Subscribe


February 2010
M T W T F S S
« Sep    
1234567
891011121314
15161718192021
22232425262728

Categories

Archives

« Older Home
Loading Newer »

Victim catches identity thief

Published September 8th, 2009 in Identity Theft. Comments

It’s news when an identity thief is caught (only 1 thief in 700 reported cases is caught and prosecuted), but when the victim catches her own thief, that commands a headline!

In a byline article in the Seattle Times yesterday, Ian Ith reports the story of Michelle McCambridge, a 23-year-old retail clerk and college student whose identity was stolen back in January this year. Just a week after Miss Cambridge learned that someone had opened credit card accounts in her name, the thief appeared at her counter at J.C. Penney. Cambridge recognized the woman from a surveillance photo she had been shown by a federal agent when she reported the incident.

In January 2008, The Reader’s Digest ran the story of Karen Lodrick, a San Francisco writer and human resources consultant, who recognized her thief at a Starbucks, and then chased the woman through the streets of San Francisco, while directing police on her cell phone. What happened to the thief? Karen tells the story better than I can. But I will tell you that Karen was not pleased, and she started her own crusade–Fighting Back Now–to educate people about this growing threat.

The FTC’s latest figures indicate that there were more than 9 million reported cases of identity theft in 2007. Other agencies and public sources point out that many of these crimes go unreported–indeed, it often takes years for the crime to be discovered, especially in child id theft cases–and that the actual number is much higher. Some authorities believe the number is closer to 20 million and climbing.

The identity thieves who never get caught are the professionals who deal in them on a wholesale basis. Millions of personal records are exposed each year through data breaches. According to the Identity Theft Resource Center, 13,164,689 records have been exposed so far this year in 363 separate breaches. Millions of these records, containing social security numbers, drivers license numbers, names and addresses, and other critical information, reach the hands of organized crime gangs who offer them for sale in underground markets.

Law enforcement agencies warn that although you can and should take common sense precautions, this crime cannot be prevented. The most important step you can take is to be prepared. Choose a service that does the work of recovery for you. Every bit of it until your life is back to normal. The amount of work is staggering for an individual. It takes hundreds of hours, and the costs can run into the thousands of dollars. Most of the services you see advertised give customers a recovery kit and a help line for advice, but you have to do the footwork, the phone work, the notifying work, the credit bureau negotiations…and on and on…all by yourself. Who wants that?

Don’t take chances with your identity. It’s your most important possession.


Facebook virus leads to gold for hackers

Published September 7th, 2009 in Viruses. Comment

News of a new virus, called “Facebook Fan Check Virus”, is sending a lot of people to Google to search for information, and those searches are leading them right into hacker traps. Click on one of those websites and the most likely result is that you’ll download scareware, an urgent notice that your PC has been infected. This is accompanied by an offer to pay $30 or so to download the anti-virus software that fixes the problem.

Graham Cluley has an excellent post on this development in his Sophos blog. Rather than give you excerpts, I recommend that you read the complete article. It’s the best way to get the information you need. The source is safe and knowledgeable.

Scareware is big business. Don’t click on those urgent warnings. Carefully close the window by clicking on the X in the upper right or left corner.

And protect your PC with enterprise grade security software.

Bill would allow Obama to take over Internet

Published September 3rd, 2009 in CyberCrime, CyberTerrorism and Uncategorized. Comments

I’m in the business of cyber security, and I’m in favor of all the help we can get. But when a liberal Senator introduces legislation to fight cyber crime, my neck hairs stand up and vibrate.

Sen. Jay Rockefeller’s Cybersecurity Act of 2009 raised a lot of hackles when it was first introduced because of language that would give the president broad new powers to take control of the Internet in an emergency.

And guess what? The president would get to determine what constitutes an emergency.

Would too much criticism of the administration in the blogosphere constitute an emergency?

Well, probably not. I hope. I mean, they’re not thinking about ways to shut down talk radio just for being a pain the royal foofer, right? But read this from a story in eWeek:

The original draft bill gave the president the broad authority to designate various private networks as a “critical infrastructure system or network” and, with no other review, “may declare a cyber-security emergency and order the limitation or shutdown of Internet traffic to and from” the designated the private sector system or network.

Reaction to that language was so intense that Rockefeller changed it to something more vague, but no less ominous. It still allows the president to declare a cyber-security emergency and assume authority over “non-governmental” networks. It would only apply in times of national emergency, but that isn’t clearly defined. It’s left to the president to decide.

Another provision in the bill gives the government authority to standardize security software and force security firms to get government approval for new software. Yeah, right. Guess how long that would take. Of course, the law probably would apply to authors of malware, too, so why worry?

One more excerpt from the eWeek story:

The legislation also calls for a public-private clearinghouse for cyber-threats and vulnerability information under the authority of the Department of Commerce. The Secretary of Commerce would have the authority to access “all relevant data concerning such networks without regard to any provision of law, regulation, rule or policy restricting such access.”

Just what’s needed to fight cyber crime–more bureaucracy.

1 Down, 1 Million to Go?

Published September 1st, 2009 in CyberCrime. Comments

A big tip of my hat to investigators and the U.S. Attorney who brought down Albert Gonzalez, the Miami hacker authorities were able to tie to a cyber-crimewave that hit companies from Heartland Payment Systems to Hannaford Brothers.

The 28-year-old Gonzalez pled guilty to various charges and now faces up to 25 years in prison.

So that’s one cyber-criminal taken off the streets..er..the cyber highway. But untold thousands of professionals working for huge cyber-crime companies remain at work, developing new ways to steal everything you have, or make you into an unwilling, unwitting partner in crime.

From reports I have read, my guess is that Gonzalez is an expert amateur, not a professional on the level of those employed by organized crime.

I don’t know if there are a million criminal hackers out there, both amateur and pro. No one knows the real number, but a couple of years ago a government agency claimed that there were as many as 14 million hackers capable of breaking into a home computer with “average” protection.

So, score one for the good guys. But don’t relax. The odds that a criminal is controlling your PC at this very moment are better than 9 to 1. And don’t bet on your security software. The FBI says off-the-shelf or downloaded products have a failure rate well above 90%.

Can I ask a question? If someone were using your PC to send out tens of thousands of pieces of spam every day, or storing and distributing illegal stuff, like pornography, how soon would you want to know?


New Russian Ransomware Trojan

Published July 31st, 2009 in Worms & Trojans. Comments

Suddenly an ad appears on the webpage on your screen.

You try to delete it, but nothing works.

You go to another page. And another and another. The ad keeps following you.

It’s the newest ransomware scam from Russian hackers. The Ransomware Trojan is either dropped onto  systems already compromised by other strains of malware, or downloaded from legitimate websites that have been infected with the malware.

The ad tells you to send a text message to a premium rate number in order to remove the ad. In the process you will gain access to on online smut site. The idea behind the Ransomware Trojan is to annoy and embarrass you so much that you’ll give in and send the text message. That will get rid of the ad, but not the Trojan. And you’ll see a nice fat charge on your next cell phone bill.

If you see such an ad, DO NOT call or text the number. Here’s what to do instead. Update and run your anti-virus software. It should detect the tools that the hacker is using to control your PC.

Meanwhile, make sure you are running the latest version of Firefox. The Ransomware Trojan is not compatible with that version of the Firebox browser. However, it will work with Internet Explorer, older versions of Firefox, and Opera.

Don’t click on links or visit websites sent to you in emails, unless you know the sender and you are expecting the link. Links may take you to a hacked website.

Dark side leads technology

Published July 30th, 2009 in Botnets and CyberCrime. Comments

Sometimes it seems that the dark side is leading in the development of new technology. Technical journals and reports abound with examples.

Last week there was a reference to quality control services for malware makers in a report from Cisco. The report cited a Russian site that for a fee

tests malicious files against the latest versions of 26 virus-scanning software products to determine whether the anti-virus software can detect the malware.

Cisco says the process “results in malware that is 10 to 20 times more effective than it would be otherwise, and frees up the attackers to work on other products rather than test how detectable their current exploits are.”

Today, eWeek published a story on botnet technology. Headlined “A Day in the Life of the Rustock Botnet,” the article includes a slide show of images of this prolific spamming botnet in action. Evolving dark side technology like this makes it easier for botmasters to evade spam filters. Spam levels are up 60 percent between January and June, according to the article.

Cyber crime is not just big business, it’s a huge underground economy in which thousands of “companies” and hundreds of thousands of individuals interact and do business with each other. Their targets are you and I and our small businesses.

Big companies have IT departments with access to the best counter-crime technologies in the world. Do you have an IT department? How do you keep cyber criminals out of your PC and your life?

New malware trick

Published July 20th, 2009 in Botnets and Viruses. Comments

Warren Franklin, a fellow cyber crime fighter, writes this morning,

… you shouldn’t be too surprised to learn that there is a new malware
trick.  It’s called “quality assurance.”  Malware distributors are
outsourcing for quality assurance going to sites like virtest.com. According
to Cisco, for a fee the site tests malicious files against the latest
versions of 26 virus-scanning software products to determine whether the
anti-virus can detect the malware.  Cisco says running the malware through
this scanning results in malware that is 10 to 20 times more effective than
it would be otherwise, and frees up the attackers to work on other products
rather than test how detectable their current exploits are.

Simple economics: Demand creates supply.

Cyber crime is big business. Cyber crime organizations are modeled on corporation-like and Mafia-like structures. Whenever a service is needed (demand), an entrepreneur will come along and fill (supply) the service or product.

When a new service or tool surfaces in the hacking community it not only meets an existing demand, it attracts more customers into the field. Supply doesn’t create demand, but it sure can awaken it!

That’s why we who use the Internet–and there are now more than 1.2 billion of us on spaceship earth–need to be ever vigilant. When you go online, don’t presume you are safe. You’re not.

Fake Software: Cybercrime product of the year

Published July 18th, 2009 in Botnets, CyberCrime, Viruses and Worms & Trojans. Comments

In its midyear report on cyber security, Cisco Systems names rogue anti-virus software the cybercrime product of the year.

There is a lot of great software that you can get for little or nothing from the freeware and shareware communities.

There is also a lot of very dangerous free software being pushed by cyber criminals. At the top of this year’s list is fake anti-virus and anti-spyware software. When I say “pushed” I mean that literally. Criminals inject malicious software into legitimate websites. Thousands of reputable sites are newly infected every day, and when you click on one of them, the software is automatically downloaded and infects your PC with a Trojan.

Rogue software is also called “scare ware” because the Trojan displays warnings that a virus has been found on your machine, and it tries to scare you into buying recommended anti-virus software to remove it. You pay for the antivirus with your credit card, and the symptoms of the infection disappear. But the Trojan doesn’t go away. It’s still there, and could be sent on to everyone in your address book, or it could be reactivated on your own PC.

Most forms of malware go to work inside your computer, take control of it, make it part of a botnet, and you’ll never know it. Off-the-shelf anti-virus software seldom detects sophisticated malware.

The good news is that scareware has to announce itself. The moment you see the warning and an offer to buy removal software, you know you have an infection.

What to do. Get out your credit card and call your anti-virus software vendor help desk immediately. A tech will go into your computer remotely and try to find the bad guy’s software and remove it.  A good tech usually can fix the problem in an hour or less. Most vendors charge about $4 per minute.

I use and market a service that cleans my computer at no charge whenever my PC acts strangely or I suspect an infection. It’s like having my own IT department.

Botnetweb

Published June 18th, 2009 in Botnets and Viruses. Comments

A new digital age vocabulary word has just been coined: “botnetweb.“

You know what a botnet is: a collection of hijacked PCs under the control of a hacker (botmaster).

Link a bunch of botnets together and you get a botnetweb, a compilation of millions of PCs.

In a PC World article published yesterday, Ed Larkin writes:

Botnetwebs don’t just enable crooks to send spam or malware to millions of PCs at once. They also represent a highly resilient infection that uses multiple files. An attempt at disinfection might eliminate some files, but those left behind will often redownload the scrubbed ones.

Another new challenge to your security software suite, with some new twists. There’s evidence ”of cooperation and coordination among major spam botnets, representing a sea change in the way malware works.“ And botmasters now use multiple malware files, further reducing the chances that your anti-virus package will catch and erase the complete infection. You can’t assume that when your anti-virus reports that an infection has been removed, your PC is clean. Other malware, working as a kind of back-up, likely is still there.

One suggestion is to download and run several anti-malware tools. But that tactic brings its own perils.

The best answer is to have a service manage your security for you, and handle the maintenance, too, just like big corporations do. You’ll have highly trained experts managing your security software and keeping your PC clean and running at its best for a small monthly fee. It’s cheaper than the do-it-yourself method and it works better.

This kind of service isn’t just for companies anymore. It’s a brand new category of service for consumers and small business owners called ”Personal Computer Services.“ It allows you to turn over all the headaches of PC ownership to qualified experts for about $15 a month.

Markets Dive, Crooks Thrive

Published October 10th, 2008 in CyberCrime and Uncategorized. Comments

Recession is in the minds of people all over the globe, as market values tumble and panic sets in. But there is one group that won’t be participating in this recession: online criminals.

Organized crime now controls more computing power than any government on earth, through vast armies of zombie computers, all programmed by and under the command of these crime lords.

The ability to send out billions of scam emails is one example of this computing power.

In the current financial crisis failing banks are being acquired by larger, healthier institutions. Criminals were quick to see the opportunity, and have mounted new phishing scams related to these takeovers.

Here’s an alert that I received today from the company that protects my computer.

Phishing scams may appear as requests for users to verify personal and bank account information, enroll in additional bank services, or activate new security features. The email messages may contain a link that, when clicked, will take the user to a fraudulent web site that appears to be a legitimate bank web site. The users may be asked to provide personal information that can further expose them to future compromises. Additionally, these fraudulent web sites may contain malicious code giving complete control of your computer to hackers.

You may think that you’d never fall for one of these scams, and I hope you’re right. But these scam artists a very clever. An email will have the bank’s actual logo,  the message may be well written and plausible, and include a link with the bank’s real name, but that link is fake and it will take you to a fake website.

Always remember, banks do not ask their customers for account numbers or other information. They already have it!

My security service provider is INVISUS Direct. Here’s what it recommends to keep safe from cyber-crime:

  1. Make sure your computer is updated and scanned regularly (as scheduled or done manually) with the INVISUS security suite.
  2. Ensure that your Windows desktop protection is current by going to Windows Update. Confirm that you have an updated antivirus software program running on your PC.

  3. Don’t click links or call telephone numbers included in suspect messages. Instead, contact the bank directly by using phone numbers or addresses listed in published directories.

  4. Don’t open e-mail attachments. In particular, e-mail attachments with “.scr,” “.com” and “.exe” file extensions are likely malicious.