You’ve received a postcard from a family member!

June 28, 2007 on 6:53 pm | In On the Radar | No Comments

If you receive any e-mails with this subject in your Inbox, DELETE THEM IMMEDIATELY! The e-mails contain links that will direct you to a server hosting malicious code designed to infect your computer with some nasty stuff!

I received two of them today and they were similar in content; however, the links were pointing to different servers. The SANS Internet Storm Center diary has a very good description of this attack and you will be able to read the story at:

http://isc.sans.org/diary.html?storyid=3063

Friday, June 29, 2007 - This is definitely an outbreak across the Internet…I received 5 more of these e-mails today.  If you see anything with “…postcard from a family…“  Delete it.

Have you tried Firefox with the Firekeeper Add-on?

June 24, 2007 on 12:48 pm | In Information, Knowledge Base | 2 Comments

As you know, Microsoft’s Internet Explorer is a very popular Internet Browser and because of its popularity, it is a huge target for attackers. It is because of these vulnerabilities that I also use Firefox by Mozilla.

Firefox is an open source browser that is freely available for download from the Internet and what makes it attractive [to me] is the many “add-ons” available to freely download and install. As with any software, you probably would not want to download and install every possible add-on; however, there are a few that are definitely worth running.

Here is a short list of add-ons that I have personally found to be valuable security-enhancing tools:

· Firekeeper - An Intrusion Detection and Prevention System for Firefox that is capable of detecting, blocking and warning users about malicious sites. I have been running Firekeeper for a few months now and just received my first alert last week. I was browsing a “trusted” site that I had used in the past; however, this time when I tried to access an article posted on a specific page within the trusted site…I immediately received a warning from Firekeeper advising me that the page contained malicious code! I was then prompted to allow or deny access to this infectious page and for obvious reasons, I denied access. Firekeeper also gave me an option to add the page to the built-in “Blacklist” feature and I immediately jumped on that option to prevent future occurrences from that page. With the volatility of today’s Internet landscape, Firekeeper is a great security tool to install and use while surfing the Internet. You can download your copy at: http://firekeeper.mozdev.org/

· Adblock Plus – A great tool to block ads and banner advertising. This tool is easy to use and gives you the option of selectively blocking specific advertisements. You can download this add-on from: http://adblockplus.org/en/

· NoScript – This is another important security tool that will block JavaScript, Java and other executable content, unless you explicitly allow the content to run from specific domains or web pages. Attack vectors using JavaScript and other executables are becoming quite a popular method of attack and this tool will give the end user an effective method to counter these types of attacks. You will find this add-on at: https://addons.mozilla.org/en-US/firefox/addon/722

Do yourself a favor and install Firefox and these add-ons; you do not have to remove Internet Explorer, as both will run together on the same computer. You will find Firefox at: http://www.mozilla.com/en-US/products/?flang=en-US

Botmasters Beware!

June 13, 2007 on 5:52 pm | In Information | No Comments

NetworkWorld.com had reported today how the Department of Justice and the FBI have identified more than 1 million botnet crime victims and have arrested a number of people, including Robert Alan Soloway – the Seattle Spam King.

At first glance, this sounds like an enormous number; but with over 600 million computers connected to the Internet, there are probably millions more to yet identify.  It’s reassuring to know that some progress in being made in this seemingly endless war on Cyber crime.  Internet users can also help minimize the number of botnet victims by installing and keeping reputable security software up to date; as well as make better decisions when opening e-mail and e-mail attachments and visiting websites.

You will find the article at:

http://www.networkworld.com/news/2007/061307-fbi-operation-bot-roast.html

Amazon Phishing Scam

June 7, 2007 on 11:51 am | In Identity Theft, Phishing Scams | No Comments

Here is a new phishing scam…this time, the attackers are fraudulently scamming “Amazon.com”. For your reference, you will find a copy of the e-mail with footnotes and references at the bottom of the sample.

From: Amazon.com Security- Center.

Sent: Tuesday, May 29, 2007 9:33 AM

Subject: “Amazon.com”: Possibile[1] Account Theft !

Dear Customer,

-Due to recent account takeovers and unauthorized listings, Amazon.com is requesting a new account verification procedure. From time to time, randomly selected accounts (seller and/or buyer)are placed under an advanced updating process based on merchant accounts/bank relationsand[2] on-file credit cards. Amazon.com may also request in an email message scanned/faxed copies of one or more photo ID’s. Your account confirmation may go wrong if your credit card/bank account has expired, or if you have changed/replaced your credit card without letting us know about the change.

-Your account is not suspended, but if in 36 hours after you receive this message your account is not confirmed we reserve the right to terminate your Amazon subscription.

-If you received this notice and you are not an authorized Amazon account holder, please be aware that it is in violation of Amazon policy

to represent oneself as an Amazon user. Such action may also be in violation of local, national, and/or international law.

To confirm your identity with us please click here[3]

-We apologize in advance for any inconvenience this may cause you and we would like to thank you for your cooperation as we review this matter.

Respectfully,

Amazon.com, Inc.

Copyright 2007 Amazon.com, Inc. All rights reserved.

Amazon sent this e-mail to you because your Notification Preferences

indicate that you want to receive information about Special Events &

Promotions.[4]Amazon will request personal data (password, credit card/bank

numbers) only on our home site, wich[5] is securely incrypted[6] with SLL.

Now that you have seen a sample of the phishing scam, here is a break down of red flags within the e-mail:

[1] Spelling Error: Should be “Possible

[2] Grammatical Errors: There is no space between “relations” & “and

[3] If someone clicks this link, it will not take them to “Amazon.com”; instead, it will take them to http://www.amazon.com.somewhere.com/security.html.” I substituted “somewhere” for the actual address for your protection.  As you can see, the link points to “somewhere.com“, instead of “Amazon.com“.  A common ploy is to trick the user into thinking the link is legitimate by inserting the scammed domain name (www.amazon.com) ahead of the actual domain name (somewhere.com).

[4] There is no space after the period; technically, there should be two spaces after each period.

[5] Spelling Errors: Should be “which

[6] Spelling error: Should be “encrypted

Finally, Amazon.com explicitly states on their website that, “Amazon will never ask for…requests to verify or confirm your account information”. You will find this policy at:

http://www.amazon.com/gp/help/customer/display.html?nodeId=15835501

Whenever you receive any e-mail asking you to verify your account information from anyone, investigate the policy of the business that “apparently” sent the request. As with Amazon, most legitimate companies will have similar policies.

Entries and comments feeds. Valid XHTML and CSS. ^Top^ Powered by WordPress with jd-nebula-3c theme design by John Doe.