Tag Archives: Infected

Android Malware – Take the Security of Your Device Seriously

Guest writer Megan Berry has some timely advice on how you can avoid avoid malware on Android smartphones and tablets.

imageRule #1 of Android security: don’t download apps from websites other than Google Play for fear that you unwittingly infect your smartphone or tablet with malware. Well, not surprisingly, cybercriminals found a way to invalidate rule #1.

A security researcher at Symantec recently discovered two apps infected with malware in the app store that were quickly removed. But not before tens of thousands of users downloaded them.

This scenario is particularly troubling for companies with BYOD programs that permit Android devices to connect to their network. How do companies protect corporate assets without taking away employees’ ability to use their favorite mobile devices on the job? Especially since it seems that cybercriminals are always one step ahead of security experts.

Whether you use an Android device at home, on the job, or both, the growing threat of Android malware means it is more important than ever to take the security of your device seriously.

How to avoid malware on Android smartphones and tablets

Nothing you can do will guarantee you will never be infected with malware, but there are things you can do to minimize the risk.

· Before downloading an app, do a quick web search to check up on the developer and the app itself. Look for red flags in the search results, such as negative user reviews or complaints, that indicate you need to dig deeper before tapping that “Accept & download” button. Hint: You can visit the developer’s webpage from the app listing.

· Some malicious apps try to hide behind a legitimate brand name. Make sure the name of the developer jives with the title of the app.

· Read the app’s user reviews. Red flags will show up here, too.

· Examine the permissions of the app: are they in line with the app’s intended use? For example, does a news app really need to access your contacts or send text messages?

· IT managers should insist that employees install an Android anti-virus app. Or, better yet, insist that users turn their devices over to IT before they’re allowed to connect to the network for the first time. This way IT can install anti-virus software it has evaluated, configure it properly and enforce its use.

Android anti-virus apps: worth it or not?

The effectiveness of Android anti-virus apps is debatable, though. In a recent study, only a handful of Android anti-virus apps were found to detect most types of threats. The March 2012 study by AV-Test.org rated 23 out of 41 apps effective, or 56%. Of those 23, only 10 detected greater than 90% of known malware types.

Still, the authors of the study say any of the anti-virus apps that were found to detect greater than 65% of known malware types provide adequate protection.

Unpatched system software: Your device’s Achilles’ heel

Even though you’re careful about what apps you install and you run an anti-virus program, your device may still be vulnerable because of unpatched system software.

According to security vendor Duo Security, the speed at which wireless carriers supply updates to their users varies. Therefore, it’s possible for devices to go unprotected for long periods of time. The fragmentation of the Android platform complicates the task of rolling out updates, not to mention the fact that companies have little incentive to fix existing flaws when new devices with the latest system software are already on the shelves.

This is of particular concern for companies that allow their employees to connect their personal Android devices to the company network. It should also be of concern to employees, who may be liable if their device infects their employer’s network – many corporate bring-your-own-device (BYOD) policies place the responsibility for keeping devices malware-free squarely on the shoulders of the user.

Duo Security’s new app, X-ray, scans Android devices to discover unpatched flaws in system software. If the app finds a problem, the user can go to Settings>About Phone>System Updates to download the latest version. If an official update isn’t available via System Updates, Duo Security encourages users to contact their carrier for more information, or at the very least, exercise extreme caution when downloading apps.

Individual users can download and install the app from the X-Ray for Android website. Organizations can get an enterprise-level version by emailing the company.

Lesson learned

The lesson here is that unfortunately, it’s no longer safe to assume that just because an app is available from a reputable source, it’s malware-free. And, educating yourself and your users, combined with tried-and-true anti-virus software, is still the best protection against the quickly evolving threat that Android malware presents.

About the Author: Senior writer for IT Manager Daily, Megan covers the latest technology news and trends impacting business.

