Tag Archive | Phishing

Security Concerns This Winter – Android Malware, Facebook Problems, Anonymous, among other things

We’ve discussed over the past couple of weeks some of the things that happened in 2012, and things we’re focused on coming into the new year. There is a surge in a lot of security concern over several different issues, including Android malware, Anonymous, cyberwar, among other things. Here is a comprised list of the top concerns this Winter that we’ll be investigating on a continual basis.

  1. Identity Theft – this can be a problem for most people that get viruses and other malware on their computer. It can also be a problem on social networks. It is best to have a good antivirus and keep your social networking information safe. You don’t have to enter everything in your profile. Leave some fields blank so it is more trivial for the unsuspecting stalker. Sadly, you cannot know who’s viewed your profile, which makes it more difficult to discover stalkers. Hmm…hint Facebook.
  2. Spear-Phishing – plain and clear, spear-phishing is similar to identity theft. This is done by email-spoofing, which the attacker is masking him-or-herself as a legitimate company with legitimate looking emails. However, these emails are only subject to make you click and to either steal your information, or distribute malware, or even both. Normally, this is a big problem over the holidays, but now it’s starting to become widespread no matter the time of year.
  3. Human Error and the Failure to Update – Vulnerabilities – It is true that humans forget a lot of things. One of the biggest security risks we have always faced is that users fail to update their browser plugins and programs on their computer. However, through the use of this vulnerability, attackers exploit and send malware your way. Using a vulnerability scanner can help you keep managed of this atrocity.
  4. Browser Hijackers and Junkware – we still continue to see the problem of browser hijackers and junkware being distributed in installers for legitimate programs. What’s sad is, the royalties are so high for software developers to add in the install code for junkware, that the developers don’t know how bad the issue is. From Babylon Toolbar to Claro Search…these toolbars and homepage hijackers are unnecessary and technically need to be done away with. Good thing our security community has the ability to remove this crap with our special tools.
  5. Malware growth on Other Platforms – it’s no surprise that malware problems are lighting up on the iOS now, as well as Linux. It sure will start to become a problem this year. Even more on Windows 8 and Android than any other device.
  6. Android Malware Growth – This has become one of the biggest problems right now in the computing world is the steady high growth of malware on the Android platform. It will continue to be a problem, sadly.
  7. Anonymous Cyberattacks, and Government Cyberwar – we will still see cybercrime and cyberwar problems continue this year.

Stay in tune with this blog for further updates.

Advertisements

Security Threats to Monitor throughout the beginning of the New Year

There is a lot to look out for this holiday season, and into the New Year…and many Grinches want to steal your joy. But, as long as you keep an eye on them, there shall be nothing to worry about!

 

  1. Spam – as always. Have you gotten emails from “FedEx” lately or UPS? You know, those fake emails stating you have a package to be tracked, but they need another payment method to process it? Or how about some free or cheap Rolexes? All of these are scammy spam, fraudulent, or just wanting to distribute malware! Remember, if you didn’t order it, don’t believe it! What is spam can also lead to number 2…
  2. Phishing attacks… as millions of people shop online and shoot up the revenue of online shopping to the billions of dollars, there are also tons of scammers and fraudulent websites wanting your personal data, credit card, or to waste your time. Remember, if it doesn’t look legitimate, or does not have a secure transaction process, it probably is not a good idea to make the purchase (no matter how attractive it looks). Usually, trusted stores are the best to shop from, and that’s all that’s best.

    When you go to check out and enter your personal information, first look at the address bar and make sure it highlights green in some area and has the following at the beginning of the web address: https://. By looking for that, or even looking for a padlock icon in the lower right or left corner of the browser will help ensure you have a secure connection where your personal information will be transferred privately.

  3. Social engineering attempts – you can find these on social networks. They attempt to entice you with different ads or offers, or show a shocking story in attempts to get you to click on it. Once you do, you may be asked to login to Facebook, verify personal information, or make a payment to get access to information.

    When it comes to shocking stories, safely ignore them if it didn’t come from what looks like a trusted source. Instead, stay out of trouble and don’t click. “If in doubt, throw it out”, perspectively can be used to help let you think about what you click on. Also, be careful about charity apps. On Facebook, and application called “Causes” is the only legitimately popular app to use for charity donations. Most correct charity ideas are routed through Causes because of how trusted the app is.

  4. TMI on social networks – be careful about how you tell others about places you’re currently staying, eating, or being by yourself (at the office or at home). Using apps such as Foursquare or related, don’t bother using. They are highly insecure to your personal privacy and can result in burglary or worse.
  5. ATM skimmers – fake debit or credit card readers are popping up in random ATM machines around major retailers everywhere. Always look closely before swiping your card, or pressing any buttons. If anything seems out of place, loose, or just doesn’t feel right…Don’t swipe your card, don’t press any pin number, etc. If anything seems funky, ask the cashier to run your card under the counter, or just go to a bank.

