Tag Archives: browser
Japanese Rice Art Is No Hoax
September 22nd, 2009. Published under Scams. No Comments.
Sometimes I receive emails that sound like they should be hoaxes but arn’t. This one, about Japanese rice art, is one example of something that sounds too bizarre to be true. The pictures, however, are quite genuine – Subject: Rice Art Stunning crop art has sprung up across rice fields in Japan. But this is no alien creation – the designs have been cleverly planted. Farmers creating the huge displays use no ink or dye. Instead, different colours of rice plants have been precisely and strategically arranged and grown in the paddy fields. As summer progresses and the plants shoot up, the detailed artwork begins to emerge – My initial reaction when I saw those pictures was that they were either some sort of photoshop exercise or that someone had created the Japanese equivalent of crop circles , i.e. they were for no particular purpose other than to garner attention for the particular artist. The truth, however, is that they are actually quite genuine and an ancient art form, as reported by The Guardian . Quite stunning, don’t you think?
See the article here:
Japanese Rice Art Is No Hoax
How Can I Avoid Vishing Scams?
September 22nd, 2009. Published under Fraud, Scams. No Comments.
How to avoid vishing scams If you don’t already know what vishing is then you need to read yesterday’s post – What Exactly Is Vishing ? Today I am looking at a few very simple ways of ensuring you don’t become a victim of this crime. Rule #1 can be applied to just about every scenario you may ever come across online – DO NOT REVEAL YOUR SENSITIVE INFORMATION TO ANYONE , INCLUDING BANK EMPLOYEES. Whether you are contacted via email, IM or phone you should never, ever, reveal sensitive information to someone you cannot completely trust. If you always keep that in mind then you will have improved your internet security immeasurably. The other rules are just as much common sense – Banks and other financial institutions never call and ask you for personal information. The call or message may say that your call is being recorded but this is just to scare people so that they do not call the authorities. Notice how the caller never calls you by name. That is because they have no idea what your name is! If your bank or credit card number asks for your account number then they must be false – they should already know such details. Just because they don’t ask for your CVV2 number don’t think they are legit – some people can still steal your money without that information. Some banks, especially the small ones, usually have the last 6 numbers of the card the same for all the cards. So thieves will ask only for the last 6 digits of your credit card number because they know the first ones. So don’t think that if they ask only for 6 digits they cannot steal your money. They can do this just with your PIN and the last 6 digits of your card. Remember the above and stay safe. Don’t get vished!
Facebook Fan Check – Handy App, Virus Or Hoax?
September 19th, 2009. Published under Fraud, Scams. No Comments.
Have you heard of the Fan Check app on Facebook? It is a downloadable application that allows you to monitor which of your friends are commenting most on your photos or wall and it will place them in order according to who has commented the most. Recently, however, concerns over Fan Check have been surfacing, namely that it may be a virus. If you search Google then there are a great many reports about Facebook users who claim that Fan Check has in some way hacked their accounts and led to unsolicited messages being sent to their friends and other contacts. On Facebook itself there are groups who are warning other users about the app and asking for it to be banned. PC World has said – ‘Malicious hackers are setting up malware-infested Web sites that falsely claim to remove a virus from a new Facebook application called Fan Check, security vendor Sophos is warning…. Facebook members use popular search engines to find antivirus information about Fan Check, they are getting results that point to sites that can infect their computers with malware.’ The creator of the application – Janakan Arulkumarasa – has responded by saying that – ‘it is NOT a malicious app. Unfortunately, some malicious developers have been spreading a lie that it is – and encouraging people to download fake virus scanning software, which damages their computer. This is very unfortunate, but has nothing to do with us.’ Despite such reassurances from the developer, the number of users of Fan Check quickly dropped from over 12 million to under 7 million. To my mind it seems like the application itself is probably sound but there are bogus sites talking about it that contain malware. If you already have Fan Check installed then there is probably no need to panic but, as ever, be careful about what you click on elsewhere on the internet.
View original post here:
Facebook Fan Check – Handy App, Virus Or Hoax?
How To Avoid Gift Card Scams
September 18th, 2009. Published under Fraud, Scams. No Comments.
When you’re browsing around Craigslist and are looking for giftcards that other people don’t want, you’re probably thinking to yourself: What steps can I take to avoid being scammed? Most people initially think of meeting up with the person and then calling the number on the back of the card to check the balance. That’s probably the most common thinking one can think of. However, scammers these days are smarter than that. There is indeed a way to use the balance before selling it off to another person. The seller might make a transaction online just minutes before meeting up with you, and when you meet up and check the balance via telephone, the automated machine will read the balance before the transaction. Most people would be satisfied with this and proceed on with the deal. However, you should be wiser than that. THIS IS HOW YOU AVOID A GIFT CARD SCAM Firstly, when you meet up with the seller, always try to meet up at the place where the gift card is usable. There, you should ask him to get you the item you want (at the same price lsited on the gift card), and pay him afterwards. Even if you want to, you can still return the item later for store credit. This way, you have something that’s more tangible than just a card in your hands. If this method doesn’t click with you, then simply check the back of the card. If the pin is scratched off, then don’t buy because there is a greater chance that the card has already been used. However, even if the pin hasn’t been scratched off yet, there are ways to use it. In addition, to avoid scammers, make sure you keep your eyes on the gift card at all times, because some people will try to switch the cards when you’re not looking. Lastly, if your intuition tells you that there’s something sketchy about the seller, then don’t buy the gift card . Some of the warning signs you may see are that he will call you from a private number, only call you on your number, but won’t give you his, or that he will want to meet with you at random places.
Read the original here:
How To Avoid Gift Card Scams
How To Avoid Automatic Teller Machine (ATM) Scams
September 17th, 2009. Published under Fraud, Scams. No Comments.