8 Comments

Filed under Android, Anti-Malware Tools, Guest Writers, Malware Protection

Free Sucuri SiteCheck – Find Out If Your Site Has Been Hacked

imageI recently posted a piece – Webmasters Struggle With Hacked Sites – A Commtouch, StopBadware Report – which read in part: “Recent statistics indicate (surprise, surprise) – cybercriminals are increasing their targeting of websites for identity theft, virus distribution, and spamming.

And, according to a newly released survey (Compromised Websites: An Owner’s Perspective), from Commtouch and StopBadware – in which webmasters were queried on their fight against hacking – almost half of the survey participants (who had been hacked), had no idea until they received a warning from their own computer’s protection technology.”

Since I use WordPress as my blogging platform, I rely on the security apparatus WordPress has in place to protect me from the various cyber criminal attack schemes currently in play. Still, I would be more than a little naive if I didn’t  consider the possibility that WordPress’ site security is vulnerable to hacking.

If a security developer’s web site can be hacked – and, many have been in the last year – including Panda Security in just the past few days*, it lends credence to the suggestion that any site can be hacked.

*Late Tuesday night, at least 35 public facing websites belonging to Panda Security were hacked and defaced by the LulzSec and Anonymous hacking groups. The defacement also posted multiple usernames and passwords associated with Panda Security employees.

Frankly, it absolutely infuriates me when I consider that the 4 years plus that I’ve put into writing and maintaining this Blog could, in little more than a moment, be destroyed by a single act of a cyber criminal. In my weaker moments, I have visions of lining these creeps up against the wall and being done with them.

But, the reality is much different, of course. So, it’s incumbent upon me to ensure that visitors to this site are protected (imperfect as that might be), from the nasties which cybercriminals can load onto a site.

There’s no foolproof solution but, one measure which I employ frequently is taking advantage of a free service offered by Sucuri Security – which, quickly scans for the most common threats as illustrated in the following screen capture.

image

Additionally, all links within the site are scanned. The following screen shot shows a small representation of the hundreds of links which were scanned.

image

If you’re a blogger or a site owner, I suggest that you take advantage of this free service so that you can check if your site has been compromised. It’s one more tool in the fight against the increasing threats posed by cyber criminal gangs.

Scan your website free.

16 Comments

Filed under Anti-Malware Tools, blogging, Cyber Crime, Don't Get Hacked, Online Malware Scanners

Search Engine Malware – The Same Old, Same Old

In the News within the past 3 days

Web security firm Armorize – over 6 million e-commerce web pages have been compromised in order to serve malware to users.

Ed Bott Report – criminal gangs that specialize in malware love search engines, because they represent an ideal vector for getting Windows users to click on links that lead to potentially dangerous Trojans. The latest attack targets ads, and the social engineering is frighteningly good.

Not in the News

The specifics may be news but, this particular malware attack vector is so old I’m surprised that more Internet users aren’t aware of it. No, I take that back – based on a conversation I had just last night.

Me: “So, what antimalware applications are you currently running?”

She: “Well, I can cut and paste and I can get on the Internet, but I don’t worry about all that other stuff. I don’t understand it anyway.”

I’m well past the point where I allow myself to show surprise when I hear this type of response – it’s just so typical. Given that level of knowledge, it’s hardly surprising then, that consumer confidence in the reliability of search engine results, including relevant ads, is taken for granted.

I’ve yet to meet a typical user who would consider questioning a search engine’s output as to its relevant safety.  It’s been my experience, that typical Internet users blindly assume all search engine results are malware free.

This, despite the reality that the manipulation of search engine results, exploiting legitimate pages, and the seeding of malicious websites among the top results returned by search engines in order to infect users with malware, is a continuing threat to system security.

Here’s how the cyber crooks do it:

When a potential victim visits one of these infected sites the likelihood of the downloading of malicious code onto the computer by exploiting existing vulnerabilities is high.

Let’s take, as an example, a typical user running a search for “great vacation spots” on one of the popular search engines.

