Valentine’s Day – Malware Love Is Coming Your Way

From the – here we go again files. Love in your inbox – malware on your computer.

Like clockwork, spammers and cybercrooks ramp up the volume of Valentine’s spam emails aimed at unsuspecting users – every year – starting just about now.

You know the ones –  “Falling in love with you”, “Sending you my love”, “Memories of you”, “I Love You Soo Much” …………. (saccharin sells I guess    ). Since cyber crooks are opportunity driven, you can expect much more of this type of cybercriminal activity again this year.

Maybe you’re a very cool person who’s significant other is always sending you neat little packages in your email. MP3 files, screensavers, cartoons, YouTube videos, and the like. You get them so often, that you just automatically click on the email attachment without thinking. If you are this type of person, here’s a word of advice – start thinking.

The hook, as it always is in this type of socially engineered email scam, is based on exploiting emotions. The fact is, we’re all pretty curious creatures and let’s face it, who doesn’t like surprises. I think it’s safe to say, many of us find it difficult, if not irresistible, to not peek at love notes received via *email.

The reality.

The truth is, these emails often contain links that deliver advertisements – or worse, redirect the victim to an unsafe site where malware can be installed on the soon to be victim’s computer.

Would you be fooled?

A couple of years back, a friend, who is an astute and aware computer user, fell for one of these carefully crafted teasing emails. Clicking on the link led him to a site which had a graphic of hearts and puppies – and of course,  the teaser.

Luckily, common sense prevailed and he backed out of this site. If he had clicked on the teaser, he would have begun the process of infecting his machine with a Trojan. A Trojan designed to connect to a remote command and control center.

Unfortunately, being smart is often NOT enough to protect yourself. At a minimum – make sure you have an effective security solution installed; capable of detecting both known and new malware strains.

You know what to do, right?

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar.

If they come from an untrusted source, simply ignore them – they could take you to a web site designed to download malware onto your computer.

* Cyber crooks have moved on from using just emails as a malware delivery vehicle. So, be on the lookout for fraudulent Valentine’s Day greetings in:

Instant Messenger applications.

Twitter

Facebook

Chat forums, etc..

My Days Are Numbered – Someone Wants Me Dead!

I sometimes wonder if it isn’t a prerequisite that Nigerian scammer wannabes are required to graduate “comedy school”, before they get their scammers license, and are set free to practice their newfound skills on the marginally intelligent.

In an updated twist on an old theme (the infamous 419 scam), Nigerian scammers have upped the ante in a variant of their usual email scam nonsense – the hitman, “I’m gonna kill you” email. These fear-provoking emails (at least they’re intended to be scary), contain a threat that the recipient will be murdered.

Hitman emails are not a new threat – they’ve  been circulating on the Internet since at least early in 2007. They come; they go, and come and go again.

There are many variations of this email, here’s one example received here yesterday. In this particular email, the scammer has bcc’d (blind carbon copied) any number of upcoming murder victims. Seems as if the murder/assassination business is a growth industry.  

You have been betrayed!!! It’s a pity that this how your life is going to come to an end as your death had already been paid for by someone who is very close to you from all investigations.

I have ordered 3 (three) of my men to monitor every move of you and make sure you are not out of sight till the date of your assassination. According to the report I gets, you seem to be innocent about what you have been accuse but I have no business with that, so that’s why am contacting you to know if truly you are innocent and how much you value your life.

Get back to me if you sure want to live on, ignore this mail only if you feel it’s a joke or just a threat. Don’t forget your days on earth are numbered, so you have the chance to live if only you will comply with me.

WARNING: Tell no one about this mail to you because he or she might just be the person who wants you dead, and if that happens, I will be aware and am going to make sure you DIE instantly.

I will give you every detail of where to be and how to take any actions be it legal or illegal, that’s only when I read from you. You need to stay calm and act unaware of this situation and follow instructions because any move you make that is suspicious; you will DIE as your days are numbered.