I would imagine that everyone reading this has probably used an ATM machine at some time. An Automatic Teller Machine (ATM) is an electronic terminal, which is directly links to the financial institution, to which it belongs, where consumers can conduct electronic financial transactions by means of an ATM or credit card. The majority of ATM machines are linked to a large number of financial institutions and can be used from anywhere around the world. ATM machines can be online or offline. In the case of online machines, the transactions conducted by consumers are processed instantaneously in real time. Where the ATM is offline, all transactions are recorded on tape. These tapes are subsequently transported on a daily basis to financial institutions for processing by either courier or security companies. THE DIFFERENT TYPES OF ATM SCAM There are a number of ways in which ATM scams are conducted by fraudsters. Here are some examples of ATM scams. Stolen ATM or Credit Cards In some instances fraudsters may come into possession of a persons’ ATM or credit card and have access to the secret pin required to conduct transactions on an ATM. Often a persons’ wallet or purse can be stolen and the secret pin codes are written on a piece of paper inside. Fraudsters will then utilize this information and withdraw as much funds as possible from the victim’s account at ATMs. The fraudster will continue withdrawing funds until the card is held by the ATM machine. Counterfeit ATM Cards This offence is very rare, but they do occur. In these instances offenders will make use of a ‘Skimming’ device. This device is used to extract all data from a magnetic strip at the back of a bank or credit card. This data can later be extracted to a computer. With a skimming device it is only required to swipe the magnetic strip over or into the device. From a computer, the information can then be transferred onto a new magnetic strip on the back of a new card. This card will then in effect be a duplicate of the original card. Skimming devices comes in many forms, large or small. ATM fraudsters will use a device very similar to the ATM slot where the consumer’s card is entered to. Fraudsters will simply remove the ATM’s device and put their own skimming device in its place. Offenders will then set up cameras in hidden places around the ATM. This camera is used to record the secret pin entered by the consumer. Offenders will later remove their devices and can now start duplicating ATM and credit cards of victims. Fraudulent withdrawals As security measures, banking clients can not withdraw more funds from their accounts than are available. There may also be daily withdrawal limits on accounts, which are set by the client or bank. Fraudsters will often identify off-line ATM machines where transactions are not processed in real time. Here they will be in a position to withdraw more than the current daily limit, also more than is available in the account. Although these ATM’s have their own withdrawal limits, fraudsters will withdraw the maximum amounts they can as set by the ATM. Fraudulent Deposits In instances where a victim requires someone to deposit funds into their account before a product or service is delivered, fraudsters might prefer ATMs to perform this ‘deposit’. Fraudsters generally would deposit a fraudulent check, but mark the ATM instruction as cash. Fraudsters may also in instances place a small amount of funds into the envelope, but mark the front end with a higher amount and type the higher amount into the ATM as well. When the victim releases the product or funds, they will at a later stage be informed of the fraudulent deposit made. PROTECTING YOURSELF AGAINST ATM SCAMS When approaching an ATM, one should always ensure that the ATM is in good order. If there are any signs of tampering on the ATM, especially with the slot where the card is entered into, do not use it. Always look for small cameras inside and around the ATM, which appear to be out of place. When typing your pin, always ensure that you use your body to conceal the pad when typing your pin. Make sure that there are no way in any angle in which a person or came could see the typing process. Always ensure that you memorize your pin number. Do not write it down and keep it along with your card, in the event of a theft or robbery, the card can not be used at any ATM. When requesting someone to make a deposit into your account, always contact your bank and ask the method in which the deposit was made. Also ask the exact amount and the method of payment. It is highly suggested that you wait for funds to clear before releasing any products or services to a buyer.
Continue reading here:
How To Avoid Automatic Teller Machine (ATM) Scams
How Craigslist Scams Can Be Avoided With Common Sense
September 17th, 2009. Published under Scams. No Comments.
Have you ever shopped on Craigslist? If so, then you probably know that they offer tons of deals (including wives – see Yuliyana Kalinina And The Green Card Marriage Scam ). Sometimes, people buy stuff and then they don’t want it after a period of time and sell it for cheap. Other times, people receive gifts and sell those gifts back for cash. Everything seems ideal, right? Like the old adage goes, “One man’s trash is another man’s treasure.” However, if you’re a Craigslist shopper you need to beware of all the scammers. For example, I read an article about a man in the UK trying to sell a car to a man in the US, and when the money was sent, there was no car and no trace of the man who claimed to want to sell the car. Further, there was a case about a person who bought a 500 dollar gift card for Macy’s for only 50 bucks! But it turned out, the card had a balance of zero dollars and zero cents on it – the buyer should have called to check. As you can see, these cases teach us a lot about scams and scammers. Most of the scams you will come across are often very obvious – I mean, who would sell you a 500 dollar gift card for 50!?! And scammers tend to be very distant and compromising when it comes to it. So, watch out if you’re going to buy stuff on Craigslist!
Follow this link:
How Craigslist Scams Can Be Avoided With Common Sense
Phishing Cartoon Drives The Message Home
September 16th, 2009. Published under Scams. No Comments.
The following cartoon from Consumer Reports WebWatch is cute and a little funny too – You need to a flashplayer enabled browser to view this YouTube video Fortunately, it also makes some good points about what phishing is and how such crimes are committed. If it has piqued your curiosity then you can learn a whole lot more by reading my recent post : Phishing – What Is It And How Can You Avoid It?
Continued here:
Phishing Cartoon Drives The Message Home
DoS vs DDoS – What Is The Difference?
September 11th, 2009. Published under Scams. No Comments.
