~~ FROM THE ARCHIVES ~~
|
A Security guide for the everyday, non-technical
internet user who just wants to be safe doing basic stuff |
Here's your
"Security
Alert News Reporter"
for April, 2006
The "NewsReporter", a security alert newsletter,
is published to keep you up-to-date on the latest information we
gather for avoiding and surviving the hectic hacker attacks on your computer
security and personal identity that take place constantly on the
internet. Many of our comments are based on personal experiences. Protecting
your safety, security, sanity, and privacy is not a simple task. We're trying to make it a bit easier for you to accomplish.
This security alert Newsletter
is sent out periodically to everyone who has registered for the
Security Alert
and Report
Alert Services from one or more of the websites
published and maintained by www.RichardPresents.com.
If you are no longer interested in up-to-date Security Alerts or
Safe Surfing Suggestions -
please use the
link at
the end of this letter to un-register.
|
Thanks for being a
Loyal
Subscriber |
|
Some
Highlights from
TODAY'S TOPICS |
●.
Latest Virus and Worm Threats
●.
The Panda Report - Another Trojan
Horse
●
Cyber Crime
Trends
- Changing Tactics?
●. So,
What's New? (Avoid Rogue Software)
●. Privacy Theft - Important Updates
●
Install
Free Anti-virus software
●.
Family Security - review Family and
Kid Friendly Sites
●. Recommended - Predator Guard to
Protect
your Children |
●. Publications for your Family and Friends/
Identity Theft Guide /NEW!
Home Security
●.
Resources - Most are FREE! /
●.
Bill Hely's ebook -My Security Bible
●.
Reviews of the News-
encouraging news
and reports on latest Scam and Spam
busting activities
●.
Be a Cyber Secure Citizen
●
Selected BLOG postings
●
Free Download
/ Registry
Cleaner
|
|
CLICK ON ANY
TOPIC YOU'RE INTERESTED IN - OR READ THIS NEWSLETTER FROM TOP TO
BOTTOM |
The trends in the activities of cyber criminals seem quite
apparent –
They're going after the money. That's your money and mine.
They're using some very sophisticated methods to do it, too.
These perpetrators are hard to catch, but efforts to catch and
incarcerate them have intensified lately. I've covered some of
the recent FBI, DOJ and other watchdog agencies successes below.
I believe they are encouraging.
... Richard |
~~~~~~~~~~~~~~
►
Latest Virus Threats
reported
April 06, 2006 by McAfee ,
US-CERT, Panda™ and other advisory services. (US-CERT is the
operational arm
of the National Cyber Security Division (NCSD) at the
Department of Homeland Security)
Full descriptions including virus characteristics, symptoms, aliases
and removal instructions are available by clicking on the
links. This virus alert is in addition to those posted in previous
month's News Reporter
issues. You can review previous Virus Alerts in the Archive files.
|
CLICK on
Red
Virus Name
for
descriptions and Removal Advice
|
► |
McAfee Advisory
●
W32/Sober@MM!M681
-
No change in threat level since
Jan 9, 2006
the risk assessment of this threat remains as
Low-Profiled.
●
Vundo
-Updated
04/06/2006.
The latest variants of this
aging trojan are observed to display fake error
messages and asks the
user to download security software programs. User will
be asked to download
SysProtect application to remove the threat.
Not a good idea!
|
|
► |
symantec Advisory
There are no
Severe Threats at this time
●
Spyware.Watchdog
still rated as High Risk spyware
Systems affected: Windows 2000, Windows 95, Windows
98, Windows Me, Windows NT, Windows Server 2003, Windows
XP
|
|
► |
From the US-CERT,
this timely Cyber Security Tip STO6-003
Staying Safe on Social Network Sites
Social networking sites, sometimes referred to as
"friend-of-a-friend" sites, build upon the concept of
traditional social networks where you are connected to new
people through people you already know. The purpose of
some networking sites may be purely social, allowing users
to establish friendships or romantic relationships, while
others may focus on establishing business connections -
and others will use it to prey on
unsuspecting participants and target them for identity
theft, and worse.
