Thursday Threat Report: Operation Emmental, Onion malware, and the top ten Facebook scams

Welcome to ITProPortal's Thursday Threat Report, where we round up the three greatest security threats facing Internet users, smooth-running enterprise, and occasionally even the survival of the world as we know it. Hold onto your hats - things are about to get scary.

Onion tears

The Internet just became way more treacherous with the news that ransomware has taken on an even more treacherous guise.

Kaspersky Lab has uncovered a new version of the notorious malware, known as "Onion", and it uses the Tor dark-web browser in order to "to hide its malicious nature, and to make it hard to track those behind this ongoing malware campaign".

Onion is a successor to the Cryptolocker ransomware that wreaked havok across the world as users infected by the malware were asked to hand over hundreds of pounds in the form of the virtual currency Bitcoin.

Full of holes

A new piece of banking malware called "Operation Emmental" is targeting banks around the world, particularly in countries like Switzerland and Austria.

Operation Emmental, apparently so-named due to the full-of-holes security systems of many major banks, is designed to bypass the generic two-factor authentication mechanism that banks employ to ensure that their customers' money remains safe.

The Operation Emmental attacks are spread using phishing emails, which masquerade as legitimate mail in order to coax a user into clicking a booby-trapped link.

For more information on how to protect yourself from phishing emails, check out our guide on how to avoid getting stung by a spear phishing scam.

Top 10 Facebook scams

With Facebook's rocketing popularity, the social network became a target for scammers and malware peddlers, and social engineering attacks have only increased massively since they first became a phenomenon.

So it's always handy to be aware of what current major scams are doing the rounds, so there's no danger of you being tempted into clicking and ending up with something nasty on your machine. Security experts at Bitdefender (the maker of the famous internet security suite which is generally ranked highly among testers, ourselves included) maintains a yearly list of the top ten scams, and this time around, the number one spot has stayed occupied by the same predictable piece of click-bait.

Yep, the top scam is "Total profile views/visitors (Check out now who viewed your profile)", with the lure of being promised a list of those who've been peeking at your profile representing 30 per cent of scams on Facebook.

For more, check out the full list.