Lottery Spam – Chevrolet Automobile England – chevclaim2015@outlook.com

Fraud Type Lottery Spam Alert # 11102015 Target Company: Chevrolet Automobile England From Address: BANK <chevclaim2015@outlook.com> Subject Line: CONGRATULATION!! The Lottery Spam Email: Report cyber crime to: smartnsecure11@gmail.com Identitying a  fraud: Email Methods Subject Line enticing to take quick action Spoofed sender addresses Genuine Looking Content Misleading hyperlinks

Read More

Spam Business Proposal – HDFC BANK – rajrani09@outlook.com

Fraud Type Spam Business Proposal Alert # 11102015 Target Company: HDFC BANK From Address: RANIRAJ <rajrani09@outlook.com> Subject Line: Please read and reply The Spam Business Proposal Email: Report cyber crime to: smartnsecure11@gmail.com Identitying a  fraud: Email Methods Subject Line enticing to take quick action Spoofed sender addresses Genuine Looking Content Misleading hyperlinks

Read More

Phishing Fraud !!! Income Tax Department – Your income tax is ready

Fraud Type Phishing Alert # 09102015 Target Company: Income Tax Department From Address: Incometax India <admin.trf16@incometaxindia.gov.in> Subject Line: Your income tax is ready The Phishing Email: The Phishing website: Report a phishing fraud: Please forward all phishing emails to smartnsecure11@gmail.com Identitying a phishing fraud: Email Methods Subject Line enticing to take quick action Spoofed sender addresses Genuine Looking Content Misleading hyperlinks Web Site Methods: Exact replica of the genuine website Forms asking for all account/card related information including PIN and transaction password Incorrect URL, Often appearing similar to the genuine website

Read More

Google Blogger now on HTTPS

Google has finally introduced the HTTPS to its famous blogging platform for the first time. The measure has been taken by Google to protect the readers and users from potential information security threats and prevent any unwanted results. Currently not a default security setting, HTTPS may be enabled using the following steps: 1. Go to your blog setting options 2. Find HTTP settings 3. Select HTTPS Availability 4. Select YES Your blog is now on HTTPS!!! This feature is available to all blogs on the Google platform, however the customers…

Read More

Even HTTPS may leak sensitive information!!!

The Cookies set via HTTP requests may be used to bypass HTTPS and reveal private information according to an advisory issued by US-CERT. According to the RFC 6265 (previously RFC 2965) established HTTP State Management, also known as “cookies“. In most web browser implementations of RFC 6265, cookies set via HTTP requests may allow a remote attacker to bypass HTTPS and reveal private session information.According to the researchers:A cookie can contain a “secure” flag, indicating that it should be only sent over an HTTPS connection. Yet there is no corresponding…

Read More

Critical vulnerabilities in Starbucks website may harm your system

An Egyptian Security Researcher, Mohamed M. Fouad has found three critical vulnerabilities on the worldwide famous coffee giant StarBucks website.  These three vulnerabilities could allow an attacker to execute arbitrary code, inject or upload malicious files and perform cross-site request forgery.A proof of concept demonstrating the said attacks in action can be found at  The vulnerabilities have been reported to StarBucks team twice but no reply has been received yet!

Read More