super-life.net » Security

Scareware Hits Gizzmodo

Charlotte — Wed, 28 Oct 2009 17:19:29 +0000

The well known gadget blog, Gizzmodo was harbouring more than just articles on the latest technology when advertising on the site was found to contain malicious code. The malicious code was added by hackers that were able to trick the site owners into thinking that they were from legitimate advertisers, Suzuki.
A similar attack occurred on the New York Times website, a month early where hackers posed as representitives from the telephone company Vonage.
The advertisments attempt to convince you that there is a virus on your computer and then try to sell you fake virus software which steals your bank details as we reported in an earlier post. Gizzmodo have appologised for the mistake saying that they take security very seriously and that it has been fixed now. By gaining access to trusted sites in this way the hackers are doing everything they can to exploit the good reputation of these popular sites.

Scareware – Expensive Free Anti Virus Software

Charlotte — Mon, 19 Oct 2009 09:50:09 +0000

A great story from the BBC has hapless computer users falling victim to fake anti-virus software. Symantec, makers of ligetimate anti-virus software, say that more than 40 million people have been duped into downloading the malicious software in the last year. (If I were more synical, I might say that this figure is exaggerated to benefit legitimate anti-virus software companies. Are people really that stupid?)
There are many different versions of this type of software. Symantec have identified more than 250 variations in the field. However a typical attack senario would be that the user visits a web site and a pop-up advert appears explaining that their computer has been infected by a virus and that it can be removed using anti-virus software which can be downloaded at a website. If the user is stupid enough to click on the banner,they will be taken to a suitably convincing website and will have to pay up to £60 to download and install the scam software on their machine.
So not only have you been parted from your money, but you have given your bank details and the software is installed on your computer. Potentially this could result in hijacking and ransoming your data, giving someone else control of your computer and network, identity theft.
Ignore pop-up advertising. It is always an underhand way of gaining attention and should be treated as being from scammers or people trying to scam you. The internet is still like the wild-west and any information you get from it should be treated with great suspicion (except this post). If in doubt then don’t download it.
With the computer user being the weak link in computer security, only education can help to prevent this kind of crime.

Microsoft Hotmail Passwords Leaked

Charlotte — Tue, 06 Oct 2009 08:48:10 +0000

A phising attack has compromised thousands of Microsoft Hotmail account passwords according to Microsoft. More than 10,000 usernamesand passwords mostly originating from Europe were posted on online.
Microsoft have said that they are not sure of the scale of the problem. The compromised accounts that have been seen so far all start with the letters A or B. However, this may mean that the list is just a subset of the original data.
Phising is a growing problem with convincing websites taking in many visitors. The advice for users is the sames as it always been: don’t give out important data online.
If you have a Hotmail account then you should immediately change your password and security question so that your news details cannot be compromised. Users frequently use the same password accross a number of different accounts. If one is compromised they are potentially all compromised.