DoS = Denial Of Service DDoS = Distributed Denial Of Service What is the difference between the two? Whilst DoS and DDoS sound remarkably similar there are in fact differences between the two – DoS A DoS Attack is a Denial of Service attack. This means that one computer and one internet connection is used to flood a server with packets (TCP / UDP). The point of such a denial of service attack is to overload the targeted server’s bandwidth and other resources. This will make the server inaccessible to others, thereby blocking the website or whatever else is hosted there. DDoS A DDoS Attack is a Distributed Denial of Service Attack. In most respects it is similar to a DoS attack but the results are much, much different. Instead of one computer and one internet connection the DDoS attack utilises many computers and many connections. The computers behind such an attack are often distributed around the whole world and will be part of what is known as a botnet . The main difference between a DDoS attack vs a DoS attack, therefore, is that the target server will be overload by hundreds or even thousands of requests in the case of the former as opposed to just one attacker in the case of the latter. Therefore it is much, much harder for a server to withstand an attack against a DDoS attack.
Go here to see the original:
DoS vs DDoS – What Is The Difference?
Malware That Changed The World – The Conficker Virus
September 10th, 2009. Published under Scams. No Comments.
Conficker is the most recent addition to my list of notable malware, having only been released into the wild around October of last year. Many people predicted that Conficker would do some crazy stuff on April the 1st of this year but nothing of note really happened. That doesn’t mean to say that Conficker has gone away though. The Conficker virus, also known as Downadup, Kido and Confiker, is known to have infected up to 6 million computers around the world. No-one has claimed responsibility for writing the Conficker virus yet though industry experts believe the author(s) may be in the Ukraine or somewhere else near Russia. Infected machines are hooked into a botnet that could be used for a variety of purposes, ranging from spam to DDoS attacks. Despite all this potential they only serious effect of Conficker thus far has been to serve up an inducement to buy a fake antivirus program. I for one believe that Conficker will be used for far worse in the future. After all, 6 million plus infected computers are bound to have some monetary value to cyber criminals. Have you been infected by the Conficker virus? Heres more in my short series on malware that changed the world – The OSX/RSPlug Trojan The I Love You Virus The Blaster Worm Anna Kournikova The Melissa Virus The Storm Worm The Morris Worm The Conficker Virus
Go here to read the rest:
Malware That Changed The World – The Conficker Virus
Malware That Changed The World – The Robert Morris Worm
September 9th, 2009. Published under Fraud, Scams. No Comments.
Robert T Morris, Jr. was a graduate student in Computer Science at Cornell. On November the 22nd, 1988 he wrote an experimental piece of code which could both reproduce and spread itself across the emerging new world wide web. What he had created would later become known as a worm. Soon after releasing his worm Morris found that it was spreading far quicker than he had ever anticipated. The machines that became infected with this ‘Morris worm’ would lock up or completely crash. He tried to make amends by sending an anonymous message from Harvard that contained instructions on how to disable the worm but by that time networks were so clogged up that most recipients never received it. A huge range of computer systems and networks became infected, ranging from medical facilities to military installations. The cost to remove the Morris worm was quite severe in some instances, rising into the tens of thousands of dollars. Eventually researchers managed to reverse engineer the worm and after a few days the worm’s affects were largely neutralised. Everyone wanted to know who was responsible, however, and the The New York Times took a growing body of evidence and pointed the finger at Morris. Morris was later convicted of violating the computer Fraud and Abuse Act (Title 18) for which he received a sentence of three years probation in addition to four hundred hours of community service and a fine of $10,050. At the end of 1990 Morris appealed his sentence but it was upheld in March of the following year. Heres more in my short series on malware that changed the world – The OSX/RSPlug Trojan The I Love You Virus The Blaster Worm Anna Kournikova The Melissa Virus The Storm Worm
See the rest here:
Malware That Changed The World – The Robert Morris Worm
Malware That Changed The World – The Storm Worm
September 8th, 2009. Published under Fraud. No Comments.
The Storm Worm came to prominence back in 2007 when recipients received a simple email. The spam email arrived in inboxes with a large variety of subject lines and the infected attachment varied in name too. The most common variant, however, was the one from which the worm acquired it’s name – Subject: 230 dead as storm batters Europe Attachment: video.exe The Storm worm first surfaced in the middle of January 2007 and typically had one of several different Trojans associated with it. These Trojans were most often disguised as the following attached files – video.exe read more.exe full_video.exe flash_postcard.exe full_text.exe Most Windows operating systems of the time could be infected by one of these Trojans should the emailed attachment be opened. As the following video from F-Secure demonstrates, the worm spread far and wide in a very short period of time – You need to a flashplayer enabled browser to view this YouTube video Even though the worm was most commonly known as ‘Storm’ there were several alternative subject lines for the infected email, including – 230 dead as storm batters Europe Russian missile shot down Chinese satellite Russian missile shot down USA aircraft Russian missile shot down USA satellite Chinese missile shot down USA aircraft Chinese missile shot down USA satellite Strongest earthquake hits Beijing Wrapped Up Death toll in China exceeds 1000000 Recent china earthquake kills million British Muslims Genocide Naked teens attack home director Saddam Hussein alive! Saddam Hussein safe and sound! U.S. Southwest braces for another winter blast. More then 1000 people are dead President of Russia Putin dead Third World War just have started! First Nuclear Act of Terrorism! So in Love I Believe A Romantic Place A Little (sex) Card The Miracle of Love All For You Safe and Sound A Special Kiss Hugging My Pillow You’re Soo Kissable Want to Meet? For You amongst many, many others. Were you ever infected with the Storm worm ? Can you remember any of the other subject titles the email arrived with? Heres more in my short series on malware that changed the world – The OSX/RSPlug Trojan The I Love You Virus The Blaster Worm Anna Kournikova The Melissa Virus The Storm Worm
Follow this link:
Malware That Changed The World – The Storm Worm
What Everybody Needs To Know About Auto Repair Scams
September 8th, 2009. Published under Fraud, Scams. No Comments.
