Think Information. Think Security.
Watch out if you get email messages with attachments named like “Financial_Statement.exe” or “Postal_document.exe” – they mean trouble.

During these past few days we’ve seen here at BitDefender millions of spam messages either bundled with malware or containing a dangerous link. In this particular case I chose to present here, cyber-crooks tried to con the users by exploiting the natural and justified concern for their financial situation, serving them unsafe though extremely appealing attachments.

So, all in the name of money deposited in bank accounts and goods delivered via the postal service, there have been circulating e-mails with attached financial statements or postal documents. These are basically two facets of the same piece of malware – a downloader (identified by BitDefender asTrojan.Generic.KDV.280912) masquerading a Microsoft Word icon but bearing an .exe extension.

Eminem fans, be aware this scam and phishing attack.

Earlier today, BitDefender has detected a new spam wave claiming to originate from one of the most visited portals in the country and informing the recipient about rap star Eminem being shot dead in Detroit.

The unsolicited message also contains a link to an alleged “Full story”, but instead, when clicked, takes the user to a malicious file. In order to trick the user into running it, the downloaded file bears a double extension (jpg.exe) and an icon that resembles a thumbnail of Eminem’s picture. If clicked, the executable file installs a backdoor (identified by BitDefender as Trojan.Zapchast.NBF).

There have been a number of high-profile security breaches in the last few months that have exposed the email addresses of millions of users. In December, Gawker Media's servers were hacked, and over 500,000 email accounts were compromised, and in April, Epsilon, one of the largest email marketing companies announced that its database had been breached. Epsilon said the breach was limited to only 2% of its clients - only about 50 companies. But those 50 companies include Citigroup, Capital One, Walgreen, Best Buy, Target, Hilton, Kroger, Tivo, Disney, The College Board and Marriot. 

Rogue programs, fake antiviruses, fake security scans, fake antispyware, etc. are one of the most popular infections today.

Most of the users think these are real security products and that they do good job. And of course most of the users enters credit card details and "purchases" one of these antiviruses. And also there is huge possibility that you will be charged much more than the price declared in the shopping cart. As the time goes, these rogue antivirus and antispyware programs look more and more professional. They even tries to copy the interface of some real Antivirus or antispyware product. And also they usually come in families where the same program has more than one name. for example: "Windows recovery", "Windows xp recovery", "windows diagnostic", "windows vista recovery" is the same program with different names.

A new report of security company Symantec says that global spam is at its lowest levels since 2008. The geographic center of spammed accounts has also shifted from Russia to Saudi Arabia. Worldwide spam is now down to one in every 1.37 emails. In the United States, spam accounts for 73.7% of all emails.

Spam levels are now the lowest they have been since McColo, a California-based ISP spam control center, was taken down in 2008. That is, in part, due to the shutdown of the spam-sending botnet Rustock in March 2011. Spam, phishing, viruses and other types of malware are all still major problems in the Internet ecosystem but it looks like progress is being made against the botnets and those that control them.

Airlines and Hotels are good source of customer and credit card information aside from banks. This is one of the primary reasons why cyber-criminals are now going after them.

I just hope hijacking a plane by hacking will not happen.

According to the report, cybercriminals have discovered unique and creative ways like fraudster travel agencies and many more to exploit the industry and its customers.

LinkedIn users have to be more cautious now since the malware is now trying to connect to you and in your network.

Crooks are using new malware and LinkedIn to locate key people at firms to target with toxic spam.

LinkedIn’s been the hot networking spot for professionals for the past several years. But lately it’s also drawn the attention of web crooks, who see the site as a new point of infiltration.

If you receive an email apparently from Google telling you to confirm you Google account, trash it. It's a hoax and definitely a phishing campaign.

The Gmail database is not congested, and Google is not asking users to confirm that their accounts are still active.

But, it seems that scammers are hoping that you might believe that's true, according to one of the latest phishing attacks that has been spammed across the net.