Category: Internet safety
Just got this fradulent e-mail. A reminder that Microsoft will send security etc in Windows updates, not by e-mail.
Due to a new vulnerability which is exploited by hackers to steal your online details. Microsoft Digital Crimes Unit in 2013 has hereby developed a new security measure. All users of the Internet and Microsoft products are hereby required to validate there email account information irregardless of their Internet service provider or Host company.
To validate your email account and to prevent hackers from exploiting the new vulnerability. Please click on the validation link below and supplied the required information.
Validation Link. (link broken)
2013 Microsoft Digital Crimes Unit
“Ratters” – They Watch Through Your Webcam
By Becky Worley | Upgrade Your Life
From hundreds of miles away, a man sits at his monitor watching an unsuspecting woman use her computer, undress and go to sleep. She has no idea she’s being watched. The remote attacker has installed software to control her webcam. What’s worse, he’s recording all of her actions and posting those videos on YouTube or trading the videos with other voyeurs online.
R.A.T. Remote Access Tools This scenario is happening more and more; there are myriad photos and videos available online indicating the practice is getting easier and more popular with an online community called Ratters. They use Remote Access Tools (R.A.T.s) to activate the webcams of compromised computers and record video of unsuspecting users. They call the owners of these infected computers “slaves,” and compromising videos, especially of female slaves, are openly traded, and posted on YouTube.
Online Forums of Ratters Grow The practice of taking over a computer is not new. Hackers have produced software for years that gives complete control of a machine to a remote attacker. Aspects of these tools are also common in the IT field for offering remote tech support. But what’s new is the community of remote attackers who have formed in hacking forums to share or trade access to the enslaved computers and talk about their exploits.
In a detailed article on Ars Technica, journalist Nate Anderson probes into the members at hackforums.net, which he says has more than 134 pages of posts featuring captured images and video of female slaves. Some are recorded from webcams, and others are videos or images found on the hard drives of compromised computers that their owners thought were private and secure.
Scare Tactics Beyond invading a victim’s privacy, Ratters have tools in their software to scare or annoy remote victims. They can open and close their DVD drives, display graphic images on screen, have the computer read aloud using text-to-speech applications, or even hide the start button.
Hard to Police While this type of unauthorized computer intrusion is clearly against the law, the fight against Ratting is a challenge. There are many free or low-cost programs already available online, attackers are not usually local or in close proximity to victims, and while any one forum of Ratters could be shut down, others could easily pop up elsewhere.
How Victims Are Infected Victims are infected with remote access tools the same way many viruses spread: opening attachments, drive-by downloads from sketchy sites, downloading files from torrents or file-sharing sites, or being tricked into clicking links through social media sites.
How to Protect Yourself The good news is that these tools can be detected and held at bay. First, pay attention to the little light next to your webcam. If at anytime it’s lit and you aren’t using your webcam, find out why it’s engaged by running either an antivirus program or hitting ctrl-alt-del to see what processes are actively running. If you see anything suspicious, it’s time to disconnect from the Internet and disinfect.
Best practices to stay safe include using a firewall, keeping all software up to date, and using an anti-virus program. Also, staying away from torrent sites and sketchy websites will add a layer of protection, as many Ratters seed files on these sites disguised as free videos, music or software programs. If your paranoia is high and you really want to be sure your webcam isn’t spying on you, some have suggested taping a piece of paper over the camera, but this does nothing to protect your information or image/video files already on your computer.
[RELATED: How to Remove a Computer Virus]
It’s not rocket science – We all have “alot on our plates”…
One of my categories, internet safety, is due to the continual attempts by scammers to get personal information. You don’t have to be careless on Facebook, or fall for a spoofed e-mail from the bank; just the tough financial times is enough to cause otherwise careful people to let their guard down. The following piece of effluent wasn’t even in my spam file! This is a supposed job offer. Remember that if it seems to good to be true, it usually IS. I did not like the brazen nature of this scammer, which is why I am posting it here:
The e-mail subject line read: Autowrap Advert-Hiring Now
We are currently seeking to employ individual’s world wide. How would you like to make money by simply driving your car advertising for Hennessy, JOHNNIE WALKER, Pepsi, Coke, Apple Product.
