Valentine’s Day – Malware Love Is Coming Your Way

From the – here we go again files. Love in your inbox – malware on your computer.

Like clockwork, spammers and cybercrooks ramp up the volume of Valentine’s spam emails aimed at unsuspecting users – every year – starting just about now.

You know the ones –  “Falling in love with you”, “Sending you my love”, “Memories of you”, “I Love You Soo Much” …………. (saccharin sells I guess    ). Since cyber crooks are opportunity driven, you can expect much more of this type of cybercriminal activity again this year.

Maybe you’re a very cool person who’s significant other is always sending you neat little packages in your email. MP3 files, screensavers, cartoons, YouTube videos, and the like. You get them so often, that you just automatically click on the email attachment without thinking. If you are this type of person, here’s a word of advice – start thinking.

The hook, as it always is in this type of socially engineered email scam, is based on exploiting emotions. The fact is, we’re all pretty curious creatures and let’s face it, who doesn’t like surprises. I think it’s safe to say, many of us find it difficult, if not irresistible, to not peek at love notes received via *email.

The reality.

The truth is, these emails often contain links that deliver advertisements – or worse, redirect the victim to an unsafe site where malware can be installed on the soon to be victim’s computer.

Would you be fooled?

A couple of years back, a friend, who is an astute and aware computer user, fell for one of these carefully crafted teasing emails. Clicking on the link led him to a site which had a graphic of hearts and puppies – and of course,  the teaser.

Luckily, common sense prevailed and he backed out of this site. If he had clicked on the teaser, he would have begun the process of infecting his machine with a Trojan. A Trojan designed to connect to a remote command and control center.

Unfortunately, being smart is often NOT enough to protect yourself. At a minimum – make sure you have an effective security solution installed; capable of detecting both known and new malware strains.

You know what to do, right?

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar.

If they come from an untrusted source, simply ignore them – they could take you to a web site designed to download malware onto your computer.

* Cyber crooks have moved on from using just emails as a malware delivery vehicle. So, be on the lookout for fraudulent Valentine’s Day greetings in:

Instant Messenger applications.

Twitter

Facebook

Chat forums, etc..

Another Worm Worms Its Way Into Instant Messaging Applications

From the more things change the more they remain the same files:

AV-killing worm spreads via Facebook chat and IM clients – A rather industrious piece of malware that – among other things – paves the way for other malware by disabling AV solutions and software update modules has been spotted spreading via several Instant Messaging applications (ICQ, Skype, GTalk, Pidgin, MSN, YIM) and Facebook.

The victims receive a message from an unknown user, offering a link to a funny or interesting video. If they follow it, the malware in question downloads automatically from the linked site and is executed.

Nothing new here – as any one of the 10 or more articles I’ve  written over the years on using Instant Messenger applications safely will attest to. The following post (originally published September 4, 2010) will serve as a quick refresher on how to navigate the Internet safely while using an Instant Messenger client.

Tips For Using Instant Messenger Applications Safely

In a recent Symantec survey, which questioned computer users on the most likely routes cybercriminals use to drop malware on unsuspecting users, one resultant statistic made me sit up a little straighter. Just 3.9% of survey participants believed that Instant Messenger applications had a role in malware distribution.

Given the frequency with which instant messaging is used to distribute malware (recent statistics indicate almost 50% of worms use this method to spread), I was more than a little surprised at this unrealistic response.

The reality is, from a security perspective Instant Messaging applications can present considerable security risks. Security breakdowns can occur when these programs are used to share files, folders, or in some cases, entire drives. Instant messaging, unfortunately, is a primary channel used by cyber-criminals to distribute malware and scams.

Programs such as MSN Messenger, Yahoo! Messenger, AIM, and a basket full of other IM applications, are extremely popular with users who want real-time contact with each other and (no surprise here), this makes them the perfect vehicle for cyber criminals.

Hackers use two methods of delivering malicious code through IM: delivery of virus, Trojan, or spy ware within an infected file, and the use of “socially engineered” text with a web address that entices the recipient to click on a URL which connects to a website that downloads malicious code. Viruses, worms, and Trojans then typically propagate, by sending themselves rapidly through the infected user’s buddy list.

The following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

As with any other application you use on the Internet, having the knowledge that allows you to use it safely, and being aware of current threats, will make for a more positive experience when using these wildly popular applications.

