Thursday, September 22, 2016

Malvertisers apparently use "popads" and "content locking"; another Facebook phishing scam

I got this comment to the last post, “Are you looking to make cash from your visitors by popounder ads  In case you do, did you try using PopAds?  Then another comment, “Did you know that you can make cash by locking special pages of your blog/website? All you need to do is to join Mgcash and use their current locking tool.”  I marked both as spam (see the comment I wrote).  It seems this is the heart of “malvertising”, forcing users to open ads which might contain malware (even ransomware) just to view legitimate content.  Publishers should be wary of accepting ads that might try to do this.

Also, there seems to be a new phishing scheme using Facebook, taking “Friends” names and making up website names from their names and spoofing sender addresses, so that the user doesn’t suspect it’s a Facebook scam.  You would be leaded to go to a tiny url website which probably delivers malware. 

Wednesday, September 21, 2016

Spoofy news site offers bloatware behind the scenes, which security software seems to allow

Today, a site called "The Real Strategy", which tends to feature more supermarket-tabloid like stories sometimes, and which offers pop-ups, had a story on putative life on Europa, a moon of Jupiter. The story, about the subsurface ocean, is valid and is backed up by many more mainstream news sites. The site is marked "green" by Trend-Micro.  When you try to read the entire story, you get interrupted by a bloatware site saying your browser software is out  of date and offering a download.  You could not read the article without the download.

Of course, I canceled.  The Chrome history shows only a loading of "" and offering the viewer to get paid for unpacking tiny url's.

I restarted the Windows 10 Anniversary-update computer and Trend Micro found no problems with quick scan.  I did not download anything, but Real Strategy did link to the "" site without the user permission.  ay,gy converts to, a "URL shortener that pays you".

Users should not download advertised "free" software for computer speed-up, etc., without checking the vendor separately.  It is true, there are some registry cleanup products from reputable companies.  Normally, users should stick to manufacturer, operating system provider, major browser, and major application software downloads from well-known and reputable companies which users can check out first.  Users should not download "free" software on impulse.  Some of this bloatware also comes on some YouTube ads.

Tuesday, September 20, 2016

New phishing scam offering an American Express PSK reported

Joseph Steinberg warns users about a new phishing scam pretending to offer an American Express Personal Safety Key (PSK). 

His article in “Inc” offers rather stern advice for users who realize they have clicked on risky links in emails or on malicious websites:  disconnect from the Internet, run a scan, turn machine off for several days, run another scan with an updated database.

If I am suspicious of any place I have visited, I restart my machine (Windows 10 with Anniversary Update), run a quickscan in Trend Micro and then a full scan (or on Webroot, on one machine).  Trend’s full scan takes about 40 minutes, not too long.  It’s a good idea to do at least one per week. 

Saturday, September 10, 2016

A "telephony denial of service" attack could flood a 911 emergency network (concept)

911 systems, run by states, could be hacked by a telephony denial of service attack, according to Kim Zeiter, in a story by Kim Zetter on p. A10 of the Washington Post today.

The hacker would infect a large number of mobile phones, in the firmware, which would then send bogus 911 calls, possibly with spoofed numbers making them impossible to blacklist.

Researchers have found malware in both iPhone and Android apps.  Curiously, author Edmund Contoski in Minnesota had described such a possibility in his 1997 novel "The Trojan Project".
Recently, on a Sunday morning in August, the 911 system in part of Washington DC was disabled for about 90 minutes by a cabling error by  technician. There were no critical missed responses as a result.

"Blogtyrant" (Ramsay Taplan, in Australia) predicts the development of security products to protect vehicles and smart home appliances from malware soon. 

Friday, September 02, 2016

New kind of ransomware targets Linux servers

Trend Micro is warning small businesses about a new kind of ransomware called "Fairware" which infects Linux servers.  If a business did not have its data backed up offline, it could lose everything, and the ransom extortionist could threaten to disclose consumer PII if the business did not pay.

The story is here. I don't know how well other services, like SiteLock, can protect against this hazard.

Since Linux is targeted, it sounds feasible that a similar kind of malware could be developed for MacOS.
Webroot is offering a seminar on encrypting ransomware on Sept. 7, online, for corporate IT security people, here

Thursday, September 01, 2016

Fake Food Lion coupons slip past Facebook''s screening and get on the network

NBCWashington and other media sources report that Facebook accidentally accepted a fake ad for Food Lion, a supposedly printable coupon with unbelievable discounts.  The link apparently contains spyware or “malverstising” ware.  This would be a trademark infringement also.  Presumably, Facbeook is removing the ad, but this one got past them. Food Lion is telling customers to be wary of this ad.  Major newspapers, including the New York Times, have had some issues with malware ads getting through.