How it works
Here’s the basic premise of the “paid to drive”
Concept: AUTO WRAP seeks people — regular citizens, professional drivers to go about their normal routine as they usually do, only with an advert for “AUTO WRAP” plastered on your car. The ads are typically vinyl decals, also known as “AUTO WRAP s” that’s almost seem to be painted on the vehicle and which will cover any portion of your car’s exterior surface.
What does the company get out of this type of ad strategy? Lots of exposure and awareness. The AUTO WRAP s tend to be colorful, eye-catching and attract lots of attention. Plus, it’s a form of advertising with a captive audience, meaning people who are stuck in traffic can’t avoid seeing the wrapped car alongside them. This program will last for 3 months and the minimum you can participate is 1 month.
You will be compensated with $400 per week which is essentially a “Rental” payment for the use of space. No fee is required from you, “AUTO WRAP” shall provide experts that would handle the Advert placing on your Car.
After the duration of your services and you want to discontinue, the specialist/ expert shall come again and remove the advert placement on your car with no traces of ever placing a vinyl decals on your vehicle.
You will receive an up front payment of $400 inform of check via courier services for accepting to carry this advert on your car. It is very easy and simple, No application fees required, Contact the E-mail along with the information’s as requested, if you are interested in this offer.
Kindly fill this information’s below-
Send the required below Information:
-Henry Kelly Agent No: 9151.
You will be contacted as soon as this information’s is received.
Kind Regards, Henry Kelly Hiring Consultant Alpha Communications
Anytime an offer is made requiring the kind of info asked in this fraudulent ad, S—can it. Actually, I did do a startpage search under the company name given, (Alpha Communications) and while finding many listings under the name, none were in the advertising sector; they dealt with communication technologies and electronics. SO – I (snicker) sent an e-mail [ NOT a reply, a new message] politely asking for confirmation of the so called offer:
Homepage for your company to authenticate your offer; too many internet
scammers offering employment. RSVP.
Hours later, the result was a mail failure notice:
Sorry, we were unable to deliver your message to the following address.
<email@example.com>: (Link disabled “X”)
No MX or
A records for altogeneral.net
THESE SPHINCTER MUSCLES COUNT ON THE TOUGH ECONOMY TO LURE PEOPLE WITH ALL KINDS OF SEEMINGLY LEGITIMATE -AND NOT SO LEGITIMATE- JOB OFFERS, FOREIGN BANKING DEALS, AND THE LUDICROUS “JACKPOTS” THAT YOU ONLY NEED TO CLAIM BY GIVING THEM EVERYTHING BUT YOUR JOCKSTRAP SIZE. [SORRY LADIES]
So please don’t answer these. If you think there might be a shred of legitimacy, copy the company name and do a search. If they are real, you’ll be able to find a company internet pg, with a contact us tab, to verify the person who sent the e-mail. (but odds are there won’t be any such company or person.
Here’s to your safety! “X” Note – Here is the result of a search for Autowrap-Advert:
Better Business Bureau: Beware of auto-wrap advertising pitch
Published: July 26, 2012
When the X-100.3 van pulls up along side, the wrap on the truck, from headlight to rear door, is a traveling billboard.
Black with huge red lettering, the vehicle wrap is one of the most cost-effective advertising methods a company can do to promote itself or a product, and it will last for years.
“Depending on your message, we can simply apply cut vinyl lettering and graphics as we do for the ACHD Commuteride fleet,” says Shane O’Harra, owner of The Sign Center on Fairview Avenue in Boise. “Or apply a mix of cut vinyl with digital print contour cut graphics.”