Read the FULL US-CERT REPORT HERE |
|
|
► |
TrendMicro
Reports no Medium or High Risk Malware at this
time.
However, a visit to
the TrendMicro
Security Information Site
will provide more detailed information on these and other
pests currently circulating through the Cyber world.
TrendMicro's Top Viruses
and Worms as of April 9, 2006
|
|
► |
Panda
Information Items from the
Panda Report for April 07, 2006
This
week’s report from Panda Software about viruses and
intruders is a reflection of the current trend of
criminalization of malware. "The creators of malicious
code, bored perhaps with the futility of their craft, have
opted to concentrate their efforts on digital theft".
The first example,
the Banbra.BZY Trojan, searches Internet Explorer
screens for certain texts, to see if the user is accessing
certain online banking services. If they are, users will
see a web page identical to the one they were trying to
access and which asks them to enter their data. In this
way, the creator of the malicious code can obtain the
information needed to access the bank account as if they
were the legitimate account holder.
Another example is Mytob.NP.
This worm, when installed on a computer, connects to
another system to receive commands allowing an
attacker to take complete control of the compromised
computer. To avoid detection, Mytob.NP terminates
certain security processes, including those belonging to
antivirus and firewall applications.
Mytob.NP
reaches computers
in a message that appears to come from the security
department of the domain of the mail account of the target
user. This false message tries to get users to go to a
website, apparently inoffensive, that really points to web
page from which the malicious code will be downloaded.
More
information about these and other threats is available
from Panda software's Encyclopedia at:
http://www.pandasoftware.com/virus_info/encyclopedia/
__________________________________________
|
|
|
Up-to-date Firewalls, Anti-virus and anti-spyware
software will
usually stop these pests before they cause
you any grief |
|
To Top
Cyber Crime Trends —
Phishers who lure victims by posing as legitimate
companies, have become a major scourge of the Internet along
with spam, viruses and spyware. A recent study showed that
online fraudsters launched a record number of phishing scams
last year, with nearly 17,000 unique e-mail-based fraud attacks
detected in November alone, and even more in January, 2006.
The Phishing Attack
Trends Report
| |
|
Nov 2005 |
Jan 2006 |
|
• |
Number of unique phishing reports received |
16,882 |
17,877 |
|
• |
Number of unique phishing sites received |
4630 |
9715 |
|
• |
Number of brands hijacked by phishing campaigns |
93 |
101 |
|
• |
Country hosting the most phishing websites |
USA |
USA |
The Phishing Attack Trends Report is
published monthly by the Anti-Phishing Working Group,
an industry association focused on eliminating the
identity theft and fraud that result from the growing
problem of phishing and email spoofing. |
To Top
|
So What
else is
New?
The legitimate
anti-spyware software providers invest a major portion
of their resources in developing and updating their
software to try to keep up with spammers, virus
writers and other undesirable persons.
They are certainly entitled to be paid for these
efforts. Often, users have the opportunity to try demo
and trial versions before purchasing. This is
especially helpful when deciding which security
program to buy. It's even more important when
reviewing the sales information published by the
developers when they announce new versions of security
software.
Like phishing, some devious providers of anti-spyware conceal malicious code in their free trail programs.
These are often described as Rogue Anti-Spyware.
You can learn more about Rogue Anti-Spyware from the
article posted in the
Articles and Reports pages at the
Firewalls-and-Virus-Protection website.
Click here >>
Don't
get trapped by Rogue Anti-Spyware
software Avoid being duped or robbed by false
positives.
(printable article)
Even before deciding to
download a trial version of an unfamiliar product, a
good source, probably one of the best online, to
determine if you might be un-suspectingly downloading
a rouge product is
Spyware Warrior.
They currently (April 5,
2006) list more than 280 rogue/suspects!
