Facebook Un Named App

Here’s a combined hoax and malware. Let’s start from the beginning.

People have been posting notes on Facebook about something called “un named app”. It tells you to remove something from Facebook. It’s a hoax. Don’t believe what it says, don’t follow the instructions, and don’t pass it on.

Below are some quotes of the hoax:

ALERT >>>>> Has your facebook been running slow lately? Go to “Settings” and select “application settings”, change the dropdown box to “added to profile”. If you see one in there called “un named app” delete it… It’s an internal spybot. Pass it on

this is real.. i checked and found this app and deleted it… hopefully, my facebook will run better now.

Cannot believe how much quicker mine is running after doing this….

I don’t have this app on my Facebook account but if you do, don’t worry. It’s a normal part of Facebook and you shouldn’t delete it.

Now the second part of this hoax is a real trojan. If you go to Google and search for “facebook unnamed app” you’ll see quite a few results. Some of these results are fake antivirus programs.

A fake antivirus program is actually a trojan. It pretends to scan your PC and quietly installs malware in the background. It goes under the name of Security Tool, it has a fancy detection screen and everything. But it’s definitely bad.

The rule of thumb is that if a web page tells you that your PC might be infected, don’t trust it. Go and get your own antivirus program, not something that pops up on your screen (see here for a good free antivirus program).

There’s a lot to learn here. Basically, be careful who you trust. These days scammers have to trick you into installing malware and they’re good at it (it’s called social engineering).

January 28, 2010 | Filed Under Antivirus, Malware, Scams, Security, Software, hoax | Leave a Comment 

IE6

Internet Explorer 6 is still used in many large organisations. It’s because large organisations invest heavily in technology then expect to keep using it for many years to increase their returns on investment. Usually their internal programs won’t work on newer browsers, and it’s a major task to upgrade them.

But Internet Explorer 6 (IE6) is quite old and very vulnerable to being hacked. It’s so vulnerable that it’s the main (technical) cause of the recent hack attack by China against Google (read here). In short, it seems that the Chinese government (or agents working on their behalf) hacked certain people’s Google accounts. They were able to do this because these people weren’t using the latest version of Internet Explorer.

So any organisation that refuses to upgrade to the latest version of Internet Explorer is also at risk.

Microsoft have made an official statement that IE6 is vulnerable and they want everyone to upgrade to the latest version.

Update: The Australian Government has also asked people to stop using IE6.

Update 2: Microsoft has made a patch available to all IE6 users to fix the problem. Download it from here.

January 19, 2010 | Filed Under Security, Software | Leave a Comment 

Some Personal Firewalls

A personal firewall is a program you install on your computer. It stops unknown programs talking to the internet. Why is this important?

Just say some malware gets installed on your computer. It wasn’t picked up by your antivirus program for whatever reason (maybe you don’t even have antivirus). It starts watching you type in your passwords and tries to send details to a criminal’s server. This actually happens every day to some people.

A personal firewall would detect that an unknown program is trying to send information to the internet and bring it to your attention. It blocks the program and asks you if you want to allow it to proceed.

It’s different to a normal firewall because it runs on your PC instead of on the network. And it doesn’t just keep people from hacking into your computer, it stops malware connecting out to the internet. So overall it’s a good thing to have, it’s just a bit more defence against online fraud.

Below are some new deals I’ve come across. I haven’t tried these programs and can’t comment on how well they work – I suggest you ask around.

ZoneAlarm Pro – this program has been around for many years. The Pro version, which usually costs USD39.95, will be free for today only (13th of October 2009). Go to their web site here.

Online Armor Premium – I haven’t heard of this product before but it’s legitimate. It usually costs $39.95 but it’s free to PayPal members, until the 19th of October 2009. Click here, then on the button to buy now, then proceed to pay with PayPal, it will be discounted to $0.

Windows also has a firewall built in but in my opinion it isn’t very good and it’s difficult to configure. And most antivirus packages, the kind that cost money, include a personal firewall.

October 13, 2009 | Filed Under Antivirus, Software | 1 Comment 

Patch Tuesday

Tomorrow, Tuesday the 13th October, Microsoft is releasing several critical updates to Windows. They fix known security problems so it’s important for all Windows PCs to download these updates.

Microsoft tries to release these updates on Tuesdays, tomorrow’s batch will be larger than usual. So as always, make a backup of your PC’s data today in case the patches cause any problems.

October 12, 2009 | Filed Under Software | Leave a Comment 

Microsoft Security Essentials

Today Microsoft launched a new anti-virus program called Microsoft Security Essentials. People who have tested it are fairly happy with it, it’s certainly better than not having any anti-virus. And best of all it’s free. It works on Window XP, Windows Vista, and Windows 7.