These wraps, while long-lasting, aren’t cheap to apply. He says installation costs thousands of dollars.
So he was puzzled when he heard a Brand Car proposal. The company, apparently based in England, claims to be a large advertising agency looking for professional drivers. The company wants to “rent” cars, for up to three months, cover them in vinyl decals, and pay the owner to drive about “their normal routines as they usually do.”
Compensation: $400 a week. O’Harra grimaced.
“There are companies that will provide an opportunity to wrap a vehicle and allow you to drive it around,” he says. “But that sounds too good to be true. Maybe they mean up to $400. I don’t know that it’s a scam, but it’s very misleading.”
The email solicitation requires only personal contact information and is seemingly harmless. But reports from around the region indicate this is a typical overpayment scam in which Brand Car sends a forged or counterfeit check for a couple of thousand dollars and tells the recipient to deposit the check, take an upfront payment of $400 and send the remaining money to a third-party business that will install the vehicle decals.
The catch: Once the checks are deposited and money is forwarded, the bank discovers the checks are fraudulent, and the depositor’s account is charged.
“If you were driving in downtown New York you may be able to get that kind of money,” O’Harra says. “But, 400 bucks is probably for a high-travel area, not Boise, Idaho.”
Residents need to be cautious when looking for a way to make extra money. Scammers know budgets are tight, and renting your vehicle out as a billboard at a high price is a tempting offer.
The scam BBB learned about Tuesday afternoon indicated it would be Pepsi products being advertised, but other BBBs have reported other beverages like Monster, Coca Cola and Budweiser. It’s just the scam du jour these days, and scammers are known to contact you through mass emails or even websites where can you can post your resume. Be careful where you give out your personal information.
A red-flag warning on this is a request to forward the money to a third-party provider. Refuse to forward funds to a third party for shipping, services or other reasons. The buyer can work with the third party directly.
Robb Hicken: 947-2115
Got this notice from my Avast! AV:
Jindřich Kubec February 8th, 2013
Malware on LA Times
Yesterday evening (Prague time) I spotted a curious question on Twitter from journalist Brian Krebs asking about possible malware on one of LA Times websites: It made me wonder, because having such detection would definitely provoke few of our users to claim a false positive in avast!
There was an incident earlier this week where Google Safe Browsing system overreacted a bit and killed the domain of an ad provider, causing malware warnings on multiple large sites, including the LA Times. This was just a false alarm, no malware was distributed by the affected sites and it also shows why false alarms can induce risky behavior of the users – if they’re convinced that they “know what they’re doing” and then they’re also assured that it is safe to enter the site despite the warnings, they may do so on another occasion when there’s real attack aiming at them.
So I thought we’re talking about that, because, as I also checked, according to this list, LA Times is the 4th biggest newspaper in USA, and according to Alexa, its website is 7th biggest newspaper website, so we would expect lots of telemetry records and also some FP reports.
With a bit of distrust I dug in our telemetry collected from our dear CommunityIQ users and yes, it was there. Fortunately for most of the users, only one of the low-profile websites was infected, so the assumed number of the infected people is not really high. But! I checked yesterday’s stats, then day-before-yesterday and the result was a bit of shocker! We have consecutive reports of malicious iframes on their sub-site from 23rd of December and it is still working there while I’m writing this blog.
The iframe points to intermediary ip site, which immediately redirects to domain hosting Black Hole 2 exploit kit. Websites used in this attack are hosted in USA (intermediary, most probably hacked) and Netherlands (colocation, domain used from some free Chilean provider, maybe also hacked).
There was a lot written about the Black Hole kit – in simple terms it’s a bunch of malicious modules which try to exploit various browsers plugins’ vulnerabilities. As we checked last time, only about third of our user-base have these fully updated – the rest are in danger visiting such site without a modern AV, which, despite what some self-called experts say, is not something you should give up.