Unknown to the user, the search engine returns a malicious or compromised web page as one of the most popular sites. Users with less than complete Internet security who visit this page will have an extremely high chance of becoming infected.

There are a number of ways that this can occur. Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code by exploiting additional vulnerabilities on the visiting machine.

Alternatively, a new web page can be built, with iFrames inserted, that can lead to malware downloads. This new web page appears to be legitimate. In the example mentioned earlier, the web page would appear to be a typical page offering great vacation spots.

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

Install an Internet Browser add-on such as WOT (my personal favorite), which provides detailed test results on a site’s safety; protecting you from security threats including spyware, adware, spam, viruses, browser exploits, and online scams

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all e-mail attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

The following comment (posted here March 15, 2011), illustrates perfectly the issues discussed in this article.

Funny you write about this today. I was reading about the spider issue Mazda was having and wanted to know what the spider looked like so I Googled it, went to images and there it was. There was also a US map that had areas highlighted, assuming where the spiders exist, and before I clicked on the map I made sure there was the green “O” for WOT for security reasons.

I clicked on the map and BAM I was redirected instantly and hit w/ the “You have a virus” scan malware. I turned off my modem then shut my computer off. I restarted it and scanned my computer w/ MS Security Essentials and Super Anti Spyware. MS Essentials found Exploit:Java/CVE-2010-0094.AF, and Trojan:Java/Mesdeh and removed them. I use WOT all the time, but now I’m going to be super cautious.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

6 Comments

Filed under Application Vulnerabilities, Browser add-ons, Cyber Crime, Cyber Criminals, Don't Get Scammed, Don't Get Hacked, downloads, Interconnectivity, Internet Safety, Internet Security Alerts, Malware Protection, Online Safety, Search Engines, Software, trojans, Windows Tips and Tools

Free Microsoft Standalone System Sweeper Beta AV – Boot From A CD Or USB Stick

Much of today’s malware can be extremely difficult to identify and remove – despite a user relying on frontline antimalware applications to do the job. So, from my perspective, I don’t see any advantage in running full scans * on a live system – instead, once a week I run a Linux-based antimalware application (a live CD), which scans from the outside looking in. Malware generally can’t hide if it’s not running.

* I do however, run a Quick Scan with both Microsoft Security Essentials, and Malwarebytes’ Anti-Malware, on a daily basis. Combined running time for both applications is less than five minutes – so, it’s worth the minimum effort involved.

I can now add one more CD/Flash Drive based, antimalware application to my arsenal of  boot CDs – the just released Microsoft Standalone System Sweeper Beta. System Sweeper Beta operates much like Panda SafeCD, Kaspersky Rescue Disk 10, Avira AntiVir Rescue System.

Microsoft says:

Microsoft Standalone System Sweeper Beta is a recovery tool that can help you start an infected PC and perform an offline scan to help identify and remove rootkits and other advanced malware.

In addition, Microsoft Standalone System Sweeper Beta can be used if you cannot install or start an antivirus solution on your PC, or if the installed solution can’t detect or remove malware on your PC. It is particularly useful for detecting and disinfecting malware infections which give regular AV products running within Windows a hard time.

To get started with System Sweeper Beta – first, download and run the installer which will open up the following series of windows.

Click on any graphic to expand to original size.

image

Choose the media or the device you want to install the application to.

image

Then sit back and relax – more or less.

image

For additional help and information, checkout – Microsoft Standalone System Sweeper Beta Help & How-To.

System requirements (from Microsoft):

The following is a list of minimum requirements for both the computer infected with a virus or malware and the computer on which you are creating the bootable media.

