A French security company called Intego has released the first antivirus app for iPhones, called VirusBarrier. This is news because so far iPhones have not needed antivirus programs, there are currently no viruses on iPhones. Here’s a breakdown of what VirusBarrier is:

What VirusBarrier does:

• it can scan email attachments – but it’s not automatic, you need to go into VirusBarrier and tell it which email attachment to scan (and only one at a time)
• it can scan files on DropBox

What VirusBarrier does not do:

• it does not scan all files or apps on the iPhone. It can’t because of Apple’s sandbox model.
• it does not do automatic scans
• it does not do scheduled scans
• it does not scan apps

If you are a user of the Apache hosted JIRA, Bugzilla, or Confluence, a hashed copy of your password has been compromised. There was a targeted attack on these systems on the 9th April 2010.

These are services used by developers, most “normal” people would not have accounts on these services. If you do use these services please read the full incident report here.

McAfee Stinger is a program to clean malware from PCs. It detects and removes more than 1300 types of malware – that’s pretty useful.

It’s not a replacement for a good antivirus product, but if it’s too late and your PC has been infected then this could help clean it.

Download it directly from McAfee’s web site and follow their instructions.

Here’s a combined hoax and malware. Let’s start from the beginning.

People have been posting notes on Facebook about something called “un named app”. It tells you to remove something from Facebook. It’s a hoax. Don’t believe what it says, don’t follow the instructions, and don’t pass it on.

Below are some quotes of the hoax:

ALERT >>>>> Has your facebook been running slow lately? Go to “Settings” and select “application settings”, change the dropdown box to “added to profile”. If you see one in there called “un named app” delete it… It’s an internal spybot. Pass it on

this is real.. i checked and found this app and deleted it… hopefully, my facebook will run better now.

Cannot believe how much quicker mine is running after doing this….

I don’t have this app on my Facebook account but if you do, don’t worry. It’s a normal part of Facebook and you shouldn’t delete it.

Now the second part of this hoax is a real trojan. If you go to Google and search for “facebook unnamed app” you’ll see quite a few results. Some of these results are fake antivirus programs.

A fake antivirus program is actually a trojan. It pretends to scan your PC and quietly installs malware in the background. It goes under the name of Security Tool, it has a fancy detection screen and everything. But it’s definitely bad.

The rule of thumb is that if a web page tells you that your PC might be infected, don’t trust it. Go and get your own antivirus program, not something that pops up on your screen (see here for a good free antivirus program).

There’s a lot to learn here. Basically, be careful who you trust. These days scammers have to trick you into installing malware and they’re good at it (it’s called social engineering).

Internet Explorer 6 is still used in many large organisations. It’s because large organisations invest heavily in technology then expect to keep using it for many years to increase their returns on investment. Usually their internal programs won’t work on newer browsers, and it’s a major task to upgrade them.

But Internet Explorer 6 (IE6) is quite old and very vulnerable to being hacked. It’s so vulnerable that it’s the main (technical) cause of the recent hack attack by China against Google (read here). In short, it seems that the Chinese government (or agents working on their behalf) hacked certain people’s Google accounts. They were able to do this because these people weren’t using the latest version of Internet Explorer.

So any organisation that refuses to upgrade to the latest version of Internet Explorer is also at risk.

Microsoft have made an official statement that IE6 is vulnerable and they want everyone to upgrade to the latest version.

Update: The Australian Government has also asked people to stop using IE6.

Update 2: Microsoft has made a patch available to all IE6 users to fix the problem. Download it from here.

A personal firewall is a program you install on your computer. It stops unknown programs talking to the internet. Why is this important?

Just say some malware gets installed on your computer. It wasn’t picked up by your antivirus program for whatever reason (maybe you don’t even have antivirus). It starts watching you type in your passwords and tries to send details to a criminal’s server. This actually happens every day to some people.

A personal firewall would detect that an unknown program is trying to send information to the internet and bring it to your attention. It blocks the program and asks you if you want to allow it to proceed.

It’s different to a normal firewall because it runs on your PC instead of on the network. And it doesn’t just keep people from hacking into your computer, it stops malware connecting out to the internet. So overall it’s a good thing to have, it’s just a bit more defence against online fraud.

Below are some new deals I’ve come across. I haven’t tried these programs and can’t comment on how well they work – I suggest you ask around.

ZoneAlarm Pro – this program has been around for many years. The Pro version, which usually costs USD39.95, will be free for today only (13th of October 2009). Go to their web site here.

Online Armor Premium – I haven’t heard of this product before but it’s legitimate. It usually costs $39.95 but it’s free to PayPal members, until the 19th of October 2009. Click here, then on the button to buy now, then proceed to pay with PayPal, it will be discounted to $0.