Before posting this blog, we wanted to verify our telemetry because sometimes we may get false telemetry data – it may be sent from the already hijacked machine. Proxies, etc/hosts rewrites, malicious network drivers, even hacked routers, all of these may create false telemetry submits. After a while, we were pretty sure it is not the case, but most of the automated tools still verified the site as clean. Only by some manual verification we were able to record Fiddler session which clearly shows how the infection runs.
Because we were getting both the clean replies and also the replies with the malicious iframe inserted (see the screenshot above), we’re pretty sure we’re seeing the HTTP server with installed malicious module, which changes the file on the fly – they’re unmodified on the disk so that the admins see only clean files and uploading ‘verified clean’ file would not fix anything. The malicious modules were first described by Unmask Parasites and later also in Eric Romang blog – identified as Darkleech. This module does contact its command & control server to get new iframe data from time to time, making us create newer and newer network blocks.
We also tried today to contact the IT department of the Tribune (owners of LA Times), but were not yet successful. Finding real human contact on commercial websites today seems like a task for people with much more time on their hands than ours.
Last word – as usual we assure you that we had our users protected – we had the detections on the infected website, all the intermediary sites and also the destination sites were blocked, we also detect various parts of the exploit kits and also the binaries were detected or blocked by our Autosandbox technology.
Helping you to get through the economic mine field in one piece.
Written by Gary North on December 17, 2012
For your benefit – I seldom shop online, and ”https” is just one thing you ought to check. “X”
How to shop safely on ‘Cyber Monday’
by Steve Elwart
Last year, more than 226 million people spent $11.4 billion at retail stores and malls on Black Friday, and this year shoppers are poised to spend even more.
While Black Friday sales are expected to be at an all-time high, online shopping Monday is expected to be even greater. That is because Monday become known as “Cyber Monday,” a relatively new phenomenon that arrived with the coming of age of the Internet.
Cyber Monday came into being seven years ago as a way for online retailers to compensate for the lack of physical stores. Many online retailers saw an uptick in sales on the Monday after Black Friday as shoppers, missing out on deals on the previous Friday, went to the Internet to purchase items.
In 2010, of the 172 million Americans that did their gift shopping online, 70 percent did it at work.
Besides getting good deals, however, shoppers may also get a dose of holiday problems.
Qualys, an Internet security provider, released data on more than 1 million computers showing that half have outdated Web browsers and other applications that make them prime targets for online attacks.
“These vulnerabilities allow cybercriminals to take remote control of your machine, search your disk drive for valuable information, monitor all keystrokes and e-commerce transactions, and intercept private information, such as usernames and passwords, credit card numbers and bank account details,” said Wolfgang Kandek, CTO of Qualys, in a blog post on his company’s website.
Come to the WND Superstore and shop a site that doesn’t have viruses, and DOES have some of the best products around.
Symantec said 61 percent of malicious sites are legitimate properties that have been compromised.
In many workplaces, browsers are automatically updated as a matter of company computer policy, and many home computers also have their operating systems automatically updated as well. While the computer operating systems have patches applied to them frequently, a computer’s main vulnerability is not the operating system itself. It is the programs that run on top of them, particularly the Web browser and small programs called “applets.” Kandek also said that even the best Web browser, Apple Safari, leaves more than 35 percent of its users at risk.
Once a virus is installed on a computer in a business, it can steal user names and passwords, as well as company data. Inside the corporate network, the virus may spread more easily than the original attack from the outside. Security analysts call this security “hard and crunchy on the outside and soft and gooey on the inside.”
“Frequently, security inside networks is a little more relaxed, because people need to share data,” said Kandek.
The worst offender in the study is Java, which left one-third of the computers on which it is installed vulnerable to attack. The Java program was running on 82 percent of the machines tested.
Programs such as Java allow the applets to run inside Web pages. These programs give the user additional functionality such as running applications, watching video, listening to music and playing games.
While the user gets an “enhanced Web experience,” it comes at a price. The programs are frequently the subject of hacking attacks in which a computer can be taken over to harvest personal information.
