If you’ve seen a popup window warning you that your computer may be infected with a virus, think twice before clicking on it — you might be getting duped into spending money on malware. Security firm McAfee has published a report early in the year showing that up to a million people worldwide fall victim to so-called “scareware” each year. Scareware, or rogueware, is software that poses as legitimate security software but in reality are dupes to steal credit card information from users, or even worse are Trojan Horses to spread malware. Scareware is distributed primarily through the Internet via malicious websites that pop out windows that fool users into thinking their system may be infected. Users who click on the popup windows are redirected to a website which encourages them to buy fake security software online. Scareware are especially dangerous as it hits users in many ways: by duping them out of their money, injecting viruses or other forms of malware into their system, or even holding them ransom — for instance, by taking over users’ systems then demanding more payment to free the data stored in the infected computer. It’s a good thing that there are many ways to protect your system against scareware. One is using security software from legitimate and well established software vendors — through their legitimate sales channels. Another is by being prudent with offers and downloads when online. For a small business there are other ways such as blocking or filtering these malicious websites to ensure the security of the entire business. If you want to find out more about these solutions to protect small business networks — let us know. We offer managed security services for small business that can protect against online threats.
Continue readingNew Viruses Infiltrate Systems through USB Drives
Two new viruses have been discovered to infiltrate systems through removable drives. USB flash drives have become indispensable to almost everyone who uses a computer. It’s a quick and easy way to immediately transfer and share information and other data, especially files that are too large to send through email. Unfortunately, some malware take advantage of this convenience by attaching themselves to files on the drive to infect any other system it comes into contact with. Two such malware have recently been discovered. Chymine is a Trojan application with keylogging capabilities, designed to copy passwords and other sensitive data, and Dulkis-A is a Visual Basic worm designed to copy and allow malware to infiltrate the system. Both exploit a vulnerability in Windows Shell. Microsoft has yet to directly address the issue and provide a patch that fixes the problem. In the meantime, they have issued directions for a workaround that prevents both malware from manipulating the Windows Shell susceptibility. The workaround is effective for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server R2, but it comes with a cost – you lose all your icon graphics. Success in removing the virus has been marginal at best, with current fixes including a warning that removing these malware might result in unwanted changes to your system because of the way the virus embeds itself. The best way to avoid being infected, be careful not to run any suspicious programs and files, especially when taken from USB drives and any other removable storage, even from a Blackberry or an iPhone. It’s also best to avoid automatically enabling USB devices to autorun once they’re plugged into your computer. If you have any concerns or want to make sure your systems are protected, give us a call and we’ll work with you to ensure the security of your systems and data.
Continue readingLessons Learned from the World Cup
The recent fever over the FIFA World Cup made unsuspecting victims an easy target for malware makers, spammes, and scammers using the sport as a means to spread nefarious software or lure users into money-making scams. It seems the entire world was in the grip of the 2010 FIFA World Cup fever as several countries vied for football supremacy in South Africa. Unfortunately, malware makers, spammers, and scammers capitalized on the fever as well, using references to the event as a means to spread nefarious software or lure unsuspecting users into money-making scams. Some of the threats included 419-style scams , lures selling fake tickets, even fake products and business opportunities related to the World Cup. One particular ploy involved a couple of websites selling a bogus filter to cancel out the sound of noisy “Vuvuzela” trumpets in TV broadcasts. Scammers had even used legitimate websites to sell them—such as eBay and other auction sites. Several spammers used sophisticated techniques to confuse SPAM filters by using tools to automatically scrape the text from hundreds of websites (including news sites) and using them to spray random bits of this text into their messages. Another new development that was seen were targeted attacks on top executives of international manufacturing companies and government agencies. With the 2010 World Cup behind us, what does this mean to us now? Everyone should always be on guard against websites, links, or messages that seem too good to be true (because most likely they are), but understanding that scammers and spammers especially thrive during popular events helps everyone to be on extra high alert.
Continue readingSoftware on Energizer Battery Charger has Malware
Do you use the the Energizer DUO USB battery charger? If so, you’ll be interested to know that the United States Computer Emergency Response Team (US-CERT) has warned that software included in this charger contains a software “backdoor” or Trojan that allows hackers to remotely access vulnerable systems. In its advisory , the US-CERT warned that the installer for the Energizer DUO software places files in your system that allow an attacker to potentially remotely control your system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with your logged-on privileges and starts every time you start your computer. Furthermore, the Trojan operates whether the charging device it works with is connected or not. Energizer has acknowledged the issue in a statement released at its website. The company said it has discontinued sale of this product and has removed the site to download the software. In addition, Energizer is directing consumers to uninstall or otherwise remove the software from your computers. This incident illustrates the fact that these days threats to your computer and/or network can come from anywhere–including something as seemingly innocuous as your USB battery charger. As always, we advise our clients to be constantly vigilant against such threats. If you don’t have the time or resources to do this yourself (and most don’t!), perhaps it’s time to consider our Managed Security services. Give us a call – we’ll be glad to help. Related articles: Energizer Announces Duo Charger and USB Charger Software Problem (marketwatch.com) Sony Music CDs surreptitiously install DRM Trojan horses on PCs (zdnet.com) Malware hitches a ride on digital devices (securityfocus.com)
Continue readingBeware of Ransomware!
Users beware of ransomware : malicious software that extorts money from users in exchange for freeing the user’s computer or data. One particularly nasty version was recently discovered by researchers at CA which came bundled with a software download called uFast Download Manager. The malware blocks Internet access for users until they pay the publisher a fee via SMS. Users who download the software are immediately infected, seeing a message posted in Russian demanding a ransom under the guise of activating the uFast Download Manager application. To keep your computer environment safe, always be wary of downloading suspicious free software on the Internet. If you need help or are unsure, please contact us first so we can help!
Continue readingWatch out for “dirty” websites
In a previous post, we pointed out how just browsing the web these days can possibly infect your PC with malware . To show how dangerous surfing can become, Symantec recently released their list of the “Dirtiest Websites of Summer” – the top 100 infected sites on the Internet based on number of threats detected by their software as of August 2009. The list identifies websites that could compromise security with risks including phishing , malicious downloads, browser exploits, and links to unsafe external sites. Some interesting findings from the study: The average number of threats per site on the Dirtiest Websites list is roughly 18,000, compared to 23 threats per site for most sites 40 of the Top 100 Dirtiest Sites have more than 20,000 threats per site 48% of the Top 100 Dirtiest Web sites feature adult content 3/4 of the Top 100 Dirtiest Web sites have distributed malware for more than 6 months Viruses are the most common threat represented on the Dirtiest Websites list, followed by security risks and browser exploits You can read more about this research at Symantec’s website. If you suspect your PCs are at risk, or if you want to ensure your website doesn’t get hijacked by cybercriminals, contact us. We can help. Related articles: Symantec lists “Dirtiest Web Sites” Virus Security By Leveraging Community And Clouds Smartphone users need more security
Continue readingSmall US Firms the Target of Online Fraud
Organized criminals believed to be based in Eastern Europe are robbing small to midsized US businesses of millions of dollars via an elaborate scheme aided by malicious software . Recent reports reveal that over the past few months, several businesses have fallen victim to unauthorized fund transfers whereby hundreds of thousands of dollars from the businesses’ bank accounts have been transferred to accounts in Europe, and in some cases, to the accounts of willing or unwitting accomplices in the United States. According to the reports the victims, usually the company CFO or owner, were sent malicious software as attachments to email, which when opened remained resident on the victims’ machines and stole the victims’ passwords to their online banking websites. The cybercriminals used this information to initiate transfers from their accounts of up to US $10,000 at a time to evade notice and detection from their bank’s anti-fraud or money laundering detection systems and protocols. Your business might be at risk. Make sure you are protected from this type of fraud by securing your PC and network from malicious software. Do not open suspicious-looking attachments and make sure you have the necessary protection in place, such as firewalls, antivirus software, and other methods of protection. Need help? Contact us today. Related articles: Comment: online banking? No thanks Know When Something is Being Installed on Your Machine Cybercrime victim? 3 telltale signs and what to do
Continue reading4 Keys to Avoiding Malware
From annoying to destructive, malware is a bane to any computer system and the person who uses it. The benevolent Wikipedia defines malware (short for malicious software) as: “software designed to infiltrate or damage a computer system without the owner’s informed consent.” The good news though, is that there are simply ways to avoid getting infected by malware. Clearly having the right anti-virus and security installed and up to date is critical – that’s where we help. But it’s also important to know how you can make a difference. Here are few simple tips to help you keep your system malware-free: 1. Never click indiscriminately These days, there are ads and pop-ups, designed to induce a PC user to click on them. From sexy models to seemingly too-good-to-be-true offers and promotions, many web advertisers are counting on people’s curiosity and the impulse to click away. The thing is, many of these ads lead you to unsecure sites filled with malware. 2. Cancel Autorun. When you plug in a portable hard disk or flash drive, you computer automatically opens a window with preset options to enable file viewing for that drive. Immediately opening a flash drive allows infections to access your system, so cancel the window and scan first before opening the drive or any file inside it. 3. Never open suspicious emails. Unsolicited email is always best unopened and deleted immediately. If you don’t know who sent it, send it straight to the trash bin and delete it forever. 4. Only download if you must and only from trusted sites. Installing peer to peer downloads may be a great source of free music, media and software. But it’s not only piracy and is probably prohibited by your company policy – it’s also a fertile breeding ground for files embedded with Trojans, worms, and other forms of malware. Download files only when necessary and only do so from legitimate and trusted sites. You make the difference Your behavior online plays a big factor in making your PC and your system malware free. Especially if you’re on a network, failing to exercise caution not only compromises your system, but everyone else who’s connected to the same network. A simple click on a wayward link or ad can cause your whole company to be bombarded by spam, so always be careful in what sites you go to and what files you open and download. If you’d like us to come in and talk to your staff about this and other safe-computing habits just let us know.
Continue readingProtect Yourself from Adware and Malware
While the internet is a vast resource for all sorts of information, data, and other useful thingamajigs, there are aspects of it that aren’t so desirable. Viruses, for instance. They wreak havoc in your system, destroying files, crashing the operating system – generally making life much more difficult. But if you thought that viruses were the only nasty thing out there that you need protection from, think again. Adware (advertising software) and malware (malicious software) are types of harmful software called “spyware” that are not usually covered by anti-virus scans. While viruses affect your system directly, spyware runs in the background and transmits information about you through the ’net, which can be used a number of ways ranging from annoying to downright illegal. These dangers are often unnoticed by users since they don’t directly affect the computer’s operation the way viruses do. What’s more, many people confuse them with viruses, but they’re very different and should be handled differently. Lots of spyware can also slow down your computer, so it’s important to have anti-spyware programs installed on your computer to keep it free from these harmful invaders. There are many free spyware scanners and removers on the internet – simply download and install one, and then run it on a regular basis. Scanning for adware, spyware, and malware takes approximately the same time as doing a virus scan. Also, remember to update your scanners so that you have current definitions and less chance of overlooking new threats. Finally, we recommend that you refrain from visiting and downloading from unfamiliar websites since they could serve as hosts for both spyware and viruses.
Continue reading