Identifying Hoaxes and Urban Legends

Chain letters are familiar to anyone with an email account, whether they are sent by strangers or well-intentioned friends or family members. Try to verify the information before following any instructions or passing the message along.
Why are chain letters a problem?
The most serious problem is from chain letters that mask viruses or other [...]

Read More About - Identifying Hoaxes and Urban Legends »

HARRISBURG – A Maryland-based computer training school that suddenly closed in mid-December, after taking nearly $2 million dollars in tuition payments from Pennsylvania students, is the subject of a lawsuit filed by the Attorney General’s Bureau of Consumer Protection.
Attorney General Tom Corbett said the suit was filed against ComputerTraining.com, Inc., (ComputerTraining) which offered computer training [...]

Read More About - ComputerTraining.com Hit With Consumer Protection Lawsuit »

We are aware of public reports indicating that attackers are using legitimate web pages to run malicious code on victims’ machines.
Reports, including a posting by Sophos, indicate that these messages
* Include keywords and names related to a current event (such as, the 9/11/2001 terrorist attack)
* Prompt users [...]

Read More About - Fraudulent Web Sites »

What is a social engineering attack?
To launch a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that [...]

Read More About - Avoiding Social Engineering and Phishing Attacks »

A massive phishing scam similar to the recent bank fraud scams is being sent in emails that look like the following:
From: “Microsoft Customer Support”
Subject: Update for Microsoft Outlook
Critical Update
Update for Microsoft Outlook / Outlook Express (KB910721)
Brief Description
Microsoft has released an update for Microsoft Outlook / Outlook Express. This update is critical and provides [...]

Read More About - Update for Microsoft Outlook Phishing Scams »

Alert — There is a massive new bank fraud phishing scam being conducted via email. The website address that appears in the body of the email looks valid; however, if you view the source, you will see a bogus domain name. Clicking on the link will take you to an unauthorized website. [...]

Read More About - Phishing Scams: Chase, Bank of America, Sun Trust »

US-CERT is aware of reports of economic stimulus scams circulating. These scams are being conducted through both email and malicious websites.
Some of the email scam messages request personal information, which can then be used for identity theft. Other email scam messages offer to deposit the stimulus funds directly into users’ bank accounts. If users provide [...]

Read More About - Economic Stimulus Email and Website Scams »

US-CERT is aware of public reports indicating that phishing scams are circulating via fraudulent U.S. Internal Revenue Service emails offering users stimulus package payments. These emails include text that attempts to convince users to follow a link to a website or to complete an attached document. The website and document request the user to provide [...]

Read More About - IRS Stimulus Package Phishing Scam »