Spyware

Facebook gets attacked again.

Over the last few days, Facebook users have been experiencing a flood of links, videos, and images depicting pornography, violence, and a myriad of unseemly images. Facebook confirmed the problem, in short, stating it was hit by a coordinated spam attack leveraging a browser vulnerability.

 

Some members of the social network are complaining about violent and/or pornographic pictures showing up in their News Feeds without their knowledge. Others are being told by their friends that they are sending requests to click on links to videos, sending out bogus chat messages, or writing mass messages and tagged photos leading people to believe they are in the link.

 

We’ve seen this type of spam on Facebook before, but it’s coming in at a much faster pace. According to the company, this spam attack all started with users being tricked into pasting and executing malicious JavaScript in their browser’s URL bar. Facebook says it has been shutting down the malicious pages and accounts that attempt to exploit this flaw and has been giving users guidance on how to protect themselves. Overall, the company claims it has managed to drastically reduce the rate of the attack, but didn’t elaborate with actual numbers.

 

“Protecting the people who use Facebook from spam and malicious content is a top priority for us, and we are always working to improve our systems to isolate and remove material that violates our terms,” a Facebook spokesperson said in a statement. “Recently, we experienced a coordinated spam attack that exploited a browser vulnerability. Our efforts have drastically limited the damage caused by this attack, and we are now in the process of investigating to identify those responsible.”

 

“Our engineers have been working diligently on this self-XSS vulnerability in the browser. We’ve built enforcement mechanisms to quickly shut down the malicious Pages and accounts that attempt to exploit it. We have also been putting those affected through educational checkpoints so they know how to protect themselves. We’ve put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defenses to find new ways to protect people.”

 

Users are outraged, and as is typical with Facebook members, many are already threatening to close their accounts. That being said, it’s still not known how many of the site’s 800 million active users are affected.

 

Think you may have a Facebook virus or your account has been hacked? Here are three things you should try: change your password, remove suspicious apps, and perform a virus scan.

 

Change your Facebook password

It’s possible your Facebook woes are coming from the result of a phishing scam. Someone may have created a fake website that looks like Facebook or another online service you visit and tricked you into logging in. Their goal was to steal your password and other account credentials, and they may have succeeded.

 

In this case, you should change your password on Facebook. :

 

If changing your password fixes your Facebook problems, you should change your password for all your other services too, especially if you use the same password for them as you previously used on Facebook. If this doesn’t fix the problem, try the next step.

 

Remove unwanted Facebook apps

It’s possible your Facebook problems are coming from a rogue app that you accidentally installed or were tricked into installing. Every Facebook app has certain permissions to your account. Some of these permissions you can modify, while others you cannot.

 

Your best bet is to remove all the Facebook apps you find suspicious. If you don’t know how to do so, there are guides on Facebook itself.

 

If cleaning out your apps fixes your Facebook problems, tell your friends they should do the same (chances are the app asked your friends to install it as well). If this doesn’t fix the problem, try the next step.

 

 

Get some security software and run a virus scan

It’s possible the problems are coming from some sort of malware, be it a keylogger, a trojan, or some other type of virus. Even if you think your computer is clean, it can’t hurt to check.

 

I recommend Microsoft Security Essentials –it’s free and gets the job done very well. Another good one is Malwarebytes. Other free alternatives include Avira and Avast.

 

The aforementioned security programs are for Windows. If you have a Mac, try using the antivirus from Sophos.

 

After running the virus scan, clean out whatever the program detects.

Social Engineers’ Latest Pick-up Lines

You may now be savvy enough to know that when a friend reaches out on Facebook and says they’ve been mugged in London and are in desperate need of cash, that it’s a scam. But social engineers, the criminals that pull off these kinds of ploys by trying to trick you, are one step ahead.

Social engineering attacks are getting more specific because targeted attacks are generating far better results.

What that means is the hackers may need to do more work to find out personal information, and it may take longer, but the payoff is often larger.

Today’s attacks are not just a broad spam effort, sending out a million emails with an offer for Viagra. These are now individual attacks where they are going after people one by one.

Here are five new scams circulating that involve greater individual information gathering tactics.

This is Microsoft support –we want to help

A new kind of attack is hitting many people lately. It starts with a phone call from someone claiming to be from Microsoft support, calling because an abnormal number of errors have been originating from your computer.

The person on the other end says they want to help fix it because there is a bug and they have been making calls to licensed Windows users. All this pretext makes sense; you are a licensed Windows user, you own a machine with Windows on it and the caller wants to help you.

