~~ FROM THE ARCHIVES ~~
|
A Security guide for the everyday, non-technical
internet user who just wants to be safe doing basic stuff |
Here's your
"Security
Alert News Reporter"
for February,
The "NewsReporter", a security alert newsletter,
is published to keep you up-to-date on the latest information we
gather for avoiding and surviving the hectic hacker attacks on your computer
security and personal identity that take place constantly on the
internet. Many of our comments are based on personal experiences. Protecting
your safety, security, sanity, and privacy is not a simple task. We're trying to make it a bit easier for you to accomplish.
This security alert Newsletter
is sent out periodically to everyone who has registered for the
Security Alert
and Report
Alert Services from one or more of the websites
published and maintained by www.RichardPresents.com.
If you are no longer interested in up-to-date Security Alerts or
Safe Surfing Suggestions -
please use the
link at
the end of this letter to un-register.
|
Thanks for being a
Loyal
Subscriber |
|
Some
Highlights from
TODAY'S TOPICS |
●.
Latest Virus and Worm Threats
●.
The Panda Report - Another Trojan
Horse
●
Cyber Crime
Trends
- Changing Tactics?
●. So,
What's New? (Avoid Rogue Software)
●. Privacy Theft - Important Updates
●
Install
Free Anti-virus software
●.
Family Security - review Family and
Kid Friendly Sites
●. Recommended - Predator Guard to
Protect
your Children |
●. Publications for your Family and Friends/
FREE Identity Theft
Guide /
Many Others
●.
Resources - Most are FREE! /
●.
Bill Hely's ebook -My Security Bible
●.
Reviews of the News-
really fresh news and
encouraging reports to keep you abreast
of latest Scam and Spam busting
activities
●.
Be a Cyber Secure Citizen
●
Free Download
/ Errornuker Registry
Cleaner
|
|
CLICK ON ANY
TOPIC YOU'RE INTERESTED IN - OR READ THIS NEWSLETTER FROM TOP TO
BOTTOM |
The trends in the activities of cyber criminals seem quite
apparent –
They're going after the money. That's your money and mine.
They're using some very sophisticated methods to do it, too.
These perpetrators are hard to catch, but efforts to catch and
incarcerate them have intensified lately. I've covered some of
the recent FBI, DOJ and other watchdog agencies successes below.
I believe they are encouraging.
... Richard |
~~~~~~~~~~~~~~
►
Latest Virus Threats
reported
Feb 11, 2006 by McAfee ,
US-CERT, Panda™ and other advisory services. (US-CERT is the
operational arm
of the National Cyber Security Division (NCSD) at the
Department of Homeland Security)
Full descriptions including virus characteristics, symptoms, aliases
and removal instructions are available by clicking on the
links. This virus alert is in addition to those posted in previous
month's News Reporter
issues. You can review previous Virus Alerts in the Archive files.
CLICK on
Red
Virus Name
for
descriptions and Removal Advice
► |
McAfee Advisory
W32/Sober@MM!M681
-
Update January 9, 2006 --
Due to a decrease in prevalence,
the risk assessment of this threat has been lowered to
Low-Profiled.
|
|
► |
symantec Advisory
Last
Updated on: February 11, 2006
●
Spyware.Watchdog
High Risk spyware
Systems affected: Windows 2000, Windows 95, Windows
98, Windows Me, Windows NT, Windows Server 2003, Windows
XP
|
|
► |
From the US-CERT,
released
February 7, 2006
Multiple Vulnerabilities in Mozilla
Products
(ID SA06-038A)
Systems Affected
-
Mozilla web browser
-
Mozilla mail client
-
Firefox web browser
-
Thunderbird mail client
Mozilla has released an
updated version of
Firefox
to correct these problems.
|
|
|
► |
TrendMicro
Reports no Medium or High Risk Malware or Spyware at this
time.
However, a visit to
the TrendMicro
Security Information Site
will provide more detailed information on these and other
pests currently circulating through the Cyber world.