On a more serious note:

This scam illustrates the lengths to which these crooks will go to entrap the unwary and gullible. Unfortunately, the description “unwary and gullible”, is easily applied to substantial numbers of Internet users.

As an experienced and cautious Internet user, it’s safe to say that you will not be deceived by this type of clumsy attempt to defraud but, you might be surprised how often reasonably intelligent people are.

So, be kind to your friends, relatives, and associates, particularly those who are new Internet users, and let them know that there is an epidemic of 419 scams on the Internet. In doing so, you help raise the level of protection for all of us.

Am I Dead? Investigation.org Wants to Know

I woke up this morning to find that I wasn’t dead. That’s kind of a bonus, since there have been mornings when I wasn’t entirely convinced –  if you know what I mean. But, I’m getting ahead of myself.

Assuming, one is still alive – I suspect that there might be a certain sense of urgency in refuting a rumor that one has passed on to bigger and better things (hopefully, bigger and better things, but……).

In the latest craziness on the spamming scene – Investigation.org (now there’s a catchy name), has crafted a phishing email – loaded with power words – in an effort to provoke the need to act.

First, to prove you’re not DEAD – and subconsciously, who doesn’t have a need to do that? Second, in the happy event you’re not DEAD – the good news is – you’re in line to “receive and confirm your funds without any more stress”. Good news – no?

In an attempt to show the proper degree of sincerity (just in case you’re DEAD, as you read the email), Investigation.org goes that extra mile – “MAY YOUR SOUL REST IN PERFECT PEACE – YOUR JOY AND SUCCESS REMAINS OUR GOAL.”

Text of this unintentionally hilarious email –

URGENT CONFIRMATION NEEDED TODAY/CALL FOR DETAILS

Investigation Bureau office@investigation.org

8:48 AM (5 hours ago)

Attn: Sir/Madame (don’t know if I’m a man or a woman – what gives?)

We are writhing to know if it’s true that you are DEAD? Because we received a notification from one MR. GERSHON SHAPIRO of USA stating that you are DEAD and that you have giving him the right to claim your funds.

He stated you died in a CAR accident. He has been calling us regarding this issue, but we cannot proceed with him until we confirm this within after 7 days of no respond.

Be advised that we have made all arrangements for you to receive and confirm your funds without any more stress, and without any further delay.

All we need to confirm now is you been DEAD Or still Alive. Because this MAN’S message brought shock to our minds. And we just can’t proceed with him until we confirm if this is a reality OR not.

But if it happened we did not hear from you after 7 days, then we say: “MAY YOUR SOUL REST IN PERFECT PEACE” YOUR JOY AND SUCCESS REMAINS OUR GOAL. May the peace of the Lord be with you wherever you may be now.

Your Faithfully,
Mrs. Vivian Martins
Tel: +123-806-731-6969

Email: investigation_departtt1@hotmail.com

OK, I will admit, that to be taken in by a scam email like this, or any scam email for that matter, one would have to be the type of person whose antenna doesn’t pick up all the channels.

Still, when you consider that 90% of all emails are spam – and scams are a big part of that percentage – it’s fair to say – more than a few unlucky souls who’ve lost contact with the mother ship, will fall for this type of scam email.

What a sad reflection on the state of the Internet.

The Fundamental Principle Of Safe Surfing – Think “Common Sense”

So what can you add to your computer’s Firewall, Security Applications, and Browser security add-ons to ensure you have the best protection available while you’re surfing the web? Well, how about something that’s free, and readily available? Something called “Common Sense”.

Common sense: sound and prudent judgment based on a simple perception of the situation or facts.

–   Merriam-Webster’s Online Dictionary

Common Sense Tip #1 – Given the virtual epidemic of malware currently circulating on the Internet, don’t run, or install programs, of unknown origin.