Don’t click on links, or download files from unknown sources. You need to be alert to the dangers in clicking on links, or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files, or links are genuine. Remember, if you click on those links, or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords, and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Protect personal and confidential information when using IM. Revealing confidential or personal information in these types of conversations, can make you an easy target for Internet predators.

For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Online Paperless Billing – The New Attack Vector For Cyber Crime

I’m very much in favor of online paperless billing and, virtually all of my reoccurring monthly bills are delivered this way – directly to my inbox. For example (shown below), is a snapshot of the regular monthly email notice from my natural gas supplier.

A simple click on the embedded link, and …..

there’s the bill – which is identical, I might add, to the bill delivered by regular mail.

A couple of extra clicks to reach my online banking and, the bill is paid.

No stacking up bills to be dealt with (along with all the other bills), at a later date. Done – fini – terminado!

I like it and, I’m sure my utilities suppliers love it – since, in most cases, they get paid far in advance of the required payment date. A perfect system it seems – except, this is the Internet.

Ah, the Internet – the playground of every scumbag cyber criminal from Moscow to Montreal – and, beyond. So, it’s hardly surprising to see online paperless billing come under attack.

Yesterday, Commtouch let me know of an ongoing attack – directed at AT&T  customers – which automatically embeds malware onto the targeted machine, once the user clicks on the embedded link in the  billing notice.

Since the billing email shows an outrageous balance (in the following screen capture, $943.01), theoretically, the response ratio should be significantly higher than it might otherwise be.

Several months back, I received a billing notice from my cable supplier totaling $650 – versus the normal $150 – and, I can assure you, I clicked on the embedded link, immediately.

It was, of course, a massive screw up at their end. Never the less, I instinctively (and, without thinking) clicked on the link . Being frustratingly annoyed is often a powerful call to action. Cyber criminals know exactly how to wind us up –increasing the odds that we’ll respond inappropriately.

Graphic courtesy of Commtouch.

According to Commtouch, who generously shared their research –

The pattern to be aware of in this case is: <legitimate domain>/<recurring set of random letters>/<index.html>

The index.html file tries to exploit at least the following known vulnerabilities:

·Libtiff integer overflow in Adobe Reader and Acrobat       CVE-2010-0188

·Help Center URL Validation Vulnerability       CVE-2010-1885

Every link in the email (there are 9 links), leads to a different compromised site with malware hidden inside. Recipients who are unsure whether the email they have received is genuine or not (the malicious version is a very accurate copy), should mouse-over the links.

Genuine emails from AT&T will include AT&T website links.  For example the “att.com link will be the same in both places that it appears in the email – unlike the malicious version which uses two very different URLs.

I might add, that I use the WOT Browser add-on and, you’ll notice in the first graphic (at the top of this page), the green circle indicated the embedded link is safe. I strongly suggest that if you currently do not have WOT installed, that you consider doing so. As well, I use the Redirect Remover add-on which removes any redirect links in Firefox. An appropriate way to become aware of redirected links.

Four years ago, when I stated writing this Blog, I was hopeful that the cyber criminal threat to Internet users would be actively addressed. That at some point, governments and law enforcement would step up and actively seek out, and punish, the criminals who have turned the Internet into a minefield.

Governments, (the U.K, the U.S., Canada, Australia, India …) it seems, don’t give a fiddler’s f*ck – they appear to be much more interested in passing regressive Internet legislation directed at you – not cyber criminals. Legislation designed to massively infringe on individual personal privacy, and individual human rights. In the meantime, cyber criminals continue to roam freely.

As for law enforcement agencies – just try reporting a cyber crime to your local police department and, you’ll find that they couldn’t care less. Their focus is on low level behavioral crimes, like busting teenage Pot smokers. Just how much safer does that make you feel on the Internet?

Unless, there is a concerted effort on the part of all of us – and yes, that means you need to get involved – demanding a responsible approach to this outrageous criminality on the Internet – we will all, at some point, become a victim of cyber crime.

Do I sound angry? You bet I am.

Valentine’s “Love” In Your Inbox – Could Be Malware On Your Computer.

Valentine’s Day will be on us before we know it – so, it’s not too early to get ready for the deluge of  “I love you”, “Wish you were mine”………………., and of course, the customary – “Happy Valentine’s Day” emails.