Diligence and
Awareness continue to be the key words
for protecting your security during the coming year, 2006.
(Security Alert News Reporter Editor's opinions)
|
To Top
|
|
Privacy Theft
-
Be on the alert for the latest spyware and Scams, sources of
malware and Zombie (hijacking)
programs that often lead to stolen personal and financial information
and Identity Theft.
The "MySpace" web community is being
invaded by Scammers and criminals, reports
Download.com
Such a web community provides a modern online environment for
people who want to make friends, talk online, singles meeting
singles, networking, being involved with people who share these same
interests, and having fun while expanding their social circles.
They are also fertile hunting grounds for spammers, phishers,
predators, and all sorts of unsavory types who prey on lesser
experienced internet users who may drop their guards in the
excitement of their social and fun quests.
MySpace has a massive user base of more than 60 million members or
visitors. These visitors share pictures of themselves and all kinds
of personal and even private information with complete strangers.
The predators, (that's what they are), act just like the rest of the
web community visitors, but they load their email communications
with malicious software like trojan horses and even keyloggers.
They take advantage of users' trust in the networks' recognized
names to create bogus links that appear to be legitimate. These
links can lead to dangerous Web sites that capture sensitive
information.
If visitors to these web communities practice the same restraints
and cautions as when they communicate by Instant Messaging, and read
their email, there's a good chance they won't become victims of the
phishers, spammers and other physically dangerous predators. |
Usually, it's very difficult to repair the damage
phishing scams cause, however, there
are some really
fine
and effective
Programs available to Home and Small
Business computer
users to improve online security and minimize adware, Trojan horse/Zombie and
general malware threats. You'll need
at least two or three.
Among the many reputable online security resources that I monitor,
the "Spyware
Warrior" website is one that does an outstanding job of not only
reviewing and recommending the best and latest anti-spyware software,
but advises how best
to use it.
It has my Highest Recommendation.
... Richard
http://spywarewarrior.com/asw-features.htm (Spyware
Warrior website is owned, operated and © Copyright 2006 by Eric
L. Howes) & Suzi Turner |
The following recommended anti-spyware programs appeared most often
during February and March, 2006, on
the top rated research and anti-spyware reporting websites, including Spyware
Warrior:
Ad-aware
-
Pest Patrol
- Webroot Spy Sweeper
(CLICK
for Free trial),
-
Spyware Doctor
Spybot Search and Destroy - XoftSpy and
MacScan for MAC users
Microsoft AntiSpyware
-
Windows Defender
is currently available as a
FREE Download, but you can't use it with
Windows 95 or 98. I use it on my windows 2000 and Windows XP PC's,
have it set for automatic updates and daily scans. Like
SpywareBlaster
(Download) it's designed to monitor in Real Time.
Keep in mind that you must also have up-to-date anti-virus software(*)
and a
strong firewall, plus the latest updates for your browser (Internet
Explorer,
Firefox, Netscape, Opera... whichever one you use).
[Free Spyware Scan - Click Here]
Click here Xoftspy v3.2
Xoftspy is the latest in spyware detection and removal.
Xoftspy will hunt down and remove from your machine all known
spyware/adware that is on the market today. 91% of PC's are
infected with spyware.
Try Xoftspy right now for FREE and see for yourself if
your PC is infected!
Spyware & Adware are files that are installed on your computer
without your knowledge. They allow companies to monitor your
Internet browsing patterns and even allow companies to inundate
you with those annoying "pop up" ads! Most people are familiar
with freeware, shareware, cookies, media players, interactive
content, and file sharing. What they may not realize is that
some of the aforementioned may contain code or components that
allow the developers of these applications and tools to actually
collect and disseminate information about those using them.
They can track your surfing habits, abuse your Internet
connection by sending this data to a third party, profile your
shopping preferences, hijack your browser start page or pages,
alter important system files, and can do this without your
knowledge or permission. The security and privacy implications
of these exploits should be quite obvious and undesirable on any
system or network!
