Entries in Security (34)

Monday
Dec032012

Avoid the tech support phone scam

If someone calls you and says you have a virus / malware on you computer, it is probably a scam.    A recent experience has led me to this blog post,  and the importance of pointing out that this scam becoming more common.   

This scam can be one of the most damaging, here are some great tips from the FTC, 

If you get a call from someone who claims to be a tech support person, hang up and call the company yourself on a phone number you know to be genuine. A caller who creates a sense of urgency or uses high-pressure tactics is probably a scam artist.

Keep these other tips in mind:

  • Don't give control of your computer to a third party who calls you out of the blue.
  • Do not rely on caller ID alone to authenticate a caller. Criminals spoof caller ID numbers. They may appear to be calling from a legitimate company or a local number, when they're not even in the same country as you.
  • Online search results might not be the best way to find technical support or get a company's contact information. Scammers sometimes place online ads to convince you to call them. They pay to boost their ranking in search results so their websites and phone numbers appear above those of legitimate companies. If you want tech support, look for a company's contact information on their software package or on your receipt.
  • Never provide your credit card or financial information to someone who calls and claims to be from tech support.
  • If a caller pressures you to buy a computer security product or says there is a subscription fee associated with the call, hang up. If you're concerned about your computer, call your security software company directly and ask for help.
  • Never give your password on the phone. No legitimate organization calls you and asks for your password

Here is a direct link to the FTC article, Tech Support Scams

For further information, here is a good bulletin from Microsoft, Avoid tech support phone scams

As always if you have any questions, feel free to give me a call. 

Thursday
Nov292012

Is it a dangerous website?

One question that I am frequently asked is, "Is this website safe?"   Determining the safety of a website is a challenge, the site functions might be safe, but the content inside might be suspect or dangerous. There is not one single way to determine if a website is safe, but I have found a site that can help.

http://zulu.zscaler.com/

For every website that you submit, zscaler provides a risk assessment,Benign, Low, Medium, or High, based on the following factors,

- Content Checks – Inspection of page content to identify potentially malicious code in a variety of categories

- URL Checks – Inspection of the full URL to identify malicious patterns and check the URL/FQDN/TLD against third party and Zscaler block lists

- Host Checks – IP, DNS and netblock reputation checks
Here is a sample report,

 This is a good tool to help understand the risk associated with websites, but ultimately the decision to yours on weather a website is safe.

Tuesday
Nov202012

Be prepared for phishing and link manupliation

I just recently spend quite some time fixing a virus infection on a clients machine.   He was using all the right anti virus and anti malware tools.  So how did the problem start? A phishing email with bad link.  

After receiving a email with a link to what listed as Linked In, he was taken to a site where a virus payload was downloaded to his machine and then proceeded to infect his machine.   

Here is a excellent description of the issue from Wikipedia, 

Link manipulation

Most methods of phishing use some form of technical deception designed to make a link in an e-mail (and the spoofed website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers. In the following example URL, http://www.yourbank.example.com/, it appears as though the URL will take you to the example section of the yourbank website; actually this URL points to the "yourbank" (i.e. phishing) section of the example website. Another common trick is to make the displayed text for a link (the text between the <A> tags) suggest a reliable destination, when the link actually goes to the phishers' site. The following example link, //en.wikipedia.org/wiki/Genuine, appears to direct the user to an article entitled "Genuine"; clicking on it will in fact take the user to the article entitled "Deception". In the lower left hand corner of most browsers users can preview and verify where the link is going to take them.[35] Hovering your cursor over the link for a couple of seconds may do a similar thing, but this can still be set by the phisher.

A further problem with URLs has been found in the handling of Internationalized domain names (IDN) in web browsers, that might allow visually identical web addresses to lead to different, possibly malicious, websites. Despite the publicity surrounding the flaw, known as IDN spoofing[36] or homograph attack,[37] phishers have taken advantage of a similar risk, using open URL redirectors on the websites of trusted organizations to disguise malicious URLs with a trusted domain.[38][39][40] Even digital certificates do not solve this problem because it is quite possible for a phisher to purchase a valid certificate and subsequently change content to spoof a genuine website.

 

Be on the look out for anything phishy, and when in doubt DO NOT CLICK ON THE LINK.

 

Thursday
Nov152012

If your password is on this list...

Change it now!

 

Presenting SplashData’s “Worst Passwords of 2012”, including their current ranking and any changes from the 2011 list:
1. password (Unchanged) 
2, 123456 (Unchanged) 
3. 12345678 (Unchanged) 
4. abc123 (Up 1) 
5. qwerty (Down 1) 
6. monkey (Unchanged) 
7. letmein (Up 1) 
8. dragon (Up 2) 
9. 111111 (Up 3) 
10. baseball (Up 1) 
11. iloveyou (Up 2) 
12. trustno1 (Down 3) 
13. 1234567 (Down 6) 
14. sunshine (Up 1) 
15. master (Down 1) 
16. 123123 (Up 4) 
17. welcome (New) 
18. shadow (Up 1) 
19. ashley (Down 3) 
20. football (Up 5) 
21. jesus (New) 
22. michael (Up 2) 
23. ninja     (New) 
24. mustang (New) 
25. password1 (New)

 

Now with that being said, here is a link to a article that help you make better passwords.

How to Devise Passwords That Drive Hackers Away

I agree with the article with the exception of the discussion on Password Managers.   The major issues with passwords on devices has been addressed with furhter encryption and changing the way that they are stored on the device, but with this being said, be cautious.

 

 

 

Tuesday
Oct302012

Be aware of the mail that you receive

My wife's business just received a invoice from DNS Services to renew. She asked me if she should pay it, my answer, "Who is DNS Services?  We use a different provider for our domain registration, hosting and back up." So I took close look at the bill, tell me if you see it,

Did you see it, here it is highlighted, 

The old "pay the bill we will transfer the doamins and services scam".  The price for the service is about triple what you would pay elsewhere, and once transfered you are then captive to the provider.

Keep you eyes open and check you bills.