Google it!

via ScamVictimsUnited.com's Weblog by scamvictimsunited on 10/3/09

I think that Google is a wonderful scam fighting tool. On a daily basis we will have people come to our site and post on our message board that they did NOT become a scam victim because they ran a Google search on something from the scammer’s email . . . their name, email address, company, phone number . . . and that search brought them right to a post on our message board. Once they see this information on our message board they know for sure that it is a scam.

If you ask me, it is better to be over cautious . . . Google everything! You never know what information you might find out. It is better to be safe than sorry.

Shawn Mosch

Co-Founder of ScamVictimsUnited.com

There is strength in numbers!

Find us on Twitter, Facebook and more through

http://www.retaggr.com/page/ShawnMosch

FBI and Serious Organised Crime Agency (SOCA) to Present Keynote on the Underground Economy at RSA® Conference Europe 2009

via ICT Review by Veshengro on 10/3/09

It has been confirmed that Keith Mularski, Supervisory Special Agent at the Federal Bureau of Investigation (FBI) Cyber Initiative & Resource Fusion Unit and Andy Auld, Head of Intelligence, e-Crime Department, SOCA will be giving a joint keynote on Wednesday, 21 October at 12.00pm at RSA Conference Europe 2009. Their keynote entitled The Underground Economy will discuss the inner working of the Cyber Underground Economy and how international law enforcement teams come together to combat cyber criminals and emerging threats.

Keith Mularski is a Supervisory Special Agent assigned to the Cyber Division of the Federal Bureau of Investigation (FBI). Mr. Mularski received his appointment to the position of Special Agent with the FBI in 1998. After attending the FBI Academy in Quantico, Virginia, he was assigned to the FBI's Washington Field Office where he investigated National Security Matters for seven years. During this time Mr. Mularski worked on a number of high profile investigations such as the Robert Hanssen espionage investigation, and the 9/11 Terrorist attack on the Pentagon.

In 2005, Mr. Mularski transferred to the FBI's Cyber Division and is now detailed to the National Cyber-Forensics and Training Alliance (NCFTA) in Pittsburgh, Pennsylvania. The NCFTA is a joint partnership between law enforcement, academia, and industry which seeks to maximize overlapping public/private resource synergies creating a dynamic cyber-nerve-centre for tactical and proactive responses to Cyber-Crime. While detailed to the NCFTA, Mr. Mularski continues to successfully work with Private Industry Subject Matter Experts on a number of joint Cyber-Crime initiatives such as the Digital Phishnet and Slam Spam projects. Mr. Mularski's emphasis has been in the development of proactive initiative targeting of organised international Cyber-Crime groups. Most recently, he worked undercover penetrating cyber underground groups which resulted in the dismantlement of the Darkmarket criminal carding forum.

The 10th annual RSA® Conference Europe will be held from 20-22 October, 2009 at the Hilton London Metropole Hotel, in London.

<>

How Do I Block Pop-Up Ads?

via Scam Types dot Com by Scam on 10/3/09

It is certain that all of us come across popup windows once in a while we are surfing on the internet.

It feels really annoying when something stupid interrupts your endeavor appearing from nowhere.

These are called Pop-Up ads.

The specialty of these ads is that you need to manually click on them to close each.

Pop-up ads need to be avoided and blocked to all extents possible because many scammers try to invade in to your personal details like passwords, credit card details and bank account details using these pop-up ads.

Thus, a pop-up blocker becomes inevitable and highly indispensable.

WHAT IS A POP-UP BLOCKER?

A pop-up blocker is a program that stops these unwanted ads to come up during your browsing.

The pop-up blocker is installed in the web browser.

Most browser packages have them pre-installed and those not having them can be upgraded by downloading a pop-up blocker of your choice from the free software sites.

Pop-up blocker not only prevents these annoying ads to opening in a new window but even protects you from a possible identity theft and personal information theft.

Pop-up blockers have additional features for the people who want to view the pop-up ads of particular sites.

For this they need to enable the view pop-up ads for that particular site.

Many types of pop-up blockers with unique features are available online.

You can buy as per your needs.

However, some of the most basic types of pop-up blockers are free and can be downloaded from any of the popular sites.