Works with: Microsoft Windows 98/Me/NT4/2000/XP
Free File Scan Now |
To Top
Here's the Download link to
Grisoft's AVG Free anti virus software, in case you missed it in recent issues of
the
News
Reporter.
Saving it to your desktop will make it easier to find the
Install icon placed there as part of the installation process.
Click on the icon and follow the instructions to complete your
installation. Spend a few minutes becoming familiar with the
AVG Anti-Virus Control Center.
Be sure to check for updates, get them and then do a complete
virus scan.
I set my AVG program for automatic updates once every day...
makes me feel more secure, and I also use two anti-virus
programs on each of my computers.
However, I use only one
firewall software program on each computer ... Richard |
►
alert about Stinger
You can get the April 5, Free
updated virus checking and removal STINGER tool at the
Firewalls and Virus
Protection site .
STINGER, (compliments of McAfee's Anti-virus and
Vulnerability Emergency Response Team -
AVERT) was
updated on February 2, 2006 to detect and remove more than 50
current viruses including Sober.
It's a great
little program that still fits neatly on a floppy disc - a perfect way to
clean up your computer if a worm or other 'rogueware' has disabled
your ability to get back on the Internet to update your
security ware.
Whenever updated versions become available,
I'll post
a notice here, on the Firewalls and Virus
Protection website and
in the Security Alert Blog. |
 |
|
|
To Top
►
Family Security and Caring
Some
recent additions to our reviews of Family Safe sites
At the top of the list of results at a recent Google search for
Child Safe web sites was "FirstGov for
Kids", the U.S.
government interagency Kids' Portal. It's a great site.
 The National Center for Missing and Exploited Children has many
great publications, too. I put a
download link for their "Personal
Safety for Children -
A guide for Parents" in the Features Supplement.
Check them
out in the new Features Supplement
CLICK HERE
|
We post
these Kid Safe Sites, because like you, we care about
the safety and security of our children and grandchildren....and
to help parents, grandparents and guardians guide today's young
internet surfers to safe sites. There are many other website creators
who feel the same concerns and responsibility. These are just a few of
their sites that we have personally reviewed and tested as safe for
our Grandchildren. Check them out and share them with the young people
you care about.
|
|
More
Help for Parents and Grandparents.
Keep the Children and Grandchildren safe when they're using your
computer
Predator Guard provides real-time protection for
children in chat rooms, instant messaging, and e-mail
exchanges.
The Home Edition Features:
-
Real-time protection
in Instant Messaging, Chat Rooms, E-mail and Attachments
-
E-mail notification to parents
-
Reviews both outgoing and incoming data
-
User defined library to prevent distribution of personal
information
-
Detects, captures, logs and reports violations
-
Works as a stand-alone application or with existing site
blocking programs (AOL Parental Controls, Cyber Patrol, Net Nanny,
and more.)
|
Predator
Guard provides real-time protection for children in chat
rooms, instant messaging, e-mail and attachments from online
predators and pedophiles. In addition,
Predator Guard can prevent all outgoing personal
information, such as a child's home address, phone number and
school information, or other information that is essential for a
predator to make contact with a child.
Purchase this
Inexpensive Protection Now
|
|
Click to
Check out the Regular Features
Supplement to
This Issue |
To
Top |
|
►
Publications - Use these Reports to help your
family and friends:
. For
those of you who have visited our Firewalls website and Security Alert Blog, you know that the information there is directed toward keeping
you safe from hacker and cracker attacks. Additions to our bookshelf
are selected with the same purpose - and we encourage you to share our
reports
freely. Don't
miss the NEWest
Free report
To Top
Did you Check out the new Regular Features
Supplement to Issue 22?
|
►
Reviews
of the News (more encouraging news
about controlling
SPAM, SCAMS, pornography, and protecting Personal Consumer
Information)
|
 |
Headline
ChoicePoint
Settles Data Security Breach Charges |
ChoicePoint Settles Data Security Breach
Charges; to Pay $10 Million in Civil Penalties, $5 Million for
Consumer Redress
At Least 800 Cases of Identity Theft Arose From Company’s Data Breach
Consumer data broker ChoicePoint, Inc., which last year acknowledged
that the personal financial records of more than 163,000 consumers in
its database had been compromised, will pay $10 million in civil
penalties and $5 million in consumer redress to settle Federal Trade
Commission charges that its security and record-handling procedures
violated consumers’ privacy rights and federal laws.