Hopefully, you will have a Happy Valentine’s Day – but, that happy feeling could be ruined, if you fall victim to the explosion of “spam and scam” that’s aimed at lovers, this time of year –  every year. Much of it designed to take a swing at unsuspecting users machines – leading to a malware infection.

In previous years, starting  just about this time, we saw abnormally high rates of this type of spam and, since cyber crooks are opportunity driven; we’ll see much more of this type of cybercriminal activity this year, I expect.

Perhaps you’re a very cool person who’s significant other is always sending you neat little packages in your email. MP3 files, screensavers, cartoons, YouTube videos, and the like. Could be – you get them so often, that you just automatically click on the email attachment without even thinking. If, you are this type of person, here’s a word of advice – start thinking.

The hook, as it always is in this type of socially engineered email scam, is crafted around exploiting emotions. We’re all pretty curious creatures and, let’s face it, who doesn’t like surprises. I think it’s safe to say, we all find it difficult, if not impossible, to not peek at love notes received via email.

The unfortunate truth is, these spam emails often contain links that deliver advertisements, or worse – redirect the victim to an unsafe site from which malware can be installed on the victim’s computer.

Here’s a tip – If you see something along the lines of – This email contains graphics, so if you don’t see them, view it in your browser – consider very carefully – before you click on the link.

A couple of years ago, a friend, who is an astute and aware computer user, fell for one of these carefully crafted teasing emails. On opening the email, he was taken to a site which had pictures of hearts and puppies, and was then asked to choose which one was for him. You’ll notice that “choosing” involved opening an executable file – a cardinal sin.

Fortunately, he got his geek on in time – common sense prevailed, and he backed out of this site. If he had clicked on this executable file, he would have begun the process of infecting his machine with a Trojan. A Trojan which, in this case, connected to a remote command and control site – (effectively, turning over control of his computer to a cybercriminal). Nasty – I think you’ll agree.

Experienced users are on guard year round for these, and other types of scam/spam email.

You know what to do; right?

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar.

If they come from an untrusted source, simply ignore them, as they could take you to a web site designed to download malware onto your computer.

Cyber crooks have moved on from using just emails, as a malware delivery vehicle. So, be on the lookout for fraudulent Valentine’s Day greetings in:

Instant Messenger applications.

Twitter.

Facebook.

Chat forums, and so on.

This just in @ 11:56

Uzbekistan Government Cancels Valentine’s Day

That settles it – I’m not giving any Uzbek women my love in protest. Sorry ladies.   🙂

Aldi Bot – Build A Botnet For $15!

Psst – wanna build a Botnet – one that can launch a DDoS attack, steal passwords saved in Firefox, steal passwords for Pidgin, remotely execute any file, or use a victim’s computer as a proxy?

No big deal if you haven’t a clue when it comes to the intricacies of coding, or programming – doesn’t matter if you don’t have any hacking skills – if you’ve got just €10 (about $15) to spare, you can buy Aldi Bot …..

Screen shot published by the malware creator.

…. and, create your very own Botnet. Of course, you’ll need the underground forum addresses where this sly tool is available (no, you won’t get those here).

In an over the edge example of “let’s see how far I can push the envelope” – the kiddie script creator will provide hands on installation instruction for those who need it. According to researchers at GData, who discovered Aldi Bot –

“Chat logs, posted by the malware author, reveal that he actually provides personal assistance for the installation and implementation of the bots, even to malware rookies, so-called noobs, who do not have the slightest idea of how to work with the malicious tools. He even uses TeamViewer to make his customers happy and ready to attack.”

Aldi Bot in action.

In case you might think that this type of do-it-yourself malware creation kit is a new or an unusual phenomenon; it isn’t. Downloadable malicious programs, like this, have been available for some time. Examples of DIY malware kits we’ve covered here in the past, include –

Facebook Hacker

T2W – Trojan 2 Worm (Constructor/Wormer)

Constructor/YTFakeCreator

BitTera.C

I find it discouraging that wannabe cyber crooks, whose technical skills never got past the thumb-texting stage, have such ready access to such powerful malware creation tools. A rather sad reflection on the lack of resources available to the law enforcement community.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Bounced Email Malware On The Loose

I suspect that we’ve all sent emails that have been bounced back to us as “undeliverable” – for any one of hundreds of possible mail server errors (you might be surprised to learn that there are 850+ possible error messages). The most common error? We’ve used an incorrect email address.

In most circumstances (if you’re aware that you did send the bounced email), it’s safe to open the undeliverable notice. But, and this is a big BUT – if you didn’t sent it – DON”T click on it –DON”T open it! Especially if you’re required to open an attachment to view the details. An attachment virtually guaranteed to contain malware designed to hijack your email account.

You might think that this sort of thing couldn’t happen to you. But, don’t be so sure – a moments inattention can be all it takes.

Here’s an example forwarded to me, just a few days ago, by a regular reader who is a very astute user. A reader who’s extremely conscious of system security, and Internet safety. He and I correspond frequently on security related issues, and I can easily say – he knows his stuff.

Hi Bill:

I just had an email account hijacked because I sent an email to a legitimate web site and immediately received one of those undeliverable messages (Damein something?).  Anyway, I clicked on it to see if I sent the email to the correct address.  Shortly thereafter, someone took control of my contact list and sent emails out with a link on them.

Of course, I changed my password and deleted my contact’s list.  I am no longer keeping a contact list on my email programs, as the first thing they do is take control of one’s contact list.

I’ll point out, that the most common reason (but, not the only one), you’re likely to receive an infected bounce back is – your email address has been scooped from an infected machine’s contact list. In other words, someone you know and have exchanged emails with, is infected. The example above, is a perfect illustration of this.

Malware delivery methods are cyclical (everything old is new again), and we’ve seen this threat before. From what I can see, following some investigation – it appears to be making a resurgence. So, when dealing with bounce backs, it’s important that you have a heightened sense of awareness.

You may think that this is an overreaction but, if the bounced email is a personal email – pick up the phone and confirm the address. Having once been a victim of a cyber criminal who hijacked one of my email accounts, I can assure you – it’s a most unpleasant experience.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Scareware Is Everywhere – As Mac Users Just Found Out

The success cyber criminals have had with the recent Mac scareware attack (MacDefender, which has already morphed into a new variant – MacGuard), emphasizes the following point – given the opportunity, Mac users may be just as likely as Windows users to say “Yes” to an invitation to download a rogue security application.

Considering Apple’s marketing style, which reinforces the myth that Macs are inherently more resistant to malware infections than Windows PCs (bolstered by the cachet that Mac users are somehow smarter than PC users), I suspect that Mac users are in for a rough ride in the coming months. Undoubtedly, Mac users will learn that cyber criminals use of social engineering is not platform specific.

Hopefully, this reality check will put a stop to nonsensical forum comments like the following.

“Well this is why I’m glad to have a Mac just saying”

“If Windows didn’t exist these things wouldn’t happen to people”

Since myths tend to die a slow and painful death however, I somehow doubt it.

Early last year, I posted an article – Say “Yes” on the Internet and Malware’s Gotcha! – which pointed out the potential consequences to those Internet users who instinctively, and unthinkingly, click on “Yes” or “OK”. Given the unprecedented rise in the number of malicious scareware applications in the interim (often, but not exclusively, promoted through poisoned Google search results), that article is worth reposting.

The following is an edited version of that earlier article.

Virtually every computer user, at both the home user level (my friends), and at the corporate level, whom I come into contact with, tends to downplay personal responsibility for a malware infection.

I hear a lot of – “I don’t know what happened”; “it must have been one of the kids”; “all I did was download a free app that told me I was infected”; “no, I never visit porn sites” or, Bart Simpson’s famous line “it wasn’t me”. Sort of like “the dog ate my homework”, response. But we old timers, (sorry, seasoned pros), know the reality is somewhat different, and here’s why.

Cybercriminals overwhelmingly rely on social engineering to create an opportunity designed to drop malicious code, including rootkits, password stealers, Trojan horses, and spam bots, on Internet connected computers.

In other words, cybercriminals rely on the user/potential victim saying – “YES”.

Yes to:

Downloading that security app that told you your machine was infected. Thereby, infecting your computer with a rogue security application.

Opening that email attachment despite the fact it has a .exe .vbs, or .lnk.extension, virtually guaranteeing an infection.

Downloading that media player codec to play a  porno clip, which still won’t play, but your computer is now infected.

