Archive for the ‘Online Safety’ Category

A new method of phishing attack is starting to rear its head up to try and gain sensitive information from unsuspecting users. This new method goes back to the warning I have given out for years now. Do not have a sensitive page (ie, your bank, paypal..etc) open while browsing. What this new threat does is it will attack a vulnerable website and injects a javascript code into the site. When you visit the now infected site and have a window open to your bank it causes a popup to come up that tells you that your session has timed out and you need to relog in. Make sure you log out of sensitive sites before browsing. If you have a website make sure you are secure and check for any changes in coding. That is what happened to this site and some others I am hosting. It wasn’t a threat to capture your information but we did get attacked by the yahoo counter script. The first things we noticed was the fact that our rss feeds were broken. Then doing a source search we found yahoo counter starts at the bottom of the page before the closing body tags. I do not know what the exact code is that this one places into websites but will attempt to find it. I feel as a responsible website owner I should try to stay on top of the situation and even moved my sites to a more secure server.

Here is what explains about the sophisticated attacks:

“An in-session phishing attack occurs while the victim is logged onto an online banking application and therefore is much more likely to succeed. A typical attack scenario would occur as follows. A user logs onto their online banking application to perform some tasks. Leaving this browser window open, the user then navigates to other websites. A short time later a popup appears, allegedly from the banking website, which asks the user to retype their username and password because the session has expired, or complete a customer satisfaction survey, or participate in a promotion, etc. Since the user had recently logged onto the banking website, he/she will likely not suspect this popup is fraudulent and thus provide the requested details.”

To protect themselves from in-session phishing attacks, Trusteer recommends that users:
1. Deploy web browser security tools
2. Always log out of banking and other sensitive online applications and accounts before navigating
to other websites
3. Be extremely suspicious of pop ups that appear in a web session if you have not clicked a hyperlink

A US Army intelligence report has identified the popular blogging tool Twitter as a potential terrorist tool. It along with GPS and possibly voice changing software are at the heart of this intelligence report. The report by the 304th Military Intelligence Battalion examines a number of mobile and web technologies and their potential uses by militants. The report is posted on the Federation of American Scientists (FAS) website. Parts of the report mention how activists at the Republican National Convention in Minneapolis used it to provide information on police movements and Twitter members got out the news of the earthquake in Los Angeles in July faster than news outlets. Now lets see what happens when they discover chat rooms and email.

I don’t know how many of you use Internet Explorer or visit sites like MySpace or FaceBook and use their plugins. Myself I do not have anything on those sites and never use Internet Explorer for anything other than checking a web page to make sure it displays properly in IE and Firefox (my choice of browser).

According to the Washington Post‘s Security Fix blog, cyber criminals are populating the Internet with Web sites designed to exploit several recently-discovered security holes in a half-dozen widely used ActiveX plug-ins for IE 6 and 7, most notably the one offered by Facebook and MySpace to help users upload photos. The sites, advertised via links in email and instant message spam, also ‘probe for other vulnerable IE plug-ins, including two recently discovered from Yahoo! and one for QuickTime (this one attacks a vulnerability Apple patched just last month). The sites also throw in an exploit against a six-month-old IE flaw.’

If you use any of those plugins for IE you really need to deactivate the plug-ins with a GUI tool that?SANS Internet Storm Center has released. Actually my advise would be to dump Internet Explorer all together and down load a copy of Firefox. Once you go to it you will never want to use IE again. I have been a user of it since before it ever got its name and love it.

Last week there was an interesting article in the L.A. Times about the cloak-and-daggerism of fighting online scams in Romania, summing it up like this: “The country is the top source of auction site scams. One company is trying to do something about it, with increasing collaboration from local law enforcement over recent years. Ebay has sent over equipment and a team to help the authorities combat this form of cyber crime, which is run with all the organization of an industrial-scale business.”

