Spamzy

MaxAntiSpy is a new rogue anti-spyware program targetted at the Russian market. This parasite is essentially a corrupt spyware remover, which uses trojans, such as Zlob, to enter the system. MaxAntiSpy uses misleading advertising (popups, fake system notifications, falsified system scan reports) to create a reason for the user to purchase it’s “licensed version”.

MaxAntiSpy is a scam and should be treated as such: do NOT download or buy it and block MaxAntiSpy.com using your HOSTS file.

Original post:
MaxAntiSpy

AntiSpyControl is a new rogue anti-spyware program - a fake spyware remover, which uses trojans, such as the infamous Zlob or Vundo, to enter the system. This parasite uses misleading advertising techniques (displaying popups, fake system notifications, falsified system scan reports) to get the user to purchase it’s “licensed version”, which is as fake as the trial.

AntiSpyControl’s homepage, AntiSpyControl.com, provides no useful information whatsoever, including no contact details and uses an illegitimate payment system. AntiSpyControl is a scam and should be treated as such: do NOT download or buy it and block it’s homepage using your HOSTS file.

See the original post:
AntiSpyControl

Lop is a family of malicious browser hijackers that change Internet Explorer home and search pages, modify related search settings, install a toolbar and add numerous bookmarks to advertising sites to the web browser’s Favorites list. Lop parasites also track user Internet activity, create advertising desktop shortcuts, install unsolicited and potentially harmful programs and pests. Some threats can display commercial pop-up advertisements and may affect system stability. Typical Lop parasites are able to update themselves via the Internet. Threats automatically run on every Windows startup.
there are many variants of LOP:
lop/Trinity: old variant, which adds shortcuts and hijacks homepage and search.
lop/Dialer: porn dialler.
lop/Toolbar: IE toolbar with lop links
lop/Rnd: same lop/Toolbar but with completely random class IDs and filenames.
lop/AYB: a URL protocol module used by the MP3Search (or similar) minibrowser.
lop/Loader: an installer process that opens a small progress window and loads other lop products and variants.
lop/IMZ: similar to lop/Loader, but installs lop/Rnd and FavoriteMan/IMZ
lop/Active: monitors web pages viewed for keywords, and sets the buttons in the toolbar to match. Hijacks Default window to active-max.com, mysearchnow.com, searchwebnow.com or find-quick.com.

Excerpt from:
Lop

Dizan is a virus that spreads through infected files. Once executed, the parasite secretly installs itself to the system and runs a payload. It searches all local drives for executable files and infects them. It also opens a back door providing the attacker with unauthorized remote access to the compromised computer. Dizan can overwrite essential system files with copies of itself. The virus automatically runs on every Windows startup.

More:
Dizan

The latest threat to online banking accounts involves fraudsters using multi-step schemes that involve different interaction points with financial institutions.

Cyber-criminals commit this multi-channel fraud by first breaching an account via the online channel to steal valuable information such as account balances, check images, or signature blocks, in order to commit wire, check and other types of offline fraud that never gets linked to the original breach online.

Unfortunately, the online channel’s role in these schemes is often overlooked. This is precisely what makes this kind of fraud so effective - and hard to catch. Financial institutions only register the final transaction fraud, and cannot account for the original breach, which often occurs in the online channel. Add this to the fact that consumers don’t know it is happening, and the fraudsters have a perfect opportunity to continuously get away with this crime.

Case in point is what happened recently to a leading financial institution that serves tens of thousands of customers daily. Despite aggressive efforts to safeguard its online environment, fraudsters pulled off a startling multi-channel fraud scheme.

Here’s how the fraud scheme worked:

1. The fraudster called the institution’s customer service number and, using social engineering techniques, reset the online account password and contact phone number.

2. The fraudster accessed the online account, learned more about the customer’s online activities, and downloaded check images containing the customer’s signature.

3. The fraudster then called on a separate institution using the stolen information to open a new account in the victim’s name.

4. A wire transfer was arranged to empty the victimized account and credit the new account at institution #2. Because the names on the accounts were the same and the fraudster had provided a phone number under his/her control and a valid signature, an offline verification of the transfer by phone, as a second means of identification, passed and was authorized.

5. The fraudster withdrew his loot piecemeal, visiting separate branches in a state different than the victim’s.

Legacy Fraud Detection Methods Blind to Online Activity

When fraudsters use schemes involving multiple interactions with different touch-points across an institution, they aren’t caught because the precursor online channel breach is often overlooked.