The caller tells the victim to go to the event log and walks them through the steps to get to the system log.

Just about every Windows user will have a multitude of errors in the event log, simply because little things happen; a service crashes, something doesn’t start. There are always errors, but when a non-experienced user opens it up and sees all these so called “critical errors”, it looks very scary.

At that point, the victim is eagerly ready to do whatever the alleged “support” person wants them to do. The social engineer advises them to go to Teamviewer.com, a remote-access service that will give them control of the machine. Once the social engineer has access to the machine, they then install some type of rootkit or other piece of malware that will allow them to have continual access.

Donate to the hurricane recovery efforts!

Charitable contribution scams have been a problem for years. Any time there is a high-profile incident, such as the devastating earthquake in Haiti or the earthquake and tsunami in Japan, criminals quickly get into the game and launch fake contribution sites. The best way to avoid this is to go to a reputable organization, such as the Red Cross, and initiate the contact yourself if you want to donate. However, a particularly vile targeted social engineering ploy has cropped up recently that seeks specifically to target victims who may have lost loved ones in a disaster.

In this example, about 8-10 hours after the incident occurs, web sites pop up claiming to help find those who may have been lost in the disaster. They claim to have access to government data bases and rescue effort information. They typically don’t ask for financial information, but do require names, addresses and contact information, such as email and phone numbers.

While you’re waiting to hear back about the person you are seeking information on, you get a call from a charity. The person from the charity will often strike up a conversation and claim to be collecting contributions because they feel passionate about the cause as they have lost a family member in a disaster. Secretly, they know the victim they’ve contacted has lost someone, too, and this helps build up a camaraderie.

Touched by the caller, the victim then offers up a credit card number over the phone to donate to the alleged charity. Now they have your address, your name, relative’s name from the web site and also a credit card. It’s basically every piece of information they need to steal one’s identity.

About your job application…

Both job seekers and head-hunting organizations alike are being hit by social engineers who know they are looking for employment or seeking new employees.

In both instances, this is a dangerous scam. Whether you’re the person looking for work or the company posting new jobs, both parties are stating – I’m willing to accept email attachments and information from strangers.

According to a warning from the FBI, more than $150,000 was stolen from a U.S. business via unauthorized wire transfer as a result of an e-mail the business received that contained malware that resulted from a job posting.

The malware was embedded in an e-mail response to a job posting the business placed on an employment website and allowed the attacker to obtain the online banking credentials of the person who was authorized to conduct financial transactions within the company, the FBI alert reads. The malicious actor changed the account settings to allow the sending of wire transfers, one to the Ukraine and two to domestic accounts. The malware was identified as a Bredolab variant, svrwsc.exe. This malware was connected to the ZeuS/Zbot Trojan, which is commonly used by cyber criminals to defraud U.S. businesses.

Malicious attachments have become such a problem that many organizations now require job seekers to fill out an online form, rather than accept resumes and cover letters as an attachment. And the threat for job seekers of receiving a malicious message from a social engineer is high, as well. Many people now used LinkedIn to broadcast that they’re looking for work, a quick way for a social engineer to know who is a potential target.

@Twitterguy, what do you think about what Obama said on #cybersecurity? http://shar.es/HNGAt ”

Social engineers are taking the time to regularly observe what people tweet about and using that information, launch attacks that seem more believable. One way this is happening is in the form of popular hashtags. In fact, earlier this month, the U.K. debut of the new season of Glee prompted social engineers to hijack the hashtag #gleeonsky for several hours. British Sky Broadcasting paid to use the hashtag to promote the new season, but spammers got ahold of it quickly and began embedding malicious links into tweets with the popular term.

These spammers can redirect you to any webpage they like once you have clicked on the link. It could be a phishing site designed to steal your Twitter credentials, it could be a fake pharmacy, it could be a porn site or it could be a website harboring malware.

Twitter mentions are another way to get someone’s attention. If the social engineer knows enough about what you’re interested in, all they have to do is tweet your handle and add some information in that makes the tweet seem legitimate. Say you’re the politically active type who is tweeting quite a bit about the GOP primary race lately. A tweet that mentions you, and points you to a link asking you what you think about Mitt Romney’s latest debate statements can appear perfectly legitimate. Once you’ve clicked through – they’ve got you!

Get more Twitter followers!

Be warned of services claiming to get Twitter users more followers. If you spend any time at all on twitter, you’ll see tweets all over that say something like: GET MORE FOLLOWERS MY BEST FRIENDS? I WILL FOLLOW YOU BACK IF YOU FOLLOW ME – [LINK] Clicking on the link takes the user to a web service that promises to get them many more new followers. 

The pages ask you to enter your Twitter username and password. That request alone should instantly have you running for the hills – why should a third-party webpage require your Twitter credentials? What are the owners of these webpages planning to do with your username and password? Can they be trusted? Twitter itself even warns about these services on their help center information page.

Remember, when you give out your username and password to another site or application, you are giving control of your account to someone else,” the Twitter rules explain. “They may then post duplicated, spam, or malicious updates and links, send unwanted direct messages, aggressively follow, or violate other Twitter rules with your account. Some third-party applications have been implicated in spam behavior, fraud, the selling of usernames and passwords, and phishing. Play it safe – do not give your username and password out to any third-party application that you have not thoroughly researched.

These are just some common sense rules to follow. For more information visit the Department of Homeland Security Website and blog: http://blog.dhs.gov/2011/07/protect-yourself-against-social.html

Top 10 Internet Scams

Anatomy of a Scam:

Scams like this are all over the internet…
1: The hook: Click here to win a new iPad2
2: The frustration: Just one more step to get your FREE iPad
3: The redirect: Oops, looks like you’re not logged in.
4: The folly: Log in here
5: The payoff: Oops. Looks like there was a problem logging you in….. (But thanks for your credentials…)
Here’s the Top 10 List provided by the Massachusetts Better Business Bureau

Job Hunter Scams
Pitch:  We will match you up with a perfect job that’s already and waiting for you.
Target:
Bank account and/or Social Security numbers.
Result: Victims must pay a fee to be considered for a job.  Out of money they don’t have, still no job.

Debt Relief and Settlement Services
Pitch: We will help you eliminate most of all your debt (for a fraction of the amount you owe).
Target:
  Collection of upfront fee(s) in order to “settle your debts.”
Results:  Potentially leave the consumer drowning in even more debt than they started with and completely ruin their credit.

Work from Home Schemes
Pitch: Fire your boss! We can teach you the secrets to making money online, assembling items at home or being a mystery shopper.
Target:
  Employees tired of the same 9-5 routine.  In some cases, they unknowingly work to fence stolen goods.
Result: Instead of getting paid, you can end up losing hundreds – if not thousands – of dollars or in legal trouble.

Timeshare Resellers
Pitch:   We will help you get out from under your costly vacation property and do it fast.
Target:
  Collect several thousand dollars to cover fees.
Result:  After paying the fees, the seller never hears from the company again.

Not So “Free” Trail Offers
Pitch:  Try a free offer and never be charged – unless you want to continue the offer.
Target:
Repeated monthly billings.
Result:   The free trial offers seem easy, the consumer is repeatedly billed every month and is difficult to cancel.

Rogue Home Repair/Roofers
Pitch:   We can get that tree out with half down, and fix your roof for a fraction of what that guy is going to charge you.

Target: Initial upfront fee(s) to get the job started.
Result:  Homeowners are often stuck with either an unfinished or never started project and are out the initial money as well.

Lottery and Sweepstakes Scams
Pitch:  You have won a large lottery or sweepstakes and just have to cover taxes before
receiving your money.
Target:
  Payment under the guise of “covering taxes” or other bogus “fees”.
Result:   The victim wires the money, but the prize or money never arrives.

Advance-Fee Loan Scams
Pitch:   You or your business qualifies for a large loan but you must pay some upfront fees.
Target:
  Initial upfront fee(s) – often more than a thousand dollars.
Result:  The victim wires “the fee” to the scammers but never receives the loan.

Over-Payment Scams
Pitch:  Oops, I accidentally sent you too much money, would you please wire some back?
Target:
Any amount of money that is wired back.
Result:   Transaction is reversed, and the victim is out the money wired back to the scammers.

Identity Theft
Pitch:   Hi, this is a very legitimate business, we need to confirm some information today, is that ok?
Target:
  Gathering personal sensitive information to open lines of credit or just straight stealing money from the victim’s account.
Result:   Victim is left spending countless hours trying to repair all of the damage the thieves have done or are still doing.

For more information on how to protect yourself and your family, visit Microsoft’s Safety and Security Center: http://www.microsoft.com/security/online-privacy/phishing-scams.aspx

Special thanks to the Better Business Bureau for this timely information. http://boston.bbb.org

Never Renew Your Antivirus Again

I know – I’m always harping on you to keep your Antivirus program up-to-date so what’s that headline all about? Just a way for you to save some money AND keep your home PC’s fully protected and virus free.

Vipre PC Lifetime License
Vipre and Vipre Premium are now available with PC lifetime licenses. This means you won’t be nagged when your subscription is nearing its end, and you’ll never have to pay recurring renewal fees.

PC Lifetime Licenses are good for the life of your PC; you can also get an unlimited home license that will cover up to 10 PC’s in your home for the lifetime of your PC’s.

How about the cost:
This may surprise you. A Vipre standard lifetime license is only $89 and Vipre Premium only $109.95. That’s an amazing deal for a lifetime of Antivirus protection and updates.

Vipre Lifetime Antivirus FAQ’s

Q. What does “PC Lifetime” mean?
Lifetime means for the lifetime of one PC. In other words, for as long as you have that PC, you will be covered by the Lifetime PC License. If you sell or give away that PC, the license is non-transferable.

Q. What if my computer crashes?
If your computer crashes and you have to reformat your hard drive, that’s fine and you’re completely covered. However, if you rebuild the computer with new components (in effect, creating a new computer), the license is invalid. However, because motherboards and other major components do malfunction, we do provide you a one-time reinstall of the Software in the event you make a major system change.

Keep in mind that you can install and reinstall the VIPRE Lifetime license as many times as you like, on the original computer. For example, some people like to routinely re-format their hard drive so as to optimize performance. That’s completely fine.

Q. I’m still confused. Can you explain in more detail?
The concept is simple: A person buys a computer and holds on to it for a period of time. After several years, one would typically buy a new computer, and either a) sell their old one, b) relegate it to some back attic or a dark closet, c) give to someone else, or d) throw it out/recycle it. As long as you own that PC, you’ll be covered by the Lifetime license and never have to pay for an update for that copy Lifetime copy of VIPRE. If you sell it, throw it out, give it to someone else, the license is no longer valid.

Q. What is the specific legal language in the End User License Agreement (EULA) that covers this license?

The Lifetime license is in all current VIPRE home licenses. It reads as follows:

PC Lifetime Service Policy
If your purchase includes GFI’s PC Lifetime Service Policy (“Lifetime Service”), GFI agrees to provide you with related Content Updates (defined below) for the Software for download at no extra charge for as long as you own the original computer upon which you originally installed the agent or client Software (“Original Computer”); however, if your original computer is damaged, or if you experience a hard drive failure resulting in having to rebuild or restore the original computer, GFI agrees to provide a one-time reinstall of the Software so as to continue the Lifetime Service.

Lifetime Service Restrictions
LIFETIME SERVICE IS SUBJECT TO THE FOLLOWING RESTRICTIONS AND LIMITATIONS: in addition to the terms of this License: (a) Lifetime Service is not transferable to a new (or used) or different computer if, for any reason, you purchase a new computer; however, you may purchase from GFI an additional copy of the Software, or the equivalent product available at that time, for a fee; and (b) Lifetime Service is not transferable to another user if your Original Computer is sold or transferred to another user, if components are rebuilt into a new computer, or if the Software is transferred as maybe otherwise provided herein.

If you’d like a full copy of the EULA, you can request one from GFI and they’ll be happy to send one out. Or, you can view the EULA when you install VIPRE, in which case you will have the option of agreeing to it and continuing with the installation, or not agreeing to it and stopping the installation.

If you’re ready to buy, click the link:
http://vipreantivirus.com/software/lifetime/

If you’re already a VIPRE subscriber? Upgrade your copy with the PC Lifetime Upgrade here:
http://vipreantivirus.com/upgrade/
Enter your current product key for pricing

Should I Use A Free Online Virus Scanner?

Even when you’re not looking for an online virus scanner, ads for them appear on many Web sites. Sometimes, a free virus scanner appears to pop up out of nowhere and scares you with a message like “Alert! Your PC may be infected!” What should you do? Read on…

What are free online virus scanners, are they safe, and should you be using one? An online virus scanner is a program that runs on a remote server. It can examine your computer for viruses and other malware through your web browser, just as a desktop antivirus program’s scan would do. A few online virus scanners only reports what it finds. It may not be able to quarantine any viruses or spyware, or disinfect your computer.

Also, a free online virus scanner does not continually monitor incoming and outgoing Internet traffic for threats and block attempts to install unknown software. These are features found in desktop antivirus packages. To fix any problems reported by the free online virus scanner, you often must pay for a full-blown antivirus program. Now it should be obvious why there are so many free online virus scanners out there! But many of them are wolves in sheep’s clothing.

