CYREN Security Blog




Phony Robin Williams Phone Video Posts on Facebook

by Avi Turiel

Filed under Security Research & Analysis, Web Security.

There are times when you find the efforts of cybercriminals both amusing and annoying, and then there are times when your contempt for these villainous creeps really gets to you. 

The recent and tragic death of actor and comedian Robin Williams shocked the world. Most people strongly feel that the man should be allowed to rest in peace and his family allowed to grieve privately. Yet, a basic respect for life and death seems to be lacking in the mind of the vast majority of cybercriminals. 

What You See Isn’t Necessarily What You Get

by Lordian Mosuela

Filed under Anti-Malware, Email Security, Web Security.

Fake Document Icons—How to Recognize Them

Over the past few months, CYREN analysts have observed a rise in malware distributed via fake document icons. While nothing new (in fact, this is an old malware distribution trick), unsuspecting victims regularly still get taken in by this form of cybercrime which primarily targets the Adobe Acrobat PDF and Microsoft Word and Excel files. Fortunately, with very little effort, there are some fairly easy ways for individuals to learn to identify fake files by double-checking the file extension.

419 scam uses Ebola virus tragedy

by Avi Turiel

Filed under Antispam, Email Security.

Cybercriminals will stoop to any level it seems, even using the tragedy of the Ebola virus in West Africa to steal money.
In the latest “419” rendition, scammers distribute an email claiming the recipient is the beneficiary of a large amount of money left in a bank account by a client who became a victim of Ebola. To add credibility to the email, the sender suggests the recipient “go to google and find out more on the Outbreak of EBOLA VIRUS in West Africa.”

Credit card info stolen from point of sale machines targeted by “Backoff” malware

by Rommel Ramos

Filed under Anti-Malware, Phishing, Security Research & Analysis.

Threat Name

Backoff  Malware

Threat Type

Trojan, Keylogger, Stealer

Although, this threat has been in the wild for some time, it has been recently reported that it is now being referred to as “Backoff”, and is being used to the infect Point-of-Sale (POS) machines of big retail stores in the United States.  The intended purpose is to steal payment information, particularly credit card data.

The attackers tries to plant or deploy this threat into the POS machines, which mostly are running on Windows, by hacking or exploiting them to be able to get access.   When the threat is running in an infected system, it tries to steal personal data (e.g. credit card info) from the system using different methods such as memory-scraping and keylogging, and then sends the stolen data to the Command and Control server (C&C) that the malware connects to.

Q2 Threat Report Highlights the First Android Ransomware, Increasing Malware Attacks, Dangerous PDFs, and June Spam at 5-Year Low

by Avi Turiel

Filed under Anti-Malware, Antispam, Phishing, Security Research & Analysis, Web Security.

Android smart phone users experienced the first ever ransomware attack in the second quarter of 2014 and PC-focused malware continues to cause problems, with cybercriminals attacking known vulnerabilities in both PDFs and MS Office documents. Phishing attacks emphasize financial gain, focusing on global banks and the World Cup. And, spam levels remain essentially unchanged at an average of 55 billion emails per day for the quarter, although June experienced a noticeable drop to the lowest level in five years.