As a car owner it is inevitable that at some stage, rather sooner than later, your car will need to be taken for servicing or repairs to the vehicle. Auto repair scams constantly rank as one of the most reported consumer complaints internationally. In many instances around the world, television programs had exposes various scams related to auto repair and servicing. In the majority of these programs it was revealed how service providers receive vehicles for servicing. After completion of service the client was presented an invoice for work conducted and parts replaced. Television crew incidentally marked the old parts before the vehicle was taken to the service provider, which now appears as replaced according to the invoice. Upon investigation, it was found on all these programs that various old parts have indeed not been replaced, despite the invoice clearly stating it has been. HOW DO AUTO REPAIR SCAMS WORK? Auto repair scams in general are committed when victims are invoiced for parts or services, which in fact were never delivered. Service providers may, in total, not replace parts during a service to a vehicle, but invoice the client for the replacement thereof. In many instances service providers may replace parts with second-hand parts obtained off other vehicles and charge a client for new parts. Service providers in many instances may also substitute parts with so called ‘pirated’ parts. These are parts, made much cheaper, off the design of the original part and also commercially sold much cheaper than the original part. Often these parts do not have the same lifespan than original parts and may not perform the same than the original part. In these instances the victim may be charged the price of the original part and not that of the pirated part. HOW CAN YOU PROTECT YOURSELF AGAINST AUTO REPAIR SCAMS? Find a service provider before you need one Our first piece of advice is to find an auto shop before you need one. You could always ask friends or family to recommend one that is reliable. It would always be advisable to utilize your own vehicle manufacturer’s recommendations, but not everyone is always in a position to afford their high rates. Honouring warranties Always ensure before hand that the service provider honours existing warranties on your vehicle. If a service provider does not honour existing warranties, you might be charged high rates for parts or labour covered by your existing warranty. Qualifications and accreditation You should ensure that the service provider is qualified and accredited to perform the work on your vehicle. Ask questions and look for certificates confirming the qualification and accreditation of service providers. Repair invoice and guarantees When the work has been performed on your vehicle, you should ensure that the provider issues a legible copy of a repair invoice indicating the work done on the vehicle. This should include an itemized description of the parts used and labour conducted. Also ensure that you receive confirmation of any guarantees offered by the service provider. Shop around Always shop around as you could find a better service provider elsewhere.
Malware That Changed The World – The Melissa Virus
September 7th, 2009. Published under Fraud, Scams. No Comments.
Melissa was a computer macro virus that infected computers and email gateways via Microsoft Word 97 or 2000 or Microsoft Outlook 97 or 98. Created by David L. Smith, Melissa first appeared on Usenet in the late 1990s. At the height of it’s distribution Melissa caused some users and mail clients to be shut down due to the sheer volume of replicated emails that is was sending and receiving via numerous infected systems. Even major companies, such as Microsoft and Intel, had to temporarily shut down their email servers as they became clogged by the virus. The Melissa virus arrived in email inboxes in many different forms. Typically, a message would be entitled as ‘My Pictures’ but there would be no text in the email, though a file was attached. That file of course was not a picture but the virus and, if opened, it would delete files and send itself onto the first 40 entries it found in the infected machine’s email address book. Though the Melissa virus can be a problem, many people with newer forms of Word or Outlook have no problem with the worm type virus. Good antivirus programs can, and did, detect the macro language used by Melissa which was also defeated by newer versions of Word too. However it should still server as a good reminder that you should never open email attachments unless you are 100% certain that you trust both the sender and the files that they may have included in their email. David Smith was eventually caught at the end of 1999 and was amongst the first few individuals to ever be successfully prosecuted for creating a computer virus. He was sentenced to 10 years in jail and fined $5,000 but this was later reduced in return for his cooperation with authorities. Smith later went on to work for the FBI, tracking down viruses and those who were writing them. Heres more in my short series on malware that changed the world – The OSX/RSPlug Trojan The I Love You Virus The Blaster Worm
Read the rest here:
Malware That Changed The World – The Melissa Virus
Malware That Changed The World – The Anna Kournikova Worm
September 6th, 2009. Published under Scams. No Comments.
The Anna Kournikova worm was released back in 2001 and, whilst it was not aimed at causing data loss, it did cause embarrassment and disruption for many personal and business users. The worm was spread via email with an attachment that claimed to be a picture of Anna Kournikova, who many a hot-blooded young male found incredibly hard to resist. You need to a flashplayer enabled browser to view this YouTube video Opening the bogus attachment simply sent copies of the worm by email to all addresses found in the recipient’s address book in Microsoft Outlook. The virus inevitably resulted in a number of copycat variants. Whilst most worm creators have never been identified, a 21-year-old Dutchman, Jan de Wit, admitted to unleashing the Anna Kournikova worm. De Wit, an obsessed admirer of Kournikova, ended up receiving a community service sentence.
See the rest here:
Malware That Changed The World – The Anna Kournikova Worm
Adopting Poor Password Security Is Like Laying All Your Cards On The Table
September 4th, 2009. Published under Fraud, Scams. No Comments.
