Log In | Subscribe | | |


Two related statements from the IRS and other agencies highlight two specific risks. The first is password security and the second is phishing, etc. scams. By the way, "Summit Partners" (which appears in the statements) isn't a firm - it's someone's idea of a buzzword. Ignore it. It only means "other government agencies." Also, they have one thing dangerously wrong.

It's not rocket science. Ever since (I think) 1998 when the BBC's lawyers blocked an explanation I gave to BBC TV on how the nature of HTML facilitates on-line fraud (the feared that it would increase the number of criminals using it) criminals have, indeed, used certain features of HTML to hide what they are up to and ordinary people have lost many millions of dollars and have suffered innumerable attacks on their computers simply because of one, very simple, trick, writes Nigel Morris-Cotterill

CoNet Section: 

A very suspicious e-mail spoofing email addresses of not one but two banks and appearing to link to a website appearing to relate to an embassy has been received at the offices of The Anti Money Laundering Network. The hook is information on OFAC blacklists. The mail is in HTML format and therefore disguises the destination of links and also enables the placing of in-line graphics. We place regulators, enforcement agencies and those in financial institutions, especially in compliance and risk management, on alert.

Sending server: webmail.123-reg.co.uk
Request for External Wire transfer

CoNet Section: 

Today, the US cyber security office, US-CERT has issued a renewed warning about HIDDEN COBRA which it describes as a "spear phishing" virus.

What does that mean?

CoNet Section: 

The following e-mail addresses are associated with potential phishing or drive-by malware attacks this morning:


CoNet Section: 

A new form of spam-scam has come to our attention. We understand that this has not been widely seen before. Its nature is that it is likely that many receiving the email will click on links.

CoNet Section: 

The USA's Internal Revenue Service has, for some time, been warning corporations of a spam-scam targeting companies. But now, it says, it has evidence that it is spreading into "school districts, tribal organizations and non-profits." and other sectors. But that's not all: the criminals have found a way of hitting the same targets twice.

CoNet Section: 
Case Summary: 

Edward Majerczyk, 29, of Chicago, has been sentenced to nine months in a US Federal jail after pleading guilty to "a phishing scheme that gave him illegal access to over 300 Apple iCloud and Gmail accounts, including those belonging to members of the entertainment industry in Los Angeles."

Type of conduct: 
Computer crime

In recent weeks, we've seen a significant number of spam-scams from a domain that is remarkably similar to an official UK government domain, showing that registrars and hosts are failing to identify obviously fraudulent customers. The fraudulent domain name is close enough to the real thing to fool many targets.

CoNet Section: