According to ESecurity Planet, the latest report from security software vendor Symantec reveals an alarming increase in so-called spear-phishing attacks in the retail industry, as scam artists targeted small groups of employees and executives at major retailers.

The report, which also found that one in 488 emails sent in October was a phishing attack aimed at stealing either passwords, login credentials or other personal information, said that these coordinated phishing campaigns have surged from one or two cases a week just five years ago to more than 70 a day this month.

Spear-phishing attacks, the email campaigns that target phishing attacks at “big fish”–senior level executives, people with valuable contacts or account info, etc.–surged to 516 separate incidents in the retail sector this month, up from just seven attacks for the rest of the year.

Popularity: 1% [?]

According to Fox 19 News, the Internal Revenue Service (IRS) is warning taxpayers and businesses about a recent scam for those who pay electronically.

Many taxpayers have reported getting an email that appears to come from the Electronic Federal Tax Payment System, a payment system that lets taxpayers pay electronically online or by phone. They’re told that their payments have been rejected and are instructed to click through to a fake website, which contains malicious software that infects the victim’s computer.

To avoid the bogus website and malware, don’t click on any links, open any attachments or reply to the sender for any email you may receive that claims to come from the Electronic Federal Tax Payment System. The IRS will never contact you via email about personal matters.

If you receive an IRS related e-mail that you think is a phishing attempt or directs you to a fake IRS website, forward it to the IRS at phishing@irs.gov.

Popularity: 1% [?]

According to Tech News Daily, a breach at the University of North Florida may have exposed the names, dates of birth, and social security numbers of nearly 107,000 students.

An Oct. 15 press release issued by the University reported that from Sept. 24 – 29, a university file containing current and potential students’ personal information may have been accessed by someone “outside the United States.”

“It is possible the intruder’s intent was to either disrupt normal business or use the computer’s processing power to launch similar attacks on other computers,” the press release said.

In response to the security breach, the University sent letters and emails to all 106,884 people affected, including 52,853 people whose names and Social Security numbers were compromised, and 54,031 who had their names and dates of birth stolen. The release explained that no academic or financial aid information was accessed in the breach.

It is not known who perpetrated the massive security breach; the University and the FBI are investigating.

Popularity: 2% [?]