Personally I’m not a card player, let alone a gambler. If I was, though, I’d be sure to keep all my cards close to my chest when playing the game. Thats just a commonsense thing to do isn’t it? So why, then, do people gamble with their passwords? I know plenty of people, some of them readers of this site, who still make fundamental mistakes with their password security. Some of them have passwords that are their names, even just their initials. They’re crazy I tell you! If you arn’t already aware of the bad password mistakes I’ve mentioned before then here they are again and with a few extra tips thrown in – DON’T MAKE YOUR PASSWORD TOO SHORT Has your wife or girlfriend ever told you that size matters? She is right you know. If you haven’t got enough length, in your password, then you are asking for trouble. Short passwords are easy to guess, or crack, so make them as long as you can. DON’T WRITE PASSWORDS DOWN! You’re not stupid are you? If you record your passwords on scraps of paper, post-it notes or even in a file on your computer then somebody, somewhere, sometime is going to have access to them. Don’t do it! If you really must record your passwords then use a password managing program or lock them in a safe. Better yet, choose passwords that mean nothing to others but enough to you that you will be able to remember them. DON’T MAKE PASSWORDS TOO COMMON Do you own a dictionary? You probably do. Open it up and have a good look at the words inside. Are any of those what you have chosen for your password? They are? Ooops! Hackers use their own computerised dictionaries when trying to crack passwords. Don’t make their lives any easier by selecting anything that they’ll be able to crack in seconds. AVOID PASSWORDS BASED UPON YOUR PERSONAL DETAILS Wives, children, pets. Love ‘em. But don’t use them in your passwords. No. Really. Don’t. You’ll regret it. If you use any of the above, or other common data such as your date of birth, phone number, or address then someone who knows a little about you could be into your computer system in seconds. NEVER MAKE YOUR PASSWORD YOUR REAL NAME Love yourself? Good. Somebody has to. Just don’t be so vain as to use your own name as your password though. Its not clever. DON’T CREATE PASSWORDS THAT ARE EASY TO GUESS Trying to think of a password? Have a can of your favourite cola drink on your desk? Don’t do it! Famous brand names and descriptions of common household objects are used far too often as passwords. Hackers know this. Make sure you do too. NEVER MAKE PASSWORDS THAT ARE JUST LETTERS OR JUST NUMBERS Passwords that are just letters, or just numbers, are much easier to guess than those that that use a mixture of the two. (That doesn’t mean using your name with your age tagged on the end though!) Throw in some symbols as well and you will be well on your way to having a password that is hard to guess. PASSWORDS HAVE TO DIE SOMETIME TOO Everything dies eventually and your password should not be an exception to that rule. You may have used it for a few months, lovingly typing it out several times a day, but you shouldn’t get too attached. If someone is trying to crack your password and they have time on their hands then they will eventually get it. Make it as hard as possible for them by changing your passwords on a regular basis. PASSWORD VARIETY IS THE SPICE OF LIFE Variety is the spice of life. Using just one password for everything you do, every site you visit, is boring. Stupid too. If someone cracks the one password you have then they will have access to everything you do and everywhere you go. You really don’t want that so pick a new and unique password every time that you need an additional one. NEVER, EVER, SHARE YOUR PASSWORD Do you give the keys to your house or car to people you hardly know? Didn’t think so. Why, then, would you share your password with anyone? Once someone has it they have access to everything you do on the computer. So, sometimes, its good not to share. WHY GOOD PASSWORD SECURITY MATTERS You really do need to keep your passwords secure because, if you don’t, you may well fall prey to one of the following – Online banking fraud Invasion of your privacy Identity theft Unauthorised data leaks None of which would be particularly good!
Read the rest here:
Adopting Poor Password Security Is Like Laying All Your Cards On The Table
Malware That Changed The World – The Blaster Worm
September 3rd, 2009. Published under Scams. No Comments.
Remember this? (I know I do as it was the one and only infection I’ve ever had on my PC). The Blaster Worm, also commonly known as ‘Lovsan’ or ‘Lovesan’, was first spotted on the 11th of August 2003. The worm spread quickly on computers that ran Microsoft operating systems such as Windows 2000 and Windows XP. The rate of spread and infection by the Blaster worm peaked 2 days after it released before ISPs managed to successfully filter it. It is believed that the original variant of Blaster was created after a Chinese hacking group before Jeffrey Lee Parson engineered a B variant, a crime for which he later received an 18 month jail term. The Blaster worm spread by exploiting a buffer overflow discovered in the DCOM RPC service on the affected operating systems, something for which a patch had been released one month prior in MS03-026 and later in MS03-039. This exploit allowed the worm to spread even without users opening attachments, simply by spamming itself to large numbers of random IP addresses. Blaster acquired it’s nicknames of Lovsan and Lovesan due to two different messages that were discovered hidden in it’s code. The first message said – billy gates why do you make this possible ? Stop making money and fix your software!! – was obviously targeting Bill Gates of Microsoft fame. The second message said – I just want to say LOVE YOU SAN!! – which is obviously the reason for the ‘Lovesan’ names. Were you ever caught out by the Blaster worm?
More here:
Malware That Changed The World – The Blaster Worm
Safe Surfing For Young Kids With The Kido’z Child-Safe Browser
September 3rd, 2009. Published under Fraud. No Comments.
