Thursday, June 30, 2011

AOL targeted by phishing attacks bigtime tonight

This evening, I noticed two emails claiming I had recently contacted AOL support.  I’ve gotten aol billing emails that seem to be phishing, this is the first time I’ve seen a boorish email mentioning tech support. My email suppresses html  display, and a link.  This time, the email program did not show the actual link when I passed the cursor over it. 

Tuesday, June 28, 2011

Is public WiFI OK if you use https?

Webroot passed around a link “5 Tech Mistakes Travelers Make on Vacation” on Tech News Daily, here
Of course, we know that free wireless networks are unsecured, but I thought it was OK to use https, encrypted logons, for sensitive stuff.  The article says use public wireless only for kids stuff. 

I would add the advice, to have a secure MiFi card for a hotspot, which you can take through TSA security with your laptop and cell phone, no problem. By definition, it’s more secure that a public network.  And MiFi is getting reasonably fast, although not as good yet as broadband cable or home wireless directly connected to broadband.

Some security experts are saying never to post travel plans online in public sites.

But answer the question: is it OK to use public wireless hotspots with personal information if you use encrypted logons, https? 

I’d add a couple other things. Remember that car keys and house keys fall out of pockets in taxicabs, especially if carrying bulky old European hotel keys.  If you lose rental car keys, sometimes you can lose your travel insurance on the rental. 

Monday, June 27, 2011

Families still at risk from kids' surfing other home computer practices; inability to maintain antivirus software found by GFI

AOL, on Monday June 27, led off the day with a basic article on family online safety by Denna Glick, “Study Finds Teens, Parents Take Online Risks”, link here.

Even though kids may be more tech savvy, they may be exposing families to substantial risks in terms of potential identity theft, bank losses, or home security problems.  GFI Software, from Cary, NC,  (website url link) )commissioned a study and found that about two-thirds of homes did encounter computer viruses on home or “family” computers.  It found that many parents are careless in allowing kids to use work-related computers, which may be corporate or government laptops, or sometimes are desktops set up for work at home or telecommuting (or oncall support). It also found that many, perhaps most, families did not keep anti-virus software updated properly. This could put families at legal risk. One problem may be the ability of anti-virus problems to fix problems easily when problems occur; many parents don't understand how to work with tech support and do complicated diagnostic downloads, or may not have stable enough high speed connections. 

GFI provides a link to a related UK story on surfing by John Leyden, “Survey scammers target Doctor Who fans”, here

Wednesday, June 22, 2011

"Phishing" gets supplanted by "smishing": social media phishing could be much more dangerous than email's was

According to a Webroot blog story tweeted recently, the latest variation on “phishing” is now “smishing” or social media phishing, sometimes from hacked Facebook accounts, with the Ian Moyse (EMEA) story URL here.

It seems as though there is a black market in Facebook logons, which could result in tarnishing the reputations of the targets, their accounts being wrongfully closed or accusations being made against them, although in the email world that concern (over sender spoofing) hasn’t really materialized.

It seems as though any online user needs to check all his or her accounts frequently.  In the mainframe work world, back in the 80s, we used to be concerned that fraud could be committed in your name if you left your terminal logged on when you weren’t there. 

Friday, June 17, 2011

Odd anti-virus renewal problem; Another phishing strategy

An interesting thing happened on the way to a forum. I took my Toshiba laptop, W7, with Kaspersky. Kaspersky immediately told me that the subscription renewal (due June 28) had failed. When I tried to fix it, I got a 403 forbidden error on its site.

The problem all went away when I logged on to the hotel’s wireless gateway, entered the password code and accepted its TOS.  But it’s an odd way for an anti-virus program to report a “false positive” problem. 

In the phishing arena, the latest is for a party to emulate Wells Fargo, and claim an SSL socket layer update, complete with WF stagecoach trademark logo. 

Monday, June 06, 2011

Kaspersky offers unusual email anti-spam training on my old XP machine, requires use of Outlook

Today, when I came back from vacation and booted up an older Dell 8300 desktop with “just” Windows XP and Kaspersky (installed by Best Buy/Geek Squad at the end of 2009 after a hard drive crash and replacement), I got a notification message from Kaspersky of “mandatory training on non-spam emails”.  I don’t know what this could mean. I tried the wizard, and it wanted access  some emails in Microsoft Outlook. I don’t use Outlook, so I closed the wizard.

I always do get warnings to update the Kaspersky database, which happens automatically. But the email notification makes no sense.  I have a small travel laptop, Toshiba, with Windows 7 Starter and Kaspersky, and get the normal updates, but have never seen this email thing there.  On the Toshiba machine, Kaspersky always offers to scan any thumb drive used to transfer or backup files. 

One other oddity I've noticed: a few sites can be communicated with only by Outlook. They don't tell you an email address you can paste into AOL or Yahoo! or Gmail, and don't offer a special script to avoid spam (the way most newspapers to).  But I still haven't bothered with Outlook. I don't think we should need it.  It used to be the target of every spam virus in the world. 

Wednesday, June 01, 2011

Debate on FBI's tackle of Coreflood botnet rages; :spearfishing" to get govt info from employee personal computers

SC Magazine has a “pro and con” debate on the FBI shutdown of the Coreflood botnet, apparently by executing  attacker code and affecting some US machines.  Jim Bardin from Treadstone 71 argues for it, whereas Chris Palmer from Electronic Frontier Foundation argues against. The link for the article is here  and was tweeted by Webroot today.

There’s another “pro” column by Bruce Schneier here.

 Any course of action was risky.

eWeek has a more detailed article by Rashid as to how the counterattack worked, as it was complicated by “beacons” and rebooting machines, link (April 28, 2011) here

Google today announced some opportunities, including 2-step verification, to tighten up Gmail after it researched a phishing and malware scheme that had originated from China and that was apparently used to track people, possibly political dissidents. The official corporate blog entry is here and it was announced on Twitter today. The extra steps of security verification would include receiving a text on your cell phone.

CNN described a technique called "spearfishing" (or spearphishing) to try to get government or business information from employee's personal computers. The attacks seem to have involved government executives and perhaps others at contractors and may originate particularly fro China.