Category Archives: Phishing

Ashampoo Database Hacked – What You Need To Know

I could spend all day, every day, reporting on nothing more than the latest cyber criminal targeted intrusions into enterprise IT systems.  Two reports from my today’s Tech Net News column illustrate that we are barely scratching the surface of this significant, continuous, and rapidly expanding problem:

European Space Agency website and FTP servers hacked

Dramatic increase in cyber attacks on critical infrastructure

If you’re an everyday reader here, then you may recall that I regularly recommend that you take advantage of the German software developer Ashampoo’s, occasionally offered free application multipacks.

The downside (for some) is, you must register and provide an email address. Additional benefits can be gained by registering as an  Ashampoo member, which includes creating a password.

Unfortunately, Ashampoo has become a victim of a cyber criminal targeted intrusion aimed at their customer database. According to the company:

“Hackers gained access to one of our servers. We discovered the break-in and interrupted it instantly. The security gap through which the hackers gained access was closed immediately.

The stolen pieces of information are data of addresses such as name and e-mail address. Billing information (e.g. credit card information or banking information) is definitely not affected … it is not stored on our system.”

If you have taken advantage of Ashampoo’s offers, then it’s important that you exercise extreme caution with any future emails sent by the company and, any unsolicited email sent by any company, for that matter.

As well, if you have registered as an Ashampoo member, it’s important that you change your account password. Additionally, if you have used the same password elsewhere (you’d be surprised how often this occurs), it’s imperative that you change these passwords immediately.

My thanks to my buddy John B. (a great Scot!), for bringing this unfortunate incident to my attention this morning.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

14 Comments

Filed under Cyber Crime, Cyber Criminals, cybercrime, Don't Get Scammed, Don't Get Hacked, Email, Malware Advisories, Phishing, Tech Net News, Windows Tips and Tools

Cyber Criminals Bump Up Efficiency Using Cloud Services

In a comment response yesterday to regular reader Mal C., I made the point – “It’s the person at the keyboard, that’s where the trouble starts – not the OS”. Continuing the discussion with regular reader John B., I expanded on this –

“It’s the person at the keyboard, that’s where the trouble starts – not the OS”, is operative – no matter the operating system.

Just one example: Email accounts are continuously been phished (“your account will be deactivated”, is a popular approach), with the objective being to have the user respond with, password, DOB, mobile telephone number, etc.

If the phish is successful (and many are), the crook ends up controlling that account. Cyber crimes like this, are not system specific. They depend on unaware, undereducated users, for their success.”

As luck would have it, this morning I got an invitation from Commtouch, to post an upcoming article here on Tech Thoughts (which will be published on their site shortly), that partly supports this view.

Cloud Streamlines Efficiency of Identity Theft

Working with cloud-based services significantly improves economies of scale – for cybercriminals, too. Phishers are already benefiting from free hosting by hiding phishing pages within hacked legitimate sites.  Now, they are leveraging cloud-based form management sites, such as Google docs or formbuddy.com. to collect information from unwitting victims.

With this technique, the phisher does not have to worry about creating/managing/storing back-end form data and can more easily scale the harvesting of phished data.  Those duped into filling out the form will not be aware of this nuance.

We just hope victims are paying attention when they fill out a seemingly legitimate form that directly asks for an “email address password.” If their attention lags, they are giving the phisher a significant pay-off for a minimal investment: Identity theft.

This attack targets users of HomeAway holiday rentals – See the images below. Click on an image to expand.

image

A look at the page source reveals that the filled in form is sent to “formbuddy.com” and not collected directly by the phisher.  Formbuddy.com collects and stores all the responses to the “form” shown above, and then emails a neat summary to the phisher (whose login name is “fanek”).

image

As a matter of interest, WOT (Web of Trust) warns against visiting formbuddy.com, as per the following screen capture.

image

As an aware and educated computer user, I know that you wouldn’t be deceived by this type of clumsy attempt to defraud – under no circumstances would you disclose your email address password to anyone.

As I said at the opening, these schemes depend on unaware, undereducated users, for their success. Unfortunately, that describes far to many Internet users.

About Commtouch:

Commtouch provides proven Internet security technology to more than 150 security companies and service providers including 1&1, Check Point, F-Secure, Google, Microsoft, Panda Security, Rackspace, US Internet, WatchGuard and Webroot,, for integration into their solutions. Commtouch’s GlobalView™ and patented Recurrent Pattern Detection™ (RPD™) technologies are founded on a unique cloud-based approach, and protect effectively in all languages and formats.  Commtouch’s Command Antivirus utilizes a multi-layered approach to provide award winning malware detection and industry-leading performance.

More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Cloud Computing, Cyber Crime, Cyber Criminals, Don't Get Scammed, Don't Get Hacked, email scams, Freeware, Internet Security Alerts, Online Safety, Phishing, Windows Tips and Tools, WOT (Web of Trust)

McDonalds “Fillet O’ Phishing” Survey Scam

image Would you fill out an email survey, sponsored by McDonalds – if they paid you 250 dollars for completing it? I’ll go out on a limb here and say – yes you would. Just like most offers that sound overly attractive though – this offer is a scam.

This scam is not only plausible, but in appearance, it could easily pass for the real thing. Jump into this one though, and you’ll stand a good chance of losing your credit card information. So, no 250 dollars; just a real messy credit cleanup to look forward to.

image

Filling out the survey form really isn’t the hook – that comes later.

image

Clicking on the “proceed” link (this is where you supposedly get the 250 bucks), opens the following screen. All you have to do is provide your credit card details and additional personal information.

image

If, at this point, you don’t hear a loud warning bell resonating in your head – you’re about to become a cyber crime victim.

To add credibility (and reduce suspicion), victims of this scam are automatically redirected to the official McDonalds site – once the victim’s credit card details have been scooped by the crooks.

In August of 2010, when I first reported on this scam, which was then being “test marketed” by the cyber crooks in New Zealand and Australia, I made the following point –

The rest of us (non Australian or New Zealanders), shouldn’t be complacent because, for the moment, this scam is appearing only in that part of the world. If this scam works there, and I suspect it will work very well, there’s little doubt it will soon be on it’s way to you’re inbox.

Well, here it is in North America and according to the chat on the Net, this time out, the graphics on the survey and phishing pages are loaded directly from McDonald’s own website. You can rightfully accuse cyber crooks of being the lowest form of pond scum imaginable – but you can’t accuse them of not being technically sophisticated.

It’s the same old, same old, though – the first time I came across this scam was in 2006. This type of scam is recycled repeatedly – because it works. Reasonably intelligent people do get trapped by sophisticated scams. Due, in large part, to their failure to take minimum common sense security precautions. Don’t be one of them.

Advice worth repeating:

If you have any doubts about the legitimacy of any email message, or its attachment, delete it.

Better yet, take a look at the email’s headers. Check the initial “Received from” field in the header, since this field is difficult to forge. Additionally, the mail headers indicate the mail servers involved in transmitting the email – by name and by IP address.

It may take a little practice to realize the benefits in adding this precaution to your SOP, but it’s worth the extra effort if you have any concerns.

f you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

10 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, email scams, Malware Reports, Phishing, Windows Tips and Tools

BitDefender Releases Free Antispam for Linux Mail Servers

imageBitDefender styles itself as “an award-winning provider of innovative Internet security solutions”, and I must admit that I agree. Moreover, BitDefender has taken a leading role in providing free security solutions, including a host of specialty malware removal tools – particularly, in the past few months.

Yesterday, BitDefender released a Free Antispam application designed specifically for Linux Mail Servers. This new application is driven by BitDefender’s award winning anti-spam engine, and according to Alexandru Balan, BitDefender’s Innovation & Technology Product Manager, the application is aimed at “small businesses and individuals who run mail servers in environments other than Windows, but are dissatisfied with the lackluster performance of existing open-source or proprietary antispam solutions.”

image

Fast facts:

Antispam – Using constantly updated blacklists and whitelists of known Spam sites, Bayesian learning provides another layer of detection that adapts to the changes made by Spammers to bypass static Spam filters.

Antiphishing – While considered more of personal threat than a corporate threat; phishing sites can also harvesting information from your company’s employees. Using a combination of constantly updated blacklists and whitelists, BitDefender prevents users from known accessing phishing sites and preventing compromise.

Content Filtering – Content filtering allows for the detection of predefined information such as credit card or account information, report names, client databases, etc. from passing outside the company’s control.

High performance NeuNet technology (advanced adaptive neural network).

Easy installation and easy to use web-based and command line administration interface.

Highly compatible kits that are available for all major Linux distributions (available as RPM, DEB, IPK) and are Linux FHS compliant.

System requirements:

Linux – Linux Kernel 2.6.18 or newer, glibc 2.3.1 or newer, libstdc++ from gcc 4 or newer.

Supported Distributions:

Debian GNU/Linux 3.1 or newer, Fedora Core 1 or newer, Novell SuSE Linux Enterprise Server 9, Linux 8.2 or newer, Mandrake/Mandriva 9.1 or newer, RedHat Enterprise Linux 3, Linux 9 or newer

BitDefender Security for Mail Servers, is the only product to have won a VBSpam award in every single VBSpam test – and with one of the highest spam catch rates in this test, and no false positives, it outperforms all other products and achieved the highest final score in the September 2010 test.

Download Free AntiSpam for Mail Servers at: BitDefender – registration required.

A user guide, in PDF format, is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

9 Comments

Filed under Alternatives to Windows, BitDefender, Don't Get Scammed, Don't Get Hacked, downloads, Email, Enterprise Applications, Free Security Programs, Freeware, Linux, Phishing, Software, spam