Phishers continue to target Indian movies with phishing scams. The phishing site featuring the movie “Bodyguard” is one example, and this month Symantec observed a phishing attack in which phishers used a song from the Telugu movie “Brindavanam” as bait.
The phishing site displayed a picture of a musical number from the movie “Brindavanam” starring Telugu actresses Samantha and Kajal Aggarwal in the left side of the phishing page. There is also a plot summary of the movie below the image. The phishing page then encouraged users to enter their login credentials stating that, after logging in, they could watch the video. The pictured musical number from the movie was taken from the legitimate movie website. After login credentials are entered, users are redirected to this legitimate movie website which features the same video. Due to the popularity of this musical number, and the star cast, phishers were probably hoping for a large audience, increasing the number of user credentials they could steal.
The phishers’ redirection to a legitimate Web page is to create the illusion of a valid login for duped users. If users fell victim to the phishing site by entering their login credentials, phishers would have successfully stolen their information for identity theft purposes. The phishing site was hosted on server based in Montreal, Canada.
Users are advised to adhere to the following best practices to avoid phishing attacks:
Do not click on suspicious links in email messages
Do not provide any personal information when answering an email
Do not enter personal information in a pop-up page or screen
Ensure the website is encrypted with an SSL certificate by looking for the padlock, “https”, or the green address bar when entering personal or financial information
Update your security software frequently (such as Norton Internet Security which protects you from online phishing)
Contributor: Sandeep Ingale
When it comes to financial organizations, being informed about best security practices is every customer’s right. Many organizations provide this information on their websites to help their customers learn how to take …
Smart people are scammed every day because they think it can’t happen to them or they just aren’t aware of the scams. And the scammers have gotten very good at disguising their scams, so it’s often hard to recognize them. Scamming generally involves a form of social engineering. Social engineering is the act of manipulating Read more…
The Symantec Internet Security Threat Report (ISTR) 2013 reveals how the threat landscape is evolving, compiling information from more than 69 million attack sensors in 157 countries around the world. This year’s report shows more targeted attack…
When Online Safety Expert Taylor Tompkins and I speak with parents about how to keep their kids safe online we encounter these four types of parents. Which one are you? Type 1: Hopeless hapless OMFG we are doomed!!!!! Defining traits: Overrun, intimidated “My kid has found out how to stream illegal movies from our home Read more…
There is a nasty botnet trolling WordPress sites trying to log in with the default admin user name and using “brute-force” methods to crack the passwords. Our advice to save your wordpress blog from being hacked is to change admin as the login name to something else and use strong passwords. Matt Mullenweg, the founder […]
If you operate an online business that accepts credit or debit cards, then you are probably familiar with the Payment Card Industry Data Security Standards (PCI DSS). We’ve discussed the benefits of PCI Compliance before, and it is crucial to ensure that your business becomes and remains in compliance with these requirements. As more and Read more…
You could win 1 of 9 Nexus devices! All you have to do is visit the Android Police contest page and answer this question: What feature (or features) would you like to see added to avast! Mobile Security? Visit the Android Police contest page now, read through the description of the contest, and add your […]
How many of us have simply restored a phone to its factory settings before recycling it or selling it on Craigslist? What if I told you that there could still be data left behind? This week, a mobile forensics team released the results of an experiment meant to discover what kind of data lurks on Read more…
Dealing with file formats is not really enjoyed by us. Usually the format designers haven’t had the security and parsing by foreign applications in mind, sometimes the specifications are hard to get, but, what is worst is the specification which claims something and then the major implementation does not follow it, allowing the bad guys […]