Have you read my post about keeping your kids safe online by letting them use their very own child-friendly browser ? If so, you will have noticed that one of the options I mentioned was Kido’z and today I have knocked together a quick review of their offering – The first thing that needs to be said about Kido’z is that it is completely free so you can download it and give it a go without risking any of your hard-earned cash. ( Click here to be taken to the installation page for the Kido’z browser ) Of course the fact that Kido’z is free is a good thing, but responsible parents will still want to know that it is safe, secure and suitable before putting it in front of their children. What, then, do I think of Kido’z? FIRST IMPRESSIONS OF KIDO’Z After talking to Nici, the Community Manager for Kido’z, I discovered that their browser is targeted at children aged two to eight. My first glimpse of the browser confirmed that, at least from a visual point of view. Kido’z is amazingly bright and colourful which is exactly the sort of thing that younger children love. I have 3 kids myself and I got all of them to take a quick look. My elder two were not interested at all whilst my youngest, who is in the targeted age range, was drawn to the screen straight away. She’s incredibly computer literate (she has a computer-smart dad!) and was navigating her way around in mere seconds, finding all sorts of perfectly safe games and websites. She lost interest within a couple of hours due to other, non-computer, distractions but thats just the way I like it – I think some kids spend far too much time on computers and consoles these days anyway. I have no doubt though that she will revisit Kido’z next time she sits at her computer. KIDO’Z MAIN FEATURES Kido’z has many features as you would expect. Here are the main ones that I found – Kido’z is FREE! Kido’z is bright and colourful which means your kids will be attracted to it straight away The whole user interface relies on pictures, meaning that no writing skills are required in order to use it The graphical nature of Kido’z makes it suitable for kids as young as two Once setup you can safely leave your kids to surf, play games and even watch Youtube videos Kido’z features a Parental Control Account that is password-protected so only you can change the settings The user interface features 17 different languages, though content can be added in some 160 lanuguages Kido’z has a Smart Content Engine that automatically filters content according to variables such as age, gender, language, so that each child views content that is most appropriate and enjoyable for him/her. KIDO’Z IN ACTION Kido’z is an easily installed Adobe AIR application that you can have up and running on your computer in minutes, maybe even seconds. Unlike the various web browsers that us adults use, Kido’z offers a huge amount of control over what your children can and cannot view. Fire it up for the first time and you’ll be met with a page that displays icons for some of the more popular kid’s granchises such as Dora the Explorer and Mickey Mouse. Your younger kids will love it and they can easily click on those icons in order to visit the respective web pages within the application. When your kids are using Kido’z the application will run in full screen mode, meaning that they will be unable to access anything else on your desktop (the application even hides the status bar). Kido’z offers a large range of parental controls which will allow you to determine which sites they can and cannot access. You can even limit how how long they are able to use the browser for if you are concerned about how much time they spend on the computer. All the content that is viewable via Kido’z is both moderated and pre-approved by the Kido’z team so you can be assured that your children will only be able to view appropriate content. I personally find it refreshing, for example, to know that my daughter can view YouTube clips that are are definitely going to be suitable for her, and that includes the comments left by others on those videos. MY LASTING IMPRESSION OF KIDO’Z Overall I am very impressed with Kido’z. The child I have that is within the target age group certainly enjoyed using it though I think she may become bored quite quickly. That is because she is much nearer eight years of age rather than two. My lasting impression of Kido’z then is that it does exactly what it says and offers an interesting, exciting and overall safe web experience for your children, though I think I would have to say that the appropriate age range should be more like 2 – 6 rather than 2 -8. Remember, though, that Kido’s is free so why not give it a go – download from Kidoz.net – and then me know what you think via the comments below…
Originally posted here:
Safe Surfing For Young Kids With The Kido’z Child-Safe Browser
Malware That Changed The World – The I Love You Virus
September 2nd, 2009. Published under Fraud. No Comments.
The ILOVEYOU virus surfaced on the 4th of May 2000. By the 13th of May some 50 million systems had been infected at a cost estimated to be in the region of $5.5 billion. During a period of just 5 hours the virus spread across Asia, Europe and the United States via email messages that came with the title, “ILOVEYOU.” ILOVEYOU spread so quickly that corporate IT managers ended up shutting down their email systems and entire Web servers became clogged. This virus was received via an email with the subject line, “I Love You”, which carried an attachment named, “Love-Letter-For-You.txt.vbs.” As I’m sure you are all aware, opening attachments in emails you know nothing about is not a good idea. A great many people, however, did just that and so they became infected. When the ILOVEYOU virus managed to infiltrate a system it would scan the machine’s memory, looking for passwords. These were then sent back to the virus creator’s website in the Philippines which was soon shut down after the outbreak occurred. It would also corrupt any files it found that ended with .vbs, .vbe, .js, .css, .wsh, .sct, .hta, .jpg, .jpeg, .mp2, .mp3 by overwriting them with a copy of itself. The ILOVEYOU virus would then replicate and send itself to anyone listed in the Outlook address book of the infected machine. Heres more in my short series on malware that changed the world – The OSX/RSPlug Trojan The I Love You Virus
See the original post:
Malware That Changed The World – The I Love You Virus
Can Snow Leopard’s Anti-Malware System Only Protect Mac Users From Two Trojans?
September 2nd, 2009. Published under Fraud. No Comments.
Since the release of Snow Leopard a few days ago it has become common knowledge that the latest version of Mac OSX ships with some sort of anti-malware / antivirus functionality. But will it protect Mac users from all the potential threats that are slowly gathering in the wild? Possibly not would seem to be the answer. In fact, it doesn’t even seem equipped to deal with OSX_JAHLAV.K , a Trojan that some fake download websites are serving up in the place of Snow Leopard itself. From what I have been reading (someone please correct me if I’m wrong) the new anti-malware feature doesn’t even so much as scan the Downloads folder. Instead, it only appears to watch out for OSX.RSPlug and OSX.Iservice and not too much else besides. To my mind that makes it seem like this feature in Snow Leopard was just an afterthought. What do you think?
Read the original post:
Can Snow Leopard’s Anti-Malware System Only Protect Mac Users From Two Trojans?
Malware That Changed The World – The OSX/RSPlug Trojan
September 1st, 2009. Published under Fraud, Scams. No Comments.