    It’s best also to either tell the bank owning the ATM or call the number on the ATM. Let them know the machine can be modified for illegitimate purposes. Lastly, always spread the word to the cashier that the ATM could be modified and to tell customers not to use it.

  6. Unprotected computers and tablets… here’s the solutions for those matters:

PC:

MAC:

ANDROID:

Buy Kaspersky Mobile Security and protect your Android smartphone for 1 Year – only $19.95

Miley Cyrus sex tape scam details

Unbelievable? Another social engineering attempt. Here is a source on the non-existent Miley Cyrus sex tape:

Facebook scammers are using the promise of a non-existent Miley Cyrus sex tape to lure users into giving up temporary access to their accounts. Once inside, scammers run a script to create automatic posts that tag friends and propagate the scam.

Here, again, we are dealing with the well-known, if not utterly obsolete, “copy/paste code” method whereby the scammer aims to steal the victim’s Facebook authentication token. This grants the scammer temporary access to the targeted Facebook account, including the victim’s list of friends.[HOTforSecurity]

 

Protect against these types of scams:

 
US - avast! New Version 7 Products Generic

Blizzard & WoW Spam Returns with IP Warnings

The latest Blizzard spam returns with some IP warnings involved:

Click to Enlarge

Here is the full text (links removed):

Dear customer,
This is an automated notification sent from our account security system. You logined your account successfully at 4:27  on July 11th form the 125.87.108.* range, but our system shows the 125.10.151.* IP range exists a large number of hackers. As too many customer complaints, the 125.98.104.* IP range has been blacklisted.
We are concerned about whether your account has been stolen. In order to guarantee the legitimacy of your account, visit click:
hxxps://www.battle.net/account/support/password-verify.html
website fill out some information to facilitate our investigation.
Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives will typically lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Sincerely,
Blizzard account system
Blizzard Entertainment
As you can see, I changed the HTTPS to HXXPS, so the link doesn’t resolve (did it below, too). Anyway, that password verify link actually points to this address once clicked (please do not visit): hxxp://eu.battle.net.login.security.inspection.worldofwarcraft.xml.zh-ted.in/login.html?app=wam&ref=hxxps://www.worldofwarcraft.com/account/&eor=0&app=bam/
This is obviously a phishing attempt to try to get World of Warcraft logon information. With the email, it makes false claims and grammatical errors. The false claims are to attempt to persuade you into believing it is the real Blizzard Entertainment.
However, here is what to look for in a fake Blizzard email, that Blizzard would never ask for in the first place:
  • Any displaying of an IP address is immediate red flag. Blizzard would never post an IP address to an email.
  • Displaying of any password in an email, unless it is a confirmation email sent from Blizzard IMMEDIATELY after you register.
  • Displaying of birthdates, server locations, etc. would not be a commonality in Blizzard emails.

If you receive an email that seems to reveal information that should not be revealed, delete it! It is probably spam. After all, if Blizzard really wants to get through to you, they would ask you to contact customer service…not verify your password online.

The sender of the email had an IP address of 220.67.90.23 – which can be blacklisted.

Seeing that it isn’t on most blacklists (thanks to WhatIsMyIPAddress.com:

Control spam now with SurfRight Antispam, makers of HitMan Pro secondary opinion malware scanner.

Controlling Internet Activities for Businesses (mini-whitepaper)

Today the discussion is about how to control the Internet activities of my small-or-medium business. What is to be said, however, is the loyalty of your employees to your company is what matters most, in which they will stay on task. (Won’t get into that, as that would have to do with business ethics)

Of course, employees love fast Internet connection. They love fast services. But, what can be done to control the Internet connections in your business?

Browsing

While it’s fine that most companies allow a little browsing by their employees, it’s easy to get wrapped up in the Internet. One great way to fix this issue, is to disallow browsing, or put some control on it. The best control that can be sought is bandwidth limits. Blocking heavy bandwidth sites, and disallowing an employees to use a lot of bandwidth will control their browsing a lot!

Anti-Malware & Anti-Phishing

The other way to control the Internet in your business is to have the proper protection software for each computer. It is not uncommon for a business to have security problems, so it’s a no-brainer to have security software installed for every single computer.

Some of the best tools to use would involve:

Using these tactics will be able to help control the Internet usage in your business, and ensure your employees are staying on task!

%d bloggers like this: