Tag Archives: phishing

Phishing Targeting Sucuri Customers

We are always on guard for phishing emails and websites that might try to compromise our customers or employees, so that we can be on top of the issue and warn as many people as possible. Targeted attacks are rare, yet it seems today is one of those rare days for us. Recently we discovered a new phishing More Info »

Bank Phishing Incident Analysis

Everyone has received a phishing scam via email at one point or another. Thanks to modern anti-spam technology, most of these messages are blocked from ever reaching our inboxes. I said most of them. Today I got one that was able to get through the bouncer: The subject (in Brazilian Portuguese and poorly crafted) translates More Info »

Ask Sucuri: Is My Website Hacked?

Having your website hacked can be a devastating experience for any website owner. Unfortunately, many website owners rarely know they are infected until days, if not weeks, after the compromise has occurred. Their notification comes in the form of a blacklist or some other alert, including notifications from their users. Neither is ideal. So how… More Info »

Phishing Attacks Target Ecommerce Checkout Pages

Hunting credit card details on compromised ecommerce websites has become popular over the last two years. We have reported multiple cases in the past where attackers targeted checkout pages and payment modules via malicious “patches” designed to steal payment details. These thefts can’t be easily detected by customers (no visible signs) nor the site owners… More Info »

Realstatistics Malware Campaign Uses Fake Analytics Sites

In this post we’ll show you the tactics employed by the realstatistics malware campaign to make their injections seem less suspicious. The injection looks like this: The URL appears to be a typical statistics/analytics script: both the domain name and the URL path look relevant. The script is not encrypted…. The post Realstatistics Malware Campaign More Info »

Domain Renewal Phishing Scams

When I received a letter in the mail asking me to renew my domain name, I immediately recognized it as a scam. The letter was designed to look like a bill, even including a return envelope for me to send payment to a company called iDNS Canada. I’d never heard of them before. The letter… More Info »

Phishers Abuse Hosting Temporary URLs

Recently we told you how hackers use alternative domain names provided by web hosts to make their URLs look less suspicious. This time we’ll show a similar trick used by phishers. Phishing web pages get blacklisted very fast. That’s why hackers need to purchase many domains or compromise many websites so that they can point… More Info »

Phishing for Anonymous Alligators

Everyone has encountered phishing at some point – fake emails and web pages designed to look legitimate. This tactic is becoming more popular as attackers are learning how to produce new and convincing phishing lures. You might receive spam emails claiming to have some important document for you. Some of them have malicious attachments andRead More Info »