Windows also has a firewall built in but in my opinion it isn’t very good and it’s difficult to configure. And most antivirus packages, the kind that cost money, include a personal firewall.

Tomorrow, Tuesday the 13th October, Microsoft is releasing several critical updates to Windows. They fix known security problems so it’s important for all Windows PCs to download these updates.

Microsoft tries to release these updates on Tuesdays, tomorrow’s batch will be larger than usual. So as always, make a backup of your PC’s data today in case the patches cause any problems.

Today Microsoft launched a new anti-virus program called Microsoft Security Essentials. People who have tested it are fairly happy with it, it’s certainly better than not having any anti-virus. And best of all it’s free. It works on Window XP, Windows Vista, and Windows 7.

Free download of Microsoft Security Essentials: http://www.microsoft.com/Security_essentials/

Now I’ve always said that paid anti-virus programs are generally better. I still believe this because you get more security features such as web page scanning, a personal firewall and fraud detection. And with all the online fraud and scams that happen every day you need all the security you can get and that costs money.

But sometimes you really can’t justify paying for anti-virus, like a computer you’re only going to use for a month. So this fits in nicely. Also keep in mind that there are several other good free anti-virus programs out there.

I’d also like to point out that sometimes internet security companies can be biased. Take Symantec as an example. On the same day that Microsoft launches a free anti-virus program Symantec started a campaign telling people that free anti-virus programs are bad. I see it as a clearly biased argument to protect their business. Marketing is always biased, it’s always best to get an independent opinion (Fraudo is not sponsored by any companies, the ads on the right are dynamic and I don’t get to choose them).

There is an organisation called AV-Comparatives that tests antivirus programs and compares their performance. They’re independent from the antivirus vendors making their tests more useful. So it’s good to look through the results and see which antivirus programs are working better than others.  Below are their top 7 programs, in no specific order:

• G Data
• Symantec
• Avast
• F-Secure
• BitDefender
• eScan
• ESET

GFI Backup is a simple backup program for Windows. It has enough features for most home users, and it’s free. If you haven’t thought about your own backup strategy this would be a decent program to start with (for Windows users).

For more backup tips read here.

The technology spammers use is always changing. A report released by MessageLabs in June 2009 shows that 83% of spam is currently being sent from botnets. Now let’s explain what a botnet is.

There are people out there who hack into people’s home PCs (the PCs of ordinary people like you and me). They usually write a virus to do this, or pay someone to write the virus. Then when they’ve hacked into a home PC, they add it to a list.

After a few days they can get about 500,000 home computers on their list (yes, they work very fast). So once the hacker has hundreds of thousands of computers on their list, he writes a program that can control them all at once.

Now keep in mind that most home users won’t know their PC has been hacked. Everything still looks normal.

The hacker then sells this list of PCs to a spammer. The technical word for this list of controlled PCs is called a botnet.

A spammer buys this list of hacked computers and the program that controls them all at once. He uses also buys an email list from someone else (a list with millions of people’s email addresses). He presses a button, and all of the home PCs he’s controlling start sending out spam.

Again, home users don’t know their PC is now being used to send out spam. They might notice their internet go a little slower but most people don’t have the technical skill to work out why. It just gets ignored.

The spammer then sits back, relaxes after doing his 5 minutes of work. If anyone gets caught for sending spam it’ll be the home user, not him. The home user is ignorant of what’s going on. The hacker made his money and will do it again. And the cycle repeats again after a few days.

So how much spam are we talking about?

The largest botnet in operation in June 2009 is sending 74 million spam emails a day, all of this from people’s home computers. That’s a lot of spam.

What can you do?

Don’t let your own computer become part of a botnet. Use a good antivirus product, scan for malware, and fix up any problems.

Social web sites are all the rage these days, such as Facebook, MySpace, Twitter, and there are hundreds of less popular ones as well. The idea with them is that all your friends and family can join and you can share aspects of your life such as photos and comments.

Often these same sites will ask for other passwords, in an effort to help you find more of your friends and family. For example, when you sign up to Badoo.com it asks you for your MSN username and password. They do this so they can log into MSN with your account, get a list of your contacts, and invite them to join Badoo. Facebook can do this too only on a grander scale.

It’s good in theory but there are some large risks involved. When you sign up and are prompted to enter your MSN details (or any other account), consider these questions:

• Who runs Badoo? Is it some guy sitting at home with no one to answer to?
• Do you trust the company (such as Badoo) and all of their employees?
• What is their privacy policy? Who are they accountable to if they breach their privacy policy?
• Do they store your MSN password? (You have no way of knowing this for sure)
• Have their servers been hacked and is someone else also capturing your password? (Again you have no way of knowing this, web sites get hacked every day)

You can see where this is leading. If you enter your other passwords into someone’s web site you’ve lost control and put yourself at some risk.