  • Operating system:Windows XP Service Pack 3; Windows Vista (RTM, Service Pack 1, or Service Pack 2, or higher); Windows 7 (RTM, Service Pack 1, or higher).
  • Required processor:
    Windows XP: 500 MHz or higher1.0 GHz or higher
    Windows Vista and Windows 7: 1.0 GHz or higher
  • Required memory:
    Windows XP: 768 MB RAM or higher
    Windows Vista and Windows 7: 1 GB RAM or higher
  • Required video card: 800 × 600 or higher
  • Available hard disk space: 500 MB

The following requirements apply only to the computer infected by a virus or malware:

  • The computer infected with a virus or malware must have the same Windows operating system architecture as Microsoft Standalone System Sweeper Beta, either 32-bit or 64-bit.
  • In addition, BitLocker must be disabled to use Microsoft Standalone System Sweeper Beta.

The following requirements apply only to the computer on which you are creating the bootable media:

  • Internet connection: Required for installation and download of the latest virus and spyware definitions for Standalone System Sweeper.
  • Internet Browser: Windows Internet Explorer 6.0 or higher or Mozilla Firefox 2.0 or higher.

Download: at Microsoft

In the constantly evolving world of cybercrime, all users are well advised to scan their computers regularly with an antimalware application that does not rely on the native operating system.

Please keep in mind that Microsoft Standalone System Sweeper Beta, is not an intrusion prevention system – it is not a replacement for your installed antimalware application/s.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Antivirus Applications, CD/DVD Recovery Tools, downloads, Free Anti-malware Software, Freeware, Malware Removal, Malwarebytes’ Anti-Malware, Microsoft, Software, USB, Virus Repair Tools, Windows Tips and Tools

Rolling The Dice With Computer Security

image Paul E. Lubic, Jr., a long time IT professional, and a frequent guest writer here, has just posted an article on the odds of a typical computer users becoming infected by malware.

Malware Infection: Your Odds, is a great read, and the statistics Paul has included hold some real surprises.

Here’s a preview –

I did a little research and found that the chance of being infected by malware is astoundingly, eye-popping, breathtakingly high. According to BBC Online, a Microsoft security report in April of 2009, found that 8.6 computers in every 1,000 worldwide will be infected by malware.

If you think that 8.6 in 1,000 is pretty good odds and that you may have some wiggle room for being infected, think again…this is bad. Let’s compare these odds with playing the lottery……”

To read the rest of the article, visit Paul’s Home Computing Blog.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

2 Comments

Filed under blogging, cybercrime, Guest Writers, Personal Perspective, Windows Tips and Tools

For Added Internet Protection – Virtualize Your System with Free Wondershare Time Freeze

image At the end of 2009, many of the premier security application developers projected, that 2010 would see an increase in the the use of virtualization applications.  Specifically, controlling malware intrusion through the use of a ‘”virtual” environment, rather than operating in a “real” environment.

This prediction made sense, and so this year, we’ve focused somewhat more on operating system virtualization. We’ve looked at Shadow Defender, Returnil Virtual System, Sandboxie, GeSWall, and a number of other similar applications.

I’ve just recently completed testing Wondershare Time Freeze, a relatively new and easy to use, free (at the moment),  intrusion prevention system, that is non intrusive, and after initial setup, requires a minimum of user intervention – perfect for the average user.

Installation was hassle free – it was just a matter of  following the on-screen instructions.

The interface is the usual tab and check box layout, and is self explanatory with no learning curve involved.

Timefreeze 2

Once system protection is enabled, a popup reminder will warn you that system changes will not be saved to disk. All downloaded files, all created documents, and all system changes will disappear on reboot. However, you do have another option – see the following.

Timefreeze 1

If you do want to save system changes then, before rebooting, open the application and turn off system protection. You will be warned that your system may “stop responding” for several minutes. In fact, I noticed a lag of less than 20 seconds.

Timefreeze 3

Fast facts:

System protection

Keep the actual system in a constant state, prevent the computer from getting slower and slower with time.

Put the actual system under protection to prevent malicious threats.

Traces of surfing the Internet and computer operation will disappear after reboot. (You have the flexibility to save changes to the actual system.)

Test software and game installations safely on a virtual system.

Folder protection

Mode 1: Disable access to the protected folders.

Mode 2: Prohibit changing files in the protected folders.

Protect your files from being infected by viruses or Trojans.

Protect your privacy more effectively.

Access protection

Manage the program with a custom password setting.

Keep inexperienced users from making changes to your settings and configurations.

System requirements: Windows 2000, XP, Vista, Win 7 (32 bit only).

Download at: Wondershare

This test was fairly brief (a couple of days), but I did not encounter any problems, and ran Time Freeze successfully alongside GeSWall with no difficulty. Wondershare Time Freeze worked just as advertized – not always the case with this class of software.

Note: This application requires registration within 30 days in order to keep using it. Getting the registration code though, is a snap. Just click “Get Keycode”, and you’ll receive the registration code by email.

In previous reviews of virtualization applications, a number of readers made mention of Comodo Time Machine, a worthwhile free system restore utility. Popular guest author, Rick Robinette, has a very informative article over on his site, What’s On My PCComodo Time Machine – A Powerful System Restore Utility. I encourage you to read this article.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

29 Comments

Filed under Anti-Malware Tools, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Freeware, Internet Safety Tools, Software, Spyware - Adware Protection, System Security, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Storm Botnet Bounces Back

“You can’t keep a good man down”, is an old expression that’s familiar to many of us. It seems we could coin a new expression along the same lines – “You can’t keep a bad botnet down”.

Just when you think you’ve knocked them down for good, cyber criminal enterprises seem to magically reappear, and that old familiar spamming botnet, Storm, has raised its ugly head once more.

In a previous article here, Symantec Rubs the 2010 Malware Crystal Ball, in November, 2009, Symantec projected that this reemergence was likely to occur, so Kudos to Symantec – you called this one.

image

(Graphic courtesy of Mathew Nisbet, Malware Data Analyst, Symantec Hosted Services).

According to Symantec’s MessageLabs Intelligence, they “first saw this new variant of the botnet start spamming on 30 April…. containing links to web pages hosting the well known Canadian Pharmacy site”.

image

(Graphic courtesy of Mathew Nisbet, Malware Data Analyst, Symantec Hosted Services).

Typically, the email are short and sweet –

Get all the medications you want online!
Disappointed with your bad performance in bed?
great offers to spice it up in bed..
need some help in the bed?
its time to spice up the bed
Safest and approved method of male enhancing have a easier time making her…
Have long strong night in BED!
Get your favorite rxmedications here!
Win from benefits of hidden secret of pornstars!

For more information on this reemerging threat checkout The Return of Storm, on Symantec’s site.

About MessageLabs Intelligence:

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under bots, cybercrime, Don't Get Scammed, Don't Get Hacked, Email, Malware Advisories, MessageLabs, Online Safety, Symantec, Tech Net News, Windows Tips and Tools

LoveBug – Not the Car: The Virus

Love Bug Computing “old timers”, like me, are sure to remember the LoveBug virus first released in 2000 – but not fondly, I’ll wager. I’ve been told by Virginia Chaves over at Hill & Knowlton, that I should refer to myself not as an “old timer” but instead, as a “a seasoned pro”. I might just try that Virginia.

In any event, I’d quite forgotten the damage that this Worm caused, until I refreshed my memory by reading Symantec’s, MessageLabs Intelligence Special Report on LoveBug.

Surprisingly, for it’s day; even for today for that matter, LoveBug (you might remember it as – I Love You), was ferocious, causing an estimated 10 Billion dollars in damage – and that’s in 2000 valued dollars! Within days after its release into the wild, 1 of every 28 emails was infected by the LoveBug virus.

Looking back, I’m not sure why we were all so surprised with the efficiency of LoveBug – but we were. After all, in the previous year we had been forced to deal with “Melissa” – a highly successful attack, which is generally recognized as the first virus to use e-mail as the distribution channel.

Regular readers are likely to remember, we reported recently that MessageLabs April 2010 report indicated that currently (April 2010), 1 in every 287 emails is packed with a virus (as opposed to the 1 of every 28 e-mails infected by the LoveBug).