Internet users’ continue to be bombarded with rogue security software which has reached epidemic proportions. There seems to be no end to the release of new rogue security software threats. Rogue software will often install and use a Trojan horse to download a trial version, or it will perform other actions on a machine that are detrimental such as slowing down the computer drastically.

Download applications, particularly free programs, only from verifiably safe sites (sites that guarantee malware free downloads), such as Download.com, MajorGeeks, Softpedia, and the like.

There are many more safe download sites available, but be sure you investigate the site thoroughly before you download anything. Googling the site, while not always entirely reliable, is a good place to start. A recommendation from friends as to a site’s safety is often a more appropriate choice.

Common Sense Tip #2 – Don’t open emails that come from untrusted sources. It’s been estimated that 96% of emails are spam. While not all spam is unsafe, common sense dictates that you treat it as if it is.

Common Sense Tip #3 – Don’t run files that you receive via email without making sure of their origin. If the link has been sent to you in a forwarded email from a friend, be particularly cautious. Forwarded emails are notorious for containing dangerous elements, and links.

Common Sense Tip #4 – Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a web designed to download malware onto your computer.

Common Sense Tip #5 – If you do not use a web based email service then be sure your anti-virus software scans all incoming e-mail and attachments.

Common Sense Tip #6 – Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

Most of all, understand that you are your own best protection.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Banning Office Email? Seriously?

Guest writer Melanie Slaugh reports on Thierry Breton’s (a past French Minister of Economy, Finance and Industry) startling suggestion – ban interoffice emails. Is he being unrealistic or, is he a forward thinker? Read on – see what you think.

Can you imagine a business without email? Well, a French technology company wants to change the way you do business. Citing an overabundance of spam and a lack of personal connections, the French IT services firm Atos Origin plans to ban interoffice emails within two years.

Instead of rigid, impersonal emails, employees will converse mostly through instant-messaging tools or wiki-like documents that can be edited by multiple users online.

“We are producing data on a massive scale that is fast polluting our working environments and also encroaching into our personal lives,” said Atos CEO Thierry Breton, “At Atos Origin we are taking action now to reverse this trend.”

Breton gave an interview to the Wall Street Journal in which he stated that he hadn’t sent a work e-mail in three years. “If people want to talk to me, they can come and visit me, call or send me a text message,” he told the newspaper. “Emails cannot replace the spoken word.”

Breton thinks that only 10% of the interoffice emails his employees receive are important or useful, the other 90% consisting of forwards and spam.

So far, the response to Breton’s efforts to cut down on extraneous emails has been positive in Athos Origin, with interoffice emails declining by 20% in the last six months.

“Atos’ decision … is perhaps the most ringing endorsement yet for the notion that email is being gradually phased out of [the workplace],” wrote BonitaSoft CEO Miguel Valdés Faura on the tech blog GigaOm. “It will be interesting to see how many other large scale organizations will follow in its footsteps over the next several years.”

Web-based email as a whole seems to be on the way out as companies and people grow more mobile. A study done by ComScore, Inc, indicated that the number of web-based emails declined by six percent in 2010, while mobile email increased by thirty six percent.

“Digital communication has evolved rapidly in the last few years with an ever-increasing number of ways for Internet users to communicate with one another,” said Mark Donovan, comScore senior vice president of mobile. “From PCs to mobile devices, whether its email, social media, IM or texting, consumers have many ways to communicate and can do so at any time and in any place. The decline in web-based email is a byproduct of these shifting dynamics and the increasing availability of on-demand communication options.”

Many email-smothered employees could very well accept the change with open arms, unless the rise in personalization also comes with a rising in face-to-face meetings or conference calls.

Author Bio:

Melanie Slaugh is enthusiastic about the growing prospects and opportunities of various industries and writing articles on various consumer goods and services as a freelance writer.

She writes extensively for internet service providers and also topics related to internet service providers in my area for presenting the consumers, the information they need to choose the right Internet package for them. She can be reached at slaugh.slaugh907 @ gmail.com.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

250 Zemana AntiLogger License Giveaway At MalwareTips.com

Regular readers may remember, that I thoroughly tested Zemana AntiLogger a year or so ago. Subsequently, through the generosity of Zemana we were able to offer two thousands plus, free licenses to readers.

