Category Archives: Internet Explorer Add-ons

Web of Trust (WOT) And Facebook Collaborate To Protect Users From Malicious Links

imageIf you’re a Facebook user and you haven’t met a cybercriminal yet; hang in there – you will. Survey after survey continue to show that cybercriminals are picking off Facebook users as if they were shooting fish in a barrel.

Most cybercriminal schemes on Facebook are outrageous. But the bad guys know, that even the most outrageous schemes stand a better than average chance of being successful when targeted at Facebook’s largely unaware, and unsophisticated, user base.

With the collaborative effort announced today by Facebook and Web of Trust, WOT will now provide protection against dubious and malicious web links, that Facebook users continue to be exposed to. When a Facebook user clicks a link that leads to a page with a poor reputation rating as defined by the WOT community, Facebook will show a clear warning message.

Click on graphic to expand to original.

image

The plan is to roll out to US users 100% on May 12, and then the following week, after the translators have time to finish their work, roll out globally.

A quick reminder:

WOT’s Browser add-on users see reputation icons on Web sites, Google search results, email links, Twitter, as well as shortened URLs. WOT ratings are recalculated every 30 minutes to ensure users have the freshest and most reliable information. The free WOT add-on works in all web browsers and can be downloaded here.

You can read a full review on the benefits of adding WOT to your Browser here on this site – WOT (Web of Trust) – Is It The Most Important Browser Security Add-on You Need To Install?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Advertisements

24 Comments

Filed under Anti-Malware Tools, Browser Plug-ins, Cyber Crime, Cyber Criminals, cybercrime, Don't Get Scammed, Don't Get Hacked, FaceBook, Firefox Add-ons, Freeware, Internet Explorer Add-ons, Malware Protection, Online Safety, social networking, Social Networks, Software, Windows Tips and Tools, WOT (Web of Trust)

Free G Data CloudSecurity – Blocks Known Malware And Phishing Websites

As we reported several days ago in Search Engine Results – More Malware Surprises Than Ever!, poisoned search engine results have proven to be a gold mine for the bad guys who, naturally, continue to be unrelenting in their chase to infect web searches.

Since drive-by downloads, which don’t require user action to create an infection, are resident on many of these compromised sites, this is unhappy news for the unwary Internet user.

To reduce the chances that you will be victimized by malicious search engine results, you should consider installing an appropriate Browser add-on, or if necessary, add-ons, to increase your safety margin. A list of recommended add-ons follows later in this article. But first, take a look at a new Firefox/Internet Explorer add-on, G Data CloudSecurity – passed on by regular reader Charlie L.

According to G Data, the plugin “effectively blocks access to known malware distribution and phishing websites – in real time. The plugin can be used alongside any other installed security suite and is ready for action after installing; no additional configuring required.”

Taking advantage of this service couldn’t be easier. Simply download the setup application, and execute. Following installation, you’ll notice a new icon in your browser which indicates  G Data CloudSecurity is up and running.

image

Clicking on the icon opens a dropdown menu which provides access to a number of functions.

image

The screen capture below shows G Data CloudSecurity in action – blocking a suspicious, or dangerous Web site.

image

Fast facts:

Compatible with all other security products

Prevents access to malware and phishing websites

Install once – no updates required

PC performance remains unaffected

Download at: Developer’s site. (G Data)

Additional Internet Browser Protection:

It’s not prudent to rely on only one form of protection, it seems to me, so take a look at the following browser security add-ons that are noted for their effectiveness.

It’s important to recognize that cyber-criminals are crafty, and there are no perfect solutions.

Web of Trust (WOT) WOT is a free Internet Browser add-on (my personal favorite), that has established an impressive and well deserved reputation. WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites. (installed on my computer)

Search Engine Security – Search Engine Security turns the table on the bad guys by using using a technique familiar to most hackers – appearing to be something you’re not. Or, more properly, appearing to come from a location you’re not really at. (installed on my computer)

Basically, the add-on changes the HTTP referrer (selectable by you), in the search string so that when you click on a returned link it appears to the link site that you have not arrived from Bing, Google, or Yahoo.

