Tag Archives: phishing

Phishing Targeting Sucuri Customers

We are always on guard for phishing emails and websites that might try to compromise our customers or employees, so that we can be on top of the issue and warn as many people as possible. Targeted attacks are rare, yet it seems today is one of those rare days for us. Recently we discovered a new phishing More Info »

Bank Phishing Incident Analysis

Everyone has received a phishing scam via email at one point or another. Thanks to modern anti-spam technology, most of these messages are blocked from ever reaching our inboxes. I said most of them. Today I got one that was able to get through the bouncer: The subject (in Brazilian Portuguese and poorly crafted) translates More Info »

Ask Sucuri: Is My Website Hacked?

Having your website hacked can be a devastating experience for any website owner. Unfortunately, many website owners rarely know they are infected until days, if not weeks, after the compromise has occurred. Their notification comes in the form of a blacklist or some other alert, including notifications from their users. Neither is ideal. So how… More Info »

Phishing Attacks Target Ecommerce Checkout Pages

Hunting credit card details on compromised ecommerce websites has become popular over the last two years. We have reported multiple cases in the past where attackers targeted checkout pages and payment modules via malicious “patches” designed to steal payment details. These thefts can’t be easily detected by customers (no visible signs) nor the site owners… More Info »

Realstatistics Malware Campaign Uses Fake Analytics Sites

In this post we’ll show you the tactics employed by the realstatistics malware campaign to make their injections seem less suspicious. The injection looks like this: The URL appears to be a typical statistics/analytics script: both the domain name and the URL path look relevant. The script is not encrypted…. The post Realstatistics Malware Campaign More Info »

Domain Renewal Phishing Scams

When I received a letter in the mail asking me to renew my domain name, I immediately recognized it as a scam. The letter was designed to look like a bill, even including a return envelope for me to send payment to a company called iDNS Canada. I’d never heard of them before. The letter… More Info »