TrendMicro's Top Viruses
and Worms as of February 9, 2006
|
|
► |
Panda
Information Items from the
Panda Report for Feb 10, 2006
This
week’s report looks at the Diamin.DU, Trojan
Diamin.DU
is designed to establish phone
connections with premium-rate numbers, with potentially
serious financial consequences for the affected user.
However, it can only affect computers that use a modem to
connect to the Internet, as it modifies the dial-up
network access settings.
Diamin.DU is easy to recognize. When it runs, it
displays several windows in Italian. As with most Trojans, Diamin.DU does not spread automatically using its own
means. It needs an attacking user's involvement to
reach the affected computer. The means of transmission
include, among others, floppy disks, CD-ROMs, e-mail
messages with attached files, Internet downloads, etc.
More
information about these and other threats is available
from Panda software's Encyclopedia at:
http://www.pandasoftware.com/virus_info/encyclopedia/
__________________________________________
Up-to-date Firewalls, Anti-virus and anti-spyware
software will usually stop these pests before they cause
you any grief
|
|
To Top
Cyber Crime Trends —
Phishers who lure victims by posing as legitimate
companies, have become a major scourge of the Internet along
with spam, viruses and spyware. A recent study showed that
online fraudsters launched a record number of phishing scams
last year, with nearly 17,000 unique e-mail-based fraud attacks
detected in November alone.
The Phishing Attack
Trends Report
• Number
of unique phishing reports received in November: 16882
• Number of unique phishing sites received in November:
4630
• Number of brands hijacked by phishing campaigns in
November: 93
• Country hosting the most phishing websites in Nov 06:
United States
The Phishing Attack Trends Report is
published monthly by the Anti-Phishing Working Group,
an industry association focused on eliminating the
identity theft and fraud that result from the growing
problem of phishing and email spoofing. |
To Top
So What
else is
New?
Spyfalcon"
is the latest SpywareStrike/SpyAxe variant
SpyFalcon, and its
predecessors, are known to install through exploits as
well as piggyback on to users machines.
At
least two new variations of SpywareStrike (SpyAxe)
have been discovered and both make use of the same
annoying popup alerts as the earlier version.
In
the first variation, when the user clicks on the alert
they are redirected to one of two fake anti-spyware
review sites. These sites predictably recommend SpywareStrike as the top choice.
The
second program works in an almost identical fashion to
SpywareStrike and SpyAxe, but redirects the user to a
new website at
www.SpyFalcon.com.
Purchasing the
software from this site will install various helper malware programs that the creators can use to continue
infecting your computer in the future. Your credit
card data will also be stolen as well.
This application
has just recently appeared, so it's probably a good
idea to add the domains listed below to your block
lists now.
< http://www.onlinesecurityguide.net/>
<
http://www.topadwarereviews.com/>
Any site that offers recommendations on PC security
products should not stoop to installing spyware on people's computers. The people
responsible for this new malware are incorrigible and
should be incarcerated.
Avoid Spyfalcon,
SpywareStrike and SpyAxe Software!
~~~~~~~~~~~~~~~~~
Like phishing, some devious providers of anti-spyware
like Spyfalcon conceal malicious code in their free trail programs.
These are often described as Rogue Anti-Spyware.
You can learn more about Rogue Anti-Spyware from this
article posted in the
Articles and Reports pages at the
Firewalls-and-Virus-Protection website.
Click here >>
Don't
get trapped by Rogue Anti-Spyware
software Avoid being duped or robbed by false
positives.
(printable article)
Diligence and
Awareness continue to be the key words
for protecting your security during the coming year, 2006.
(Security Alert News Reporter Editor's opinions)
|
To Top
|
|
Privacy Theft
-
Be on the alert for the latest spyware and Scams, sources of
malware and Zombie (hijacking)
programs that often lead to stolen personal and financial information
and Identity Theft.
Phishing Scam Pretends to Provide
Information
About
Tax Refunds.