McAfee SiteAdvisor A free browser add-on that adds small site rating icons to your search results as well as a browser button and optional search box. Together, these alert you to potentially risky sites and help you find safer alternatives. These site ratings are based on tests conducted by McAfee using an army of computers that look for all kinds of threats.

ThreatExpert Browser Defender – The Browser Defender toolbar allows you to surf safely by displaying site ratings as you browse the Internet. When you visit a site its address will be checked by our servers and a rating shown in the toolbar based on any malicious behavior or threats we have found associated with the site. The toolbar also integrates with the search results provided by popular search engines such as Google and Yahoo! so you can see if, in our view, it is safe to continue before you visit a site.

AVG Security Toolbar Free Edition AVG’s unique Search-Shield, available with the AVG Security Toolbar Free Edition, marks all web pages which are infected by zero day exploits and drive-by downloads. This powerful LinkScanner based technology works in real-time to provide comprehensive protection. Other programs rely on static databases and cannot protect you at the only time that matters – the time you click on a link.

TrendProtect – TrendProtect is a free browser plug-in that helps you avoid Web pages with unwanted content and hidden threats. TrendProtect rates the current page and pages listed in Google, MSN, and Yahoo search results. You can use the rating to decide if you want to visit or avoid a given Web page. To rate Web pages, TrendProtect refers to an extensive database that covers billions of Web pages.

Bottom line:

While G Data CloudSecurity does what it says it will do, my personal preference is unchanged. WOT (Web of Trust), backed up by Search Engine Security, is a more appropriates solution.

I’ve reviewed and recommended a bag full of Browser security add-ons in the past few months, or so. No disrespect intended to those developers who have the public’s interest at heart when they develop Browser security add-ons, but…..

Am I the only one who thinks that building protection into my Brower in this potluck fashion, has reached the height of ridiculousness?

Isn’t it long past the time, when a Browsers should be built with the most appropriate form of protection already on board?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

7 Comments

Filed under Anti-Malware Tools, Browser add-ons, Browser Plug-ins, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Firefox Add-ons, Freeware, Internet Explorer Add-ons, Malware Protection, Search Engines, Software, Windows Tips and Tools

WOT (Web of Trust) – Is It The Most Important Browser Security Add-on You Need To Install?

image It would be difficult for regular readers of this site not to be aware, that I write consistently on the importance of Internet Browser protection.

In fact, we’ve covered 20 or more Browser add-ons here in the past few weeks – from add-ons that add functionality, to those that promise to provide additional security.

All this coverage of Browser add-ons rattled my Brain somewhat, and got me thinking about the single most important add-on I have installed – the add-on I couldn’t do without.

Based on the way that I surf the Web, there was no contest. Of the 17 add-ons I have installed on Firefox, the hands down winner – the single most important add-on for my style of surfing is WOT (Web of Trust). I don’t think I’m alone in this assessment.

I frequently hear from readers who, after installing WOT on their computer systems, feel reassured that they are safer than ever before, and who express a renewed sense of confidence, and  a new level of enthusiasm, while surfing the Internet.

In fact, just under 6,000 Tech Thoughts readers have installed WOT in the last two years – according to today’s download stats.

image

And why not. Security starts with the Web Browser, and WOT substantially reduces the risk exposure, that comes with wandering through the increasingly risky neighborhood that the Internet has become.

What is WOT?

WOT, one of the most downloaded Firefox Add-ons at the Mozilla add-on site, (also compatible with Internet Explorer and Chrome), is a free Internet Browser resource which  investigates web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams – helping you avoid unsafe web sites.

For example, here’s a Google search in which WOT indicates which sites are safe. Notice the unsafe (red) sites, in the Google ads!

image

Take a look at what happens if, in fact, you do end up on an unsafe web site. WOT’s dropdown warning curtain blocks access to the site until you determine otherwise.

WOT - new

WOT operates in a unique fashion in order to offer active protection to the Internet user community. It stands out from the crowd of similar applications, by soliciting the opinions of users/members whose views on web site safety are incorporated into the overall site safety rating. According to WOT, the user community now has reputation data on over 30 million sites worldwide.

