I just got an email from Google informing me of possible phishing attempts and that I should be “on my watch” for suspicious emails appearing to be from Google. Here’s the email I got (I removed @ from the email addresses):

At Google, we take the safety of our users very seriously, and we work hard to ensure that your accounts are secure. As part of those efforts, we recently compiled some tips on our blog to help protect you from “phishing,” which is an attempt to fraudulently collect passwords, credit card numbers, and other sensitive information: http://googleblog.blogspot.com/2008/04/how-to-avoid-getting-hooked.html

This information is important because any online account can be targeted by phishers, including online advertising accounts.

There are reports of phishing attempts that falsely appear to be from adwords-noreply (a) google.com. These fraudulent emails ask users to update their billing information, take action on a disapproved ad, edit their account, or accept new AdWords terms and conditions. Please remember that Google’s AdWords team will never send an unsolicited message asking for your password or other sensitive information by email or through a link.

If you need to change your account information, such as your billing details or your password, always sign in to your AdWords account from the main AdWords login page at https://adwords.google.com and make the changes directly within your account.

We’ve included more information below on how to avoid phishing. If you have any questions, please don’t hesitate to contact us at adwords-support (a) google.com.

Sincerely,
The Google AdWords Team

As always it’s important to make sure your logging in at the correct site (in this case google.com).

Popularity: 7% [?]

Most of us have just upgraded to Wordpress 2.5 when it’s now time for another upgrade. This time it’s a more urgent upgrade since it includes a security fix and about 70 bug fixes:

We recommend everyone update immediately, particularly if your blog has open registration. The vulnerability is not public but it will be shortly.

My guess is that this security fix is related to this post, but that’s just my guess.

Read more in the Wordpress blog or go directly to the download page to get the latest version.

Popularity: 13% [?]

Now all hosting companies offering IIS and SQL Server on Windows XP, 2003, Vista, and Server 2008 must watch out for a vulnerability allowing local users to raise his privilege level.

Microsoft stated in their advisory:

Hosting providers may be at increased risk from this elevation of privilege vulnerability.

But no explanation was provided.

Since IIS is a popular platform for may web hosting companies we may see targetted attacks on hosting companies (and their clients web sites) . If you work for or run your own hosting company you may have to keep an eye on your SQL server.

Read more at McAfee AVERT Labs Blog.

Popularity: 21% [?]

The latest version of Wordpress is only a few days old when I noticed this urgent post in the TrendLabs blog regarding the old version of Wordpress (version 2.3.3 that is). It’s always important to upgrade your software, and this time it can really hurt your visitors and subscribers if you don’t

This javascript injection is createing a directory called 1 in your wp-content directory. So to find out if your blog has been hijacked you should search for a directory called that. This directory will be full of infected files containing links to other infected files so you need to remove them all if your blog has been infected.

If you blog gets infected, then all your blog pages will be filled with links to other infected pages.

TrendLabs is giving this advice to blog owners:

As of this writing, a fix for this vulnerability has yet to be issued by WordPress. (You may, however, find this and this sites useful.) As a workaround, users may want to close their registration feature. Also, be wary of third-party plug-ins you install in your blog sites.

Popularity: 28% [?]

TrendMicro is this morning reporting about manipulated ratings at eBay.co.uk. The ratings at eBay show the users history using stars. The more stars (five is the maximum) a user got the more successful trades have been completed and the more trusted a user can be.

The manipulation works like this. The unsuspecting user visits one of the auction pages at eBay which contains an embed (and hidden) Shockwave file. The user is redirected to a .aspx file in Russia, which means that the user is doing business with someone he can’t identify . So be alert when you do business on eBay. Make sure you’re still at the eBay site at all times!

Popularity: 33% [?]