During the testing period I ran a series of Anti-Keylogger Tests, including tests for web cam penetration. All test methods were defeated by Zemana AntiLogger.

A quick recap of Zemana AntiLogger’s capabilities.

Secure your Internet banking and financial transactions

Protect information in emails and Instant Messages

Protect keystrokes from spyware

Protect all screen images

Webcam Logger protection

System Defense

No need to download latest virus signatures

No need to know or detect the malware’s signature

No need to wait for updates from a virus lab

No need to scan files

Proactively looks for suspicious activity

Catches not just the usual suspects, but also sophisticated “zero day” malware

Prevents theft of data via secure connections (HTTPS / SSL)

Does not slow down your PC

Easy to download, install and use

Future-proof

This application, which is arguably the best Antikeylogger application on the market, is not freeware, but you may download a 15 day trial version at: Zemana

Better yet, take a run over to MalwareTips.com, read the article carefully, and follow the instructions to obtain a new 12 month license.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Nude Pics Of Your Wife/Girlfriend Attached – Click Here

We’ve all heard it – “Have any nude pictures of your wife? “Want to buy some?” It’s an old joke, but the Internet has given the “ Want to buy some?”, new meaning.

Straight from the headlines here in Canada – Judge temporarily off bench over online sex photos. Since this women is an Associate Chief Justice, I suppose the idea that one could view her (absent her clothes), on the Internet, makes this a titillating newsworthy event. I won’t get into the whole story here, but there’s a 67 Million dollar lawsuit involved.

In the broader sense though, it’s not much of a story. The particulars in this case may be unusual, to some extent, but the concept certainly isn’t. Google –  “pics of your wife”, and be prepared for 262,000,000 links. I must admit, I was taken aback with the sheer volume of the results. It seems as if nude wife pictures has a certain cachet!

It’s no surprise then, that Cyber-crooks continue to use the “pictures of your wife” social engineering email hook, to entice potential victims to click on an email containing a link to that all time spamming champion – Canadian Pharmacy, which is (no surprise here), controlled by a Russian botnet.

So, what would you have done if you had received the following email in your inbox this morning? Would you have been curious enough to read the email shown below – including clicking on the enclosed .jpeg.

Hello,

I apologize for my frankness. I’m sorry for not being able to speak to you in person, but I can only talk to you via email and I feel obliged to notify you to open your eyes, you are being betrayed.

I know it is difficult to prove, but every picture tells a story, I’ll send you these pictures so that you can see it with your own eyes. Take care…a big hug

From a good friend who is very fond of you

View photos here

As part of what I do, I occasionally follow emails like this all the way down the trail. And, in this case, I ran both the attached .jpeg, and the site, (before opening either one), through VTzilla, an Internet Browser malware checking add-on. The initial 7 engine scan showed the site to be safe. A follow-up scan with all 43 engines produced the same result – a safe site.

OK, that was cool – Firefox, Google Safebrowsing, Opera, Paretologic, Phistank, and TRUSTe, amongst others, gave this site a clean bill of health.  So, I should have felt confident in opening this site, right? Well, not quite. There was one problem – I KNOW this is an unsafe site!

On attempting to open the site though, WOT, another Internet Browser security add-0n, intercepted the connection and overlaid the following warning.

Clicking on the “View rating details” button, gave me the following site information.

Here’s the point of all this:

Do NOT open titillating, or salacious emails, no matter how tempting.

Do NOT trust to a single Browser security add-on to protect you on the Internet. Any statement to the contrary is sheer BS. No such single tool exists.

I encourage you to add WOT to your Browser. For more information on this critical add-on please read – Safe, Secure Browsing, with Free WOT Browser Add-on, on this site.