The stipulated final judgment and order for settlement requires
ChoicePoint to implement new procedures to ensure that it provides
consumer reports only to legitimate businesses for lawful purposes, to
establish and maintain a comprehensive information security program,
and to obtain audits by an independent third-party security
professional every other year until 2026.
“The message to ChoicePoint and others should be clear: Consumers’
private data must be protected from thieves,” said Deborah Platt
Majoras, Chairman of the FTC. “Data security is critical to consumers,
and protecting it is a priority for the FTC, as it should be to every
business in America.”
NOTE: A stipulated final judgment and order is for settlement purposes
only and does not constitute an admission by the defendant of a law
violation. Consent judgments have the force of law when signed by the
judge.
~~~~~~~~~~~~~
New York AG Eliot Spitzer brings suit
against another spyware installer
The Sans Institute reported on April 7, 06 that New York Attorney
General Eliot Spitzer filed a lawsuit against Direct Revenue LLC,
alleging the software distributor "surreptitiously installed millions
of pop-up ad programs on consumers' computers."
Spitzer's lawsuit asks that Direct Revenue be enjoined from installing
spyware without users' permission and from sending advertisements
through software that is already on computers. It also asks that the
court make the company disclose its revenues and "impose monetary
penalties."
Direct Revenue has posted a rebuttal to the allegations on its web
site, saying the case is founded on activity in which they no longer
engage. A lengthy investigation indicated that Direct Revenue had
installed the spyware on people's computers when they installed free
applications and neglected to mention the bundled spyware.
The suspect software was downloaded to consumers' computers by Direct
Revenue's own servers once the free application had been installed.
Results of an investigation also indicate that the software was
designed to be difficult to detect and uninstall and in some cases,
reinstalled itself after users removed it.
~~~~~~~~~~~~~
Congratulations to the FTC for progress-to-date and
aggressiveness in enforcing the consumer protection laws, and to NY
Attorney General Eliot Spitzer who has been pursuing companies
involved in alleged Internet fraud and other misconduct..
They get another of our
'Good Guys'
check marks
√
Good Guy Check Marks to date
√ √ √ √ √ √ √
√
√
√
√ √ √ √
√ √ √ √ √ √ √
(See Archives)
~~~~~~~~~~~~~~~
To Top
► Resources
- many Free. It's
easy to install the latest Firewall, anti-virus(*), spam blocking, and spyware removal software on
your computers. Download all of these programs, and more, mostly for FREE, from our
Firewalls-and-Virus-Protection website pages.
Check them out. If you need to
block Spam, find the links on the 'Spam and Spyware' page. Same thing for Cookie
Crumbling tools, Spyware protection, etc. Most of them have a purchasable Upgrade option, and by trying the
free versions, you can upgrade the ones that work best for you.
Browser Hijacking is still
a major problem. One of the outstanding
sources for information about browser hijackers and tools
to remove these predators is still available on the
SpywareInfo.com
website.
It's loaded with
powerful information and helpful advice that zeros in on the hijacking
problem. If you are experiencing any similar problems, be sure to
follow the link to their forum. There are literally thousands
of postings from which you will learn and possibly find the advice
that will help you resolve your own issues.
You can download HijackThis from the Software
"Privacy and Protection" link on the
SpywareInfo website. Be sure to read and follow their instructions to
the letter if you want good results.
