Checkpoint Systems deploys its EAS Solutions at ... » Checkpoint Systems has announced its partnership in implementing EAS pedestals and deactivation syst... Evander Direct wins commendation for uPVC window... » Evander Direct have been commended for their innovative uPVC cleaning process that dramatically help... Electrical Industries Charity to benefit from pr... » Thousands of pounds are set to be raised for good causes in the electrotechnical industry at the upc... Secure I.T. Environments achieves new internatio... » Data Centre World, London: Secure I.T. Environments Ltd has announced that it has achieved new inter... OKI upgrades wide format with new Teriostar Multif... » Egham: OKI Europe Ltd has launched two new wide format Teriostar multifunction printers designed to ... BSIA members push aggressively for cyber-security ... » BSIA members have pledged to lead the way in cyber-security education, Vigilance can report. Smart access integration mitigates risk » ASDA SHOP FLOOR Cortech Developments’ main software product, Datalog 5, now offers full integration... Businesses warned to be extra vigilant with person... » BSIA Information Destruction section has warned businesses to be extra vigilant with personal data a... Osirium accelerates global channel recruitment pla... » · Distributor appointed in Middle East and North Africa (MENA) Reading, UK: Osirium Technologies pl... Misys recognised as leader in FRTB » London, UK: Misys has been recognised as a leader in helping banks meet the requirements of the Fund...


In a new blog post from Ronnie Tokazowski, security researcher, PhishMe, a new phishing scam that employs a shortened Google URL and contains a malicious .zip file that leads to a variant of the Cryptowall ransomware, is discussed.


Key takeouts from the post include:

Updated anti-virus should protect you from this threat, right? In this case, it probably won’t since only a fraction of vendors are picking up on this malware at the time of writing.

By following the bitcoin wallet exchanges, we have been able to successfully tie the bitcoin wallet from above to the earlier cryptowall campaign from the beginning of June. One of the wallets they are using, 1Leo, currently contains a staggering 710 transferred bitcoins, or roughly $415,000 USD. However, one thing worth noting is the last transaction to this address was 7/19/2014, more funds are being transferred to other accounts as of 7/31/2014, there are bitcoins (and money) currently not accounted for.

Using shortened URLs allows attackers to exploit human weaknesses in a number of ways. By making it more difficult to view and analyze the underlying URL, shortened URLs are more likely to be clicked by the busy or distracted employee who won’t take the time to analyze the link. Since many phishing emails aim to elicit an emotional response from the recipient by threatening negative consequences, a frazzled employee may also hastily click on a short link. Shortened URLs also take advantage of the fact that many employees simply may not be aware of how to view the destination of a shortened URL.