Clicking on links in instant messaging (IM) that have no context, or are composed of only general text, which will result in your computer becoming part of a botnet.

Downloading executable software from web sites without ensuring that the site is reputable. Software that may contain a Browser Hijacker as part of the payload.

Opening email attachments from people you don’t know. At a minimum, you will now get inundated with Spam mail which will increase the changes of a malware infection.

There are many more opportunities for you to say “yes”, while connected to the Internet, but those listed above are some of the the most common.

The Internet is full of traps for the unwary – that’s a sad fact, and that’s not going to change any time soon. Cyber criminals are winning this game, and unless you learn to say “NO”, it’s only a matter of time until you have to deal with a malware infected machine.

Here’s an example of a rogue security application getting ready to pounce. A progressively more common occurrence on the Internet.

I can’t say this often enough. Ensure you have adequate knowledge to protect yourself and stay ahead of the cybercrime curve. Make a commitment to acquire the knowledge necessary to ensure your personal safety on the Internet. In a word, become  “educated”.

If you lack this knowledge the answer is simple – you can get it. The Internet is loaded with sites (including this one), dedicated to educating computer users on computer security – including providing application reviews, and links to appropriate security software solutions.

It’s important to be aware however, that security applications alone, will not ensure your safety on the Internet. You really do need to become proactive to your Internet safety and security. And that does mean becoming educated.

Internet users who are aware of significant changes in the Internet security landscape, will react accordingly. Unfortunately, experience has taught me that you can’t fix stupid.

Before you say “yes”

Stop – consider where you’re action might lead

Think – consider the consequences to your security

Click – only after making an educated decision to proceed

Consider this from Robert Brault:

“The ultimate folly is to think that something crucial to your welfare is being taken care of for you”.

I’ll put it more bluntly – If you get a malware infection; it’s virtually certain it’s your fault. You might think – here’s this smug, cynical guy, sitting in his office, pointing undeserved critical fingers. Don’t believe it.

If users followed advice posted here, and advice from other security pros, and high level users, the Internet could be a vastly different experience for many. At the very least, we might have half a chance of dealing more effectively with the cybercriminal element. To this point, we’re losing rather magnificently.

Computer users would be vastly better off if they considered Internet security advice, as a form of inoculation. It’s a relatively painless way to develop immunization. While inoculations can be mildly painful, the alternative can be a very painful experience.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Kate Middleton Nude – As If!

I’m an easy mark when it comes to pomp and circumstance, so like millions worldwide, I just finished watching the Royal Wedding. An impressive occasion, to say the least. Now, I need to relax and get over my Royal Wedding media hangover.

The media frenzy surrounding the wedding is likely to remain at a fever pitch far into the future however, as will the level of cyber criminal activity hooked on to Prince William and Kate Middleton. Hardly surprising, when one considers the size of the “market”. Scoping out  “the royal wedding” on Google returns an amazing 53 Million search results – and cyber crooks love a big market.

Cyber crooks don’t miss a trick when it comes to leveraging events surrounding popular personalities, and along with the usual schemes – inbox spam, phony search results, Twitter and Facebook misdirection …….., – Kate Middleton comment spam, as illustrated by the following examples posted here in the last few days, has not been neglected by these parasites.

The first:

kate middleton naked
easy-share.com/1914927081/Kate_Middleton_-_Nude_P…
Givliani@gmail.com
184.82.196.132 – Submitted on 2011/04/27 at 12:19 am

Clicking on the link leads to a 90 MB compressed download hosted at Easy Share. I have no doubt that downloading this file would lead to a very painful experience.

The second:

This is actually my personal complete nude and semi-nude picture collection of Kate Middleton I collected over the last 10 weeks. http://www.megaupload.com/?d=8KKIJIWT Caution: Don’t leak this pack outside of this website or I will eliminate this comment and also chase you down to hell!

Clicking on this link leads to a similar 90 MB compressed download.

The third:

prince william wedding
netload.in/dateimQ5jcAXATn/Kate_Middleton_-_Nude_…
Kingwood@yahoo.com
69.162.162.130 – Submitted on 2011/04/27 at 12:19 am

Download and view this entire pic series of Kate Middleton along with pretty much all the unclothed as well as naughty images one can locate on the world wide web. http://www.fileserve.com/file/xnj2k2Q Caution: Don’t leak this pack outside of this site or I will delete this post and hunt you down to hell!