Common industry practice registers the final fraud transaction as the breach point, and case forensics employ limited resources to return insight that cannot trace the original breach to the online channel. When accessed only for reconnaissance, the online channel records no “transaction” for detection. This is precisely what makes multi-channel fraud so effective - and so hard to catch. Moreover, what kind of fraud is our previous example to be classified? Is such a loss wire fraud, check fraud, or simply “online account fraud”?

A next-generation approach to online fraud prevention is needed if we are to continue to inspire customer confidence in the online channel. According to Javelin Research’s 2007 Identity Fraud Survey Report, it takes an average of 60 days for consumers to even detect that fraud has occurred. This leaves fraudsters with a perfect opportunity to commit successful multi-channel fraud crimes if financial services providers don’t take pre-emptive steps to protect both their customers and their bottom line. New best practices and back-end technologies that focus on online behavior can better isolate and prevent multi-channel fraud at the source.

Modeling Individual Account Behavior Stops Fraud at Its Source

An emergent best practice is to employ predictive models of individual customer online behavior to detect when the “customer” logging in isn’t who they say they are, even if they pass authentication. Beyond simple machine signature technology, user profiling technologies rely on trended analysis of behavior account by account. They start by understanding what “normal” behavior is for each individual customer - and admit that there is no single pattern of “normal” behavior to write an anti-fraud rule against.

Dynamic, model-based analysis of account activity “does the math” - piecing together what are by themselves may seem like weak indicators of fraud until a powerful pattern emerges. Behavior that deviates from what is expected becomes suspicious - the more the deviation, the deeper the suspicion. This comprehensive analysis allows for more granular risk scoring and better correlation with offline activity patterns. A byproduct of this behavioral analysis also allows for a rich history of online activity that aids investigation and forensics.

Using these techniques, institutions can identify the fraudster via the alerts to online activity outside the customer’s predicted behavior. Deploying strong analytics at the source - the online channel - ensures that fraudsters’ attacks are shut down before any damage is done.

Credit:
Don’t Overlook the Online Channel: Combating Multi-Channel Fraud at the Source

AntivirusDoc is a new rogue anti-spyware program - a fake spyware remover, which uses trojans, such as the infamous Zlob or Vundo to enter the system. This parasite uses a range of intimidation techniques to get the user to purchase it’s “licensed version”. AntivirusDoc will flood the user with popups and fake system notifications to scare the user he is infected.

There is no reliable information available on the company behind AntivirusDoc or the product itself. AntivirusDoc is a scam and should be treated as such: do NOT download or buy it and block it’s homepage using your HOSTS file.

See the original post here:
AntivirusDoc

WiniFixer is a rogue anti-spyware program. It is, essentially, a fake spyware remover, which uses scare tactics (popups, fake system notifications) to convince the user that he is infected, in hopes that he will buy WiniFixer to dispose of the problem. This parasite usually infects the sytem by using trojans, such as Zlob and Vundo. WiniFixer is a “product” of Pandora Software - a program of highly dubious nature, which is also behind such scams as SpyAway and the recent InfeStop. WiniFixer is a clone of the said two rogues.

WiniFixer is a scam and should be treated as such: do NOT download or buy it and block winifixer.com using your HOSTS file.

View original post here:
WiniFixer

Titan Shield is a trojan that displays an icon in the system tray. This icon shows a message, which says that the compromised computer is infected with dangerous spyware parasites and asks the user to download and install a removal program, which actually is Titan Shield, corrupt illegally distributed spyware remover. Once the user clicks on such message, the trojan opens a web site distributing Titan Shield. It may also try to download the application. The trojan is able to change the Internet Explorer default home page and redirect the web browser to malicious web sites. Furthermore, it can restart the infected computer without asking for user permission. Titan Shield automatically runs on every Windows startup.

Here is the original:
Titan Shield

Virut is a virus that infects any executable files and screensavers that the user accesses. The parasite also opens a back door providing the attacker with unauthorized remote access to the compromised computer. The intruder can upload and run arbitrary files.

Here is the original post:
Virut

Internet Antivirus is a new rogue anti-spyware program - a fake spyware remover, which uses trojans, such as the infamous Zlob or Vundo, to enter the system. This parasite relies on misleading advertising (popups, fake system notifications, falsified system scan reports) to convince the user that he is infected and therefore in need of Internet Antivirus’ “licensed version”, which is just as fake as the “trial”.

There is no reliable information on Internet Antivirus available. There doesn’t seem to be a company behind it, and there are no contact details. Internet Antivirus is a scam and should be treated as such: do NOT download or buy it and block it’s homepage using your HOSTS file.

Read more:
Internet Antivirus