WHAT THE SUNDAY TERROR ATTACK MEANS FOR MALI—AND A... » At least two people have been killed in a tourist resort popular with westerners - Le Campement - in... Need to "Repeal the Perpetual Illegal Wars" » Charlie Savage of the New York Times reports in "Senators Wrestle With Updating Law Authorizing War ... After Terrorist Attack, Spain Rejected Its Hawks. ... » Email: sam@accuracy.org Husseini is communications director with the Institute for Public Accuracy.... Cisco includes Italtel’s enterprise SDN applicat... » Milan: Italtel has announced its Netwrapper application has been included in the official Cisco GPL ... InfinityQS upholds ISO 9001:2015 & ISO 27001:2013 ... » InfinityQS® International, Inc. (InfinityQS) has announced that it has successfully sustained its ce... New PT Application Firewall easier to deploy, co... » London: Cybersecurity expert Positive Technologies has announced a new version of its web applicatio... Logicalis acquires Packet Systems Indonesia to g... » London: Logicalis, an international IT solutions and managed services provider, together with Metrod... Revolutionary new AI event to launch in London -... » London: With discussion around artificial intelligence (AI) at an all-time high, MACHINA Summit.AI i... Basefarm acquires The unbelievable Machine Compa... » LONDON: Basefarm has announced their acquisition of the Berlin-based The unbelievable Machine Compan... PhishMe takes home SC Europe Awards 2017 » LONDON, UK: PhishMe® Inc. has announced that PhishMe Simulator™ and PhishMe Reporter® were recognise...



In a new blog post from Ronnie Tokazowski, security researcher, PhishMe, a new phishing scam that employs a shortened Google URL and contains a malicious .zip file that leads to a variant of the Cryptowall ransomware, is discussed.


Key takeouts from the post include:

Updated anti-virus should protect you from this threat, right? In this case, it probably won’t since only a fraction of vendors are picking up on this malware at the time of writing.

By following the bitcoin wallet exchanges, we have been able to successfully tie the bitcoin wallet from above to the earlier cryptowall campaign from the beginning of June. One of the wallets they are using, 1Leo, currently contains a staggering 710 transferred bitcoins, or roughly $415,000 USD. However, one thing worth noting is the last transaction to this address was 7/19/2014, more funds are being transferred to other accounts as of 7/31/2014, there are bitcoins (and money) currently not accounted for.

Using shortened URLs allows attackers to exploit human weaknesses in a number of ways. By making it more difficult to view and analyze the underlying URL, shortened URLs are more likely to be clicked by the busy or distracted employee who won’t take the time to analyze the link. Since many phishing emails aim to elicit an emotional response from the recipient by threatening negative consequences, a frazzled employee may also hastily click on a short link. Shortened URLs also take advantage of the fact that many employees simply may not be aware of how to view the destination of a shortened URL.