Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Dear Facebook….

June 22nd 2012

How do I say this nicely…. No I will NOT give you $7.34AUD to “promote” a post.

Read On 2 Comments

Will I succumb to temptation???

June 22nd 2012

  Ok, so I checked out the link (only from within an isolated VM, and after checking out what the URL will do using analytical tools – don’t try this at home boys and girls). For what it’s worth, you end up at a survey or prize win page which changes depending on what country […]

Read On Comments Off

Scareware makes it way to mobile devices…

June 21st 2012

  Well, I suppose it had to happen sooner or later http://krebsonsecurity.com/2012/06/beware-scare-tactics-for-mobile-security-apps/   Image source: krebsonsecurity   According to Brian’s article, the advertisement linked to in the overlay image (now gone, apparently) was hosted by mobilevisitor.org – that domain is reported as new, having been created on 6 June 2012, and with its ownership hidden […]

Read On Comments Off

Fake Intuit email…

June 20th 2012

As you will see, the hyperlinked words “enter this site” do not take you to an Intuit website.

Read On Comments Off

Fake Verizon Wireless emails

June 15th 2012

As always, please don’t click on the links.

Read On Comments Off

Fake UPS email

June 15th 2012

Don’t click on the links!

Read On Comments Off

IE7 being blocked by kogan.com

June 14th 2012

  I do understand the sentiment – IE7 is long superseded, with IE9 being the latest and IE10 in development: http://www.news.com.au/technology/kogan-wages-war-on-internet-explorer-users-taxed/story-e6frfro0-1226395298505 That being said, why doesn’t Kogan simply block access to IE7 users rather than try and make money off them – that is possible to do with appropriate scripting – and solves the problem […]

Read On 1 Comment

Non-English (Dutch) Mastercard spam

June 4th 2012

Rough translation…   Spam email: As always, when you hover over a link, it becomes obvious that the email is not legitimate: If you give in to temptation (of course, never do so unless you are working within a properly sandboxed virtual machine that you can “nuke from orbit” if needs be) you will see […]

Read On 1 Comment

Twitter spam…

June 3rd 2012

  After bouncing through various URLs (including one in Russia) you end up at a fake Twitter log in page: http://wepawet.cs.ucsb.edu/view.php?hash=a9f9677418fa2d11d0b6eddda93e6e3b&t=1338784045&type=js   Note the non-Twitter URL.  

Read On Comments Off
Read On 1 Comment