So, on the face of it; it may appear we’re making progress. Yet, the cynic in me has major reservation as to the accuracy of that statement. Or maybe, it’s just because I’m an “old timer”, and being cynical in these matters goes with the territory.

About MessageLabs Intelligence:

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, Internet Security Alerts, MessageLabs, Symantec, Windows Tips and Tools

Think You’re Infected? Find Out – Run An Online Scanner From Your Browser

clip_image001

Today’s malware generally writes itself into multiple parts of the operating system, and in many cases it can hide it’s files, registry entries, running process and services, making the infection virtually invisible.

The installation of this type of malware can often lead to a critically disabled PC, or in the worst case scenario, allow hackers access to important personal and financial information.

There are plenty of good anti-malware products, but no one anti-malware tool is likely to identify and remove all of the millions of malware strains that infest the cyber world.

As part of the mix of security solutions, online scanners offer an extra layer of protection that’s required in the current Internet environment.

The following graphics illustrates a scan I ran on a Windows 7 system:

clip_image002

clip_image003

Online Scanner Benefits:

Generally fast and easy to use.

Threat signatures and heuristic detection algorithms are always up to date.

Provides deep scanning of archive files, runtime packed executables and email messages.

Can often detect malware that some AV solutions cannot detect.

Avoids conflicts with existing security software.

Acts as a double-check on the accuracy of your onboard AV solutions.

Disadvantages:

May have fewer scanning options than locally installed AV solutions.

Not all scanners disinfect, or remove found malware.

The following are Online Scanners that have developed a good reputation for accuracy; be sure to read the Terms of Use, or Privacy Statements carefully.

Panda ActiveScan 2

ActiveScan 2.0 is an advanced online scanner based on Collective Intelligence (scanning in-the-cloud) that detects malware that traditional security solutions cannot detect.

Make sure your antivirus is offering you proper protection.

Find hidden threats on your PC, such as rootkits, banker Trojans and malware designed to steal your identity.

Simple, online disinfection of all malware detected on your PC.

BitDefender Online Scanner

Free and effective malware cleanup directly from your browser

Incorporating the BitDefender award-winning scanning engines, BitDefender Online Scanner is an on-demand antivirus and antispyware tool that shows how safe your PC is. Accessible from your browser, it will scan and automatically clean the system memory, all files and drives’ boot sectors.

One major advantage of BitDefender Online Scanner is, you can use it without having to uninstall your existing data security product.

Symantec Security Check

The Symantec site offers two scans – a security checker and a virus scanner. Both use ActiveX, so you need to have Internet Explorer running.

The security scan checks that you’re running an anti-virus program and then looks for Windows vulnerabilities, hacker risks and Trojan horses.

The anti-virus checker performs a deep scan and takes a considerable amount of time to complete. It won’t remove any infections it finds, but will suggest actions that you can take.

Note: Does not disinfect.

The graphic below (taken from my test system), outlines the results of the “hacker check” portion, of the Symantec Security Check.

Symantec Security Check

Trend Micro’s HouseCall

HouseCall can quickly identify and fix a wide range of threats including viruses, worms, Trojans, and spyware. It is now faster, more powerful and browser independent.

Full scan and custom scan options, in addition to Quick Scan.

Support for 64-bit and Windows 7.

ESET Online Scanner

ESET Online Scanner is a user friendly, free and powerful tool which you can use to remove malware from any PC utilizing only your web browser without having to install anti-virus software.

ESET Online Scanner uses the same ThreatSense technology and signatures as ESET Smart Security/ESET NOD32 Antivirus, and is always up-to-date.

Administrator privileges are required to run ESET Online Scanner.

Kaspersky

Kaspersky Online Virus Scanner is a free online virus scanner to find out if you have any viruses or spyware on your machine without having to uninstall your current antivirus software or install a new one.

Most importantly, you can see what viruses your current antivirus software let slip through.

Note: Does not disinfect.

It’s good practice to run an online scanner occasionally. It’s convenient, and it’s a good double-check that your onboard security solutions are effective.

If your onboard AV informs you that you’ve been infected, it’s always a good idea to run a secondary on board scanner for confirmation, followed by an online scan.

Antimalware applications are not immune from false positives. In fact, false positives are more common than many users realize. Here’s just one example – some AVs are notorious for seeing extractor files in application setup files as a Trojan.

So run an online scanner if you think you’ve been infected. You may think this is aggravating, and maybe it is, but it’s a better solution than having to rebuild your system because you’ve removed a critical file.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

22 Comments

Filed under Anti-Malware Tools, Antivirus Applications, cybercrime, downloads, Freeware, Malware Removal, Online Spyware/Virus Scanners, Software, Windows Tips and Tools

If it’s in the News – Watch for an Email Scam

image If an event is newsworthy, you can be sure cybercriminals are exploiting it to their own advantage. Cybercriminals have jumped (as expected), on the earthquake tragedy in Haiti, and are already exploiting this sad event.

Cybercriminals are experts at exploiting our curiosity surrounding current events, and by focusing on this aspect of social engineering, they are increasingly creating opportunities designed to drop malicious code on our computers. Most of this activity is designed to separate unwitting victims from their money.

Cybercriminals can be much more direct though (without attempting to compromise your computer), in their attempts to separate you from your money.

Even though the the majority of seasoned computer users (I suspect), are familiar with the infamous “419” or advance fee fraud scam, in which the victim is encouraged to sent money to the scammer, with the promise they will realize a significant gain, this type of scam is every bit as popular as ever.

Earlier today, Symantec Hosted Services alerted me to a new “419” scam they have just become aware of. An email claiming to be from Hassan Ali Abdul Mutallab, the brother of Umar Farouk Abdul Mutallab, who allegedly attempted to blow up Northwest Airlines flight 253 over Detroit on Christmas Day, is the scam vehicle .

image

The scammer, supposedly Umar Farouk Abdul Mutallab’s brother, claims he is looking for a “Muslim brother/sister” to help retrieve funds belonging to the alleged bomber. But, as Symantec  stated in their alert, “before the non-existent money can be released, various increasingly inventive fees and charges have to be paid. These fees continue until the victim of the scam eventually realizes that they have no chance of getting any money, and gives up. Victims are often too embarrassed to contact police, and the scammers continue”.

Every day, I receive 10/15 of this type of scam in my “Honey Pot” email account. Here’s just one example from today.

Honey pot

How gullible can people be? When Michael Jackson died, I wrote a piece entitled “Hey Sucker – Read This! Michael Jackson’s Not Dead!”, simply as a test of “curiosity exploitation”.

The results that followed were astonishing – within days, this article was getting 1,000’s of daily hits. Even today, this nonsensical article continues to get hits. Talk about gullible people!

Save yourself from being victimized by scareware, or other malware, and review the following actions you can take to protect your Internet connected computer system:

    • When surfing the web – Stop. Think. Click
    • Install an Internet Browser add-on such as WOT (my personal favorite), which provides detailed test results on a site’s safety; protecting you from security threats including spyware, adware, spam, viruses, browser exploits, and online scams.
    • Don’t open unknown email attachments
    • Don’t run programs of unknown origin
    • Disable hidden filename extensions
    • Keep all applications (including your operating system) patched
    • Turn off your computer or disconnect from the network when not in use
    • Disable Java, JavaScript, and ActiveX if possible
    • Disable scripting features in email programs
    • Make regular backups of critical data
    • Make a boot disk in case your computer is damaged or compromised
    • Turn off file and printer sharing on your computer.
    • Install a personal firewall on your computer.
    • Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.
    • Ensure the anti-virus software scans all e-mail attachments.

    If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

    4 Comments

    Filed under Don't Get Scammed, Don't Get Hacked, email scams, internet scams, Internet Security Alerts, Symantec, Windows Tips and Tools