ESET Threat Blog

I've been coming across several references to an email and Facebook hoax relating to a YouTube that's claimed to show 92-year-old Ginger Rogers dancing with her great-grandson. Of course, it isn't: she died in 1995 in her 80s.
This isn't a threat: it's a genuine movie and an interesting enough story to stand on its own, so … Read More…

Just when I think maybe the traditional hoax/chain message is finally dying (or at any rate the type that describes mythical malware), along comes another, though it’s spreading through Facebook rather than email as in days of old. I've included some more information in a blog here about “the Christmas Tree app” hoax first cited by … Read More…

Yesterday I came across a nice governmental resource at On Guard Online, listing some common email scams. Security gurus might not learn a lot from it, but as @SecurityGarden has pointed out, it's a good place to steer your less knowledgeable friends and family.
The same site has a number of other useful-looking pages, though I … Read More…

You may have received an email message that looks something like this. (ESET was just asked about it – thanks to Chris Dale for passing it on.)
Please note: this is, if not an out-and-out hoax, a very misleading message. Don't act upon it until you've read the rest of this article.
REMEMBER: Cell Phone Numbers Go … Read More…

If you regularly follow my blogs, you'll know that while this my primary blogspot, it isn't the only site to which I post (see signature for full details). Here are a few recent blogs and microblogs that may be of possible interest.
@Mophiee asked me about the ICPP Trojan on Twitter (where I'm @ESETblog or @dharleyatAVIEN, … Read More…

We have discussed SEO poisoning extensively in the ESET Threat Blog, and it should come as no surprise to our readers that any topic which trends up quickly in search engine traffic will be exploited by the criminals who specialize in such activities.  The poisoned search term du jour is "erin andrews death threat".  Apparently, … Read More…

In my copious free time, I contribute to and in some cases maintain a number of other blogs (the ones with a security bias are listed in my signature here).
The chainmail/hoax checking page at http://chainmailcheck.wordpress.com/ was specifically set up to explore a hoax/chainletter mitigation project that's still in the preparatory stages, but I've been posting there … Read More…

We're not really set up to use the ThreatBlog as a full strength Questions and Answers resource, but we got so many questions after my blog yesterday about April 1st hoaxes that I feel obliged to try to answer some of them.

There is no truth in the rumour that the eCity of San Diego is … Read More…

This time last year I was on my way to Cambridge to deliver a presentation, having stayed up till the early hours of the morning to post a blog reporting that Conficker, although it had changed its behaviour, as we already knew it would, had not initiated the heat death of the Internet. 
What's really depressing, … Read More…

Bill B. forwarded an interesting hoax mail to my "hoaxchecker" account (hoaxchecker [at] gmail [dot] com.
The hoax isn't so interesting in itself, in that it's been around quite a while, as is described at the ever-dependable hoax resource snopes.com. But I do find interesting the fact that this particular variant includes some wrinkles that may … Read More…