Scammers jingle all the way

With the holidays just days away, shoppers rush around late into the night, radio stations blare seasonal tunes--and cybercriminals busily try to scam unsuspecting targets.
"Holidays are an excellent hook for scams," Klein said. Last year there were 8,829 different phishing campaigns in December, and the number has increased since, hitting a high of 15,820 in October, he said. "The real problem with phishing e-mail is that they really look like e-mail that you would expect to receive."
CNET

Phishers attack eBay using new technique

Scammers have found a new way to try to trick eBay members into giving them their personal information.
The new technique effectively hijacks links on listing or search results pages, taking people to an official-looking eBay log-in page that is actually phony.
Mercury News

'Tis the Season for Holiday Spamming

AppRiver has tracked dozens of Sober variants each week since late November, when the holiday shopping season officially began. Subject lines include "christmass dinner -- eat with no worries," "send the kids a letter from Santa" and "Holiday Treats and a free gift from Jelly Belly."
TechNewsWorld

Security Threats Up Nearly 50 Percent In 2005

It's been a good year for cybercrooks, especially those with the foresight to have gotten in on the boomingTrojan horse business.
The number of new worms, viruses, and Trojan horses jumped 48 percent in 2005, a security company said Tuesday, as it detailed the year's security woes.
Information Week

1 in 4 target with Phishing Scams

About one in four Internet users are hit with e-mail scams every month that try to lure sensitive personal information from unsuspecting consumers, a study says.

Of those receiving the phony e-mails, most thought they might be from legitimate companies -- seven in 10, or 70 percent, were fooled by the e-mails, said the report.
CNN

Gone Spear-Phishin'

About a year and a half ago, Amnon Jackont, an Israeli mystery novelist and Tel Aviv University history professor, became ensnared in a mystery of his very own: friends and students were receiving e-mail messages from him that he had never written. A few months later, unpublished paragraphs and chapters from a book he was writing were plucked from his computer and began appearing on Israeli Web sites.

Mr. Jackont took his computer to the Israeli police last fall and was told to reformat it. But his problems persisted. So the police examined his computer more closely and discovered that a malicious program known as a Trojan horse lay hidden deep inside and had hijacked the machine from a remote location.
New York Times

Phishing: Beware the Internal Revenue Scam

The official-looking e-mails promise an income-tax refund, but they're really one more reminder to be cautious with personal info online

Scam artists are in hot pursuit of your identity. And they're cooking up a growing number of so-called phishing schemes, using e-mails that look like they're from a reputable source to cull personal data needed to steal your hard-earned money.
Business Week

Network Computing's Spam Filters Tested

Still Sick Of Spam - Keeping Spam out of your Inbox
We've always placed our bets on technology over politicians anyway, so we invited 16 vendors to send their antispam products that run on Microsoft Exchange servers to our Syracuse University Real-World Labs(r) for testing and evaluation. We limited this review to Exchange-only offerings to serve readers with small-or no-IT groups; many small IT shops use single Exchange servers for their e-mail gateways. Antispam appliances/ firewalls, hosted spam services and products that do not integrate with Exchange were excluded from these tests-we covered them in "Sick of Spam"

NETWORK COMPUTING EDITOR'S CHOICE
B+
MailFrontier Gateway Server 4.1 MailFrontier installed in a snap using a wizard installation routine common to Windows-based software. Gateway Server includes copies of Sun's Java Runtime Engine and Apache's Tomcat for the administration console. The installation wizard warned us about Gateway Server's capacious space needs-it requested 40 GB of free space for use with its Web-based quarantine, dubbed "Junk Box."
Network Computing

E-mail-based worm puts VARs, vendors on alert

The rampant spreading of an e-mail-based worm attack this week shows that after a somewhat dormant period, widescale hacker threats are alive and well.

Variants of the “sober” e-mail worm have been arriving in millions of e-mail inboxes over the past several days. Many of them have been posing as fake messages from the CIA or FBI, warning recipients that their Internet addresses have been identified as having conducted illegal activities online. Clicking on the messages exposes the users’ computers to control by whomever sent the messages.
VAR Business

UK Spammer gets 6 Years

A man described as Britain's most prolific spammer has been sentenced to six years of prison.

Peter Francis-Macrae's sentencing on Wednesday in the Peterborough Crown Court followed his six-week trial and his conviction on charges of fraudulent trading, concealing criminal property, threatening to destroy or damage property, making death threats, and blackmail.

Francis-Macrae of Cambridgeshire was accused of defrauding thousands of people by tricking them into sending him money to register an .eu domain name on their behalf. He was also charged with sending fraudulent e-mails to companies and claiming they had to pay a renewal fee to avoid losing their domain names.
CNET

Arrest Shows Focus on Bot Viruses

The arrest of a 20-year-old California man accused of profiting from networks of hijacked computers, among the first cases of its kind, illustrates law enforcement's increased focus on the growing scourge of "bot" viruses.

Malicious computer programs known as bots, short for robots, allow hackers to hijack thousands of far-flung computers and control them remotely. Criminals can use the commandeered machines to disseminate spam, hawk fake goods, send "phishing" emails to steal bank and other personal information or bombard corporate Web sites with Internet traffic to extract extortion payments.

A federal grand jury in California Wednesday returned a 17-count indictment charging Jeanson James Ancheta with conspiracy to cause damage to a computer, accessing a computer to conduct fraud and money laundering, among other charges.

According to the indictment, Mr. Ancheta, of Downey, Calif., earned thousands of dollars by infecting computers and then renting out access to networks of as many as 10,000 machines at a time to people who wanted to launch Internet attacks and send spam. He also hijacked U.S. government machines at the weapons division of the Naval Warfare Center and an information-systems agency at the Defense Department, the indictment alleges.

Mr. Ancheta allegedly made an additional $58,000 by surreptitiously planting adware -- programs that show the computer user targeted advertisements and tracks their activity online -- on hijacked computers, receiving payments from advertising companies for each installation.
Wall Street Journal

SEC Warns Investors Of Spyware, Phishing

The agency is concerned that investors aren't taking proper precautions when accessing their accounts.
The Securities and Exchange Commission (SEC) on Thursday issued a guide to private investors on the dangers that identity thieves pose to online broker accounts.
InformationWeek