Nov182010

Black Friday and the looming Google Instant Security threat

I have previously warned that "Google Instant" may pose serious risks.   Now news from Pandalabs of some serious malicious code that could well spoil your holidays ahead.

Though mundane, this is "Must Read" material.



[KickIt] [Dzone] [Digg] [Reddit] [del.icio.us] [Facebook] [Google] [StumbleUpon] [Twitter]

Tags: , , , , ,

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Comments

Sep282010

The evolving “LinkedIn” threat

A couple of days ago I posted a warning about false communications pretending to be from LinkedIn.  That threat continues and evolves with a variation on the threat arriving in my email today.  See the screen capture below.  Everything about this email on the surface looks legitimate, except of course for the fact my name is not “Dawn”, nor am I expecting any payment from any of my LinkedIn connections.

As always, your best defense is your own common sense.  If anything arrives in your email that just doesn’t “smell right”, chances are it’s not right and potentially carrying a nasty payload just like the ZIP file attached in this email.

Always make sure your system has the latest critical updates from Microsoft.  Always make sure you have current AntiVirus and other malware detection systems active and most importantly, CURRENT and up to date with the latest threat definitions.  The Internet is a seedy place, browse safely and trust no one.

 

Email carrying malicious payload



[KickIt] [Dzone] [Digg] [Reddit] [del.icio.us] [Facebook] [Google] [StumbleUpon] [Twitter]

Tags: , , , , , ,

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Comments

Sep082010

ALERT! New scareware scheme

This news just in from AV solution provider Sunbelt Software:

Security researchers have uncovered a new scareware attack named MSIL/Zeven, which lures users into downloading a fake antivirus software.

The malware identifies users' browsers and displays an authentic-looking version of the browsers' malware warning page, as a way of convincing individuals that the alert is real. When users click on the link presented in the fake warning page, they are directed to a website where they can purchase antivirus software known at "Win7 AV."

The site that offers the antivirus software is designed to look identical to a legitimate Microsoft website, though security experts warn users that the page is fake. To defend against these malicious crimes, leaders in the field advise users to be skeptical of what they download from off the internet, as well as install the latest malware protections.

Many researchers have found the new attack website's design is so close to the real thing, even skilled professionals have a difficult time deducing whether it's a fake.

Recently, security analysts uncovered scareware malware loaded onto a computer at a major airport in England. The presence of malware on public terminals could be a dangerous signal for web users, who may be giving their private information to cyber crooks without even realizing it.



[KickIt] [Dzone] [Digg] [Reddit] [del.icio.us] [Facebook] [Google] [StumbleUpon] [Twitter]

Tags: , , , ,

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Comments

Mar162009

Today's Tip: Update to AntiSpyware XP2009

Last week I alerted you to a common trojan trap that is surfacing all over the web under a variety of names. AntiSpyware XP2009 is just one name. Rather than update the original post, I have decided to post this once again because of the EXTREME DANGER this type of threat poses.

A colleague of mine recently passed away. While searching for news about him, I navigated to a site where I was greeted by this pop-up window:


AV360 Pop Up


Pretty scary huh? It gets better. It matters not how you exit the pop-up message, as soon as you do, a fake "scan" animation is displayed that makes it appear your system is being scanned. It is important to note that the script is NOT PERFORMING A SCAN. What you see is only an animated webpage made to resemble an actual scan. A full size screen capture of this scan animation is displayed here
So how do we know the scan is a fake? Well for starters, the fake animation displays only 2 Local Disk drives and a DVD-RAM drive. In reality, there are 9 Disk drives on my computer and one DVD-RW drive. Secondly, while "local disk" is the name Windows assigns Hard Disk Drives during installatioin, I rename all my drives to unique names. It's a neat little trick that can help you spot these fake screens. Renaming HDD's to a friendly name will be the subject of a future post. And lastly, we know this is a fake screen because the layout is based on a Windows XP Explorer window, I'm actually using Windows 7 Beta on this computer.
Finally, take a close look at the final screen capture below:


AV360 Pop Up


Under no circumstances should you select the "OK" option to install. Clicking on the X, or the Alt-F4 keystroke combination just puts you in a repeated error message loop. Close the actual BROWSER window to cut this trojan off at the knees.
It's easy to be fooled by these tricks and a lot harder to clean up after, so surf smart. Don't panic when you see a pop up like this, but if you get taken in, call the St. George UT PC doctor for disaster cleanup.



[KickIt] [Dzone] [Digg] [Reddit] [del.icio.us] [Facebook] [Google] [StumbleUpon] [Twitter]

Tags: , , , , , , , ,

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Comments