An additional advantage of using pop-up blockers is that you can prevent your computer from becoming slow or being infected from malware, spyware or any virus.

This prevents your pc from getting slow.

Choose an effective pop-up blocker as soon as possible and get rid of unwanted content to make your browsing experience delightful.

How Do I Block Pop-Up Ads? is a post from: Scam Types dot Com Check out 101 Internet Security Programs and Tips

The Twitter Malware Problem Is Getting Worse

via Softpedia News - Global by Softpedia News (Lucian Constantin) on 9/26/09

Using independently developed tools that scan tweets for threats, security researchers from Kaspersky and Trend Micro concluded that the micro-blogging platform has become a popular attack vector. The number of malicious URLs identified on Twitter suggest that the problem is slowly, but surely getting worse.

Because the results of their independent research into the Twitter attacks problem were almost identical, Costin Raiu, chief security expert with Kaspersky Lab's Global Research & Analysis Team, and Mortom Swimmer, advanced threat researcher at Trend Micro, have decided to give a joint presentation of their findings during the Virus Bulletin 2009 conference being held this week in Geneva.

The Kaspersky team led by Mr. Raiu built a service to analyze URLs posted in tweets, which they dubbed “Krab Krawler.” The tool watches the public Twitter timeline, which currently averages to 300 tweets per second, and extracts the URLs from them. In order to process most, if not all, of the tweets, the researchers had to get their tool added to a special Twitter whitelist, which allows them to perform 20,000 queries per hour, with a query being able to return multiple results.

All the identified URLs are saved in a database, but because most of them are shortened, a common practice on Twitt... (read more)

Password, ID Stealing Malware Volume Jumps 400%

via Secure Channel on 9/25/09

Clampi, the Trojan that Secure Channel wrote about yesterday, is a fine example of why we’ll never see another Code Red, Nimda or LoveLetter virus again. The intent of malware is no longer to cause mass service disruptions, but rather to steal as much information as possible without getting detected. Trojans, worms, viruses and rootkits the likes of Clampi, Sinowal and StealthMBR are now the masters of the malicious code. McAfee’s Avert Labs released a new report that shows the volume of password-stealing and keystroke logging malware jumped nearly 400 percent between 2007 and 2008. McAfee’s prediction: the trend will continue to expand in both volume and scope. This will force all organizations handling even routine data to think beyond conventional antivirus software and perimeter firewalls. Hackers have long used social engineering techniques, phishing (mass mailings) and spear-phishing (targeted mail attacks) to trick users into giving up sensitive information. McAfee concludes that these techniques’ effectiveness is limited since they don’t capture nearly enough account credentials for trading. Database attacks such as those against TJX and Heartland Payment Systems that resulted in tens of millions of credit card numbers being compromised are effective in capturing large amounts of financial and identity data, but also carry a high degree of risk. Sophisticated malware designed to observe and report are far more effective ways of intercepting user credentials for banking and credit card accounts, and—in some cases—hijacking live sessions. Credential stealing malware will use spam, phishing and compromised web sites to transparently infect machines. Making matters worse, malware like Clampi and Sinowal no longer collect data globally, but rather target applications and subroutines to steal specific bits of information. Older generations of data-stealing malware made a lot of noise by infecting operating systems and hooking into APIs. They collected copious amounts of data this way, which made them susceptible to detection by host-based intrusion detection/prevention applications. By targeting specific applications and data sets, the malware lowers its profile to avoid detection by conventional security scanners and analyzers. As McAfee explains in its report, data-stealing malware is going identity credentials where they’re entered or reside. They can popup login interfaces to capture credentials and then pass along to the target domain, making the session seem normal to the user. They can also go after cached credentials in Windows registry or password stored by browsers. Even countermeasures and more stringent authentication schemas are being circumvented by new classes of malware. Some banks have introduced virtual keyboards, through which users must enter their credentials rather than typing them on a keyboard. Some financial institutions and enterprises have experimented with image-based authentication technology, where users must identify a series of photos or images to gain access. Malware creators are now defeating these security measures by including screen capture apps in their malware that activate when users connect to a targeted domain such as a bank or credit card company. As the McAfee researchers correctly note, the intent is about currency and not necessarily money, and there’s a big difference. The currency of the digital underground is access credentials to accounts of all varieties. Hacker groups and criminal organizations trade everything from credit card numbers to World of Warcraft IDs in exchange for tools, attack assistance and information. Those exchanges often lead to a financially motivated attack. McAfee is correct in its assertion that hackers and criminal groups will increasingly expand their target lists beyond financial institutions to include retailers, gaming and gambling sites and hosted services. What this trend underscores is the need for synergistic layered security. It’s an old strategy, but one that’s increasingly relevant. Conventional antivirus scanners may be able to detect and quarantine some of these advance pieces of malware, but not all. Intrusion detection and prevention systems will pick up much of the unauthorized traffic, but not all. And data loss prevention tools are useful for stopping many quantifiable data disclosures (such as credit cards and Social Security numbers), but they are still relatively powerless to stop unclassified data leaks. While such security schemas seem only relevant to large enterprises that can afford layers of defensive technology, threats are not exclusive to large organizations. That means even small and midsized organizations will require increasing amounts of security technology to prevent potentially devastating data disclosures and comprises. States and federal agencies are mandating security breach disclosures, making a security incident both potentially costly and embarrassing. Likewise, small and midsized businesses are more susceptible to catastrophic failure should their data and systems be compromised by hackers. A recent security survey by Channel Insider and the Computer Technology Industry Association (CompTIA) found that businesses are just as receptive to managed and cloud-based security services as they are to on-premise technologies. Solution providers should consider that when approaching customers and prospects with plans for synergistic security deployments since services are often more affordable than big one-time on-premise technology installations.