So when you sign up to a new site and it asks you for other passwords you already have, your initial reaction should be to refuse. Then consider if the benefits of doing so are worth the risk.

I’d like to thank our regular reader Nick for bringing this issue up.

There are many fake anti-virus products out there, they try to convince you there’s something wrong with your PC or Mac then either ask you for money to fix it or install real viruses.

This new one’s the kind that asks you for money, it’s called System Security. It begins when you download the program believing it’s a new anti-virus product. It’s designed for Windows PCs.

When you install it, it pretends to scan your PC, then informs you it found a whole lot of malware on your PC including viruses, adware and spyware. This part is meant to scare and shock you.

Then it does something truly evil, it stops you doing anything on your PC until you “activate” the anti-virus. And by activate they mean pay them money. So at this stage the only thing you can do with your PC is go to the scammer’s website (which looks nice and professional), hand over your credit card details, and they’ll supposedly make your PC work again.

If you happen to download and install this fake product and it blocks your PC from working, don’t give them your credit card details or otherwise pay for it to be unlocked. You will be able to boot your PC in Safe Mode – ask for a PC technician to help you with this if necessary. You’ll then be able to remove the fake anti-virus.

This highlights the importance of using a good anti-virus product, one that’s known and respected in the IT industry. I generally try not to recommend one product over another but below are some of the trusted anti-virus companies available today:

• Trend Micro
• Symantec / Norton
• McAfee
• F-Secure
• AVG

There are many more and the market’s always changing. Feel free to write about your preferred products in the comments below. These days you can buy them online or walk into a computer store and buy one.

Windows 7 Release Candidate (RC) was released recently by Microsoft. It’s free for anyone to download and test it before the final version’s finished. A few days before the official release someone posted a copy on a BitTorrent network. Unfortunately this copy was infected with a trojan that downloads more malware. This is very bad. When you install an operating system such as Windows you have to trust the installation. If you can’t trust the operating system then you shouldn’t be using it. What’s wrong with Torrents?

• Don’t download Windows from file sharing systems such as BitTorrent. Get it from Microsoft or one of their vendors.
• If you download free operating systems such as Linux from torrents know how to do a checksum test.
• Don’t use pirated software. Apart from being immoral and illegal, pirated software is often plagued with malware.

What if you already downloaded Windows 7 RC from BitTorrent? The safest thing to do is to download it again from Microsoft’s site, reformat your PC, and reinstall the official version. It can be safely downloaded from: http://www.microsoft.com/Windows/Windows-7/download.aspx As a side note I’d like to point out that Windows 7 RC is a test version, it’s not the finished product. And while it’s free for now it has a couple of restrictions:

• on 1 March 2010 it will start rebooting every 2 hours
• on 1 June 2010 it will completely stop working.

Update: There are now 25,000 PCs infected with the malware as a result of downloading the wrong copy of Windows 7 RC. These 25,000 PCs are being controlled by hackers as part of a botnet.

There is a hacked version of the popular VLC media player. Instead of installing VLC, it starts installing, then asks you to send an SMS to a number. They then send you a code in return to continue installation.

This is wrong. The people that hacked this installer are just trying to make money from your SMS’s. At the moment it’s been detected in the French version of VLC but it could apply to any language.

The real VLC player never asks you to send an SMS. The real VLC player can be downloaded from: http://www.videolan.org/vlc/

If you download it from anywhere else you end up putting your PC at risk. Always download files from the original vendor’s web site. You can search Google to find it.

Malwarebytes Anti-Malware is a Windows tool to remove malware. I’m always explaining how to prevent malware in the first place, but if it’s too late for you and your PC is infected, this tool is great at removing it.

There’s a free trial and a full (paid) version. The free trial is enough to help clean your PC. The paid version will help prevent future infections.

Today they announced that this product has cleaned 1 billion PCs over the past few years. That’s quite impressive. And it’s also scary to think that 1 billion people had their PCs infected with malware – if only they would read Fraudo and prevent the infections

You can download it here.

AVG has been making anti-virus products for years, they’re a trusted company. They’ve now made one of their products free, and it would be useful for many of you. It’s called AVG LinkScanner.

It’s a plugin for FireFox and Internet Explorer. It checks every web page you load, and if it’s a known dangerous site it stops it from loading, protecting you before any malware gets a chance to run.

This is very useful if:

1. Your main web browser is FireFox or Internet Explorer, and
2. You use Windows, and
3. You haven’t invested in a good anti-virus package.