For a listing of additional Browser add-ons, please read – An IT Professional’s Must Have Firefox and Chrome Add-ons, on this site.

In the final analysis, in this particular case, no harm was done. I can of course, look forward to a barrage of spam email, directed at my honeypot email account, from this botnet.

I should point out however, that of the five emails (with the heading “Your wife’s pics”), I’ve tested in the last six months, three downloaded Trojans to my test machine.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Zemana AntiLogger Provides Protection Against Web Cam Hacks

The wired world has it’s fair share of weird and semi-weird people, but none more weird, it seems to me, than those who spy on others through web cam hacks.

Just in the last two days, we’ve included the following stories in the Tech Thoughts Daily Net News column.

Hacker arrested for spying on schoolgirls via their own webcams.

PC consultant pleads not guilty to malware ‘sextortion’ plot.

If you Google “web cam hacks”, you’ll be astonished by the number of returned links – including links to “how-to videos”. I’m a firm believer in the free exchange of information, but even my high level of tolerance is pushed to the extreme when I see this.

Thankfully, this is an issue that I don’t have to contend with – not that I can imagine someone being interested in hacking my web cam. I rarely run around naked – I save that for special occasions.  🙂

Since I use a Webcam extensively for communicating though, I need reassurance that my cam cannot be hacked – that I will not become a victim of the truly weird creepy crawlies, who fly beneath the Internet radar.

I use only one machine that’s equipped with a web cam, and that cam is protected from intrusion by Zemana AntiLogger, which offers outstanding active Webcam protection.

Regular readers may remember, that I thoroughly tested Zemana AntiLogger earlier this year. Subsequently, through the generosity of Zemana we were able to offer thousands of free licenses to readers.

During the testing period I ran a series of Anti-Keylogger Tests, including tests for web cam penetration. All test methods were defeated by Zemana AntiLogger.

The screen capture below shows the Anti-Web Cam module inside Zemana AntiLogger.

A quick recap of Zemana AntiLogger’s capabilities.

Secure your Internet banking and financial transactions

Protect information in emails and Instant Messages

Protect keystrokes from spyware

Protect all screen images

Webcam Logger protection

System Defense

No need to download latest virus signatures

No need to know or detect the malware’s signature

No need to wait for updates from a virus lab

No need to scan files

Proactively looks for suspicious activity

Catches not just the usual suspects, but also sophisticated “zero day” malware

Prevents theft of data via secure connections (HTTPS / SSL)

Does not slow down your PC

Easy to download, install and use

Future-proof

To read the full review of this powerful application, “Zemana AntiLogger – An Ounce of Prevention”, go here.

If keylogger protection is a concern, particularly if you, or someone in your family runs a web cam, you should consider adding this application to your security toolbox.

This application is not freeware, but you may download a 15 day trial version at: Zemana

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Are You in the Bullseye for Targeted Malware Attacks?

Cybercriminals, driven by opportunity, tend to use the shotgun approach to achieve the highest “market” penetration possible, and to maximize every conceivable opportunity to spread malware.

The bad guys are strategic in their thinking; they plan ahead – and realize that the timing and implementation of tactics, based on their strategy, is critical to achieving maximum “market” penetration.

Now it seems, certain cybercriminals have developed a new strategy, and tactics, focusing on specific targets, sniping if you like, rather than using the well tested shotgun model.

You’re probably familiar with the successful China-based hacker attack against Google, which used a combination of a PDF attachment, coupled with a zero day security hole in Adobe Reader. As it turned out, Google was not the only company to be victimized in this attack. Reportedly, at least 20 other companies were also specifically targeted.

Symantec Hosted Services latest report, which focuses on this issue, is scary stuff. You’ll find that reading this report will assist you understanding the state of the current Internet threat environment, and will be helpful in expanding your sense of threat awareness that an active Internet user requires.

Courtesy of Symantec Hosted Services and MessageLabs Intelligence.

