Tag Archives: Security Software

Why Do Users Keep Falling for Scams?

This guest post is contributed by my Aussie mate, Jim Hillier. Jim is the resident freeware aficionado at Dave’s Computer Tips. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele… as well as writing for DCT, of course.


*Social engineering: refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access — Wikipedia

wps_clip_image-25719

It’s unfathomable to me why so many people still get caught out by social engineering techniques, being tricked into clicking that link or opening that attachment.

Social engineering is one of the most prevalent methods used by cybercriminals to infect a system and/or gain a user’s sensitive information. Ransomware, phishing emails, scams, all generally involve an element of social engineering. Why? Because it’s simple, effective, and lucrative. It stands to reason then that the most potent method for eradicating these types of threats would be to make them less effective and less lucrative. The question is; how to achieve that?

You’ve no doubt come across the saying “education is key” – and, when it comes to social engineering, nothing could be truer. Because of the changing nature of socially engineered exploits, security software cannot always protect users from themselves. That’s why Tech blogs are repeatedly issuing the same advice/warnings – don’t click on links in emails from unknown senders, don’t open email attachments from unknown senders, etc., etc., etc. In fact, I recently published yet another list of do’s and don’ts  “10 Golden Rules to Defeat Scammers” . Yet, despite all this, so many people are still falling victim to social engineering.

A large part of the problem I suppose is that the users who need this type of advice the most are generally not the sort of people who tend to visit and read Tech blogs.

I was recently perusing a well-known freeware site and came across a comment from someone complaining that, despite being protected by a commercial grade antivirus, his company’s computers had been infected by ransomware… twice. On both occasions the infection was initiated by an employee clicking on something he or she shouldn’t have clicked on. I suggested to him that perhaps his company needed to review and strengthen its staff training program. Education is key.

My own clientele consists largely of elderly folk and, in my experience, many are highly susceptible to phishing and scams in general. I have a theory about this; I’m sure it’s because they were brought up in an era when trust was inherent; leaving the front door to the house open, leaving the car unlocked and keys in the ignition. Do you know what I mean? It’s not so much that they are gullible, more overly trusting.

These people also tend to be not so computer/security savvy, so rather than hit them with a long list of do’s and don’ts, which might be difficult to follow, I condense it all down to just three rules for them to remember:

1. Treat each and every unsolicited phone call and/or email as highly suspicious.

2. Always be very wary about giving out sensitive personal information over the internet.

3. If it sounds too good to be true, it almost certainly is.

If the more savvy among us would only take the time to pass this type of advice around their own particular circles of family, friends, and acquaintances, I believe that we, collectively, might just make a difference.

image

10 Comments

Filed under cybercrime, Don't Get Hacked, Education, Internet Safety for Seniors, Online Safety, Safe Surfing, System Security, trojans, Viruses, worms

SecurityXploded – A Site Designed For The Geek In You

imageSo much to see – so much to do – and, not enough time. Sort of a synopsis of my experience on the Internet. Not much different from yours, I expect.

Years back, I used to write for Makeuseof.com – a cool site run by a super bunch of people. Despite the income loss – yes, you can make money writing for the Internet – I pulled back on the reins, and resigned as a writer, within a year.

The issue? In a nutshell – not enough time. The time to seek out and develop appropriate content. Not much has changed in that sense – it’s still a chore finding content that appeals to me – which by extension, should appeal to the majority of readers who drop by this site (hopefully   Smile  ).

So, any time a regular reader recommends an application or a web site, one that has proven to be valuable to that reader, I’ll jump on that recommendation. Not only because of the time/work that it saves me – but, what can be better than a recommendation from a reader whom I have come to know, is on top of the game?

A perfect example:

Here, I’ll let regular reader Richard J. explain –

Hello Bill,

I thought that I’d drop you a line about a website that offers a few decent security tools. I’ve only used a few of them – on Windows 7, but there are a few good ones in the list of products available, and they’re free.

Many of them can either be fully installed or else offer a portable version. Most of them work with Windows 8. Personally I’ve chosen to only use the portable versions.

The ones that I’ve found most useful are:

http://securityxploded.com/winservicemanager.php

This one helped me to identify a service that was installed even though I’d removed the associated program.

http://securityxploded.com/streamarmor.php

This one identified one data stream needing analysis but everything else showed up clean! I think that Windows 8 is not supported at least according to the website. This one adds a VirusTotal uploader to your desktop.

http://securityxploded.com/virus-total-scanner.php

This one adds a VirusTotal uploader to your desktop.

I must admit to, not having heard of this site previously – despite the fact that the site is in the top 50,000 sites on the Web. A good example of that “not enough time” thingy.

The site, as it turns out, is similar to Nirsoft  – a site which offers 100+ freeware utilities ranging from Password Tools, Network Monitoring Tools, to System Tools, and more. Utilities and system tools, which I have reviewed individually, and in bulk, any number of times here.

Just like the tools over at Nirsoft, the applications at SecurityXploded are designed to be used by sophisticated users. Since these applications in many cases, dig deep into the operating system, replicating the behavior of hacking tools on the one hand – and malware on the other hand (a number of the recovery utilities are in fact, hacking tools) – you should be prepared for your AV solutions going into overdrive.

From the site:

SecurityXploded is a popular Infosec Research & Development organization offering FREE Security Software, latest Research Articles and FREE Training on Reverse Engineering & Malware Analysis.

So far it has published 50+ research articles and 90+ FREE security software. Most of these software have been listed and received top awards from leading download sites including Softpedia, BrotherSoft etc.

Below, I’ve listed just some (some – so that you don’t have to cursor down all day   Smile   ), of the applications/tools that are available.

—————————————————————————————————

Password Recovery Tools:

AIM Password Decryptor

Asterisk Password Spy

Browser Password Decryptor Updated

Chrome Password Decryptor

Digsby Password Decryptor Updated

Dreamweaver Password Decryptor Updated

Excel Password Recovery

Facebook Password Decryptor

Filezilla Password Decryptor Updated

Fire Master

Fire Master Cracker

Anti-Spyware/Anti-Rootkit Tools:

Advanced Win Service Manager Updated

Dll Hijack Auditor Updated

Exe Scan

Shell Detect

Spy BHO Remover Updated

Spy DLL Remover

Stream Armor

Virus Total Scanner

Network Tools:

Directory Scanner

LDAP Search

Net Database Scanner

Net Share Monitor

System Tools:

Auto Screen Capture

Browser History Spy Updated

Download Hash Verifier Updated

Hash Compare

Hash Generator

All of the tools listed here – and many more – are available for download at the developer’s site: SecurityXploded

—————————————————————————————————

Richard, thank you – I’ve had a super time checking out some of these freebies. I suspect that regular readers will have some fun as well.

13 Comments

Filed under Computer Tools, downloads, Freeware, Geek Software and Tools