A similar set up – clicking on the link leads to a 90 MB compressed download.

If you’ve ever wondered why comments on this site, and many other sites for that matter, are held for moderation by a site administrator, the simple answer is – comment spam, as illustrated, can be extremely dangerous.

The amount of time required to effectively control comment spam is not insignificant. For example, since I first setup this site, I’ve dealt with over 55,000 spam comments.

Conservatively, it takes 10 seconds to check each spam comment (spam filters are not perfect) – that amounts to 152 hours, or 4 plus weeks, of wasted time. Needless to say – I consider comment spammers to be far down on the human evolutionary scale.

Same old – same old:

Be cautious when following links contained in comments on any web site.

Be particularly cautious of comments, on any web site, where the writer is describing a problem with recommended software and offers a link to alternative software.  This is a favorite technique employed by cyber-criminals.

Be cautious when following any link contained in any web site, since the latest reports indicate there are 5.8 million individual web pages infected across 640,000 compromised websites. Cyber-criminals are finding it easier than ever to inject malicious content into legitimate sites.

Be cautious following links on web forums. Forums can often be a source of dangerous links.

Since the majority of infected sites are infected with Java based scripts, consider using Firefox with the NoScript add-on active. NoScript offers superior protection.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/Firefox add-on, that offers substantial protection against questionable, or unsafe websites.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Ransom Trojan KDV.153863 – Call Me, Pay The Fee, And I’ll Unlock Your Kidnapped Windows System

Ransomware is a vicious form of malware, given that that it generally encrypts the victim’s files, or restricts the user’s ability to access the computer in some way. Payment of a ransom fee is the commonality in all ransomware attacks.

According to F-Secure, a new form of ransomware (KDV.153863), which reportedly locks the victim’s computer, leaving the machine essentially unusable, is currently circulating on the Internet .

An infection by KDV.153863 will lead to the following boot screen.

Graphic courtesy of F-Secure – click to expand.

In line with previous versions of this type of malware, an unlock code can be had (ostensibly for free), by following a set of specific instructions.

The following graphic sets out the method to be followed by the victim to obtain an activation code. The activation code does, in fact, unlock the victim’s computer. Cybercriminals with a conscience, or just good business strategy?

Graphic courtesy of F-Secure – click to expand.

You’ll notice in the screenshot that all of the available telephone numbers are international, and it’s by way of this recovery construction that the cyber crook profits.

The Trojan author, collaborating with rogue call center operators, has designed a four minute message routine which the victim is forced to listen to while exorbitant long distance toll fees are being generated. Similar, in a sense, to the old 900 premium-rate telephone number scams  Apparently, these fees are shared between the cyber crook and the call center operators.

Following the forced four minute message routine, the victim is given an unlock code (1351236) which, according to F-Secure, appears to be the same every time the number is called.

We’ve been dealing with this type of malware, on and off, for years. If previous experience is any indication (and it is), we can expect to see more of this type of malware, in a more general release, through the balance of this year.

Reduce the possibilities of infection by this and other malware, by taking the following precautions:

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data. If you are infected this may be your only solution

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure your anti-virus software scans all e-mail attachments

Don’t store critical data on the system partition

Adhering to the best practices, as noted above, is no guarantee that your system won’t be penetrated. All things considered, running your computer in virtualization mode, while surfing the Net, is highly recommended.

Please read Free BufferZone Pro – Maybe The Best Surfing Virtualization Application At Any Price, on this site, for information on virtualization.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Be Prepared – Japan Earthquake, Tsunami Spam, And Malware, On The Way

Experts Warn Of Japan Earthquake, Tsunami Spam

As the Pacific Rim braces for deadly Tsunami’s spawned by today’s magnitude 8.9 earthquake in Japan, the SANS Internet Storm Center says users should be on the lookout for a different kind of Tsunami: scam e-mail and Web pages looking to turn curiosity about the events in Japan into illicit gain.

The Internet Storm Center (ISC) issued a warning on its Web page Friday morning warning reader to expect “emails (sp) scams and malware circulating regarding the recent Japanese earthquake.”Examples of Tsunami-related spam have already shown up in spam filters, according to the Web site spamwarnings.com.

You can read more at Kaspersky’s ThreatPost here.