Blog

London, England (CNN) — Twitter this week endured a number of “phishing” attacks, in which some users unwittingly gave out their passwords to malicious sites. Haven’t we all learned to keep our passwords to ourselves, you ask_?_ Perhaps. But the truth is we’re all vulnerable to social engineering, and two major Web trends are creating further confusion for new Internet users. The anatomy of these attacks is simple: You receive a message, seemingly from a friend on a social network. The message contains a link and some strong incentive to click it — in the case of the most recent Twitter attack, the note simply asks “This You????.” When you click the link, you’re prompted to log in again to view the page. ...

In Additional to my last Post: http://boelectronic.blogspot.com/2010/03/free-fakeav-at-virus-total-thats-not.html VirusTotal.com [http://en.wikipedia.org/wiki/VirusTotal.com] is a brilliant site that helps both public and researchers alike determine if an executable file they have is potentially malicious or not. Julio Canto (of VirusTotal fame) has noticed that somebody decided to cash in on the good name of the site with the following domain: virus-total(dot)in Go there, and you’ll see a message claiming the site is a “free online antivirus scanning service, click SCAN to begin scanning:“ ...

It’s been ten years already; can you believe it? I’m talking about the U.S. Census. It’s been ten years since the last one. Time to do it again. No, it wasn’t on my calendar either. To remind all of us and to encourage us to participate, the U.S. Census Bureau is spending $340 million to get the word out. There was even a Super Bowl ad. The Census Bureau will not be the only ones trying to get our attention and encouraging us to help them collect data. Cybercriminals will be doing the same thing. But they’ll be trying to fool us into thinking they are the Census Bureau. And the data they’ll be collecting will be a little different. It will be personal information they can use to rip us off. ...

There were a couple of news items that I thought were interesting enough, albeit unrelated, to comment on. The first (story here: http://news.bbc.co.uk/1/hi/technology/8537771.stm) is that Microsoft has taken legal action to shut down the Waldec botnet, and folks are divided about whether there was any point to it. While I don’t expect it to cause any noticeable lessening of spam, I’m pleased that they did it. Spam-sending is a business, after all, and if you can create a situation where it costs more to run it than they are making, then they might actually stop. After all, if your outgo exceeds your income, then your upkeep becomes your downfall. ...

If history is any gauge, this is probably the first of several incidents like this. The Register – which is worth reading twice a day for its insanely funny headlines if nothing else – is reporting that a hacker (hacktivist?), possibly British, who goes by the handle Neo, has gotten his hands on tax documents for about 1,000 companies and is tweeting the salaries of Latvian bank managers and other execs to Latvian TV. ...

VirusTotal has been well known to most readers of the blog. It’s a free virus and malware online scan service which allows submitters to test a particular file against a multitude of malware scanners. So, it’s not highly surprising that malware authors would try to use that name to further their gain. Today we came across such a sample arriving at one of our spamtraps through a car-related forum. The message looks like this: ...

Are malware authors and spammers suffering from the same affliction of “word salad“, or are they perhaps devoted students of Afringlish? Why else would one combine random words in an attempt to look legitimate? The reason is a simple one – not only are humans good at associating meaning to names, they are also exceptionally good at filling in the blanks, while machines are not. Thus, by carefully selecting particular names for insertion into the version information of malware samples, such as those of reputable software houses, the authors attempt to exploit this human condition. Presumably, they also hope to bypass security scanners which approve files based on such superficial attributes. ...

The Australasian Consumer Fraud Taskforce began its 2010 Fraud Week campaign today with release of the first Australian Competition and Consumer Commission (ACCC) scams activity report. Wednesday it will release information to help small businesses protect themselves. The March 1-7 Fraud Week hopes to reduce the incidence and impact of fraud and scams. The annual event tries to co-ordinate the release of information for consumers, timed to coincide with the International Consumer Protection Enforcement Network Global Consumer Fraud Prevention Month. ...

Since yesterday evening, PlayStation 3 users have been reporting difficulties in connecting their consoles to the PlayStation Network for online gameplay and system updates. While it was first thought to be a network-related issue, Sony has warned that there is a much more widespread issue currently affecting older PlayStation 3’s. Sony’s offical statement lists the following errors as a part of this internal clock bug: The date of the PS3 system may be re-set to Jan 1, 2000. When the user tries to sign in to the PlayStation Network, the following message appears on the screen; “An error has occurred. You have been signed out of PlayStation Network (8001050F).” When the user tries to launch a game, the following error message appears on the screen and the trophy data may disappear; “Failed to install trophies. Please exit your game.” When the user tries to set the time and date of the system via the Internet, the following message appears on the screen; “The current date and time could not be obtained (8001050F).” Users are not able to play back certain rental video downloaded from the PlayStation Store before the expiration date. “If you have a model other than the new slim PS3, we advise that you do not use your PS3 system, as doing so may result in errors in some functionality, such as recording obtained trophies, and not being able to restore certain data,” Sony warned this afternoon. ...

Since January we publish monthly reports about the categories of the spam messages which got sent around the last month. These categories are detected by Avira’s AntiSpam engine. Between January and February 2010 there didn’t change much in the spam landscape. The top 3 is still occupied by Pharmacy, Other (spams which don’t fit any category) and watches. However, this month the Malware category made its way on the 4th with 4.9% after it was only 0.5% in January. ...