It’s a fact that a lot of malware (including viruses, spyware, adware, etc) installs itself when you visit a hacked page. Most of the time you won’t know it’s happening – it’s important to install something that helps protect you.

Download it for free from: http://linkscanner.avg.com/

A spam email promising some SMS spying software actually installs malware. Below are some examples of the spam:

• Keep a spy eye on your Girlfriend’s mobile
• Do you want to catch a cheating girlfriend?
• You can read anyone’s SMS
• Read his messages

Lines such as the ones above might catch someone’s curiosity. If they click on a link they’re presented with a fake web page for their SMS spying software. The fake site says,

Get Your Free 30-Day Trial!

Do you want to test your partner or just to read somebody’s SMS? This program is exactly what you need then! It’s so easy! You don’t n3eed to install it at the mobile phone of your partner. Just download the program and you will be able to read all SMS when you are online. Be aware of everything! This is an extremely new service!

The download actually installs malware on your PC.

Some new PowerPoint files are being sent around the internet that do some bad things. When you open the PowerPoint file it runs a program that lets others connect to your PC, it then installs more malware onto it. And finally it cleans up the original PowerPoint file to make it more difficult to detect that the PC has been infected.

The following versions of PowerPoint are affected:

• PowerPoint 2000 Service Pack 3
• PowerPoint 2002 Service Pack 3
• PowerPoint 2003 Service Pack 3
• Microsoft Office 2004 for Mac

If you’re using PowerPoint 2007, just the PowerPoint Viewer (not the full version), or Office 2008 for Mac, then you’re safe.

If you receive spam with an attached PowerPoint file delete it.

Here is Microsoft’s advisory about this problem.

There is a competition where people try to hack web browsers (they call it Pwn2own) , the winners get thousands of dollars in cash and prizes. Below are the results of the competition. It says a lot about which web browsers are safer than others:

• Safari running on Mac OS X – hacked in 10 seconds
• FireFox running on Windows – hacked
• IE 8 running on Windows – hacked
• Chrome running on Windows – was not hacked

When a web browser is hacked (like in this competition), it means someone out there in the real world can do things on your computer, such as installing a virus or taking control of your PC.

You can see photos of the winners here. These are talented people that are using their skills to help developers fix their browsers. There are many more people who use their hacking skills to install malware and steal money from people’s bank accounts (this isn’t just about winning competitions).

The best thing you can do right now is:

• Stop using Internet Explorer (IE) for everything.
• Use Google’s Chrome as much as possible, at the moment it seems to be the most secure browser
• Keep updating your web browser – the latest updates are there to fix up bugs and security vulnerabilities
• Keep updating Windows (or Mac OS X or Linux) whenever a new update is released.
• Install a good anti-virus package that blocks web sites that have malware on them. This might cost you a bit of money (you usually have to pay a yearly subscription fee) and it’s a good investment.
• Don’t be ignorant and assume it won’t happen to you.
• Keep reading Fraudo to learn about online fraud and what you can do to prevent it.

Microsoft has released some critical updates today for Windows XP and Vista. If you use Windows perform a Windows Update to receive the latest patches. If you don’t then someone could take control of your PC just by visiting a hacked web page.

Ad-Aware is a popular anti-spyware product made by Lavasoft. This protects Windows PCs from adware. Adware is a term for programs that installs themselves on your PC and show you ads – it’s generally a bad thing.

They’re just released version 8 which they’re calling their Anniversary Edition. They have a free edition and 2 paid editions, each with different features.

If you download the free edition remember that you’ll need an anti-virus program on your PC (one that scans web pages as well as your PC).

Main Ad-Aware web page (has all 3 editions): http://www.lavasoft.com/products/ad_aware.php

Direct download to the free version: http://www.download.com/Ad-Aware-Anniversary-Edition/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=top5&cdlPid=10998841

If you’re giving the beta version of Windows 7 a go you now have the option of installing an anti-virus package. Kaspersky has released a version of their anti-virus system that will work on Windows 7 beta.

If you’re using Windows 7 beta for anything more than testing and evaluation you should really consider installing it. Kaspersky’s website is: http://www.kaspersky.com/windows7

Recently some people have been tricked into paying for OpenOffice.

OpenOffice is a free alternative to Microsoft Office. You can download it for free from here: http://www.openoffice.org/ . Don’t download it from anywhere else other than the official site.

If anyone asks you to pay for this then they’re trying to cheat you. There’s no reason to pay for the software, and there are no subscriptions you need to use it.

Disclaimer: while the software is free for anyone to download and use, you need to have an internet connection, and most people pay for their internet. This is just common sense. If this is a problem, sometimes computer magazines download it for you and put it on a DVD bundled with the magazine. Again the software is free but you have to pay for the magazine. This too is common sense. And it’s completely legal to copy it from someone else.

This one of those legal spyware programs I mentioned recently. Mobile Spy is used to secretly record SMS and calling data on a phone. It already existed for Symbian and Windows Mobile phones – now it’s available for iPhones.

They claim it runs in a stealth mode to make it difficult to detect. It silently records all SMS text messages and information about all calls. It then uploads this information to a private account on the web.

Apparently future versions of this program will also capture GPS information and details of any emails sent or received.

Why is this legal?

I can’t really comment on the legal side, and it would be different in each country. The company that makes it, Retina-X Studios, is selling this product to worried parents or employers to monitor their children/staff.

How is it installed?

Someone has to have physical access to the iPhone to install it. They need to purchase the program (US$99), and it seems the phone needs to be "jailbroken" – a hack that voids the phone’s warranty.

How can you prevent it?

Firstly, don’t lend your iPhone to people or leave it lying around.

I’m not aware of any anti-virus programs for the iPhone that detects this yet but I have my bets on F-Secure, they’re fully aware of what’s happening here. I’ll post an update when something new comes up.

Microsoft’s Internet Explorer is used by over 500 million people (all Windows PCs have this). A vulnerability was recently discovered and today Microsoft has released a patch to fix it.

It’s important for everyone to apply this patch (Windows users only). Run Windows Update to receive the new patch, or if your PC is configured to update automatically just follow the prompts that will appear today.

The vulnerability is activated when you visit a web site that’s been hacked. So far 10,000 hacked web sites have been discovered that will use this vulnerability to install malware on the PC viewing it.

The odds of infecting your PC from browsing innocent web pages are fairly high so apply the patch now. If you need help Microsoft’s security page has some useful links, http://www.microsoft.com/australia/security/default.mspx

Can you get a virus by opening a .DOC file? How about .RTF or .WRI? Yes, even if you don’t have Word installed.

On Windows these files are traditionally opened by Microsoft Word, and if you don’t have Word installed Windows uses WordPad to open these files.

A new exploit has been found that attacks WordPad. This affects most Windows users, in particular those who don’t have Word or Office installed.

How it works:

• You see a link to open a document, or you receive an email with a document attached.
• You open the file (the file name ends with .doc, .rtf, or .wri)
• It opens a connection across the internet for a hacker to log onto your computer
• The malicious hacker can do anything from your computer, such as installing more malware, using your computer to commit other crimes, or just watching what you do on your PC.

What you can do to avoid this:

• Perform regular Windows updates. Microsoft will be publishing a patch to fix this problem soon.
• Use a good anti virus package. This attempts to prevent you from downloading infected files.

Microsoft has published a document on this vulnerability here.

Anti-Malware Toolkit is a package produced by Lunarsoft. It helps you download 37 different tools you can use to protect your PC from all kinds of malware. A few of the tools it can install are quite useful, such as:

Spyware Blaster, CCleaner, RogueRemover, SUPERAntiSpyware, Malwarebytes, Spybot, Hijack This

I’d recommend this to more experienced PC users. General users are better off investing in commercial products, such as Trend Internet Security (there are a few good packages out there, Trend is just one). I say this because commercial products do most of the thinking for you and for a lot of people security is better this way.

The Anti-Malware toolkit can be downloaded from Lunarsoft’s site: http://www.lunarsoft.net/downloads

Note that it’s for Windows computers only.

One of the best things you can do to avoid falling victim to malware is to use an alternative browser.

Microsoft’s Internet Explorer (IE) is very popular. Not long ago almost everyone used IE, it comes setup with almost every new PC sold (Windows PCs). And malware writers targeted IE because they could attack a majority of users just by concentrating on exploiting one browser. You could call it tall poppy syndrome.

Today Firefox is extremely popular. It’s gone from a small minority of people using it to an amazing 44% (depending on which statistics you read – I used this one). This makes for a fairly large demographic, and malware writers are taking notice.

There’s a new trojan that hides in a Firefox add-on. Once installed it waits for you to go to an online banking site. When it detects that you’re using online banking it starts recording your actions (account details, your password). Then it sends this off to cyber criminals who auction off your details and eventually someone can log into your online banking and transfer money. This isn’t good.

There are a few things you can do to avoid this:

• If you want to install an add-on for Firefox, make sure you get it from a well known site. This is the official Mozilla site for Firefox add-ons: https://addons.mozilla.org/en-US/firefox/
• Use a good anti-virus package (it’s a small investment you make to protect your PC). Make sure it’s kept up to date.
• Once a web browser becomes too popular it’s time to start looking at less mainstream alternatives. At the moment you should consider Opera, Safari and Chrome (these are available for all the popular platforms)

In summary, Firefox is a very secure browser. It’s also fast and powerful, explaining why it’s become so popular. You just shouldn’t take its security for granted. Most malware infections happen when users are tricked into clicking something they shouldn’t have.

Some people have received a message on Facebook with the following title:

You look just awesome in this new movie

The message also has a link you can click on. When you click on the link it takes you to a page that looks like a video site, with a title similar to "Secret video by Tom". The page shows an error message asking you to download something to view the video.

If you proceed and click on the download link it downloads (a malicious) file to your computer.

If you continue and install the file it downloads it gives you another error message saying that it didn’t work. What it actually does is install malware on your computer.

By this stage most people wouldn’t suspect that they just downloaded and installed malware, with all the error messages they’ll probably give up and forget about the whole thing.

The malware sits quietly on your PC and when you’re searching for using normal web sites such as Google or Yahoo it then takes you to other malicious sites that install further viruses on your PC. This way you’ll always be installing more and more viruses without realising where they all originate from.

What can you do?

If you get spam in Facebook don’t click on the links. Delete the message.

Don’t fall for tricks such as secret videos of you. They’re designed to pique your interest and encourage you to click on the link provided.

Use a good antivirus package that filters out malicious web pages.

A keylogger is a small program that sits on your PC quietly capturing each key you press on your keyboard. It either logs each keystroke to a file, or sends it off somewhere on the internet.

It’s used to spy on people. By capturing keystrokes your login and password can be revealed, as well as other confidential information. And usually they’re what’s known as “stealthy” programs – most of the time you wouldn’t know it’s there.

Where do they come from?

There are quite a few keyloggers available. Most are written by hackers (the bad kind). A few are written by commercial software companies (more on that below). 

Are they legal?

Usually no. They’re used as spyware to capture your passwords which is illegal in most places.

How can you detect them?

Use a good anti-spyware program. Most antivirus packages come with this feature these days, others are available separately. There are free ones too. Search Google for current a list.

But there’s another kind of keylogger that you can’t detect this way. You can buy a little plastic device that plugs in between your keyboard and your PC. Since it’s directly connected to the cable hanging off your keyboard it can detect every key stroke and record it. Someone has to have physical access to your PC to install it (and to later remove it). You need to look at the back of your PC where the kayboard plugs in to detect it. Search here for a list of these devices.

News

Recently a US court has looked at a commercial keylogging company called CyberSpy and decided it’s illegal. They’ve ordered CyberSpy to stop selling their software (called RemoteSpy). Unfortunately there are too many alternatives for people keen on spying and stealing passwords. More on this here.

Asus usually makes good computers but they messed up with this one. Their new PC, called the Asus Eee Box PC, has been shipping in Japan with a virus called “recycled.exe”. The virus copies itself to removable drives (such as USB flash drives) and attempts to download more malware when it’s connected to the internet.

Only the ones sold in Japan have been affected. Asus have recalled the computers and are fixing the problem. If you bought one already then scan it for viruses.

A rather serious exploit has recently been discovered.

It’s called ClickJacking. The problem is in Adobe’s Flash player, which just about everyone in the world has installed (sometimes without even knowing it). 

The vulnerability makes it possible for someone to control your computer’s webcam or microphone, lettting other people spy on you. It’s a serious problem.

Who’s at risk?

Anyone who has Flash version 9.0.124.0 or earlier is at risk. This includes Windows, Mac, and Linux users, and FireFox, IE, Safari, Chrome, and Opera users (does this list include you?)

What can you do to protect yourself?

Adobe is publishing a fix very soon and the best thing to do is to upgrade to the latest version of  Flash. Flash should prompt you to download an update – say yes to this. Otherwise download the latest version from Adobe’s web site.

If for some reason you can’t update Flash on your PC there’s another way to protect yourself (this is a last resort tactic, updating Flash is much safer). The workaround is to set the Always Deny option, as detailed here on Adobe’s site.

Further info:

Someone has gone to the trouble of setting up a sample of how the exploit works and recorded a video to demonstrate. Play the YouTube video in this article.

ZoneAlarm has been making security products for a number of years and they have a good reputation. I don’t have the resources to review or evaluate security products so I tend not to make specific recommendations (but I do recommend that you should invest in a good antivirus package).

For one day only ZoneAlarm has made their ForceField product free to use for one year. It blocks phishing sites (this is a good thing), blocks keyloggers, and has a host of other interesting security features.

If you don’t already have a security package that does everything (and why not?) then try this one out. As I said, ZoneAlarm has a good reputation for this kind of thing and “free” is a good price. Note that they ask for your name and email address.

Link: http://download.zonealarm.com/bin/free/sum/index.html – click on the red button.

More info about ForceField here.

Update: This offer has expired. Good computer security is very important (read some of the pages on this site to find out why) and it’s definitely worth paying for good software that keeps you safe. You should be using a package that constantly scans your PC for malware (viruses, trojans, etc), scans all web pages and updates itself daily. It’s a very good investment.

Trend Micro make some good anti-virus and anti-spyware tools. One of their tools is called iClean. Unfortunately someone has created a fake copy of one of their websites that will install malicious code on your computer (in this case they’ve copied the Taiwan version of their site).

So which is the real one and which are the fake ones?

Real Trend Micro Site:

• Anything that ends with .trendmicro.com, e.g.

• http://tw.trendmicro.com/tw/products/enterprise/wtp/index.html
• http://www.trendmicro.com/

Fake (malicious) sites:

• hxxp://www.update-windows-microsoft.com/

These tips will help you avoid this problem, and similar threats:

• Companies don’t usually send free applications directly by email. You would normally go to their web site to download it.
• Have a good anti-virus / anti-spyware installed, one that is updated daily so it can protect you from new threats.
• Pay close attention to a web page’s address.

Skype has issued a warning that people have been receiving emails that appear to be from Skype. When a user clicks on a link in the email, they’re taken to a login page that looks like Skype’s website (but in fact it’s operated by someone else). When you enter your username and password, they’re sent to someone who will then use them for some malicious purpose.

How can you tell a real Skype login page from a fake one?

According to Skype the only page that they will ask you for login details is:

https://secure.skype.com/…(anything else is ok here)…

If you’re about to enter your Skype details into a website that doesn’t exactly match the above then it’s probably fake. What if it’s just a few letters different? What if the dot’s in the wrong place?

The part after the // and before the first / needs to be an exact match. I’ve made this bold just to make it as clear as possible. The part at the end is ok.

Below is a copy of one of these Skype phishing emails. I’ve copied the contents here to help Google index this page. When you receive suspicious emails it’s a good idea to copy and paste a few lines into Google. You’ll soon be able to tell if it’s a known fake email or real.

Account blocked

Hello!

We have to notice that your account is suspended because Skype major Terms are being changed.
To re-activate your account you need to agree with the new Terms here:

Follow this link to re-activate: ACTIVATE

after that, your account will be automatically re-activated.

Thank You!

Skype Administration

The word ACTIVATE has a link that goes to the fake Skype login page. In most email clients, if you hold the mouse pointer over the link you can see the real destination. If it’s not like the one shown at the top of this article then it’s fake. See this screenshot of the fake one:

TrueCrypt is an encryption program we wrote about earlier. It lets you do things like "whole disk encryption" (good for people who carry around laptops full of confidential files), and other encryption functions.

Version 6.0 came out a few days ago. It’s open source, meaning everyone is free to review the source code. It’s available for Windows (Vista, XP, 2000), Mac OS X, and Linux.

http://www.truecrypt.org/

If you use Window XP or Windows Vista, Microsoft has a tool that could be useful to some people. It’s meant more for shared computers, or for any PC that’s at greater risk of infection.

What it does is fairly simple. Every time you reboot the PC, Steady State will restore it to how it was before. So no matter how many viruses, spyware and adware you end up accidentally installing. it becomes fresh and anew.

You need to install it and set it up correctly, and for most people it might be a good idea to get some advice from someone who’s IT savvy, just to make sure you take full advantage of this great tool.

Best of all is that it’s free, as long as you have a genuine Windows XP or Vista license.

While you should still be responsible with how you use a computer, what you download and which web sites you visit, this tool is great tool for certain people.

More info and a download link here.

A new report has concluded that 637 million people are using out of date web browsers. This is bad.

Old web browsers have security flaws and vulnerabilities. You’re meant to update your web browser to the latest version because the developers have worked hard to patch it and fix up security holes. And in almost every case an upgrade is completely free. Why would anyone choose to use an old browser?

There are no legal obligations to upgrade a web browser but with this many people ignoring the very simple task of upgrading maybe it’s time for something to change. Now’s a good time to check for updates (the option is often in the Tools menu of the browser you’re using right now).

The report is here.

Microsoft has just released June’s lot of Windows patches for XP and Vista. Among the latest patches is one to fix a vulnerability in the Bluetooth stack.