The shared information on a site’s reputation includes trustworthiness, vendor reliability, privacy, and child safety. As well, in order to achieve maximum security coverage, WOT uses thousands of trusted sources including phishing site listings, to keep users protected against rapidly spreading threats.

image

WOT integrates seamlessly with search engine results from popular search engines including Google, Yahoo, MSN and other popular sites, and provides impressive protection against Internet predators.

WOT recently added the top three web-based email services – Google Gmail, Windows Live Hotmail and Yahoo! Mail, to its free security protection. You can now feel more confident and secure, since WOT checks links embedded in your email, and warns you of dangerous web sites so that you can avoid spyware, spam, phishing, identity theft and other Internet scams; before you click on dangerous embedded links.

How WOT works:

The Browser add-on icon, displays a color rating for each site you visit, indicating whether a site is safe to use, should be used with caution, or avoided entirely.

Using traffic light colors, (green, yellow, and red), WOT leaves you in no doubt as to the safety rating of a web site. An impressive feature of WOT is the dropdown transparent warning curtain, shown earlier, triggered on visiting a dangerous site.

Recognizing that up to ten percent of Internet users are at a disadvantage however, due to colorblindness, and cannot rely on an Internet safety system based on color coding, the Web of Trust development team recently released an adaptive version of WOT. This version incorporates equivalent alternative information, through assistive or adaptive technology, for colorblind users.

This colorblind accessible application provides the same critical benefits to those individuals who have to contend with visual impairments, as it has to those of us who have come to rely on WOT as a major defense against the pervasive hazards we encounter on the Internet.

Quick facts – WOT checks the following on each web site visited:

Trustworthiness

Vendor reliability

Privacy

Child Safety

More quick facts:

Ratings for over 30 million websites

The WOT browser add-on is light and updates automatically

WOT rating icons appear beside search results in Google, Yahoo!, Wikipedia, Gmail, etc.

Settings can be customized to better protect your family

WOT Security Scorecard shows rating details and user comments

Works with Internet Explorer, Firefox and Chrome

Interface supports English, French, German, Spanish, Italian, Russian, Polish, Portuguese, Swedish and Finnish.

System requirements: Windows (all), Mac OS X, Linux

Download at: MyWot

Surf more securely by installing this browser add-on which will provide you with an in-depth site analysis based on real world results. Keep in mind however, that you are your own best protection. Stop · Think · Click.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

33 Comments

Filed under Adaptive Technologies, Browser add-ons, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Firefox Add-ons, Freeware, Google Chrome, Interconnectivity, Internet Explorer Add-ons, Internet Safety Tools, Linux, Mac OS X, Online Safety, Software, Windows Tips and Tools, WOT (Web of Trust)

Nude Pics Of Your Wife/Girlfriend Attached – Click Here

We’ve all heard it – “Have any nude pictures of your wife? “Want to buy some?” It’s an old joke, but the Internet has given the “ Want to buy some?”, new meaning.

Straight from the headlines here in CanadaJudge temporarily off bench over online sex photos. Since this women is an Associate Chief Justice, I suppose the idea that one could view her (absent her clothes), on the Internet, makes this a titillating newsworthy event. I won’t get into the whole story here, but there’s a 67 Million dollar lawsuit involved.

In the broader sense though, it’s not much of a story. The particulars in this case may be unusual, to some extent, but the concept certainly isn’t. Google –  “pics of your wife”, and be prepared for 262,000,000 links. I must admit, I was taken aback with the sheer volume of the results. It seems as if nude wife pictures has a certain cachet!

It’s no surprise then, that Cyber-crooks continue to use the “pictures of your wife” social engineering email hook, to entice potential victims to click on an email containing a link to that all time spamming champion – Canadian Pharmacy, which is (no surprise here), controlled by a Russian botnet.

So, what would you have done if you had received the following email in your inbox this morning? Would you have been curious enough to read the email shown below – including clicking on the enclosed .jpeg.

