JULY 26, 2013
Your regular source of security updates from TrendLabsSM
In This Issue

Security Spotlight
Old Malware, New Tricks: File Infector Steals FTP Credentials

Security for Home Users
Summer of Scams: Blockbusters Get Used as Bait

Security for Business
Proactive Security Awareness Programs: Turning Weakness into Strength



Security for Home Users

Summer of Scams: Blockbusters Get Used as Bait

Though socially engineered threats are no longer new, a trend of using blogging and social networking sites to host scam websites is emerging.”



Time and again, we reported about socially engineered scams that use hot topics to lure victims. This summer, cybercriminals are using popular movies like Iron Man 3, Man of Steel, and Fast and Furious 6 as bait.

Scam of Steal(ing)

This summer’s scams lead users to fraudulent websites that promise video streams of any movie of their choice but only after they answer a survey or download a particular movie player. The streams, of course, don’t exist. These scams bank on the moviegoers’ need to watch films for free or before anyone else can. Some fans may also just wish to see a movie again.

Though these socially engineered threats are no longer new, a trend of using blogging and social networking sites to host scam websites is emerging. This benefits cybercriminals in two ways. First, their scam sites appear more legitimate due to the familiarity of the URL. Second, it gives cybercriminals a free platform to host their malicious creations without having to reveal their identities. This lessens their chances of being tracked down by the good guys.

After the Scam

Despite multiple warnings and advisories, social engineering threats are still effective. Fake websites that offer free streams of Man of Steel had 150,000 unique hits in a span of just two months. New tricks used in conjunction with these threats show that social engineering is evolving.

Now, more than ever, users have to be cautious of their online activities. Avoid websites that offer deals that are too good to be true and sites with illegal content like pirated copyrighted material. Users can go the extra mile by getting a security solution that blocks sites that host these scams and stops malicious downloads.

For more information on social engineering, check out “How Social Engineering Works.”

Copyright ©2013 Trend Micro Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their respective owners. The information contained in this document is subject to change without prior notice.

www.trendmicro.com

  CONNECT WITH US ON: