Security News

New phishing tactics bait victims

Avast Security News Team, 17 January 2020

Plus, more news bytes of the week, including the resignation of Pete Buttigieg’s CISO, Ukraine asking the FBI for help investigating a cyberattack, and the data breach of an adult webcam network

Cybersecurity researchers have noticed a rise in several new phishing scam strategies in which attackers are successfully outsmarting current spam filters. One of these tactics is conversation-hijacking, a more involved method than simple spamming. It involves the attacker first compromising an existing email account at the target company. The attacker silently scans emails in the compromised inbox to gain intel, then poses as an employee via a compromised account to reach out to business contacts and try to get them to give up information or download malware. More about this type of scam on ZDNet.

Other new methods observed include hidden text insertion, keyword stuffing, and homograph tricks, as reported by Dark Reading. Hidden text insertion can be used to obfuscate alarm-triggering ruses, such as including a Microsoft logo in the spam message to make it appear authentic. Smart spam filters would scan that email and do a source check to ensure it originated at Microsoft, flagging it if it didn’t. By inserting hidden text within the logo, spam filters are confused by the image and usually let it go through. Another tactic is keyword stuffing, which hides text in the email, such as white font over a white background, which fools filters into recognizing the email as friendly correspondence. Yet another device is homograph use – replacing letters in email addresses with lookalike symbols and other characters to make them resemble legitimate entities. 

“Trying these new approaches make sense,” says Avast security evangelist Luis Corrons. “Attackers are looking at their return on investment, and being blocked by a spam filter kills the attack chain at the very beginning. At Avast we have been warning about the use and abuse of adversarial algorithms in artificial intelligence by cybercriminals. One of those uses can be to bypass these perimeter defenses, such as spam filters.”

This week’s stat

26% – Roughly the number of PC users still running Windows 7, the operating system that will no longer receive technical support.

Mayor Pete’s cybersecurity chief resigns

Chief information security officer Mick Baccio has resigned from his post working for Indiana Mayor Pete Buttigieg’s U.S. presidential campaign. “I had fundamental philosophical differences with campaign management regarding the architecture and scope of the information security program,” Baccio told TechCrunch. Buttigieg was reportedly the only known candidate in the race who had a cybersecurity officer, with Baccio serving as the campaign’s CISO since July 2019. 

This week’s quote 

“This vulnerability may not seem flashy, but it is a critical issue.” – The U.S. National Security Agency announcing a major security flaw in Microsoft’s Windows 10 operating system. Microsoft characterized the vulnerability as “important,” a classification less serious than “critical.” 

Ukraine asks FBI to investigate cyberattack

The Ukranian interior ministry requested the assistance of the FBI in probing a possible cyberattack on Ukranian energy company Burisma. Reuters reported that one Ukranian interior ministry official suspects Russian special services has hacked the company. Burisma is the company at the crux of President Trump’s controversial request to Ukranian President Volodymyr Zalenskiy to announce a probe into presidential candidate Joe Biden’s son Hunter, who served as the Burisma’s director between 2014 and 2019. 

Google Play removes two dozen ‘fleeceware’ apps

Researchers have identified two dozen apps in the Google Play Store that can be labeled as “fleeceware” – apps that continue charging users after they are uninstalled. Fortune reported that Google removed the apps once they were made aware of the issue. Calculators, QR readers, and horoscopes are among the malicious apps which were observed to charge users hundreds of dollars even after the apps were removed from the devices. 

Adult webcam models’ information exposed 

An adult webcam network suffered a data breach that put the private information of over 4,000 past and present models at risk. Researchers found 875,000 unprotected files from the network online including videos, photos, video chat recordings, and personal data such as birthdates, addresses, full names, credit card numbers, and even “mini-biographies” containing sexual preferences and fantasies. More on Australian news site 9 News

UK National Lottery hacker makes £5, goes to jail

29-year-old Anwar Batson of Notting Hill, London was arrested, tried, and found guilty of using hacking tools to crack into the UK National Lottery gambling accounts. While the attack cost lottery operator Camelot £230,000 in response and recovery, Batson and his cohorts made a mere £13, which they split amongst themselves. Batson’s cut was £5, and he is currently serving a nine-month sentence. Read more on The Register

This week’s ‘must-read’ on The Avast Blog

Hack Cambridge, the University of Cambridge’s annual hackathon, will soon bring together 300  hackers from universities all over the world. For 24 hours on Jan. 18-19, they will build, break and innovate to produce projects that push the boundaries of tech. 


Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all your devices with our award-winning free antivirus. Safeguard your privacy and encrypt your online connection with SecureLine VPN. Get advertisers off your back and disguise your online identity for greater privacy with Avast AntiTrack.