Hello,

I apologize for my frankness. I’m sorry for not being able to speak to you in person, but I can only talk to you via email and I feel obliged to notify you to open your eyes, you are being betrayed.

I know it is difficult to prove, but every picture tells a story, I’ll send you these pictures so that you can see it with your own eyes. Take care…a big hug

From a good friend who is very fond of you

View photos here

As part of what I do, I occasionally follow emails like this all the way down the trail. And, in this case, I ran both the attached .jpeg, and the site, (before opening either one), through VTzilla, an Internet Browser malware checking add-on. The initial 7 engine scan showed the site to be safe. A follow-up scan with all 43 engines produced the same result – a safe site.

clip_image006

OK, that was cool – Firefox, Google Safebrowsing, Opera, Paretologic, Phistank, and TRUSTe, amongst others, gave this site a clean bill of health.  So, I should have felt confident in opening this site, right? Well, not quite. There was one problem – I KNOW this is an unsafe site!

On attempting to open the site though, WOT, another Internet Browser security add-0n, intercepted the connection and overlaid the following warning.

image

Clicking on the “View rating details” button, gave me the following site information.

image

Here’s the point of all this:

Do NOT open titillating, or salacious emails, no matter how tempting.

Do NOT trust to a single Browser security add-on to protect you on the Internet. Any statement to the contrary is sheer BS. No such single tool exists.

I encourage you to add WOT to your Browser. For more information on this critical add-on please read – Safe, Secure Browsing, with Free WOT Browser Add-on, on this site.

For a listing of additional Browser add-ons, please read – An IT Professional’s Must Have Firefox and Chrome Add-ons, on this site.

In the final analysis, in this particular case, no harm was done. I can of course, look forward to a barrage of spam email, directed at my honeypot email account, from this botnet.

I should point out however, that of the five emails (with the heading “Your wife’s pics”), I’ve tested in the last six months, three downloaded Trojans to my test machine.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

14 Comments

Filed under Browser add-ons, Browser Plug-ins, Browsers, Chrome, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Email, email scams, Firefox Add-ons, Freeware, Google Chrome, Internet Explorer Add-ons, Internet Safety Tools, Online Safety, Safe Surfing, Software, Windows Tips and Tools, WOT (Web of Trust)

Free Qualys BrowserCheck – Spot Plug-in Security Flaws In Your Browser

image Yesterday, I wrote on the Secunia Personal Software Inspector (PSI), and I mentioned in the article, that each week I receive the Qualys Vulnerability Report from Qualys, a security industry leader in vulnerability assessment, and vulnerability management.

Although Qualys is a major player in the enterprise market, at the personal consumer level, most users will not be familiar with this company. I found it interesting then, that Qualys recently released a free consumer level security tool, BrowserCheck, which will check your web browser for selected security holes in both the browser, and browser plug-ins. Not add-ons, but plug-ins.

Take a look at what Qualys CEO, Philippe Courtot has to say on Browser plug-ins, and security –

Almost 100 percent of all browsers we have surveyed have plug-ins installed that enable the user to play music, watch video, visualize PDF files and play games.

Frequently these plug-ins are overlooked by the users and are not updated, representing a significant security exposure – both for end-users and corporate clients.

I must admit, I find nothing to disagree with in that statement.

BrowserCheck is itself a plug-ins, and like most plug-ins, it’s very easy to install. Simply visit the Qualys site; install the plug-in, and you’re all set.

My first test run was on Internet Explorer 8, as the following screen captures show.

image

image

As the scan results indicate – my Internet Explorer 8 is in good shape.

image

With Firefox running, the results looked like this. It seems I’ve been bad, and not kept my Firefox updated. There’s good reason for this – FF 3.6.6 is slower than molasses (at least on my test machine), and I choose to roll back to FF 3.6.4

image

image

Nevertheless, to complete the test, I clicked on the  “Fix it” button which immediately took me to the Firefox update site, so that I could download the latest version of Firefox.

image

Fast facts: The following items are detected:

Windows OS support expiration

Browser version (IE 6.0+, Firefox 3.0+, Chrome 4.0+)