Free download of Microsoft Security Essentials: http://www.microsoft.com/Security_essentials/

Now I’ve always said that paid anti-virus programs are generally better. I still believe this because you get more security features such as web page scanning, a personal firewall and fraud detection. And with all the online fraud and scams that happen every day you need all the security you can get and that costs money.

But sometimes you really can’t justify paying for anti-virus, like a computer you’re only going to use for a month. So this fits in nicely. Also keep in mind that there are several other good free anti-virus programs out there.

I’d also like to point out that sometimes internet security companies can be biased. Take Symantec as an example. On the same day that Microsoft launches a free anti-virus program Symantec started a campaign telling people that free anti-virus programs are bad. I see it as a clearly biased argument to protect their business. Marketing is always biased, it’s always best to get an independent opinion (Fraudo is not sponsored by any companies, the ads on the right are dynamic and I don’t get to choose them).

September 30, 2009 | Filed Under Antivirus, Software | Leave a Comment 

Antivirus Comparison

There is an organisation called AV-Comparatives that tests antivirus programs and compares their performance. They’re independent from the antivirus vendors making their tests more useful. So it’s good to look through the results and see which antivirus programs are working better than others.  Below are their top 7 programs, in no specific order:

G Data
Symantec
Avast
F-Secure
BitDefender
eScan
ESET
Full details of their tests are here – click on the August 2009 report. I was surprised to see Trend Micro was missing from the tests. I tried contacting them about it but I haven’t received a response.

So when you’re ready to invest in a good antivirus program for your PC you can use the results of their tests to base your decision.
Also keep in mind there are fake antivirus programs out there, they pretend to do a scan but actually install malware.
September 21, 2009 | Filed Under Antivirus, Software | Leave a Comment 

GFI Backup

GFI Backup is a simple backup program for Windows. It has enough features for most home users, and it’s free. If you haven’t thought about your own backup strategy this would be a decent program to start with (for Windows users).

For more backup tips read here.

July 6, 2009 | Filed Under General, Software | Leave a Comment 

Where Does Spam Come From?

The technology spammers use is always changing. A report released by MessageLabs in June 2009 shows that 83% of spam is currently being sent from botnets. Now let’s explain what a botnet is.

There are people out there who hack into people’s home PCs (the PCs of ordinary people like you and me). They usually write a virus to do this, or pay someone to write the virus. Then when they’ve hacked into a home PC, they add it to a list.

After a few days they can get about 500,000 home computers on their list (yes, they work very fast). So once the hacker has hundreds of thousands of computers on their list, he writes a program that can control them all at once.

Now keep in mind that most home users won’t know their PC has been hacked. Everything still looks normal.

The hacker then sells this list of PCs to a spammer. The technical word for this list of controlled PCs is called a botnet.

A spammer buys this list of hacked computers and the program that controls them all at once. He uses also buys an email list from someone else (a list with millions of people’s email addresses). He presses a button, and all of the home PCs he’s controlling start sending out spam.

Again, home users don’t know their PC is now being used to send out spam. They might notice their internet go a little slower but most people don’t have the technical skill to work out why. It just gets ignored.

The spammer then sits back, relaxes after doing his 5 minutes of work. If anyone gets caught for sending spam it’ll be the home user, not him. The home user is ignorant of what’s going on. The hacker made his money and will do it again. And the cycle repeats again after a few days.

botnet percentageSo how much spam are we talking about?

The largest botnet in operation in June 2009 is sending 74 million spam emails a day, all of this from people’s home computers. That’s a lot of spam.

 

What can you do?

Don’t let your own computer become part of a botnet. Use a good antivirus product, scan for malware, and fix up any problems.

June 30, 2009 | Filed Under General, Malware, Software | 1 Comment 

Web Sites That Ask For Your Other Passwords

Social web sites are all the rage these days, such as Facebook, MySpace, Twitter, and there are hundreds of less popular ones as well. The idea with them is that all your friends and family can join and you can share aspects of your life such as photos and comments.

mystery cubeOften these same sites will ask for other passwords, in an effort to help you find more of your friends and family. For example, when you sign up to Badoo.com it asks you for your MSN username and password. They do this so they can log into MSN with your account, get a list of your contacts, and invite them to join Badoo. Facebook can do this too only on a grander scale.

It’s good in theory but there are some large risks involved. When you sign up and are prompted to enter your MSN details (or any other account), consider these questions:

You can see where this is leading. If you enter your other passwords into someone’s web site you’ve lost control and put yourself at some risk.

So when you sign up to a new site and it asks you for other passwords you already have, your initial reaction should be to refuse. Then consider if the benefits of doing so are worth the risk.

I’d like to thank our regular reader Nick for bringing this issue up.

June 2, 2009 | Filed Under General, Privacy, Security, Software | Leave a Comment 

Next Page →