A recently detected phishing
scam purports to be a message from the US Internal Revenue Service
(IRS) regarding a tax refund. (Reported by SANS(*) on Feb 6, 2006)
The email has a link to a web
site that claims to be able to tell taxpayers the status of their
refunds and asks for visitors' names, Social Security numbers and
credit card data.
The subject line of the e-mail reads "Refund Notice!" and claims
to be from "refund@irs.gov."
The email content includes this statement: "You
filed your tax return and you're expecting a refund. You have just
one question and you want the answer now -- Where's My Refund?
Access this secure Web site to find out if the IRS received your
return and whether your refund was processed and sent to you. New
program enhancements allow you to begin a refund trace online if you
have not received your check within 28 days from the original IRS
mailing date."
The e-mail then requests your Social Security and credit-card
information.
Do not respond to this eMail. It is a
phishing Scam.
An IRS spokesperson provided this totally safe, legitimate, and
free way to check on your refund. Go to the IRS Web site at [www.irs.gov],
navigate to the Resources pages, find and click on 'Where's My
Refund?' Or place a toll free call to IRS at
1-800-829-1954.
(*)SANS is the most trusted and by far the largest source for
information security training and certification in the world. It
also develops, maintains, and makes available at no cost, the
largest collection of research documents about various aspects of
information security, and it operates the Internet's early warning
system - Internet Storm Center.
Unfortunately, many phishing scams like this are
responsible for unsuspecting honest people losing their life's
savings, jobs, homes, etc. |
Usually, it's very difficult to repair the damage
phishing scams cause, however, there
are some really
fine
and effective
Programs available to Home and Small
Business computer
users to improve online security and minimize adware, Trojan horse/Zombie and
general malware threats. You'll need
at least two or three.
Among the many reputable online security resources that I monitor,
the "Spyware
Warrior" website is one that does an outstanding job of not only
reviewing and recommending the best and latest anti-spyware software,
but advises how best
to use it.
It has my Highest Recommendation.
... Richard
http://spywarewarrior.com/asw-features.htm (Spyware
Warrior website is owned, operated and © Copyright 2006 by Eric
L. Howes) |
The following recommended anti-spyware programs appeared most often
during January, 2006, on
the top rated research and anti-spyware reporting websites, including Spyware
Warrior:
Microsoft AntiSpyware*,
Webroot Spy Sweeper
(CLICK
for Free trial),
-
Spyware Doctor-
Spybot Search and Destroy -
Adaware
-
Pest Patrol,
XoftSpy (Click Here
) to Download a Free Spyware Scan and
MacScan for MAC users
*
Microsoft AntiSpyware
is currently available as a
FREE Download, but you can't use it
with
Windows 95 or 98. I use it on my windows 2000 and Windows XP PC's,
have it set for automatic updates and daily scans. Like
SpywareBlaster
(Download) it's designed to monitor in Real Time.
Keep in mind that you must also have up-to-date anti-virus software(*)
and a
strong firewall, plus the latest updates for your browser (Internet
Explorer,
Firefox, Netscape, Opera... whichever one you use).
[Free Spyware Scan - Click Here]
Click here Xoftspy v3.2
Xoftspy is the latest in spyware detection and removal.
Xoftspy will hunt down and remove from your machine all known
spyware/adware that is on the market today. 91% of PC's are
infected with spyware.
Try Xoftspy right now for FREE and see for yourself if
your PC is infected!
Spyware & Adware are files that are installed on your computer
without your knowledge. They allow companies to monitor your
Internet browsing patterns and even allow companies to inundate
you with those annoying "pop up" ads! Most people are familiar
with freeware, shareware, cookies, media players, interactive
content, and file sharing. What they may not realize is that
some of the aforementioned may contain code or components that
allow the developers of these applications and tools to actually
collect and disseminate information about those using them.