Adobe Flash Player

Adobe Reader 5.x and above

Adobe Shockwave Player

Apple Quicktime

BEA JRockit

Microsoft Silverlight

Microsoft Windows Media Player

Real Player

Sun Java

Windows Presentation Foundation (WPF) plug-in for Mozilla browsers

As an added security measure, take BrowserCheck for a test drive. According to available information, all major Windows web browsers are supported.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

19 Comments

Filed under Browser Plug-ins, Browsers, cybercrime, Don't Get Hacked, downloads, Firefox, Freeware, internet explorer 8, Internet Explorer Add-ons, Windows Tips and Tools

Follow the Link and You “Takes Your Chances”

image Regular readers on this site are aware, that virtually all downloads I recommend, are linked to CNET (download.com).

There is good reason for this – CNET scrupulously audits hosted downloads and linked sites, to ensure they are not contaminated by malware.

But links on Blogs can be a special problem for surfers – particularly links contained in comments. Don’t get me wrong –  comments are an important part of the blogging mix.

Amongst other things, comments can spark discussion (always a good thing), allow a reader to present his/her point of view, share tech wisdom, or spread the word on a unique piece of software.

But, Blog comments are not without their share of issues; with comment Spam (some containing malicious links), being the leading problem.

Spam is virtually everywhere on the Internet. In your inbox, on Twitter and Facebook, and other social networks, and so it’s not surprising that you’ll find Spam Blog comments.

WordPress, on which this Blog is hosted, has a Spam plug-in filter, Akismet, which does a good job of catching comment spam. Akismet automatically analyzes comments and flags for review, those it considers Spam.

On this Blog, Akismet routinely captures about 90% of spam comments, according to my blog stats. In real number terms, Akismet has captured in excess of 60,000 spam comments here, in the past two years. But what about the other 10%? – some of which will contain malicious links?

As a matter of policy, I test every allowed link included in a comment, for safety.

Regretfully, there are Bloggers who are fairly complacent and who rely only on a Spam filter to do this job. In doing so, they miss the reality: Spam filters can often miss comment spam, some of which are highly dangerous.

While comment Spam is a pain for the Blogger, a reader who follows a link in a malicious Blog comment, which leads to a malware site, is in for a very painful experience.

Here’s a case in point – any time I write on registry cleaners I can expect the following comment, (shown in the following screen capture), or one like it, to show up.

This comment included a link, to a free application, which supposedly is superior to the free application I recommended in the article.

Spam Comment

The comment itself looks harmless, but if I’d allowed this comment to be posted (and I’ve seen this comment published many times over, on many other sites), a reader who followed the link would have become infected simply by visiting the site.

Don’t think that this is an unusual set of circumstances – it’s not. On an average day, here on Tech Thoughts, 10 or more comments (thankfully picked up by Akismet), contain malicious, or dangerous links.

Some advice:

Be cautious when following links contained in comments on any web site – not just Blogs.

Be particularly cautious of comments, on any web site, where the writer is describing a problem with recommended software and offers a link to alternative software.  This is a favorite technique employed by cyber-criminals. All software reviewed on this site, for example, has been thoroughly tested, by me, for usability. If a reader has a problem with recommended software, it’s generally a machine specific problem.

Be cautious when following any link contained in any web page. Recent reports indicate there are 5.8 million individual web pages infected across 640,000 compromised websites. Cyber-criminals are finding it easier than ever to inject malicious content into legitimate sites.

Since the majority of infected sites are infected with Java based scripts, consider using Firefox with the NoScript add-on. NoScript offers superior protection.

Install an Internet Browser add-on that provides protection against questionable, or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/Firefox add-on, that offers substantial protection against questionable, or unsafe websites.

Use Norton DNS as an added safety precaution.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

15 Comments

Filed under Anti-Malware Tools, Browser add-ons, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Firefox Add-ons, Freeware, Internet Explorer Add-ons, Internet Safety Tools, Internet Security Alerts, Online Safety, Safe Surfing, Software, spam, Windows Tips and Tools, WOT (Web of Trust)