Danger lurks for Albena Spasova when she arrives in the small industrial center of Ramnicu Valcea, Romania. She is escorted by U.S. Secret Service agents on her trips to the town of Ramnicu Valcea. Her safety is at risk making the agents necessary. They always book her room and always make sure it is next to their room. She has spent weeks sometimes months going over case files with the local police.
If you didn’t know it Ramnicu Valcea would not seem to be the capital of anything. but this obscure town located in the Carpathian Mountains is the global center of an Internet and credit card fraud ring. And Albena Spasova is an accomplished online fraud buster. She has helped take down gangs of fraudsters all across Romania. She isn’t a law enforcement agent for any government but instead works directly for ebay the giant online auction house. Ebay won’t disclose any dollar figures but does admit that Romania is the number one source of professional fraud. Last year there was an Internet fraud ring busted in Chicago that had its roots in Pitesti, Romania. On a November 2006 visit to the Romanian capital, Bucharest, FBI Director Robert Mueller said the vast majority of Internet fraud committed on “one prominent U.S. online auction website is connected to Romania or Romanians.”

Fraud is a big problem for ebay as it has built its reputation on the feedback system to determine if a seller or bidder is reputable or not. The whole system depends upon buyers and sellers trusting one another. If this becomes broke the whole system will be broken. Ebay users are deluged by phishing emails almost daily. Any one of which if mistaken for a real ebay message can give the thiefs all the knowledge they need to hack your account and list things in your good name. You must be ever vigilant and never ever under any circumstances click on a link in an email that claims to be from ebay or paypal either one. These schemes don’t cost ebay anything but could potentially cost you a bundle. They tend to gravitate towards high ticket items like laptops and cars. But not always. Be careful. I have read about an auction winner being told to send the money to Romania via Western Union, A practice that should put up a huge red flag for you. If the auction states they take paypal and then want only Western Union Funds contact ebay immediately. If they want the funds sent to somewhere other than where the users location says you should also be very wary and contact ebay. It is a good idea to have a good password that is very hard to guess. A mixture of letters and numbers is great. Changing it regularly is also a very good idea.

As Publilius Syrus said, “He is most free from danger, who, even when safe, is on his guard”.

In an article by PC World they report that hackers have gained access to computers at two of the most important science laboratory in the US. The two labs involved are the famous labs of Los Alamos and the Oak Ridge facility. The Oak Ridge facility had a data base of visitors, including social security numbers accessed. The data base went back to 1990 – 2004. With annual visitors running around 3,000 scientists this is potentially a huge mistake.

I told you that to tell you this. The attacks were via phishing type emails with attachments. I want to remind each and everyone of you to never ever under any circumstances open an attachment from someone you do not know. And even if it is from your best friend in the world do not open the attachment if you were not expecting it. They could have accidentally picked up a virus and be spreading it unknowingly. I do not even open unsolicited emails from people I do not know. Some emails can have trackers coded into them that lets the sender know that the address is indeed a active account and therefor marketable. Getting you even more spam. Never ever answer any spam. I tried chasing down the routes email was sent to me and requesting I be removed from their lists with no real success. Mostly I only verified my email account was active and being used so they could send me even more spam. If you do open any of these emails don’t click the links. Especially if you are using Internet Explorer. It still has vulnerabilities and can be attacked by malicious code. Now that doesn’t mean that it is perfectly safe to visit these sites with Firefox as there may be an unaddressed vulnerabilities in it that no one but the hackers know of yet. Nothing is fool proof for a sufficiently talented fool.

If you ebay I would also advise you to have separate accounts for your ebay and paypal emails to come into. Accounts that you do not give out the address. Use an address specifically for them and a separate account to receive your regular mail in. If you have a separate account for your ebay and paypal address, then anything that comes into your main account claiming to be from ebay or paypal you know is a phishing scheme. Even if the email comes to your ebay or paypal email account be dubious of any mails that arrive there claiming to be from them. Never ever click on any links in emails like that. Type the URL into the address bar or use a link from your bookmarks (favorites if you use IE) And If you feel you absolutely must fill out the so called contests or other marketing plows that are asking for your email address then you should have a third account for that that you can throw away once the volume of mail becomes unwieldy.