They can track your surfing habits, abuse your Internet
connection by sending this data to a third party, profile your
shopping preferences, hijack your browser start page or pages,
alter important system files, and can do this without your
knowledge or permission. The security and privacy implications
of these exploits should be quite obvious and undesirable on any
system or network!
Works with: Microsoft Windows 98/Me/NT4/2000/XP
Free File Scan Now |
To Top
Here's the Download link to
Grisoft's AVG
Free anti virus software, in case you missed it in recent issues of
the
News
Reporter.
Saving it to your desktop will make it easier to find the
Install icon placed there as part of the installation process.
Click on the icon and follow the instructions to complete your
installation. Spend a few minutes becoming familiar with the
AVG Anti-Virus Control Center.
Be sure to check for updates, get them and then do a complete
virus scan.
I set my AVG program for automatic updates once every day...
makes me feel more secure, and I also use two anti-virus
programs on each of my computers.
However, I use only one
firewall software program on each computer ... Richard |
►
alert about Stinger
You can get the
February 2nd Free
updated virus checking and removal STINGER tool at the
Firewalls and Virus
Protection site .
STINGER, (compliments of McAfee's Anti-virus and
Vulnerability Emergency Response Team -
AVERT) was
updated on February 2, 2006 to detect and remove more than 50
current viruses including Sober.
It's a great
little program that still fits neatly on a floppy disc - a perfect way to
clean up your computer if a worm or other 'rogueware' has disabled
your ability to get back on the Internet to update your
security ware.
Whenever updated versions become available,
I'll post
a notice here, on the Firewalls and Virus
Protection website and
in the Security Alert Blog. |
 |
|
To Top
Are you sending spam
email to your friends?
Did you know that sending one
email message to just 5 friends could grow into more than a million
copies circulating on the Internet?
Nearly everyone has received
a cute or funny joke email, virus hoax message, lists of amazing
facts... you get the idea. You've probably received your share of
them, too.
How often had it been forwarded before it arrived in your email box?
How many names with email addresses were shown in the header?
How often have you forwarded it on to your friends? Could this be
considered Spamming?
Are you a Spammer? Probably, but Certainly not intentionally.
What a gold mine of email addresses for any hacker that might
receive a copy! ...
and you know where that can lead.
I just read a post in the Imagine Kitty Magazine Blog titled "Quit
Spamming Me!" It explains what's really going on in this quote --
"Many of these emails are scams to harvest email
addresses from the internet. Some unscrupulous people start these so that they
can have your email address and when you forward it to me it doesn’t matter
if I delete it because you sent it out to 10 of your friends with my email address
in the header and they forward it so I get porno email anyway."
He explains how the numbers grow, and how quickly they can reach the
million mark.
I hope you consider this message next time you forward one of those
emails to friends.
I know I will.
... Richard |
|
To Top
►
Family Security and Caring
Some
recent additions to our reviews of Family Safe sites
At the top of the list of results at a recent Google search for
Child Safe web sites was "FirstGov for
Kids", the U.S.
government interagency Kids' Portal. It's a great site.
 The National Center for Missing and Exploited Children has many
great publications, too. I put a
download link for their "Personal
Safety for Children -
A guide for Parents" in the Features Supplement.
Check them
out in the new Features Supplement
CLICK HERE
|
We post
these Kid Safe Sites, because like you, we care about
the safety and security of our children and grandchildren....and
to help parents, grandparents and guardians guide today's young
internet surfers to safe sites. There are many other website creators
who feel the same concerns and responsibility. These are just a few of
their sites that we have personally reviewed and tested as safe for
our Grandchildren. Check them out and share them with the young people
you care about.
|
|
More
Help for Parents and Grandparents.
Keep the Children and Grandchildren safe when they're using your
computer
Predator Guard provides real-time protection for
children in chat rooms, instant messaging, and e-mail
exchanges.