Back in November of 2007 the OSX/RSPlug Trojan appeared for the first time. What was it though that made it notable? The answer, simply, is because it was the first piece of malware to be discovered that targeted the Apple Mac with the intention of making a financial gain out of the infection, via possible identity theft for example. Prior to OSX/RSPlug, users of the Mac were largely untargeted and to this day many believe that the Mac is virtually immune to viruses and other security threats. The OSX/RSPlug Trojan horse was typically encountered on web forums, within messages promoting pornographic content. Links in these messages led to websites which claimed that the installed version of Quicktime was out of date and required a new codec to be downloaded. If the Mac users agreed the download then the Trojan would be installed in the background. The lasting effects of OSX/RSPlug were minimal in terms of direct damage caused but it’s discovery did show that the Mac was vulnerable should hackers ever switch their attention away from their preferred targets, namely machines running the Windows operating system. Fortunately, the newly released Snow Leopard may go some way to addressing security concerns on the Mac as antivirus is now at last included.
Originally posted here:
Malware That Changed The World – The OSX/RSPlug Trojan
What Exactly Is Data Encryption?
September 1st, 2009. Published under Fraud. No Comments.
Do you engage in any of the following activities – online shopping? eBay? other types of online buying or selling? online banking? If so, you are just like millions of other people across the internet today. Whether you realise or understand it, or not, you are probably relying upon data encryption far more than you know. Data encryption is becoming far more widespread on the internet as the number of web-based transactions continues to soar. Such encryption is an essential part of safe and secure web commerce. WHAT EXACTLY IS DATA ENCRYPTION? Encryption can be applied to many processes from emails to web based forms, such as the ones you see on shopping sites and when you are conducting your online banking. The encryption technique is used to hide the contents of your email, or the data that you are typing on the form, thereby preventing said data from being stolen by anyone else on the internet. When you send your data it will pass through a secure socket layer (SSL) and will be disguised so that if anybody manages to intercept it then they will not be able to decipher anything meaningful from it, at least not without having to go to an awful lot of trouble. When the data is received by the website at the other end of the communication process it will be decrypted, thus revealing your data only to the intended target. Data encryption is performed by applying mathematical logic or algorithms to the data. As with almost all aspects of internet security, algorithms can be broken by someone who has the time and determination. Encryption will go a long way in keeping your data secure but a sufficiently motivated hacker could succeed in breaking that encryption if they were determined enough. HOW THEN DOES DATA ENCRYPTION WORK? Behind every piece of data encryption is a key. These keys are used in the coding and decoding of your data. A key is in fact a long sequence of bits (1s and 0s) that are used by the encrypting algorithms. During the encryption process the algorithm will apply that sequence of 1s and 0s to the original data in order to alter it so that it then appears in a form that would make no sense whatsoever to anybody else who were to capture the data and try reading it without the use of the decryption algorithm. Obviously, when the encrypted data reaches its destination it will be decrypted using the same key (less secure) , or another (more secure) designed for the task, thereby rendering the data useful again as it reverts back to it’s original form.
Here is the original post:
What Exactly Is Data Encryption?
Keeping Our Kids Safe With Their Very Own Browsers
August 30th, 2009. Published under Fraud, Scams. No Comments.
You need to a flashplayer enabled browser to view this YouTube video Do you have young children? Would you like to keep them safe on the internet? Of course you would. Now, whilst I doubt there is anything you can do that will guarantee a 100% safe experience for your children all of the time, there are certain methods you can employ to improve their internet security. One of my recent posts was quite comprehensive in that respect but threw up some interesting questions about whether we, as parents, should spy on our kids? (You can read all about that through this link: What Every Parent Needs To Know About Protecting Their Kids Online ) I personally feel that it is ok to watch what my kids are doing, even covertly, if the situation justifies taking that stance. There are alternative methods you could employ though, especially if your children are quite young. WHY YOU NEED TO CONTROL YOUR KID’S SURFING One of those methods, the one I’m writing about today, is to use a child-safe browser. Children, at least the younger ones, are generally blissfully unaware of the various dangers on the internet, such as – Pornography and other inappropriate images, videos and messages Cyber bullying Identity theft and other unwelcome acts that come about from divulging too much information Other illegal activities and behaviour The browsers that we as parents use, Internet Explorer, Firefox, Safari, Chrome, etc, are designed with adults in mind. Whether we succumb to any of the above hazards is therefore down to us as individuals and is not a reflection of which browser we have chosen to use. But what if there was a browser that could keep us or, more importantly, our kids, safe? Fortunately such browsers do exist. CHILD-SAFE BROWSERS What exactly, though, is a child-safe browser? Basically, a browser suitable for kids will allow your child to only surf the sites that you have allowed via a set of filters. Most of these kid-safe browsers are programmed in a way that prevents adware, spyware and other such nuisances in addition to blocking all forms of questionable web content. They typically come with popup blockers set up and offer a high level of parental control . Finally, they only allow your kids to surf pre-approved sites. WHICH KID-SAFE BROWSER IS BEST? To be honest, I don’t know, as I have yet to review any. From what I know so far I would predict that there won’t be a definitive answer to such a question anyway as they all operate differently and afford varying levels of control. So, the best one for you may well depend on the age of your child more than anything else. Here is a list of 6 child-friendly browsers that I’ve discovered so far – Buddy Browser Kid Zui Kid Rocket PikLuk Kidoz My Kids Browser Kidsplorer Glubble (Incidentally, I’ve been speaking to Nici from Kidoz recently so expect a full review of that particular browser sometime soon…) In the meantime, can you name me any other kiddie safe browsers that I may have overlooked?
Here is the original post:
Keeping Our Kids Safe With Their Very Own Browsers
Fake Websites Offer Trojan In Place Of Snow Leopard
August 29th, 2009. Published under Fraud, Scams. No Comments.