So-called “rogue online virus scanners” always find lots of malware on any computer they scan. They scare the heck out you with jittering popup windows, with warnings screaming in blinking red and yellow letters, “ALERT! WARNING! DANGER! YOUR COMPUTER IS INFECTED WITH MALWARE!” or “YOU NEED TO BUY OUR VIRUS REMOVAL PROGRAM RIGHT NOW! CLICK HERE BEFORE IT’S TOO LATE!”

Or something along those lines. The idea is to alarm and panic you into clicking and thus buying the software without taking time to think. But there is much to think about!

Some Safe Online Virus Scanners
Do you know anything about the company that just informed you that you have a major malware problem? Free online virus scanners are offered by well-known security software developers, such as the ones listed below; the website addresses are also shown and you should be careful that you go to these authentic sites:

Remember, free online virus scanners are typically lead-ins to purchases of commercial antivirus software that actually neutralizes the threats found. If you are a non-commercial user, you really don’t have to pay for commercial antivirus protection.

You won’t find free online virus scanners at the Web sites of AVG, Avast, and most other “free for non-commercial use” antivirus software developers. That’s because their full-blown desktop versions are available for you to download, use fully, and then buy if you are satisfied. Check out my list of free anti-virus programs here:

  • AVG – is one of the most often recommended freeware anti-virus packages. While Grisoft offers a paid version, there is a freeware version of the virus protection on the website. It only offers anti-virus and anti-spyware protection (no anti-spam, anti-rootkit or firewall) but provides very effective protection from the most common threats. The Pro version has Web Shield to screen your downloads, rootkit protection, and free support.
  • Avast! – another freebie anti-virus program with basic features, and ease of use. It is updated regularly, also highly recommended.
    The Free Home Edition includes anti-spyware and anti-rootkit detection.
  • BitDefender – is another highly rated freeware anti-virus tool. Like the others, it offers just basic anti-virus protection, and I recommended that you add anti-spyware protection as well.
  • Avira Anti-Vir – claims over 30 million users worldwide, and the free Personal Edition gets good reviews. There is a paid version with anti-spyware and firewall protection as well.
  • ClamWin AntiVirus – is a free open source antivirus program, which means it comes with the programming source code. ClamWin has a high detection rate for viruses and spyware, but does not include a real-time scanner. This means you have to rely on scheduled or manual scans to detect viruses. Normally I view open source software as a Good Thing, but in the case of security software, I wonder if it might help the Bad Guys exploit the defenses. Using it in conjunction with another anti-virus program might be a good strategy.
  • Microsoft Security Essentials is a new free security tool from Microsoft, released in October 2009. It’s meant to provide protection not just from viruses, but also spyware, rootkits, and trojans as well.

Sure, there are other free anti-virus programs I could have listed, but these are the most popular and provide the best protection, according to my research. And since I noted that most of the programs above do not include spyware protection, let me mention that I recommend the free Windows Defender from Microsoft. Windows Defender protects you from spyware, pop-ups, other security threats. It features real-time protection, so it can warn you if something you’re downloading is spyware, and also automatically updates itself with new spyware definitions.

Note that if you’re using the new Microsoft Security Essentials, you don’t also need Windows Defender, because MSE includes that functionality. But if you have any other antivirus tool, I still recommend that you add spyware protection, and Defender is a good choice.

Free online virus scanners are safe and effective if you stick to known brands. You must also carefully check the website address before running any online virus scanner. It may look like a well-known brand’s page, but one character’s difference in the URL can mean that you’re about to download a virus instead of its cure. In general, if a virus scanner finds YOU before you find IT, it’s probably best to back away. And if you already have a good desktop anti-virus program, use an online scanner only if you feel you need a second opinion.

XXX address puts porn sites on the spot

It had to happen! Pornography finally has an official home on the Internet, and how governments treat this newly formed piece of digital real estate could have significant implications for everything else on the Web.

With “.xxx” finally joining the ranks of top-level domains including “.com,” “.net,” and “.edu,” years of speculation about the impact of this new Web destination will finally be put Continue reading

Has Spyware Finally Met Its Match?

If you use a computer that’s connected to the internet, you probably know just how annoying spyware can be. Not only does it slow down your computer and interrupt you with annoying popups, it can also transmit your private data to hackers and identity thief’s.

Over the years, we’ve tried and tested 100’s of programs in our efforts to rid systems of these computer parasites Continue reading

ActSmartDentalThe Most Dental IT Experience
on the South Shore!

David’s Blog Archives
Our Clients Say:
Everybody @ ActSmart is WONDERFUL! We are very relieved to have you on our team & know that we are in great hands. ~Leslie, Glivinski & Associates
Proud To Be:
Attention Dental Practices:

We Offer:
Follow Us: