Tag Archive | email

October is National Cyber Security Awareness Month

NCSAM official image (Department of Homeland Security)

Cyber security awareness is so important, and we’re going to display a few things you should be aware of this month, for you to try to make capable changes to your personal or business security perspective. You will notice some of the information below is linked to different posts here on the blog. This should help you understand each topic better! Please don’t be afraid to use each of the links below to learn more about protecting your system(s).

  • Email is one of the biggest attack methods. Since users are still highly dependent on email, it is so critical that email systems get fixed. Spam can be so cunning that it may disguise itself as your friend, someone you trust, or a bank. The main target in these spam attacks is phishing, which will allow an attacker to trick you into doing something or giving away personally identifiable information.The goal is to also download malware on to your computer, which can be used to take control of your computer and steal much more personal information. Some emails may claim to be a legitimate organization sending you an attachment, but it’s purpose is to distributed malware on your computer. It is best to secure email systems against spam. This can be done using a variety of products whether hardware or software. Make sure to secure your system(s) with the latest spam fighting utilities. Also, securing Outlook or Windows Live Mail is beneficial.
  • Instant Messaging still seems to be a vector for malware attacks. Just when people drop their guard about IM security, a new band of threats affects users. Most IM attacks come in the form of spam, a message from an apparent trusted friend, or a phishing attempt/scam from a legitimate looking company. A lot of the time, when the message appears from a trusted friend, it usually means that person’s IM account or email account has been hacked and the attacker has mined the email addresses or IM addresses in order to send you these attacks. It is important to have a good Internet Security product that protects against IM attacks along with network defense.
  • Exploits are the most common cause of infections on computers these days. Many of the exploits have been caused by out-of-date Java plugins or Adobe Flash Player plugins (or even fake Flash Player), among other types of plugins for your browser. Other exploits come in the form of advertisements that are catered to your interests, by the use of tracking cookies, which when you click on the ads it can lead to a site that will immediately download malware and attempt to take control of your computer.Those are just a couple of examples of why you need Internet Security protection as declared just above in the explanation for IM security. Also, having a second-opinion malware scanner can make sure that things don’t get missed, giving you maximum protection. Working on a defense-in-depth strategy for your computer can be a great way to avoid exploits.
  • Downloading and installing untrusted software products is a good way to get infected with viruses, spyware, and other threats and malware. Using tools such as Web-of-Trust for your browsers is a key idea in managing whether a site is safe. Also, reading reviews for the product you are getting ready to download and purchase will help you make an informed decision. It is important to have Total Internet Security protection, as stated above in IM security. Please refer to the “Internet Security product” link for more information on securing your system(s) with protection mechanisms.

There are many more vectors of cyber security problems. It is important to use the methods described above as well to secure your system(s) from attacks from cybercriminals.

Summary of mitigating most attacks:

LifeLock

Blizzard & WoW Spam Returns with IP Warnings

The latest Blizzard spam returns with some IP warnings involved:

Click to Enlarge

Here is the full text (links removed):

Dear customer,
This is an automated notification sent from our account security system. You logined your account successfully at 4:27  on July 11th form the 125.87.108.* range, but our system shows the 125.10.151.* IP range exists a large number of hackers. As too many customer complaints, the 125.98.104.* IP range has been blacklisted.
We are concerned about whether your account has been stolen. In order to guarantee the legitimacy of your account, visit click:
hxxps://www.battle.net/account/support/password-verify.html
website fill out some information to facilitate our investigation.
Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives will typically lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Sincerely,
Blizzard account system
Blizzard Entertainment
As you can see, I changed the HTTPS to HXXPS, so the link doesn’t resolve (did it below, too). Anyway, that password verify link actually points to this address once clicked (please do not visit): hxxp://eu.battle.net.login.security.inspection.worldofwarcraft.xml.zh-ted.in/login.html?app=wam&ref=hxxps://www.worldofwarcraft.com/account/&eor=0&app=bam/
This is obviously a phishing attempt to try to get World of Warcraft logon information. With the email, it makes false claims and grammatical errors. The false claims are to attempt to persuade you into believing it is the real Blizzard Entertainment.
However, here is what to look for in a fake Blizzard email, that Blizzard would never ask for in the first place:
  • Any displaying of an IP address is immediate red flag. Blizzard would never post an IP address to an email.
  • Displaying of any password in an email, unless it is a confirmation email sent from Blizzard IMMEDIATELY after you register.
  • Displaying of birthdates, server locations, etc. would not be a commonality in Blizzard emails.

If you receive an email that seems to reveal information that should not be revealed, delete it! It is probably spam. After all, if Blizzard really wants to get through to you, they would ask you to contact customer service…not verify your password online.

The sender of the email had an IP address of 220.67.90.23 – which can be blacklisted.

Seeing that it isn’t on most blacklists (thanks to WhatIsMyIPAddress.com:

Control spam now with SurfRight Antispam, makers of HitMan Pro secondary opinion malware scanner.

Fake Best Buy Gift Cards Now at your Fingertips

Lately, smartphone users mainly, have received SMS text messages regarding Best Buy Gift Card for free. The main lead to the Best Buy site was actually a fake Best Buy site. The prefix of the URL was http://www.bestbuy.com however, the suffix of the URL was fake. So, a URL like http://www.bestbuy.com.fake.url.biz (fake.url placed in for example only) could be the full address in some cases.

Do not click this link in your text message (or even email).

The text messages commonly received appear like the following:

Your entry in our drawing WON you a FREE $1,000 Best Buy Giftcard! Enter “123” at http://www.bestbuy.com.fake.url.biz to claim it and we can ship it to you immediately!

Once you are to do that (and please don’t, for crying out loud), it will ask for an email address. Once they have your email address, as stated in the Privacy Policy, they have free reign to sell your email address and other personal info they may ask for, to third parties!

If you receive a text message or email such as this: IGNORE IT! You will save yourself TIME, MONEY, and even IDENTITY!

It is highly important to have some sort of anti-spam and antivirus protection for your mobile device. Kaspersky Mobile Security can block unwanted calls and texts from specified or unknown numbers and prevent spam and viruses from infecting your phone while you’re surfing the Internet. Get Kaspersky Mobile Security today!

%d bloggers like this: