A recent article in Windows Secrets newsletter, "Viral inviters want your email contact list", stated, "The arms race between the script builders and big-name Web services is just beginning. The massive data collections that the scrapers are able to accumulate are simply too valuable to pass up.
The problem will only get worse as social-networking sites create linked systems. For example, the Facebook Connect service that launched last year allows members to use their Facebook account to sign in to hundreds of third-party sites, such as CNET and MoveOn.org."
Unfortunately, too many people are lured by friends and acquaintances that tell them, that having a Facebook page makes them "cool". But they don't tell them (perhaps because they don't know or don't believe) about the pitfalls, the need for locked down tight security, the need to keep data you share to an absolute minimum, and the real need to be skeptical of emails you get.
Criminals can only flourish in such a naively trusting environment. Here's hoping that future tightening of the world's email system underpinnings will reduce the ability of Spammers and other Criminals to pretend to be a "friend" and sucker people into hurting themselves.
Thursday, April 30, 2009
Monday, April 20, 2009
First Mac botnet found
Researchers have found malware in pirated copies of Apple's iWork ’09 and Adobe Photoshop CS4. What's worse, the malware has created the first botnet for Macs.
The Mac OS has been overdue for malware attention by hackers and "safe" only due to much lower market share than IBM-clone PCs. Mac users can expect to see more such attacks.
The Mac OS has been overdue for malware attention by hackers and "safe" only due to much lower market share than IBM-clone PCs. Mac users can expect to see more such attacks.
Friday, April 03, 2009
Beware Antivirus 2009
Beware of fake antivirus software. And beware of a pop-up notice that you have a virus or "might have" a virus (unless the pop-up notice comes from software you already own).
A type of software that tricks you into installing it, then demands payment "or else" is called ransomware. And it's spreading.
One nasty piece of ransomeware seems to be a legitimate program called Antivirus2009. But after you install the software, it encrypts several document types. Then when you try to open one of the encrypted files, it pops up an alert and offers to sell you FileFix Pro 2009, which it says can decrypt the file.
So you get duped into downloading the fix. But it decrypts only one document. After that, it demands that you pay $50 to buy the software to decrypt the rest of your files (that the Antivirus 2009 encrypted).
Beware of "something for nothing". Be paranoid. Check out reviews of software at trusted sites before you download and install any.
A type of software that tricks you into installing it, then demands payment "or else" is called ransomware. And it's spreading.
One nasty piece of ransomeware seems to be a legitimate program called Antivirus2009. But after you install the software, it encrypts several document types. Then when you try to open one of the encrypted files, it pops up an alert and offers to sell you FileFix Pro 2009, which it says can decrypt the file.
So you get duped into downloading the fix. But it decrypts only one document. After that, it demands that you pay $50 to buy the software to decrypt the rest of your files (that the Antivirus 2009 encrypted).
Beware of "something for nothing". Be paranoid. Check out reviews of software at trusted sites before you download and install any.
Wednesday, April 01, 2009
Protect your personal information
A PC World test found that some search sites had random details about co-workers' and acquaintances' college roommates and boyfriends from the 1980s, political donations, shopping preferences and musical tastes.
Social networking sites give a false sense of security and if left "open" to all can result in a lot of personal information being harvested (sometimes called "scraped") by criminals.
A recent Symantec study showed that 91% of Phishing attempts are now aimed at social networking sites (the top two are My Space and Facebook). Why? The personal data is there for easy pickings. Plus, people who join social networking sites tend to feel more "free" in their personal comments.
Another disturbing tidbit ... 23% of people succumb (are tricked by) social engineering attemps via Phishing emails. At a recent Information Security conference, a speaker admitted that he had been a victim too. His daughter had joined Facebook, soon had 300 "friends" (right!) and then her got an email from "his daughter" with a link to something neat "she" wanted him to check out. He did. His computer got attacked. The problem? Too trusting. Bad assumptions.
People get tempted to take risky actions when using social networking sites. Human nature plus the very essence of a social networking site make using it risky.
How much is your identity worth? Is is humany possible to not be a social networking lemming? Just say, "No" to joining social networking sites. You'll live to rejoice in that decision.
Social networking sites give a false sense of security and if left "open" to all can result in a lot of personal information being harvested (sometimes called "scraped") by criminals.
A recent Symantec study showed that 91% of Phishing attempts are now aimed at social networking sites (the top two are My Space and Facebook). Why? The personal data is there for easy pickings. Plus, people who join social networking sites tend to feel more "free" in their personal comments.
Another disturbing tidbit ... 23% of people succumb (are tricked by) social engineering attemps via Phishing emails. At a recent Information Security conference, a speaker admitted that he had been a victim too. His daughter had joined Facebook, soon had 300 "friends" (right!) and then her got an email from "his daughter" with a link to something neat "she" wanted him to check out. He did. His computer got attacked. The problem? Too trusting. Bad assumptions.
People get tempted to take risky actions when using social networking sites. Human nature plus the very essence of a social networking site make using it risky.
How much is your identity worth? Is is humany possible to not be a social networking lemming? Just say, "No" to joining social networking sites. You'll live to rejoice in that decision.
Subscribe to:
Posts (Atom)