Malicious cyber thieves might be scaring you into buying and downloading software that may harm your computer. Security firm McAfee has published a report early in the year showing that up to a million people worldwide fall victim to so-called “scareware” each year. Scareware, or rogueware, is software that poses as legitimate security software but in reality are dupes to steal credit card information from users, or even worse are Trojan Horses to spread malware. Scareware is distributed primarily through the Internet via malicious websites that pop out windows that fool users into thinking their system may be infected. Users who click on the popup windows are redirected to a website which encourages them to buy fake security software online. Scareware are especially dangerous as it hits users in many ways: by duping them out of their money, injecting viruses or other forms of malware into their system, or even holding them ransom — for instance, by taking over users’ systems then demanding more payment to free the data stored in the infected computer. It’s a good thing that there are many ways to protect your system against scareware. One is using security software from legitimate and well established software vendors — through their legitimate sales channels. Another is by being prudent with offers and downloads when online. For a small business there are other ways such as blocking or filtering these malicious websites to ensure the security of the entire business. If you want to find out more about these solutions to protect small business networks — let us know. We offer managed security services for small business that can protect against online threats.
Beware Software Bogeymen
New Viruses Infiltrate Systems through USB Drives
Two new viruses have been discovered to infiltrate systems through removable drives. USB flash drives have become indispensable to almost everyone who uses a computer. It’s a quick and easy way to immediately transfer and share information and other data, especially files that are too large to send through email. Unfortunately, some malware take advantage of this convenience by attaching themselves to files on the drive to infect any other system it comes into contact with. Two such malware have recently been discovered. Chymine is a Trojan application with keylogging capabilities, designed to copy passwords and other sensitive data, and Dulkis-A is a Visual Basic worm designed to copy and allow malware to infiltrate the system. Both exploit a vulnerability in Windows Shell. Microsoft has yet to directly address the issue and provide a patch that fixes the problem. In the meantime, they have issued directions for a workaround that prevents both malware from manipulating the Windows Shell susceptibility. The workaround is effective for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server R2, but it comes with a cost – you lose all your icon graphics. Success in removing the virus has been marginal at best, with current fixes including a warning that removing these malware might result in unwanted changes to your system because of the way the virus embeds itself. The best way to avoid being infected, be careful not to run any suspicious programs and files, especially when taken from USB drives and any other removable storage, even from a Blackberry or an iPhone. It’s also best to avoid automatically enabling USB devices to autorun once they’re plugged into your computer. If you have any concerns or want to make sure your systems are protected, give us a call and we’ll work with you to ensure the security of your systems and data.
Lessons Learned from the World Cup
The recent fever over the FIFA World Cup made unsuspecting victims an easy target for malware makers, spammes, and scammers using the sport as a means to spread nefarious software or lure users into money-making scams. It seems the entire world was in the grip of the 2010 FIFA World Cup fever as several countries vied for football supremacy in South Africa. Unfortunately, malware makers, spammers, and scammers capitalized on the fever as well, using references to the event as a means to spread nefarious software or lure unsuspecting users into money-making scams. Some of the threats included 419-style scams , lures selling fake tickets, even fake products and business opportunities related to the World Cup. One particular ploy involved a couple of websites selling a bogus filter to cancel out the sound of noisy “Vuvuzela” trumpets in TV broadcasts. Scammers had even used legitimate websites to sell them—such as eBay and other auction sites. Several spammers used sophisticated techniques to confuse SPAM filters by using tools to automatically scrape the text from hundreds of websites (including news sites) and using them to spray random bits of this text into their messages. Another new development that was seen were targeted attacks on top executives of international manufacturing companies and government agencies. With the 2010 World Cup behind us, what does this mean to us now? Everyone should always be on guard against websites, links, or messages that seem too good to be true (because most likely they are), but understanding that scammers and spammers especially thrive during popular events helps everyone to be on extra high alert.

