Tag Archives: Phishing

ThreatFire Version 4.7.0 – Free Protection Against Zero Day Malware

So here’s the question.

If 52 percent of the nearly 40,000 samples of new viruses, worms, Trojans and other types of Internet threats identified every day, only last 24 hours, how do security applications that rely on a definition database to identify malware files (most anti-malware applications), keep up with this onslaught?

The simple answer is; they don’t.

The relentless evolution of these increasingly more powerful, and destructive attacks, against computer systems, has disclosed a gaping hole; a vulnerability to zero-day threats in many users’ Internet security defenses.

Zero-day threats are those that are defined as malware that has been written and distributed to take advantage of system vulnerabilities, before security developers can create, and release, counter measures.

So where does this leave you?

Without tools that will identify and eliminate these malware threats, you run the risk of infection by these constantly evolving zero day security risks to our computers, and operating systems.

One such free, powerful tool, reviewed here previously, is ThreatFire from PC Tools – the developers of the highly regarded PC Tools Internet Security 2010, which blocks malware (including zero-day threats) by analyzing program behavior (if it looks like a crook, and acts like a crook, it’s probably a crook), instead of relying only on a signature based database.

ThreatFire works together with your signature based security applications, to increase the effectiveness of your total security arsenal.

clip_image003

When ThreatFire detects a behavior based threat, it goes into analysis overdrive by comparing the threat against its signature database; those threats that are recognized by the database are quarantined immediately.

clip_image004

Unrecognized threats, or unrecognized behaviors, are assigned a calculated risk level (set by the user), at which point the user has the option of confirming, or blocking, the action.

A good example of the effectiveness of this application was made clear to me, recently, while I was checking all of the ports on my home Windows machine. ThreatFire immediately advised me that the Port Checker was attempting to send email from port 25.

Of course it actually wasn’t, it was simply opening it for testing purposes. But if this port was being opened, and was being used by malware, ThreatFire would have identified this danger by its behavior, and given me the necessary warning.

clip_image005

The following chart gives a good indication of how ThreatFire can supplement your existing security applications. (Chart courtesy of ThreatFire)

ThreatFire Chart

Fast facts:

Persistent zero-day threat protection made easy for every one – even novice users!

Displays detailed data on all running processes and allows you to terminate any process on demand.

Malware quarantine and removal, rootkit scanner, advanced custom rules settings and more!

Patent-pending ActiveDefense technology intelligently scans and analyzes computer processes to detect and block any malicious activity – without false positives!

Runs in background without impacting system performance.

Highest level of out-of-the-box accuracy. No need to configure baffling, technical security settings: just turn ThreatFire on and start blocking malware.

Perpetually ready for the next malware outbreak – detects malware by watching for malicious behaviors.

Enhanced user interface elements provide more technical details on alerts and interactive reports in ThreatFire’s main control panel.

Automatic updates run silently in the background so ThreatFire is always up-to-date.

Protects against viruses, worms, Trojans, spyware, keyloggers, buffer overflows, and rootkits – even if the threats are brand new and have never been seen before.

Works alongside your other security programs – in most cases you can use ThreatFire with your other antivirus, anti-spyware, firewall or other security programs.

If you read “An Anti-malware Test – Common Sense Wins”, on this site, you’ll note that during this one year test, ThreatFire was a primary security component on the test machine. In fact, each of my home machines is protected against infection by ThreatFire.

I highly recommend ThreatFire as a critical component in your overall Internet security toolbox.

System Requirements: Windows 7 32-bit and 64-bit, Windows Vista 64-bit, Vista 32-bit, Windows XP SP1, SP2 or SP3 (Home, Pro & Media Center Editions), Windows 2003, Windows 2008.

