spam

Facebook battles phishing by reaching out to users

Most everyone has seen them, those annoying clickable phishing ads in the news feed or posted on friend's Facebook walls: "Get free tickets to Jamaica," "Win a free iPad," or "Friend, I need money urgently."

Phishing has been the bane of Facebook's existence for years, and today it announced that it is making a new attempt to curb the practice. It's launching a select e-mail address, phish@fb.com, where users can send notices of phishing they've seen on the social network.

"By providing Facebook with reports, we can … Read more

Free Android apps could hijack your phone

Downloading free Android apps could make you vulnerable to aggressive adware, according to San Francisco-based security firm Lookout.

In fact, as much as five percent of those free apps have spammy ads that may be parceling out your information to third parties according to CTO Kevin Mahaffey.

That number may seem small at first, but not after you consider how many hundreds of millions of times those free apps are downloaded. To combat the problem, Lookout has developed its own app that scans other apps to tells you which ones are engaging in bad behavior. It's up to you … Read more

Experts take down Grum spam botnet, world's third largest

Computer-security experts took down the world's third-largest botnet, which they say was responsible for 18 percent of the world's spam.

Command-and-control servers in Panama and the Netherlands pumping out up to 18 billion spam messages a day for the Grum botnet were taken down Tuesday, but the botnet's architects set up new servers in Russia later in the day, according to a New York Times report. California-based security firm FireEye and U.K.-based spam-tracking service SpamHaus traced the spam back to servers in Russia and worked with local ISPs to shut down the servers, which ran … Read more

Dropbox users get spammed via personal e-mail accounts

David P. was the first Dropbox user to post on the company's Web site forum titled "Email-Address leaked from Dropbox" yesterday. He wrote that he received spam from an email address he uses only for Dropbox.

"So I guess you have a security problem with your user account data," he wrote. "And this sucks a lot."

As of this writing, there are now 106 posts in the forum of people complaining of receiving e-mail spam from online casinos and gambling sites via the online file storage service. The majority of the users are … Read more

Bitdefender Total Security 2013 brings secure browsing to the top shelf

The bottom line: Bitdefender Total Security 2013 remains one of the best high-end security suites around. This update gives you a fully isolated Web browser for secure financial transactions.

Review: Bitdefender Total Security 2013 presents a convincing alternative to its better-known competitors. It's a strong program, with all the major tools that users expect, and some additional useful tricks in its arsenal. When it comes to efficacy, Bitdefender isn't the best in every area, but it's definitely competitive.

Editors' note: Portions of this review are based on CNET's review of Bitdefender Total Security 2012.

Installation Bitdefender … Read more

Android botnet claim in dispute

Researchers at Microsoft and Sophos say they believe malware-infected Android phones are sending spam via Yahoo Mail accounts as part of a botnet, but Google and mobile firm Lookout say there could be other explanations.

Terry Zink, a program manager for Microsoft Forefront Online Security, said in a blog post two days ago that he had found some spam samples that had this Message-ID:

"<1341147286.19774.androidMobile@web140302.mail.bf1.yahoo.com>."

That was followed by speculation from Chester Wisniewski at Sophos, who wrote in a blog post today: "It is likely that Android users … Read more

Apple, Google remove Trojan spamming app from stores

Apple and Google removed an app from their app stores after it was revealed to be harvesting users' phone contacts as spam targets.

The Find and Call app was originally thought to be an SMS worm but later discovered to be a Trojan, according to Kaspersky Lab. The Russian software security firm said it alerted by Apple and Google to the presence of the malware in their stores, leading to the app's removal.

Apple confirmed it removed the app for violating App Store rules.

"The Find & Call app has been removed from the App Store due to … Read more

Facebook illustrates the rabbit hole of user reports

Ever wondered what happens when unwanted activity is reported on Facebook, such as explicit photos, hate speech, or hacked accounts?

Facebook is aiming to make it easier for users to understand what it does when user reports are filed by publishing the "Reporting Guide" infographic today (see above).

"With a community of over 901 million people, Facebook maintains a robust reporting infrastructure made up of dedicated teams all over the world and innovative technology systems," the social network writes on the infographic.

Looking to help users who may be contemplating suicide or others who feel like … Read more

CAPTCHA systems easy to foil, security firm finds

Challenge-response techniques called "CAPTCHAs" designed to keep spambots off Web sites can easily be broken by humans who are paid to type in the responses, according to a new report from security firm Imperva.

CAPTCHAs, which stands for Completely Automated Public Turing test to tell Computers and Humans Apart, are created by programs and are intended to be difficult for computers to fill out.

"One of its inherent flaws today is that it can be easily bypassed by outsourcing it to human solvers for a very low cost," the study (PDF) says. "When the CAPTCHA … Read more