The Home Edition Features:
-
Real-time protection
in Instant Messaging, Chat Rooms, E-mail and Attachments
-
E-mail notification to parents
-
Reviews both outgoing and incoming data
-
User defined library to prevent distribution of personal
information
-
Detects, captures, logs and reports violations
-
Works as a stand-alone application or with existing site
blocking programs (AOL Parental Controls, Cyber Patrol, Net Nanny,
and more.)
|
Predator
Guard provides real-time protection for children in chat
rooms, instant messaging, e-mail and attachments from online
predators and pedophiles. In addition,
Predator Guard can prevent all outgoing personal
information, such as a child's home address, phone number and
school information, or other information that is essential for a
predator to make contact with a child.
Purchase this
Inexpensive Protection Now
|
|
Click to
Check out the Regular Features
Supplement to Issue 21 |
To
Top |
|
►
Publications - Use these Reports to help your
family and friends:
. For
those of you who have visited our Firewalls website and Security Alert Blog, you know that the information there is directed toward keeping
you safe from hacker and cracker attacks. Additions to our bookshelf
are selected with the same purpose - and we encourage you to share our
reports
freely. Don't
miss the NEWest
Free report
To Top
Did you Check out the new Regular Features
Supplement to Issue 21?
|
► Resources
- many Free. It's
easy to install the latest Firewall, anti-virus(*), spam blocking, and spyware removal software on
your computers. Download all of these programs, and more, mostly for FREE, from our
Firewalls-and-Virus-Protection website pages.
Check them out. If you need to
block Spam, find the links on the 'Spam and Spyware' page. Same thing for Cookie
Crumbling tools, Spyware protection, etc. Most of them have a purchasable Upgrade option, and by trying the
free versions, you can upgrade the ones that work best for you.
Browser Hijacking is still
a major problem. One of the outstanding
sources for information about browser hijackers and tools
to remove these predators is still available on the
SpywareInfo.com
website.
It's loaded with
powerful information and helpful advice that zeros in on the hijacking
problem. If you are experiencing any similar problems, be sure to
follow the link to their forum. There are literally thousands
of postings from which you will learn and possibly find the advice
that will help you resolve your own issues.
You can download HijackThis from the Software link on the
SpywareInfo website. Be sure to read and follow their instructions to
the letter if you want good results.
We learned about this program from the extraordinary website and
forums built and maintained by James Healan, webmaster of SpywareInfo.com.,
and whenever we can, we send a small donation to help keep them
online.
|
|
DOWNLOAD latest cws shredder
(Version 2.19, Nov 05) Free from Trend Micro
http://www.intermute.com/products/cwshredder.html
It'll find and remove
those nasty Cool Web Search trojan horses. |
To Top
Here's a powerful, inexpensive, and helpful resource
to help you maintain your Internet Security and Personal
Identity
In
The
Hacker's Nightmare™ a retired FBI Special Agent tells
you exactly
how to really Keep Hackers,
Worms and Germs out of your PCs. Here's what Bill Hely has
to say about his eBook:
|
"When
I was researching and writing
The Hacker's Nightmare™ I was determined that
there would be chapters that alone would be worth
the cost of the whole book. Different chapters to
different people that is... depending on individual
needs and interests. Based on feedback from my
readers I am confident that I have achieved that
aim. I mean, read the testimonials for yourself!" |
Bill
Hely, 20 plus year veteran of internet security consulting. has loaded
it with valuable information and plain common
sense. We could fill this and future issues of our News
Reporter for the next few months just talking about them.
I've included some of Bill's outstanding, informative, and
helpful articles in the Articles and Reports pages of the
Firewalls and Virus Protection website. Please visit and
check them out.
Bill has designed a webpage that describes many of the security
tricks and tools that will help keep that nasty stuff out
of your computer.
Review The Hacker's Nightmare Story HERE. Some
sample (Free) chapters are available to early visitors.
and here's My Favorite Resource
i-Cop is a resource I'm
proud to be a part of.
You have probably noticed the
various references to it throughout this newsletter,
the Firewalls and Virus Protection website
and my Blog.
