4 of the most heavily scammed companies launch a new anti-phishing joint venture – the Phish Report Network.

Websense® Security Labs™ has discovered a malicious script on the official site of the Biotechnology Industry Organization (www.bio.org). This script can infect a visitor’s machine and attempt to exploit multiple vulnerabilities. The Biotechnology Industry Organization (BIO)’s Web site is commonly visited by members of the biotech industry.

To date we have seen infected pages only within the news and public relations sections of their site. This same exploit is used by the people behind the attack on Syndicate Bank of India, about which we issued an alert earlier today.

Update 8/29/07: We have been in direct contact with the system administrators from the IT department of BIO, and they were very accommodating in their response. They took immediate action to repair their security hole and restored their web site to its previous condition. We have since re-classified it back to its normal category.

Screenshots of the infected pages and their source code:

Reducing Spam

National Credit Union Administration (NCUA) Chairman JoAnn Johnson and NCUA staff answered questions and distributed materials regarding financial education to interested Members of Congress and their staff at an event on Capitol Hill last week. NCUA was joined by several other federal agencies and financial organizations at the event, part of “Financial Literacy Month.”

According to a Computer World article, a new worm is spreading across the Skype VOIP network.  It uses some of the same techniques used on Instant Messaging services to trick users into clicking on links to what appear to be images in the messages.  The payload is then executed on the local machine preventing anti-virus and other security software from performing updates, as well as allowing other applications to access the web using its own software.  As always, think twice before clicking on links in instant messages, even if they are from people you know, ask if they sent the message before clicking.

Congratulations!

Congratulations!

Your Bank of America card has been automatically enrolled in the Verified by Visa program

Your Bank of America card has been automatically enrolled in the Verified by Visa program

We regret to inform you that your Bank of America online banking account has been suspended.