If your computer uses Windows XP or Vista and it has Bluetooth then you need this patch. If your computer doesn’t automatically download and install patches you’ll need to go to Internet Explorer, go to the Tools menu and select Windows Update. Until then you should turn off Bluetooth, otherwise someone could take control of your computer.

Bluetooth has always had security problems from the start. There have been a few fixes along the way but overall it’s an insecure technology.

Technical details about this patch here.

This week everyone’s been talking about a new flaw in Flash that can be exploited to run malicious code on your computer. After a few days of media frenzy Adobe has released a fix for it.

If you use Windows then download the update (this includes users of FireFox, Opera and Internet Explorer). Link here.

The fixed version is 9.0.124.0. If you’re keen you can read more about the vulnerability here.

Apple has released a major update to Mac OS X. If you use a Mac you should first make a good backup of your computer then apply this update.

It patches over 40 security vulnerabilities (don’t let anyone tell you Macs are completely safe and invulnerable). The latest version is 10.5.3.

Ad-Aware 2008 is now available. It’s a popular anti-spyware product for Windows that scans your computer for spyware and adware. It comes in three versions:

• Free
• US$26.95, includes features such as real time detection
• US$39.95, includes more advanced features such as network drive scanning

There’s a comparison chart here showing what’s different between the versions. If you’re new to this product and aren’t sure which version you need start with the free version.

Read more about Ad-Aware 2008 here including a download link.

Similar products available for Windows are:

• Spybot
• Windows Defender

Also note that the larger anti-virus packages such as Trend Internet Security also contain anti-spyware modules.

Back in January I mentioned that HP’s Software Update Tool was vulnerable to attacks. That was limited to a support program installed on HP laptops. Now the problem appears to be worse than first thought.

A large number of HP’s printers (both laser and inkjet), scanners, cameras and PCs also include this tool. Version 4.0.9.2 or earlier is vulnerable. The problem has been resolved in the latest update, version 4.0.10.8.

So if you have an HP product on your computer check if HP’s Software Update Tool is installed, and the version number. You might need to upgrade it.

The risk is that a malicious web page can be created that activates some code in HP’s Software Update Tool and it can execute code on your computer. This is OK if you’re allowing HP to update your drivers, but it’s a bad thing if random strangers can do this.

Note that this only affects Windows users.

AVG has released a new version of their anti virus program. It comes in three versions:

• Free
• US$35
• US$55

8.0 was just released, the main new features are:

• link scanning
• anti spyware
• Email and instant messaging protection

The difference between the three prices are the features included. See this chart for details.

The FireFox and Safari browsers have been updated. If you use either of these then you should upgrade today. The new version numbers are:

• FireFox: 2.0.0.14
• Safari: 3.1.1

This applies to Windows, Mac and Linux users. The updates fix vulnerabilities and hence are important security updates.

Apple has released a new version of QuickTime for Windows and Mac. It fixes 11 vulnerabilities so if you have QuickTime installed on your machine it makes good sense to update it now.

The new version is 7.4.5

Note that QuickTime is usually installed with iTunes, so if you use iTunes you probably also have QuickTime installed.

See Apple’s website for more details.

Symantec is well known for making security products (they also use the Norton brand for home products). A serious flaw has been found in some of their products including Norton AntiVirus, Norton Internet Security, Norton SystemWorks and Norton 360.

The flaw is in an ActiveX control that gets installed on the PC (the control is called SymAData.dll). This control is normally used for their AutoFix tool, however it was discovered that it can be exploited by adding some malicious code to a website. The exploit allows someone to take over the computer (generally a bad thing).

Two ways to fix this problem are:

• Engage in an online chat session with Symantec’s technical support team
• Download the patch from Symantec’s website, https://www-secure.symantec.com/techsupp/asa/install.jsp

Earlier we wrote about problems with ActiveX and suggested you disable it.

People that have Adobe’s Flash player version 9.0.115.0 or earlier, or 8.0.39.0 or earlier, need to update it now. A new exploit for these versions has been discovered and can allow someone to take control of your computer just from visiting a website that has malicious code.

The new version that you need is 9.0.124.0 and it fixed this new vulnerability.

AIR1.0 is also affected because it includes a Flash player built in. If you use AIR upgrade to version 1.0.1.

Adobe’s security bulletin says that this affects all platforms, so that would include all versions of Windows, Macs, and Linux.

iMunizator is an application for the Mac that claims to scan the computer and report problems.

iMunizator actually searches the computer for important files and tells the user that they are dangerous. It then offers to remove them.After removing them the computer is no longer usable.

In other words, iMunizator is a malicious program. Don’t ever run this program on a Mac.

It’s actually another version of MacSweeper, which we warned you about earlier this year.

Imunizator’s website