Qualys has a free browser check available that will advise the user if there are any vulnerabilities in the browser or plug-ins and provide the steps necessary to apply any updates available.
As people go back to work on Monday and boot up their machines, the vast majority of workers will spend at least some of their time shopping. Home shoppers will be busy as well. While these users are shopping, they may also be putting the information of their household and corporations at risk.
Many hackers will set up a fake website that looks just like the original. When the shopper enters credit card information, the information is sent directly to a server set up by the hacker. There are virtual marketplaces in which hackers buy and sell credit card numbers, social security numbers and other personal information.
Symantec, the cybersecurity firm, says 61 percent of malicious sites are legitimate properties that have been compromised.
A cyber-thief can buy a victim’s name, address, credit card number with expiration date and three-digit security code for less than the price of a cup of coffee. Bloomberg reports that an Eastern European hacker who goes by the handle “Poxxie” broke into the computer system of a U.S. company and stole 1,400 card numbers which he then sold on a hacking e-commerce site for $3.50 each.
Symantec estimates that $114 billion a year is lost to cyber-thieves. By comparison, the global market in cocaine trafficking is an estimated $85 billion. The Federal Bureau of Investigation said that the total losses from bank robberies in the United States in 2010 was just $43 million.
There are ways, however, a user can gain some level of protection.
The first thing one can do is to buy only from reputable sellers. If one is not sure of a particular seller, the best defense is not to buy. Also, it’s unwise to click on a sales offering in an email, because often the link doesn’t go to the site advertised.
In addition, any website address bar for online shopping should read “https://” rather than just “http://” – the “s” on the Web address shows that the information a user sends is encrypted. Shoppers should also look for the closed padlock symbol, which is either at the bottom of the browser window or in the Web address bar on the webpage. Clicking on the padlock should confirm the identity of the seller. The padlock symbol, however, can be counterfeited, so it’s not an absolute guarantee of security.
After a transaction, credit card statements should be checked to make sure that the charges on the statement matches the transactions. If they do not match, or there are charges the buyer does not recognize, the credit card company should be contacted immediately. In most cases, the credit card company will remove the charges from the account, cancel the credit card and issue new cards to the customer.
Trend Micro also offers some tips on what people can do to help protect themselves from online shopping fraud.
Use strong passwords and use unique passwords for the most sensitive websites
Don’t click on links; rely on bookmarks for sensitive sites instead.
Watch out for fake apps that are posing for more popular, real apps.
Be wary of free apps that ask for too much personal information.
Go easy on promo links. If it’s too good to be true, it likely is.
Use remote security apps to back up and wipe a phone or laptop in case it is lost.
Use Parental Control features to monitor what information kids might be giving out.
Scan mobile devices regularly for malicious apps.
As with all online activity, a computer should be protected with good, up-to-date security, anti-virus and anti-spyware software.
Just taking some simple precautions can help shoppers have a pleasant holiday experience.
I was a bit surprised by this – When I found that I needed to change my firewall due to incompatibility issues, most of the problems I was having with my WP pg vanished; this deals with privacy, and most of you have seen my blogs on this subject. Patriots on facebook please take note.
ZoneAlarm Newsletter October 2012
What are you agreeing to when you install Facebook Applications?
In a recent study of 50 million Facebook users and 500,000 Facebook applications, the following conclusions paint a different picture than what most people perceive about the apps they’ve come to love…
From Gibson Research Center -
Every password you use can be thought of as a needle hiding in a haystack. After all searches of common passwords and dictionaries have failed, an attacker must resort to a “brute force” search – ultimately trying every possible combination of letters, numbers and then symbols until the combination you chose, is discovered.
The question is: Will that be too soon . . . or enough later?
Just one of their very useful tools… Get Educated!
FOR SAFETY, BEGIN BY USING STARTPAGE AS YOUR DEFAULT SEARCH ENGINE!