message is -not- from any system administrator or support team nor is it from Outlook, Hotmail, or any other email service provider. The email is a phishing scam designed to trick users into divulging their email account login details to Internet criminals...
This message, which purports to be from the "System Administrator", claims that the recipient's email account has exceeded its storage limit and the sending and receiving of email may therefore be disrupted. The message instructs the recipient to reply to the email with his or her username and password so that the "System Administrator" can reset the account and increase the size of the database storage limit. A later version of the scam askes users to reply with account details to "confirm" the mailbox. In some variants, users are asked to click a link to supply their username and password. However, the message is not from the "System Administrator" or anyone else at the account holder's email service provider. Instead, the message is a phishing scam designed to trick recipients into handing over their web mail login details to Internet criminals. Those who reply to the message with their login details as instructed will in fact be handing over access to their webmail account to scammers who can then use it as they see fit. Once in their victim's email account, these criminals can then use the account to send spam messages, or in many cases, send other kinds of scam emails... Be wary of -any- unsolicited message that asks you to supply your webmail login details by replying to an email. All such requests are likely to be scams."
Attack on Dailymotion - redirected visitors to exploits
July 4, 2014 - " Attackers injected malicious code into Dailymotion.com, a popular video sharing website, and redirected visitors to Web-based exploits that installed malware. The rogue code consisted of an iframe that appeared on Dailymotion on June 28, researchers from security vendor Symantec said Thursday in a blog post*. The iframe redirected browsers to a different website hosting an installation of the Sweet Orange Exploit Kit, an attack tool that uses exploits for Java, Internet Explorer and Flash Player. The flaws that Sweet Orange attempted to exploit are: CVE-2013-2551, patched by Microsoft in Internet Explorer in May 2013; CVE-2013-2460, patched by Oracle in Java in June 2013; and CVE-2014-0515, patched by Adobe in Flash Player in April..."
3 Jul 2014 - "On June 28, the popular video sharing website Dailymotion was compromised to redirect users to the Sweet Orange Exploit Kit. This exploit kit takes advantage of vulnerabilities in Java, Internet Explorer, and Flash Player. If the vulnerabilities were successfully exploited during the campaign, pay-per-click malware was then downloaded on the victim’s computer. This week, Dailymotion is no longer compromised, as users are currently not being redirected to the exploit kit..."
4th of July SPAM...
4 July 2014 - "... like every other year, spammers are sending people a barrage of cleverly crafted spam aimed at exploiting this mood of celebration. This year, Symantec has observed a variety of spam, ranging from fake Internet offers to pharmacy deals, which take advantage of the US Independence Day.
Travel promotion spam - Subject: 4th of July Private Jets
Online casino spam
Fake pharmacy website exploiting July 4
Clearance sale product spam exploiting July 4
... Keep your antispam product updated frequently to get the best protection against these threats..."
July 4, 2014