They Are Out To Get You!

by Brian on August 2, 2010

They are out to get you.

“Just because you’re not paranoid doesn’t mean they’re not out to get you.”  ~Colin Sautar

Little things like choosing complex passwords, clicking links in random emails, and online banking used to be harmless daily activities. With the explosion of social networking, global broadband accessibility, and usage of online banking, the perfect storm has formed for hackers and thieves to gain access to your personal information.

There is a common delusion in the public that “I won’t be a target, I don’t have much money”. It’s true, these digital thieves used to go after the big fish , attempting to steal tens of thousands of dollars at a time. These days however, it is much easier to steal $1000 from ten people that it is to steal $10,000 from one person. Cyber-thieves are smart, efficient, and patient. They are targeting individual citizens and small businesses in record numbers. Maybe they will target you next?

How do they get my info?

There are hundreds of different methods they can use to gain access to your financial information. A common method is to find out the target’s email password go from there. Many people don’t see a need to make their email password very complex. I have heard people say “hey if somebody gets access to my email it wouldn’t be that big of a deal”. Quite the contrary if you think about it. Your email connects everything. Your online banking login, bill payments, social networking, you get the idea. If someone gets access to your email, in a matter of minutes, that person can reset your email password (so you no longer get any emails), and gain access to all of your contacts, your bank account, and your LIFE.

Perhaps I am being a bit melodramatic, but this situation can happen in a matter of minutes and it can take a person months to clean up the ‘damage’ from an identity theft occurrence.

What can I do to keep my computer and online accounts safe?

1. Form complex passwords! A few simple guidelines are:

-Password should be at LEAST 10 characters

-Don’t use any dictionary words

-Use each of the following: Capital letter, Lower case letter, number, punctuation point

-I like to use a sentence as the groundwork for my password. Here is an example. “My first date with Anna was at lonestar steakhouse”. I will now take the first letter of each word in this sentence and make a phrase: “MfdwAwaLS”. This is pretty good password by itself, but to make it even more complex, I will add a number to each side of the phrase with a period between the numbers and letters = “2002.MfdwAwaLS.2002”.

As you can see, this is a very complex password that would be next-to-impossible to guess. However, it is very easy to me to remember.

2. Fill out the “password reminder questions” with things that are very difficult to guess. Take them seriously and never reveal to anyone what your answers might be. Things like “In what state were you born?” are way too easy. Kick it up a notch! These systems usually allow you to create your own security question. I recommend using this feature, and cross-referencing another password. For example, you can make your security question “What is the password about my first date?” –the answer to this question being the password I created in bullet point number 1.

3. Use different passwords for every online login account.

4. Run a current version of an Antivirus program on your computer. AVG Free Edition, AVAST Antivirus, and Microsoft Security Essentials are all FREE antivirus packages that offer a good baseline of protection.

5. Don’t click every link you see on Facebook J Seriously, anyone can link to ANYthing, and there are plenty of account-hijackers out there that can take control of your friend’s facebook account. When this happens, you will see link, messages, and wall posts all trying to get you to click a link. Just think before you click.

Following these five steps will keep you fairly protected. But if the ‘bad guys’ still come knocking at your door and causing problems, it is best to seek out the services of a competent computer services professional. You know how to find us.

If you found this article useful, please click SHARE and spread the word. Thanks!

Brian Vance

http://pctlc.com

812-499-9587

{ 0 comments }

The Anatomy of An Attack

by Brian on April 1, 2010

In the ‘good old days’ of the Internet, virus writers were just out to make computers do silly things like play a song randomly or change the desktop background to something dirty. In recent years, virus writing has become a big (evil) business. Virus writers have gotten very smart and very tricky.

There are many different psychological angles virus writes can take when they attempt to infiltrate your computer. The following paragraph is only describing one of the MANY methods a virus can attack your computer. The attack I will describe below is what I would call a “hybrid phishing” scheme.

I received this email early Sunday morning from an address I did not recognize (warning sign #1). My immediate suspicions were confirmed when I read the subject line “your Adds have stopped running!”. I knew the email was a fake because the only online ads I run are through Google and Facebook, and this sender’s email matched neither.

You can read the email below. It uses poor spelling and says they have received a wire transfer of $25K from my company. The virus writer is asking what services the money was for and they suggested that the attached (infected) file included information about this wire transfer.

Kids, don’t try this at home…

Knowing this was very likely a virus file, I VERY CAREFULLY downloaded the file and uploaded the file to an online virus scan service. I have pasted the results below that confirmed my suspicion; this is a brand new virus.

Only about 1/3 of the antivirus engines out there even know this virus exists. We call this a “Zero Day Attack”. Because the virus is released and spreads before the antivirus companies can catch on and release updates to protect you from infection.

How can you stay protected? Here are the basics:

1.) Keep your antivirus program up to date. If you have a business network, use a server-based managed antivirus solution. (contact me for details)

2.) Keep your operating system fully up to date through Windows Updates

3.) DELETE emails from people you don’t know

4.) Be very cautious of email attachments, even from people you know and trust

5.) If you get an email that appears to be from your bank, paypal, facebook, or any other institution…DO NOT CLICK a link in the email. Instead, go directly to the company’s website by typing the address into your browser.

It’s a dangerous world out there, folks. Call me for a FREE network analysis to make sure that your network has all of the protections it needs.

Brian Vance

President

PC TLC, Inc.

812-499-9587

www.pctlc.com

The email I received is pasted here:

from

Lupe Cooley <l.cooley_ae@minimaxconsulting.com>

to

:my email

date

:Sun, Mar 28, 2010 at 12:11 AM

subject

: Your adds have stopped running!

we have received an $25,122 wire transfer from your company. We have no ideea how this transfer was placed in our account but your email address was in the note for beneficiary section. Attached is a copy of the incomming transfer provided by our bank.Please reply and let us know for what services was the transfer sent to our account…

File Attached: ntkr.doc (virus)

Here are the results from the Online Virus Scan Service:

Antivirus

Version

Last Update

Result

a-squared

4.5.0.50

2010.03.29

Trojan-Dropper!IK

AhnLab-V3

5.0.0.2

2010.03.29

AntiVir

7.10.5.247

2010.03.29

TR/Dropper.Gen

Antiy-AVL

2.0.3.7

2010.03.29

Authentium

5.2.0.5

2010.03.29

Avast

4.8.1351.0

2010.03.29

Avast5

5.0.332.0

2010.03.29

AVG

9.0.0.787

2010.03.29

BitDefender

7.2

2010.03.29

Trojan.Downloader.JMZC

CAT-QuickHeal

10.00

2010.03.29

ClamAV

0.96.0.0-git

2010.03.29

Comodo

4426

2010.03.29

DrWeb

5.0.2.03220

2010.03.29

eSafe

7.0.17.0

2010.03.28

eTrust-Vet

35.2.7394

2010.03.29

F-Prot

4.5.1.85

2010.03.29

F-Secure

9.0.15370.0

2010.03.29

Trojan-Dropper:W32/Agent.DIQH

Fortinet

4.0.14.0

2010.03.29

GData

19

2010.03.29

Trojan.Downloader.JMZC

Ikarus

T3.1.1.80.0

2010.03.29

Trojan-Dropper

Jiangmin

13.0.900

2010.03.29

K7AntiVirus

7.10.1004

2010.03.22

Kaspersky

7.0.0.125

2010.03.29

McAfee

5934

2010.03.28

McAfee+Artemis

5934

2010.03.28

Artemis!60DF604563A1

McAfee-GW-Edition

6.8.5

2010.03.29

Trojan.Dropper.Gen

{ 0 comments }