Download at: ThreatFire

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

21 Comments

Filed under Anti-Malware Tools, Don't Get Scammed, Don't Get Hacked, downloads, Free Security Programs, Freeware, Internet Safety Tools, Software, System Security, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

PandaLabs: April to June 2010 Malware Report – Trojans Lead The Pack

image PandaLabs, the anti-malware laboratory of Panda Security, the company responsible for Panda Cloud Antivirus, released its quarterly report today, detailing cyber-threat activity from April to June 2010.

Some of the key findings include:

Trojans once again topped the rankings, accounting for nearly 52 percent of new malware identified by PandaLabs during the quarter.

Traditional viruses have continued their revival since the onset of 2010, now accounting for nearly 25 percent of all new malware, up from 15 percent in Q1 after showing a decline in previous years.

Taiwan once again remains in the No. 1 position for infection rankings by country.

The discovery of Tabnabbing in May poses a new and potentially dangerous phishing threat to users.

Social networking continues to be an increasingly popular threat vector.

image

Knowledge is power, and we, as computer users, need as much power as we can get in order to stay safe on the Internet. So, I encourage you to read the highlights of this just released report so that you are aware of the numerous vulnerabilities discovered over the last three months.

Download the PDF full report here.

About PandaLabs:

Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.

Currently, 99.4 percent of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), who work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.

More information is available in the PandaLabs blog.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Internet Security Alerts, Malware Advisories, Panda Security, PandaLabs, Reports, Tech Net News

Your Account Information Has Changed Phishing Attack

image The spam landscape changes constantly with new tactics and new threats evolving, seemingly on a daily basis. A recent tactic which appears to have found favor with cyber criminals is, the limited scale, targeted phishing attack – attacks which are aimed at a particular organization, or a particular industry segment.

Designating specific targets has some obvious advantages for cyber crooks, not the least of which is – most of us don’t get to hear about them. Since the focus is narrow, this type of threat typically slides under the radar and tends not to be reported due to the low numbers involved. Despite the low numbers, this type of attack can be surprisingly effective.

Given that the content is specific to the targeted recipient, the engagement factor, where the potential victim actually opens the email and attachments, is much higher than with a a broad scale shotgun attack.

Here’s a real world example of a current attack:

This week, in conversation with my friend Rod, an Australian antimalware company executive, he mentioned that his group of companies, and product users, had been targeted specifically as the following email samples indicate.

Sample 1:

Subject: Your antivirus.com.au account information has changed

Hello, xxxxx@antivirus.com.au.

We received your request to reset your antivirus.com.au password. To confirm your request and reset your password, follow the instructions below. Confirming your request helps prevent unauthorized access to your account.

If you didn’t request that your password be reset, please follow the instructions below to cancel your request.

Sample 2:

Hello, xxxxx a@nod32.com.au.

Please reply to this email message to confirm your subscription to nod32.com.au.

Your email address has been entered for a subscription to the nod32.com.au mailing list. However, your new subscription requires a confirmation that you received this email message and want to join this mailing list.

To confirm that you do want to join click here.

To unsubscribe immediately click here.

Thank you.

It’s obvious from the content, that the crooks involved in this attack have increased the chances of success, by providing the recipient with the opportunity to respond both positively, or negatively. If the recipient responds either way, the crooks win, and the victim loses.

Advice worth repeating:

If you have any doubts about the legitimacy of any email message, or its attachment, delete it.

Better yet, take a look at the email’s headers. Check the initial “Received from” field in the header, since this field is difficult to forge. Additionally, the mail headers indicate the mail servers involved in transmitting the email – by name and by IP address. It may take a little practice to realize the benefits in adding this precaution to your SOP.

For example, to do this is Gmail

Log in to Gmail.

Open the message you’d like to view headers for.

Click the down arrow next to Reply, at the top-right of the message pane.

Select Show original.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

6 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, Internet Security Alerts, Online Safety, Phishing, spam

Is It Paranoia If They’re REALLY After You On The Internet?

paranoia 2By chance, I met a very interesting cab driver this past weekend; one who was extremely computer competent, and far more security conscious than the typical computer user I normally meet informally.

What struck me immediately, was Mike’s sense of computer paranoia, particularly surrounding his use of his computer on the Internet, which extended to the installation of software from download sites, and even included a reluctance to install software obtained from “friends”.

Is Mike’s paranoia justified, do you think?

Before you decide, consider the following news items – just some of the malware related contented I posted to my Tech Net News column in the past week.

For Sale: Thousands Of Hacked Twitter Accounts – Russian cybercriminal forums offer batches of 1,000 hacked accounts for less than $200.

Poisoned PDFs? Here’s Your Antidote – Attacks employing poisoned PDF files have leaped to the top of the threat list, according to statistics from major security companies. We’ll show you how to stay safe.

Bugnets Could Spy on You via Mobile Devices – New botnets designed for mobile gear may allow remote attackers to see and hear their potential victims, no matter where they are.

WARNING: Facebook Malware Attack Behind Distracting Beach Babes Video – A Facebook malware attack is on the loose this weekend, enticing users to click a “Distracting Beach Babes” video on their Facebook Walls. If you see this video on Facebook today, do not click the link: Doing so, and downloading a linked file, will result in malware being installed on your computer.

Fake joke worm wriggles through Facebook – Shifty sorts have created a new worm which spread rapidly on Facebook on Friday. The malware, for now at least, does nothing more malicious than posting a message on an infected user’s Facebook wall that point to a site called fbhole.com. Nonetheless, the speed of its spread on the social networking site has net security experts worried.

New Twitter Worm Abuses iPhone App – The attack abuses Twitter trending topics — a popular source of abuse — but with a twist: Rather than installing fake antivirus software like most similar attacks, it installs a new banking Trojan that steals online banking accounts, credit card PIN numbers, and online payment system passwords, according to Kaspersky Lab.

Hackers Using the Final Episode Of “Lost” To Spread The MySecurityEngine Fake Antivirus – PandaLabs, Panda Security’s antimalware laboratory, has in the last few hours, detected the proliferation in search engines of numerous Web pages distributing the MySecurityEngine fake antivirus. The ‘bait’ used in this case has been the much anticipated final episode of the popular ABC series “Lost.”

Fake Amazon emails contain Trojan – Emails that seem to come from Amazon, confirming an order has been received and that goods have been dispatched, could contain a Trojan.

Research: 1.3 Million Malicious Ads Viewed Daily – The true extent of the malvertizing scourge became much clearer this week with the release of new research by Dasient which shows that about 1.3 million malicious ads are being viewed online everyday, most pushing drive-by downloads and fake security software.

Build-A-Botnet Kits Let Anyone Steal Data – At the recent Cisco Networks Solution Forum held in Toronto, a Cisco product manager stated, “You don’t need to be tech savvy” to steal data. It’s a sad but true reality that isn’t much of an eye opener for many of us who watch users get their accounts compromised day in and day out due to social engineering and malware.

Facebook Users Warned of Sexy ‘Candid Camera Prank’ Attack – Security firms warn of a new Facebook attack tricking users into downloading a video player that’s actually adware, and maybe worse.

Worst Phishing Pest May be Revving Up – The single most active group for stealing identities and pilfering electronic bank accounts over the Internet has nearly ground to a halt, but the lull could be the precursor to an even worse crime spree, according to a new study.

So, is it paranoia if they really are after you? Well I can assure you, if you are connected to the Internet, and if the news items listed above are any indication (and they are) – they really are after you!

So, is it time for you to develop a case of healthy paranoia while surfing the Internet, and to stay actively aware of current threats to your personal and computer security?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

22 Comments

Filed under bots, cybercrime, Don't Get Scammed, Don't Get Hacked, FaceBook, Internet Safety, Internet Security Alerts, Malware Advisories, System Security, trojans, Twitter, Viruses, Windows Tips and Tools, worms

Do We Need to “Fix” the Internet?