We learned about this program from the extraordinary website and
forums built and maintained by James Healan, webmaster of SpywareInfo.com.,
and whenever we can, we send a small donation to help keep them
online.
|
|
DOWNLOAD latest cws shredder
(Version 2.19, Nov 05) Free from Trend Micro
http://www.intermute.com/products/cwshredder.html
It'll find and remove
those nasty Cool Web Search trojan horses. |
|
To Top
Here's a powerful, inexpensive, and helpful resource
to help you maintain your Internet Security and Personal
Identity
In
The
Hacker's Nightmare™ a retired FBI Special Agent tells
you exactly
how to really Keep Hackers,
Worms and Germs out of your PCs. Here's what Bill Hely has
to say about his eBook:
|
"When
I was researching and writing
The Hacker's Nightmare™ I was determined that
there would be chapters that alone would be worth
the cost of the whole book. Different chapters to
different people that is... depending on individual
needs and interests. Based on feedback from my
readers I am confident that I have achieved that
aim. I mean, read the testimonials for yourself!" |
Bill
Hely, 20 plus year veteran of internet security consulting. has loaded
it with valuable information and plain common
sense. We could fill this and future issues of our News
Reporter for the next few months just talking about them.
I've included some of Bill's outstanding, informative, and
helpful articles in the Articles and Reports pages of the
Firewalls and Virus Protection website. Please visit and
check them out.
Bill has designed a webpage that describes many of the security
tricks and tools that will help keep that nasty stuff out
of your computer.
Review The Hacker's Nightmare Story HERE. Some
sample (Free) chapters are available to early visitors.
and here's My Favorite Resource
i-Cop is a resource I'm
proud to be a part of.
You have probably noticed the
various references to it throughout this newsletter,
the Firewalls and Virus Protection website
and my Blog.
It's the
International Council of Online Professionals,
i-Cop for short. I
believe anyone actively using the internet to
provide information, services or sell products will
benefit by subscribing to i-Cop's publication -
The Internet Marketing Trade Journal.
It truly sets the
standard for Honesty and Integrity Online. I'm proud
to be a member.
This FREE ezine is
vitally important to online business owners and
anyone even considering making money online! We keep
folks
informed about all online issues and programs to
participate
in, or avoid. Subscribe to The Internet
Marketing Trade Journal
here::
http://www.i-Cop.org/trade-journal.htm
...Richard |
To
Top
|
►
"User Education" is the
focus of our Firewalls and Virus Protection website and the "Security
Alert News Reporter".
Do your IM and Chat Room Buddies know
How to Find
the Best Anti-spyware Software?
In case they missed this FREE report on the
Firewalls-and-Virus-Protection website,
you can read it here and print the report
to share with your family, friends and Buddies.
As a P.S. to the above comment,
encourage your friends to check out these timely posts in our "Security Alert Blog".
Recent Blog entries
for March and early April included comments on these current issues.
|
● |
Buying a new computer now?
Will it be Vista ready?
With the latest
announced Vista reschedule, it doesn't appear as if we'll be able to
purchase a Vista equipped computer until well after then end of the
year holiday season.
|
|
● |
Parents beware.
Irresponsible adult Internet activities can now
lead to Police searches.
Curious teenagers and younger children with
unsupervised access to the Internet could view and download banned
pornographic images placing a family in jeopardy.
|
●
|
U.S.Treasury Department Releases Free Identity Theft DVD
The Treasury Department free DVD, titled "IDENTITY THEFT -
Outsmarting the Crooks" is an excellent expose' of many of the
tricks, scams, and lures cybercriminals are using. Tells how to get
yours.
|
| ● |
Add our information blog to your list of
Must Read spyware
avoidance resources.
The more useful
information you have about
the scourge of malicious spyware, the
better chance you'll have of
avoiding the grief
and frustration it
can bring.
|
|
● |
Our blog is RSS
f | | | | |
Keep
Internet Junk Mail and Spam out of your email inbox