So, Mac users don’t get viruses and their machines arn’t targeted by cybercriminals in any way huh? Yeah, right. Less than 24 hours after Mac OS v10.6 (Snow Leopard) was released and already there are reports of fake websites trying to trick Mac owners into downloading malicious code. Credit : http://www.flickr.com/photos/bizmac/3863377541 According to security researchers at Trend Micro, fake websites that claim to have Mac OS v10.6 available for download have already been spotted. Anybody visiting one of those sites is hardly likely to get what they expect, however. Instead of a copy of Snow Leopard , the only program likely to be on offer is a Trojan called OSX_JAHLAV.K. Bernadette Irinco of Trend Micro said, “Once executed, OSX_JAHLAV.K decrypts codes, which include a script that downloads other malicious scripts.” “The script then alters the DNS (domain name server) configuration and includes two additional IP addresses in its DNS server. Users are thus possibly redirected to phishing sites and other fraudulent sites.” Of course Mac owners with common sense will be ok as they will only get Snow Leopard from the official Apple website. On the other hand, those who are foolish enough to download files from unknown sites, or who are so arrogant that they don’t believe their Mac is at risk, will find out just why Snow Leopard has an in-built antivirus capability.
See original here:
Fake Websites Offer Trojan In Place Of Snow Leopard
The Talking Frog Scam
August 29th, 2009. Published under Scams. No Comments.
A man walks into a bar and says to the bartender, “If I show you a really good trick, will you give me a free drink?” The bartender considers it for a while and then agrees. The man reaches into one of his pockets and pulls out a tiny rat. From the other pocket he pulls out a tiny piano. The rat stretches his arms, cracks his knuckles, and then proceeds to play the blues. When the man finishes his drink, he asks the bartender, “If I show you an even better trick, will you give me free drinks for the rest of the evening?” The bartender agrees, thinking that no trick could possibly be better than the first. The man reaches into his pockets and pulls out a tiny rat and a tiny piano. The rat stretches his arms, cracks his knuckles, and then proceeds to play the blues. The man reaches into another pocket and pulls out a small bullfrog, who then begins to sing along in time with the rat’s music. While the man is enjoying his drinks, a stranger confronts him and offers him $100,000.00 for the bullfrog. “Sorry,” the man replies, “he’s not for sale.” The stranger increases the offer to $250,000.00 cash up front. “No,” he insists, “he’s not for sale.” The stranger again increases the offer, this time to $500,000.00 cash. The man finally agrees, and turns the frog over to the stranger in exchange for half a million dollars. “Are you insane?” the bartender demanded. “That frog could have been worth millions to you, and you let him go for a mere $500,000!” “Don’t worry about it.” the man answered. “The frog was really nothing special. You see, the rat’s a ventriloquist.”
Continued here:
The Talking Frog Scam
Old Macdonald’s Guide To Avoiding Pharming
August 28th, 2009. Published under Fraud. No Comments.
Old MacDonald had a farm, ee-eye, ee-eye oh And on that farm he had a case of identity theft, ee-eye, ee-eye oh With an email, email here and an email, email there Here an email, there an email Everywhere an email, email Old MacDonald had a farm, ee-eye, ee-eye oh Oooh-ah, Old Macdonald here and today I wants to be telling ya’s all about Pharming . Pharming, ya see, is somefing I knows a lot about. I ain’t talkin’ about ‘farming’ which is all about me sowing me seed, oooh-ar, no sirs this here pharming is somefing altogether different. I hopes you alls got good protection for your computers already see. Ya need a scarecrow to ward off those pesky antiviral things and those bugs ya see. What I means, like, is antivirus programs and antispyware cos they will keep your vegetable patch safe from all sorts of harm. Oooh-ah. Once you’s got ya field in order ya almost home but pests they are smart ya see. Them there pharmers are jealous of you’s and they want your fields all to themselves. Ooooh-eck. Now it don’t be making many odds how good ya scarescrow is cos it ain’t got stop the pharmers, no sir. You’s need to have far more smarts so I’ll leave ya’s with the olde webmaster who speaks proper city talk like you folks and he’ll tell you’s more. Oooh-ah. 4 WAYS FOR CITY FOLK TO AVOID GETTING THEIR HANDS DIRTY WITH PHARMING Thankyou Old MacDonald, I almost understood what you were talking about! Avoiding pharming, which is a type of identity theft, is reasonably simple. As Old MacDonald mentioned though, antivirus programs, antispyware and registry cleaners are all for nought against this crime. Common sense, however, will take you a long way. As will these tips – 1. Pay attention. You should never enter your personal information on a website that isn’t secure. You can determine whether a website is secure or not by looking at the beginning of it’s URL – if it starts with ‘https’ rather than the more common ‘http’ then it is indeed secure. Such sites should also display a padlock icon somewhere in your browser’s status bar. If a site isn’t secure then they are either a little fishy or they simply don’t deserve your business. Move along. 2. Choose your browser wisely. Switch to Mozilla’s Firefox browser . Do it now. You can then add the ‘petname’ plugin which allows you to assign a pet name to any site that you visit. If you then visit one of those sites which is in fact an imposter of the original then you will be notified. Firefox is also far more secure than other browsers I could mention. 3. Check security certificates. If your browser warns you that the key certificate on the site you are visiting has expired then bail out. The same goes for certificates from ‘unknown’ publishers too. Entering your personal information into such sites is just asking for trouble. Don’t do it. No, really, don’t do it. 4. Secure your router. If you connect to the internet through a router then you really must ensure that the router itself is secure . Routers are shipped from the factory with a default password which will be common to all of that model, maybe even common to the entire range of routers from that manufacturer. Funnily enough, this means they are rather easy to guess if you don’t change them. Change your router’s password but make sure you change it to something that is secure. After all, you wouldn’t want to make a bad password mistake , would you? These simple measures will make you far far safer from pharming. Do them and you can be better than the pharmer.
Excerpt from:
Old Macdonald’s Guide To Avoiding Pharming