100 websites shut down as FIFA tackles fake tickets

via ITNewsAfrica.com - IT news, Telecom news and Mobile news from an African perspective by Editor on 9/25/09

FIFA has vowed to crack down on websites selling fake World Cup tickets, 100 websites globally have been shut down so far ahead of the world cup in South Africa next year. The world soccer body said...

This is a summary only. Visit ITNewsAfrica.com for full links, other content, and more!

Malware affiliate bounty: Infect a Mac, earn 43 cents

via Zero Day by Ryan Naraine on 9/25/09

A new malware affiliate program has been discovered offering 43c for every infected Mac machine.

Blind one-legged man wins arse-kicking contest

via The Register on 9/25/09

Rum-fuelled piratical rampage quelled by Taser

A partially-sighted, one-legged man who had consumed a substantial quantity of rum was accused of attempted murder after he set about four American policemen single-handed earlier this week brandishing an assortment of cutting and stabbing weapons. The understandably alarmed plods subdued their assailant by the use of a Taser electroprod gun.…

Case Study: WhatsUp keeps Legoland turnstyles ringing

Are The Governments Of The World Spying On Us By Installing Keyloggers In New Computers?

via Scam Types dot Com by Scam on 9/25/09

The following email forward has been circulating for quite a while now and is obviously still popular as it arrived in my inbox again yesterday.

This particular one is worded for the benefit of U.S. computer users as it references the Department of Homeland Security but there are plenty of other variants for other countries too.

The email claims that the government has installed keystroke loggers into new laptops (and other computers too presumably) -

GOVERNMENT AND COMPUTER MANUFACTURERS CAUGHT INSTALLING HARD-WIRED KEYSTROKE LOGGERS INTO ALL NEW LAPTOP COMPUTERS!

Devices capture everything you ever type, then can send it via your ethernet card to the Dept. of Homeland Security without your knowledge, consent or a search warrant each time you log onto the internet!

The real life implications of this are plain: Computer manufacturers appear to be cooperating with the Department of Homeland Security to make every person who buys a new computer subject to immediate, unrestricted government recording of everything they do on those computers!

EVERYTHING !

Even though I have an interest in reading about conspiracy theories from time to time I am still pretty certain the above email is a total hoax.

Others, however, are not so convinced – see Fear The Government.

What do you think?

Are The Governments Of The World Spying On Us By Installing Keyloggers In New Computers? is a post from: Scam Types dot Com Check out 101 Internet Security Programs and Tips

To Fight Worms, Use Ants

via Security Alert on 9/25/09

A novel new security system attempts to mimic insects in the fight against malware infections.