Each time that you connect to the Internet you are unfortunately, wandering through a raucous neighborhood which has a reputation for being jam-packed with predators.

These predators are intent on stealing your money and personal information, installing damaging programs on your computer, or misleading you with an online scam.

Cyber-crooks are relentless in their pursuit of your money, and it’s all about the money. In the worst case scenario, your identity and your financial security can be severely compromised.

Recently, Symantec reported that 51% of all the viruses, Trojans and other forms of malware it has ever seen were logged during 2009, and Symantec has been in the security business since before the Internet was launched.

Each day, when I boot up my home machine, Immunet Protect, advises me that it is protecting me against 12 Million threats. Today for example (May 16, 2010, the number is 12,866,263. That number is truly mind blowing.

Note: Later in the day, following a re-boot, I noticed that the protection level had risen to 12,876,095 – 10,000 additional threats had been identified.

Various Internet security companies report having to deal with up to as many as 40,000 new versions of malware daily. Here’s the math; one new malware program every four seconds!

Anti malware developer Comodo, looks at these numbers in a way that we can more easily relate to, in its instructive video – Did you Know? Dangers on the Web.

“Did you know that the amount of new malware discovered daily approximates the number of words a person speaks daily?

Or, the amount of money lost by US Consumers due to malware over the past 2 years would have paid the tuition of over one million US College Students?”

Seen in this way, cybercrime takes on a whole new dimension.

Since additional sophisticated threats are constantly being developed, or are currently being deployed, some observers are of the opinion that the Internet is essentially broken.

If you think this is an exaggeration, check this out and then you decide.

Tainted search engine results: Internet security gurus have known for some time that we cannot rely on Internet search engine output to be untainted, and free of potential harmful exposure to malware.

Cyber-crooks continue to be unrelenting in their chase to infect web search results, seeding malicious websites among the top results returned by these engines.

When a potential victim visits one of these sites, the chances of downloading malicious code onto the computer by exploiting existing vulnerabilities, is extremely high.

Infected legitimate websites: According to security solution provider  Kaspersky, the rate of infected legitimate web sites, in 2006, was one in every 20,000. In 2009, one in every 150 legitimate was infected by malware, according to Kaspersky.

Drive-by downloads: Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and craftier recently.

If you’re unfamiliar with the term, drive-by download, they are essentially programs that automatically download and install on your computer without your knowledge.

This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on a deceptive popup window. Often, more than one program is downloaded; for example, file sharing with tracking spyware is very common. It’s important to remember that this can take place without warning, or your approval.

Rogue software: A rogue security application (scareware), is an application usually found on free download and adult websites, or it can be installed from rogue security software websites, using Trojans or, manipulating Internet browser security holes.

After the installation of rogue security software the program launches fake or false malware detection warnings. Rogue security applications, and there seems to be an epidemic of them on the Internet currently, are developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.

Even if the full program fee is paid, rogue software continues to run as a background process incessantly reporting those fake or false malware detection warnings. Over time, this type of software will essentially destroy the victim’s computer operating system, making the machine unusable.

Email scams: Email scams work because the Cyber-crooks responsible use social engineering as the hook; in other words they exploit our curiosity. The fact is, we are all pretty curious creatures and let’s face it, who doesn’t like surprise emails? I think it’s safe to say, we all love to receive good news emails.

It seems that more and more these days, I get phishing emails in my inboxes all designed to trick me into revealing financial information that can be used to steal my money.

If you’re unfamiliar with phishing, it is defined as the act of tricking unsuspecting Internet users into revealing sensitive or private information. In a phishing attack, the attacker creates a set of circumstances where the potential victims are convinced that they are dealing with an authorized party. It relies for its success on the principle that asking a large number of people for this information, will always deceive at least some of those people.

A personal example of how this works is as follows. According to a recent email (similar in form and content to 20+ I receive each month), my online banking privileges with Bank of America had been blocked due to security concerns. This looked like an official email and the enclosed link made it simple to get this problem solved with just a mouse click. What could be easier than that?

Clicking on the link would have redirected me to a spoof page, comparable to the original site, and I would then have begun the process whereby the scammers would have stripped me of all the confidential information I was willing to provide.

My financial and personal details, had I entered them, would then have been harvested by the cyber-crooks behind this fraudulent scheme who would then have used this information to commit identity and financial theft.

These types of attacks against financial institutions, and consumers, are occurring with such frequency that the IC³ (Internet Crime Complaint Center), has called the situation “alarming”, so you need to be extremely vigilant.

This is by no means an exhaustive list of the dangers we are exposed to on the Internet. There are many more technical reasons why the Internet is becoming progressively more dangerous which are outside the scope of this article.

So what do you think? Is the Internet broken – do we need to fix it, and if so, how can we do that?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

20 Comments

Filed under Comodo, cybercrime, Don't Get Scammed, Don't Get Hacked, Internet Safety, internet scams, Internet Security Alerts, Malware Advisories, Online Safety, Phishing, Rogue Software, spam, Symantec, trojans, Viruses, Windows Tips and Tools, worms

New Symantec Cloud Based Security Solution for Small and Medium Sized Groups Announced

image On the whole, businesses, at every level, have virtually the identical need to protect computer systems as you and I. It’s just a matter of degree.

Both businesses, and individuals, need protection against viruses, spyware, rootkits, spam, phishing, and other types of malware.

One major difference does exist however. You and I, at a personal level, uncomfortable as it may be, are likely to survive a malware infection with either limited, or no cost.

Not so a business. Computers, and automated business systems, have become crucial to the effective operation, and stability, of most businesses. Downtime, caused by cybercrime, can have lasting impact on a business’s long term viability and reputation.

Given the current threat conditions on the Internet, small and medium sized business, now, more than ever, need an effective cyber security plan. A plan that is relatively simple – but comprehensive, and in keeping with the realities of the present business environment – cost effective.

Based on these recognized needs, Symantec Hosted Services today announced a new cloud-based service, designed specifically with the SMB market in mind.

According to Symantec “Customers will now be able to protect their Windows-based laptops, desktops, and file servers from the proliferation and growing sophistication of threats with the simplicity and convenience of a cloud-based service.”

By taking advantage of this cloud based service, Symantec clients will realize considerable savings; since there is no need for additional hardware, or management software.

At the moment, Symantec Hosted Endpoint Protection is available only to customers in North America.

Fast facts:

Comprehensive Protection for Customer Systems: Advanced technologies for antivirus, antispyware, firewall and host intrusion prevention.

Always-on Protection for Endpoints: Automated updates occur transparently over an Internet connection to keep employee systems current and consistent with client policies when employees are in the office or on the road – even when they’re not logged into their corporate VPN.

Web-based Management Console: Administrators can access the administration portal over a supported Web-browser and corporate VPN access is not required to monitor and manage each computer. Administrators receive real-time alerts via SMS or email and can easily perform functions such as initiate a Live Update to refresh system protection levels, view history on systems and change local policy settings.

Ease of Management: Adds and manages new computers without requiring on-site management servers. Updates occur automatically and new features are introduced as they become available during the subscription period for no additional fee.

Scalable: Flexibility provided through a hosted model allows the solution to scale to incorporate new endpoints quickly and efficiently without requiring additional hardware or management software.

Fast to Deploy: Can be quickly deployed to users via standard download, an email invitation or silently pushed to the customer’s network.

To sign up for a Hosted Endpoint Free Trial visit Symantec’s MessageLabs.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Anti-Malware Tools, Business Applications, Cloud Computing Applications, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Interconnectivity, MessageLabs, Networking, Software, Software Trial Versions, Symantec, System Security, Windows Tips and Tools

Free ThreatFire – Advanced Security Against Malware

So here’s the question.

If 52 percent of the nearly 40,000 samples of new viruses, worms, Trojans and other types of Internet threats identified every day, only last 24 hours, how do security applications that rely on a definition database to identify malware files (most anti-malware applications), keep up with this onslaught?

The simple answer is; they don’t.

The relentless evolution of these increasingly more powerful, and destructive attacks, against computer systems, has disclosed a gaping hole; a vulnerability to zero-day threats in many users’ Internet security defenses.

Zero-day threats are those that are defined as malware that has been written and distributed to take advantage of system vulnerabilities, before security developers can create, and release, counter measures.

So where does this leave you and me?

Without tools that will identify and eliminate these malware threats, we (you and I), run the risk of infection by these constantly evolving zero day security risks to our computers, and operating systems.

One such free, powerful tool, reviewed here previously, is ThreatFire from PC Tools – the developers of the highly regarded PC Tools Internet Security 2010, which blocks malware (including zero-day threats) by analyzing program behavior (heuristics), instead of relying only on a signature based database.

ThreatFire works together with your signature based security applications, to increase the effectiveness of your total security arsenal.

clip_image003

When ThreatFire detects a behavior based threat, it goes into analysis overdrive by comparing the threat against its signature database; those threats that are recognized by the database are quarantined immediately.

clip_image004

Unrecognized threats, or unrecognized behaviors, are assigned a calculated risk level (set by the user), at which point the user has the option of confirming, or blocking, the action.

A good example of the effectiveness of this application was made clear to me, recently, while I was checking all of the ports on my home Windows machine. ThreatFire immediately advised me that the Port Checker was attempting to send email from port 25.

Of course it actually wasn’t, it was simply opening it for testing purposes. But if this port was being opened, and was being used by malware, ThreatFire would have identified this danger by its behavior, and given me the necessary warning.

clip_image005

The following chart gives a good indication of how ThreatFire can supplement your existing security applications. (Chart courtesy of ThreatFire)

ThreatFire Chart

Fast facts:

Immediately Effective with No Complicated Set Up

Proactive Defense against Both Known and Unknown Threats

PC Tools AntiVirus Included for On-demand Scanning

Quarantine and Permanently Remove Threats from Your System

Rootkit Scanner Seeks Out Deeply Hidden Files, Objects and Registry Keys

View Detailed Process Information on All Running Processes

Complementary to Your Existing Antivirus Software

Advanced Custom Configuration Options and Rules Settings

Virtually No Impact on System Performance

More Technical Details Provided on Alerts

Continually Improving Protection Technology

Free email and web-based technical support

If you read “An Anti-malware Test – Common Sense Wins”, on this site, you’ll note that during this one year test, ThreatFire was a primary security component on the test machine. In fact, each of my home machines is protected against infection by ThreatFire.

I highly recommend ThreatFire as a critical component in your overall Internet security toolbox.

System Requirements: Windows 7 32-bit and 64-bit, Windows Vista 64-bit, Vista 32-bit, Windows XP SP1, SP2 or SP3 (Home, Pro & Media Center Editions), Windows 2003, Windows 2008.

Download at: ThreatFire

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

25 Comments

Filed under Anti-Malware Tools, Don't Get Scammed, Don't Get Hacked, downloads, Free Security Programs, Freeware, Online Safety, PC Tools, Software, Spyware - Adware Protection, Utilities, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

An Anti-malware Test – Common Sense Wins

image I’ve just finished an anti-malware test that lasted for just over a year. For this test, I took a test machine, running Windows XP Professional, which I did not shut down, or reboot, for 373 days.

For 373 days, the machine was continuously wired to the Internet and each day, was used for active surfing and general computer use, including email, downloading applications, and so on.

During the test period, the installed anti-malware applications were patched and updated, as was the operating system. Common sense; right?

However, I did not run a single anti-malware scan of any description, since not doing so, was part of the objective of the test.

The overall purpose of the test was to determine if common sense plays a role in protecting a computer user against viruses, adware, spyware, hackers, spam,  phishing, and other Internet frauds.

Let me be clear, this test is in no way scientific, but instead, is a rather simple test on the importance of common sense in using a computer attached to the Internet.

Installed Anti-malware applications:

ZoneAlarm Firewall (free edition)

Spyware Terminator (free edition)

Avira Antivirus (free edition)

ThreatFire (free edition)

SnoopFree Privacy Shield (freeware)

WinPatrol (free edition)

Firefox – not strictly an anti-malware application, but…..

WOT

During this very extensive test run, the machine showed no indication of a malware infection; at least by normal observation (since I didn’t run any scans), – no system slowdown; no unusual disk use; no unusual Internet activity; no security application warnings.

In addition to practicing common sense in terms of not visiting the class of web sites that are known to be dangerous – porn sites; salacious news site; Facebook; MySpace; and so on, I absolutely adhered to the following.

I did not:

Download files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.

Click links in instant messaging (IM) that had no context, or were composed of only general text.

Download executable software from web sites without ensuring that the site was reputable.

Open email, or email attachments, from unknown people.

Open email attachments without first scanning them for viruses.

Open email attachments that ended in a file extension of .exe, .vbs, or .lnk.

Visit any site not shown as safe by WOT.

After 373 days (the end of the test period), I then ran multiple scans using the onboard security applications. The end result – not a single incidence of infection, malware, or an unwanted application.

It’s clear, at least to me, that by using common sense and updating both applications and the operating system, not visiting the class of web sites known to be unsafe, not clicking haphazardly and opening the types of files that are clearly dangerous, and being aware of the hidden dangers on the Internet, the dividends were measurable.

This was a long boring test, but it proved to me, that using common sense reduces the substantial risks we all face while surfing the Internet, regardless of the antispyware, antivirus, and the other Internet security applications installed.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

24 Comments

Filed under Anti-Keyloggers, Anti-Malware Tools, Antivirus Applications, Browser add-ons, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Freeware, Internet Safety, Software, System Security, Windows Tips and Tools

Online Banking Do’s and Don’ts

banking2 While it’s true that the Internet, despite its fundamental design flaws, has the “potential” for safe and secure financial transactions, safe banking online relies on you making good choices, and decisions, that will help you avoid costly surprises, or even carefully crafted scams and phishing schemes.

Despite all the positive hype surrounding financial institutions’ system security, we have learned, much to our detriment, that there are no absolutes in computer system security.

The inescapable fact remains; you are your own best protection while conducting financial transactions on the Internet. So it’s important that you learn about, and take advantage of, the active security features offered by your financial institution.

Online banking 1

Examples of security features offered by financial institution:

Encryption is the process of scrambling private information to prevent unauthorized access. To remind you that your transmission is encrypted, most Internet browsers display a small icon on your screen that resembles a lock, or a key, when you conduct secure transactions online. Look for this symbol so that you have reason to believe your connection is, in fact, secure.

Passwords, or personal identification numbers, should be used when accessing an account online. Your password should be unique to you, and this is extremely important, you should change it regularly. Do not use birthdates or other numbers or words, that may be easy for others to guess.

Always carefully control to whom you give your password. For example, if you use a financial company that requires your password in order to gather your financial data from various sources, make sure that you are aware of the company’s privacy and security practices.

General security over your personal computer such as virus protection and physical access controls should be used and updated regularly.

Online banking 2

Tips on safe computing practices when conducting your online banking at home, or at a public computer:

Never leave your computer, even at home, unattended, once you have signed in to online banking.

After completing your transactions, ensure that you sign out, clear your cache, and close your browser. Often, it is easy to forget to sign out of an online banking session

Keep your password and card number safe. This seems like a no brainer, but surprisingly, many users do forget this critical step in the process.

Do not share, disclose, or provide your bank card number, or password, to another party, or website, other than your bank. Most banks will not send you an email requesting this information. If your bank practices this very unsafe routine; you should change banks.

Do not save your bank card number, or password, on a publicly accessed computer.

If you do use a public access computer such as at an Internet café or public library, (absolutely NOT recommended), to be safe, change your password after completing your session by calling your bank’s telephone banking number.

When selecting a password, choose a series of characters that cannot be easily guessed by someone else. The best passwords are made up of an alpha-numeric combination that are more than eight characters long, and a combination of capital and lower case letters.

Bank of America email scam

This is an example of an Online Banking email phishing attempt.

Final words – don’t use:

A password you use for any other service.

Your name, or a close relative’s name.

Your birth date, telephone number or address, or those of a close relative.

Your bank account number, or bank card number.

Do not share your personal verification question answers with anyone, and do not disclose them in any emails. It’s simple; giving your password answers to another person, or company, places your finances and privacy at risk.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

20 Comments

Filed under cybercrime, Don't Get Scammed, Interconnectivity, Online Banking, Online Safety, Windows Tips and Tools

Federal Reserve Bank Spam Scam

No, I’m not referring to the U.S. Federal Reserve as a scam, although there are more than a few, it seems, who think just that. Instead, I’m referring to the latest cybercriminal phishing scam which uses a phony “warning”, purportedly from the Federal Reserve Bank, which warns against – are you ready for this – phishing. You have to think that these guys are the very definition of “brazen”.

Federal reserve scam 3

We first reported on this scam back in November 2008, and since it has now resurfaced, it’s probable that cybercriminals have had some success with this. I suppose cybercriminals are into recycling, just like the rest of us.

The graphic below represents last year’s attempt. The only noticeable difference between this year, and last year, is the link address. Notice the red circles following the links in this graphic which is WOT’s (described later in this article), way of warning you that these links are dangerous. You will not see a warning on the links in the latest version of this scam since the the cybercrooks are now using a flash element in this latest version.

If you’re unfamiliar with phishing, it is defined as the act of tricking unsuspecting Internet users into revealing sensitive, or private information. In a phishing attack, the attacker creates a set of circumstances where the potential victims are convinced that they are dealing with an authorized party.

Scam emails like this may have several purposes; they can be crafted to trick you into revealing financial information that can be used to steal your money, or they can be designed to install various types of malware on your computer.

Hopefully, you are aware of this type of Internet scam, but I can assure you that a sufficiently large number of people are not. Scams such as this, rely on the principal that exposing a large number of people to this type of scam email, will always deceive at least some of those people.

As part of their Internet Threats series, WOT (the developers of my favorite Internet browser security add-on), has produced a short video designed to educate consumers about the wave of financial-themed phishing and spam, and the steps they can take to protect themselves.

Being aware of Internet threats is critical to your security on the Internet, so I suggest you take this opportunity to view this short (2:21 mins.), educational video.

WOT video new

As I have pointed out in the past (I’m sure regular readers of this Blog must be tired of seeing this), the following tips will help you protect your computer system, your money and your identity:

Don’t open emails that come from untrusted sources. It’s been estimated that 96% of emails are spam. While not all spam is unsafe, common sense dictates that you treat it as if it is.

Don’t run files that you receive via email without making sure of their origin. If the link has been sent to you in a forwarded email from a friend, be particularly cautious. Forwarded emails are notorious for containing dangerous elements, and links.

Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a web site designed to download malware onto your computer.

If you do not use a web based email service, then be sure your anti-virus software scans all incoming e-mail and attachments.

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Comments Off on Federal Reserve Bank Spam Scam

Filed under Browser add-ons, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, email scams, Firefox Add-ons, Internet Explorer Add-ons, Internet Safety Tools, Malware Advisories, Online Safety, Phishing, Windows Tips and Tools, WOT (Web of Trust)