It's the
International Council of Online Professionals,
i-Cop for short. I
believe anyone actively using the internet to
provide information, services or sell products will
benefit by subscribing to i-Cop's publication -
The Internet Marketing Trade Journal.
It truly sets the
standard for Honesty and Integrity Online. I'm proud
to be a member.
This FREE ezine is
vitally important to online business owners and
anyone even considering making money online! We keep
folks
informed about all online issues and programs to
participate
in, or avoid. Subscribe to The Internet
Marketing Trade Journal
here::
http://www.i-Cop.org/trade-journal.htm
...Richard |
|
|
To Top |
►
Reviews
of the News (more encouraging news
about controlling
SPAM, SCAMS, pornography, and protecting Personal Consumer
Information)
|
 |
Headline
FTC Releases
Top 10 Consumer Fraud Complaint Categories |
January 25, 2006
Identity Theft Again Leads the List
The Federal Trade Commission today
released its annual report detailing consumer complaints about fraud
and identity theft in 2005. Complaints about identity theft topped
the list, accounting for 255,000 of more than 686,000 complaints filed
with the agency in 2005. The complaints, filed online or at a
toll-free number, are shared via a secure database with more than
1,400 federal, state, and local law enforcement agencies, and law
enforcement and consumer protection agencies in Canada and Australia.
“With a call or a click, consumers
can file complaints with law enforcers across the country and around
the world,” said Deborah Platt Majoras, Chairman of the FTC.
“These reports provide ammunition that helps law enforcers fight fraud
and identity theft.”
Identity theft complaints
represented 37 percent of the 686,683 complaints filed. Other top
categories of fraud complaints for 2005 include:
- Internet Auctions - 12 percent
- Foreign Money Offers - 8 percent
- Shop-at-Home/Catalog Sales - 8
percent
- Prizes/Sweepstakes and Lotteries -
7 percent
- Internet Services and Computer
Complaints - 5 percent
- Business Opportunities and
Work-at-Home plans - 2 percent
- Advance-Fee Loans and Credit
Protection - 2 percent
- Telephone Services - 2 percent
- Other - 17 percent
Some other findings from the report
include:
- Internet-related complaints
accounted for 46 percent of all fraud complaints.
- The percent of Internet-related
fraud complaints with “wire transfer” as the reported payment method
more than tripled between 2003 and 2005.
- Credit card fraud was the most
common form of reported identity theft, followed by phone or
utilities fraud, bank fraud, and employment fraud.
- The most frequently reported type
of identity theft bank fraud was electronic funds transfers.
~~~~~~~~~~~~~
Other FTC activities
Feds arrest alleged Internet ID thief
The U.S. Attorney's Office in Los
Angeles recently announced the arrest of a California man on wire fraud and other
charges. He is alleged to have deceived America Online
customers into divulging their credit card information over the Web
Jeffrey Brett Goodin of Azusa,
Calif., was charged with using illegally obtained information to make
unauthorized charges using the credit and debit cards of his American
Online
victims.
He allegedly conned his victims, all of whom were
America Online subscribers, by sending e-mails urging them
to "update" their AOL billing information or lose their
service.
The e-mails allegedly sent
by Goodin appeared to have come from AOL's billing
department (a scam known as phishing). The e-mails, which were
sent by the thousands, directed recipients to bogus Web
sites operated by Goodin, and prompted potential victims
to enter personal information, including credit card and
debit card numbers.
Goodin, 45, charged with wire fraud and the unauthorized use of a credit card, faces a maximum penalty of 30
years in federal prison. The FBI, the Secret Service and
police in Ontario, Calif., all helped investigate the case.
~~~~~~~~~~~~~~
Congratulations to the FTC for progress-to-date and
aggressiveness in enforcing the consumer protection laws.
They get another of our
'Good Guys'
check marks
√
Good Guy Check Marks to date
√ √ √ √ √ √ √
√
√
√
√ √ √ √
√ √ √ √ √ | | | |
Protection Strategies
Identity Thieves - Internet Outlaws