Even in a world where internet threats present an ever-evolving and increasingly sophisticated danger to businesses, targeted attacks are the most potent of all—dealing the most devastating short and long-term damage to the victims.

Counter to intuitive thinking, a high degree of sophistication makes these low volume, highly personalized emails have a higher probability of being successful than the mass email blasts.

Symantec Hosted Services has detected highly targeted attacks on seven specific companies in the education and public sectors. The attack is unique in that it used the Bredolab malware as the payload and the source of the emails are individual webmail accounts powered by one of the largest botnets currently in operation, presumably Cutwail.

This signifies a new level of sophistication on behalf of cyber criminals, where they are combine the strength of a botnet with the razor sharp focus of social engineering and the sense of legitimacy offered by popular webmail providers.

You can learn more about this particular attack on the MessageLabs Intelligence Blog.

Organizations falling foul of a targeted attack can be faced with crushing bills running into hundreds of thousands of dollars. Lost business, bad publicity, plunging share price – these are just some of the potential consequences of a successful attack.

Here’s a look at some of the popular techniques currently being deployed by cyber criminals:

Targeted Trojans – Aimed and delivered with sniper-like precision, the targeted Trojan’s objective is to slip through an organization’s defenses and cleverly dupe the recipient into downloading a malicious ‘Trojan program onto their computer.

The Trojan may, silently and secretly, lie hidden for weeks, months or years, slowly but surely undermining the targeted organization and imperceptibly eroding their performance and ability to compete.

Phishing Attacks – Schemes that trick people into sending money or providing personal information, phishing emails (and variations called “pharming” or “whaling”) are used for identity theft. A cyber-criminal who sends emails that contain authentic information about the user or their company greatly increases the odds of getting a “bite.”

Social Networking – One popular approach is to create a fake profile on a social media website and use it to post malicious links that “phish” for corporate users. In this form of phishing, spammers post blog comments on other members’ pages; obtain the unsuspecting members’ account information; then send messages from the phished accounts to other contacts.

Organizations must balance the business value of social media websites with the risks of many non-secure social media environments.

About Symantec: Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Monster.com Hacked – Irresponsible Response

OK, so let’s say your Doctor’s (substitute a professional of your choice), office was burglarized and all medical records, including yours, were stolen.

Your Doctor, nice guy that he is, didn’t want to cause you unnecessary anxiety, so he didn’t advise you that your confidential records were now out in the wild blue.

Can’t, or won’t happen, you’re thinking. Think again.

Monster.com, a web site that bills itself as the “world’s leading career network” is a web site used by people looking for a new job. Information required to register with the site includes, user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data.

According to Patrick Manzo of Monster Worldwide, Monster.com suffered a database penetration (sometime this month – no date given), during which “certain contact and account data were taken”. So let me rephrase that for you – Monster was hacked and personal information stolen.

Simply put – if you have an account with Monster.com, your confidential information is now freely available to the vast hoards of cyber criminals who trade in this currency.

Your minimum expectations, if you are registered with Monster.com, should be that you would be notified of such a serious breech. Not too much to expect, I would suggest.

But no, Monster’s view is, since there is no direct evidence of misuse of the stolen information (yet), a small notice of this occurrence posted on their main page is sufficient notice. No other notification that your personal information is now at risk. Bizarre!

Note to Monster: Hey, don’t worry about this massive penetration of your data base – these cyber criminals just dropped in to have a look around your obviously under protected database environment.

Your attitude flies in the face of reality. Get real! You obviously need to be dragged, kicking and screaming into the real world of cyber crime.

As a consequence of this penetration, if you are a Monster.com customer, you need to do the following at once:

Change your password for ALL your accounts, not just Monster.com.

Be on guard against “phishing” fraudulent emails, and fraudulent telephone calls in the near term.

It’s not very often that I’m struck speechless by the shenanigans pulled by some of the larger Internet entities but this one; well it’s just too calculated, too condescending, too….. too damn stupid!