Author: enrique

75 Million Unique Malware

At the end of 2011 (just recently) the total number of unique malware (viruses, spyware, etc) reached 75 million. That’s 75 million different threats people created to cause havoc, steal passwords and steal money from you. The internet can be a dangerous place.

The figure comes from a report by McAfee. They also report that malware for Macs are becoming less common, and malware for Android are becoming more common.  You can read more details here, it’s pretty grim.

Some tips to avoid being a victim:

  • Use a good antivirus product on your computer. Paid ones are usually better. Keep it updated
  • Use Google Chrome
  • Don’t click on every link you see in Facebook, Twitter, etc.
  • Sometimes people’s accounts get hacked, so something they wrote online might not really be from them
  • Don’t believe every sensational headline you see
  • Don’t believe every alarming email you receive, especially emails that sound urgent and have poor spelling and grammar
  • Use common sense (why would a stranger in an African country want to give you millions of dollars, or did you really enter the Spanish lottery?)
  • Use Google to check if something you read is true

 

PIN 1234

1234 is the most common PIN used in banking.

A new study of 1100 banking customers found that 1234 and birth dates make up a large percentage of PINS. This means if your wallet is stolen, a thief can find your birth date from your license or other ID, take your ATM card and guess your PIN. And it will work for 1 in 18 stolen wallets (or 1 in 11 for some banks). They’re good odds for thieves.

The study suggests that banks issue a random PIN instead of letting you set one yourself. I think it’s a good idea. Here’s the full document.

Phone Tracking

Mobile phones (or cell phones or hand phones, depending where you are in the world) can be used to track the location of people. This has always been possible, because of how the cellular network works. But now it’s easier for hackers.

The GSM system (used by most phone companies) has a test mode built in. A recent demonstration by a university showed that anyone can access this test mode and request the location of any phone, if they have the right skills and equipment. The equipment doesn’t cost very much, and the skills can be shared on the internet.

Mobile phones use base towers to handle the communication. The phone network needs to keep track of which towers are closest to you. And by using triangulation, an approximate position can be calculated.

Here is the research paper by University of Minnesota explaining how they tracked phones: Location Leaks on the GSM Air Interface.

What can you do?

Nothing. Law enforcement organisations have always had access to your phone’s location. Hackers now have it as well. If you need to keep your location private then don’t carry a mobile phone. You could also keep it turned off until you need it, but as soon as you turn it on the cell network will know your location.

Fake comments

If you run a website sooner or later you’ll see spam in the comments. Here are some tips for recognising them:

Spam comments are very vague. Instead of discussing your content, it says something very generic, such as “your website is great”. E.g.

naturally like your web-site however you need to take a look at the spelling on several of your posts. A number of them are rife with spelling problems and I to find it very bothersome to inform the reality nevertheless I will surely come again again.

There is nothing useful in this comment, and it could apply to anyone’s website. So obviously it was sent to every website they could find hoping someone clicks on their link.

Another place to look is the sender’s URL. Some website software such as WordPress allow commenters to include their URL (their web page). Look at it closely, if it says something like paydayloansonlinecash.com then it’s spam – they’re trying to make money off your site.

Facebook “Remove Timeline” Scams

Facebook has a new “Timeline” feature. At the moment it’s optional but soon all Facebook users will have it. Some people aren’t happy with timeline, so scammers have stepped in to “help”.

If you see something claiming to help you remove the Timeline feature in Facebook, it’s likely a scam. It starts with someone claiming to have instructions on removing Timeline. If you click on the link, spam is added to your Facebook profile. Another variation asks your Facebook friends to provide their details to the scammers. 

Some variations of the “Remove Timeline” scams are a little more complicated, and install software on your computer. To cover up the fact that it isn’t really helping you it says that it will take up to 24 hrs to take effect. This is just a trick.

If you see a scam like this on Facebook, ignore it, or click on the “Report App” button on the left menu – this will alert Facebook staff about the scam app (this is only visible on Facebook Apps).

At the moment there is no official way to remove the Timeline feature – I’ll update this post if this changes.

 

New Scam Email Promises $16m

Here is a new scam email. It scams begin with a confusing story about millions of dollars and some official sounding name dropping (the FBI).

If you look closely you’ll see many spelling and grammatical errors. Also, the email was not sent from the FBI – you can see this in your inbox if you place the mouse pointer over the sender.

The emails is:

FBI Headquarters
935 Pennsylvania Avenue, NW
Washington, D.C. 20535-0001
(202) 324-3000

Sir,

We the Federal Bureau of Investigations (FBI) Washington, DC in conjunction with some other relevant Investigation Agencies in the United states of America and right now in West Africa, headed by Wayne Mitchell (RPO), we understand that your fund has not yet been transferred to you do to an Outrageous Conduct.

We have to let you know the truth because we know that you have gone far in trying to get this fund and you must have paid some amounts of monies to persons you are not supposed to give out a dime to. Through our Global Networking Investigation, we discover that your fund (Sixteen Million United States Dollars $16,000,000.00 including the accrued interest is among the funds ON HOLD in West Africa (Ghana) do to one or two reasons which you have not been told.

As the Executive Director, Federal Bureau of Investigation FBI and a Principal Officer, We strongly know that the people you have been dealing with are not going to tell you the truth because they are all Criminals. You are hereby advised to stop every communication with any Office and feel free to explain to this Bureau why your fund is not yet released to you.

As a matter of fact, we do not have enough time to waste since we have consumed much time in going through your Payment files to ensure that these Funds are genuine and legit. On this Effect, this instruction requires urgent attention because the release of your fund is due.

We awaiting for your urgent response,

Sincerely,

Robert Muller III
FBI Director Headquarters

If you reply to the email they’ll make their story even more complicated and start asking for your bank account details. Their reply is:

FBI Headquarters
935 Pennsylvania Avenue, NW
Washington, D.C. 20535-0001
(202) 324-3000

Kind Attn:

This is to bring to your notice that we have received your mail today.

We understand that your fund has not yet been transferred to you do to an Outrageous Government Conduct which you have not been told. What a mess? though the FBI expertise and the investigation teams has officially instructed the holding bank to release your long awaited fund valued the sum of Sixteen Million United States Dollars $16,000,000.00 to you with immediate and effect.

The financial expertise and the investigation team has resolved to the fact that the fund is genuine therefore you have to stop every communication with any Office and feel free to contact the holding/ paying bank with your banking details through the below contacts information for your fund to be release to you:

MERCHANT BANK GHANA LTD
Contact Person: Managing Director
Email: merban@accountant.com
Phone: +233-247630112
Fax: +233-303403381

Do this and let us know if there’s anything you do not understood so that we can give you further instructions to back you up for this claim.

Sincerely,

Mr. Robert Muller III.

If you see this email, mark it as spam, or delete it.

 

Scary emails with malware

Malware infected emails are getting scarier with subjects about wanting to sue you. Take the email below, it suggests that your email is sending spam and that you’re going to be sued. This kind of tactic is called social engineering, the words have been carefully crafted to add a sense of urgency, which in most people causes irrational decisions to be made such as opening the attachment in the email.

The email says,

Hello. Your email is sending spam messages! If you don’t stop sending spam, we will be impelled to sue you! We’ve attached a scanned copy of the document assembled by our security service to this letter. Please carefully read through the document and stop sending spam messages. This is the final warning!

The subject is one of

  • You are sending ad messages
  • We are going to sue you
  • This is the final warning
  • We’ve sent you a copy of a complaint
  • A message from our security service

If you see an email like this don’t click on the attachment. Delete the email. The attachment is a trojan that then installs viruses every time you reboot the PC.

 

Australian Taxation Office – New Rules

The following email is a scam. It encourages you to click on a link about tax, but instead takes you to a website that tells you your computer has a virus. This is where the scam comes in – you don’t really have a virus. They just want to sell you a fake antivirus product.

The email says:

Australian Taxation Office informs you about the changes in the rules of submitting tax report.

Please, read about the changes to Click Here.

Important to know
We do not offer cashier services for tax payments or refunds. For further information on how to pay your taxes, see How to pay.
(http://www.ato.gov.au/content.asp?doc=/content/33696.htm) 

We are kindly asking you to keep to rules and terms of tax report submission to avoid penalty. 

Best regards,

Andrew Nichols
Australian Taxation Office

If you see this email, don’t click on the links. Delete it.

How can you be sure if it’s real or a scam?

Place the mouse pointer over the links, but don’t click. You should see the real address popup. If it looks dodgy then it’s probably a scam. See this screenshot,

Fake ATO emailThis type of scam email is common. Always use this trick to judge if the email is legitimate or a scam.

 

Security Questions

Have a look at the following screenshot and try to guess what’s wrong with it?

preferred internet password

 

This screenshot was captured from the US National Archives’ signup page (click here then click on New User). It asks for a challenge question and challenge answer, in case you forget your password. The problem here is one of the questions, “What is your preferred internet password?“.

Why would you give someone this information?

Challenge questions and answers are a way to recover lost passwords. Unfortunately this information is often not encrypted – it’s less secure. So whatever you set for your challenge question and answer is sometimes vulnerable to hacking. Also, the questions are often things that other people can easily find out about you, like your pet’s name. This is why I don’t like them.

Poll: