In This Issue

• Consumer Awareness: “You’ve received an e-card!”
• Scams and Hoaxes 
• Microsoft and Apple Security Updates 
• Security Newsbytes

Consumer Awareness: “You’ve received an e-Card!”

Good news? Happy Birthday? Get-Well-Soon? Maybe, but e-greeting cards, e-gift cards, and online holiday messages are increasingly being used by scammers and cyber criminals to spread viruses and other vicious malware. Many e-Cards are rigged with links that take unsuspecting recipients to bogus websites that can infest systems or compromise user identities and personal information. If you believe you’ve been the victim of an e-Card scam, report it to your computer consultant, computer help desk, or your Internet Service Provider (ISP) immediately. Once the scam has been verified, file a report with the Federal Trade Commission on their website at https://www.ftccomplaintassistant.gov/.

E-card Do’s and Don’ts

• Don’t click on links in emails announcing an e-Card or on e-Card attachments. If it’s a legitimate e-Card, the sender may be disappointed that you didn’t get it, but weigh that against the risk of your computer getting infected if you do click.
• Don’t reply to emails or pop-up messages offering quick fixes for viruses. Legitimate computer security companies don’t sell their products by spam email or by using pop-ups.
• Don’t cut and paste the link from the message into your Internet browser. Phishers can make links look like they go to one place, but that actually send you to a different site.
• Do delete random emails that ask you to confirm or divulge personal information.
• Do use antivirus and anti-spyware software and update them regularly. Some scam emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Look for antivirus software that recognizes current viruses as well as older ones, that can effectively reverse the damage if your computer does get infected, and that updates itself automatically.
• Do use a two-way software firewall. It helps make your computer less visible on the Internet and blocks communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Mac OSX) or browsers (like Internet Explorer or Firefox) also offer free software “patches” to close holes in the system that cyber criminals could exploit. Do apply the patches. 

More information  VIDEO  QUIZ

Scams and Hoaxes

Delta Air Lines Malware Emails
This email purports to be from US based air carrier Delta Air Lines and claims to contain information about a recent online ticket purchase. It instructs recipients to open an attached file, ostensibly to print out a “passenger itinerary receipt.” However, the email is not from Delta and opening the attached file can install malware that may allow hackers to control the infected computer and steal personal and financial information.  More information

Economic Stimulus Bill Scam
Fraudsters are using the logo of the Internal Revenue Service, combined with the promise of federal stimulus money, to dupe cash-strapped people into divulging credit-card information on a phony Web site. It's the latest example of attempted identity theft rising amid the current economic turmoil, hitting a range of areas from mortgages to tax returns. The email, which displays photos of President Barack Obama and Vice President Joe Biden, claims to offer people their portion of the recently approved stimulus bill. Recipients are instructed to click an email link and enter their personal financial information on a counterfeit Web site.  More information

Cox Communication Customer Phishing
Cox Communications customers should be on the lookout for an email that pressures Cox customers to verify their personal information within 24 hours or, for security reasons, their account will be suspended and shut down permanently within two weeks. However, the emails are not from Cox Communications and no reputable company requests social security numbers, dates of birth, passwords, or any other personal information by email.  More information

Military Vehicle Scam
The FBI issued an alert that the agency has been receiving reports of individuals victimized while attempting to purchase vehicles off the Internet. The latest twist on the scam involves cybercriminals posing as members of the U.S. military. Victims find attractively priced vehicles advertised in Internet classified ad sites, from which they are contacted by a phony third-party vehicle protection program to ensure a “safe transaction.” After receiving convincing e-mails from the phony vehicle protection program, the victims are told to send the full payment, or a percentage of the payment, to the third-party agent via a wire payment service.  More information

Microsoft and Apple Security Updates

Microsoft and Apple provide free security updates for their software products.

Windows: Microsoft issues patches for all Microsoft products on the second Tuesday of each month as well as out-of-cycle patches on any day of the month. The scheduled release date is April 14. This is a good occasion to check manually, a practice that you should follow once every two weeks, to make sure all of the updates have been installed.  More information

OS X: Updates are issued frequently, and their contents may differ depending on which processor is in your Mac (PPC or Intel).  More information

Security Newsbytes

Crooks Flock to Rogue Antivirus Applications

Chasing massive profits, crooks have unleashed a flood of rogue antivirus programs that attempt to fool or scare unsuspecting PC users into forking over cash for an app that does nothing worthwhile. According to the Antiphishing Working Group, the number of fake security programs skyrocketed from average of around 2,500 per month to 9,287 in December. The group's latest report, covering the second half of 2008, says that while rogue antivirus has been around for years, it wasn't until the middle of last year that crooks starting turning the fake applications into a serious money-making machine. The Washington Post's Security Fix recently showed that dirty affiliates who help spread the junk apps can earn more than $330,000 a month in commissions.  More information

Adobe Reader and Internet Explorer 7 Holes under Attack

If you were an Internet crook, the following item would be music to your ears: A zero-day flaw--a security hole for which no fix is available before attacks are launched--exists in Adobe Reader and Acrobat, and can be exploited by a poisoned PDF file that lets you take over a vulnerable computer. Adobe has released patches for versions 7, 8 and 9 of both programs. Bad Guys went after a bug in Internet Explorer 7 within a week after Microsoft distributed a fix. Those attacks employed a malicious Word document, but crooks could also add hidden code to a hijacked website to create a drive-by download attack. You can install the patch for this browser flaw via Automatic Updates, or you can download it from the link given below. 

Firefox Patches Zero-day Vulnerability

Just days after a hacker released code that could be used to attack the Firefox browser, Mozilla developers released an updated 3.0.8 version of their flagship browser just two days after the malicious code was posted on a website.  More information

[Editor’s Note (Wyman): Kudos to the makers of Firefox! Their prompt remediation is a welcome change from the foot-dragging and spin-doctoring that other software manufacturers indulge in while the users of their flawed products are left hanging. Users should not be put in the position of trying to figure out whether or not a flaw is a “real” flaw, or how grave a risk they face if they continue to use a product. Software should be subject to the same rules and regulations as any other consumer product, regardless of the purchase price, and its makers held accountable legally and financially for failing to issue clear warnings and to repair or replace a faulty product promptly, including damages incurred by the user.]

New “Scareware” Trojan Holds Users to Ransom

A Trojan that normally peddles bogus antivirus ”scareware” has hit on a new way of persuading users to part with money for a worthless license. It encrypts their data first turning them into gibberish. The new version of the Vundo Trojan reported to be doing the rounds by security company FireEye is the first to tie straight extortion to a conventional rogue anti-virus software scam. Luckily, it appears that the encryption method is crude enough that one of FireEye's technical staff was able to write a script able to unscramble a victim's files without paying the $40.  More information

Nasty New Worm Targets Home Routers and Cable Modems

A computer worm has been discovered that can infect 55 different home-based routers and DSL/cable modems including common brands like Linksys and Netgear. Believed to have originated in Australia and known as “psyb0t” or Bluepill, this is the first worm known to be able to infect residential routers and modems. Psyb0t is armed with 6,000 common usernames and 13,000 popular passwords that it tries in various combinations to gain entry to your home network. Most home-based routers will give you unlimited attempts to get the username and password correct, making these devices an ideal target for infection. Also, unlike your PC, your router and modem are running 24 hours a day, meaning psyb0t has less time to try and gain access. The best way to protect your home network is to make sure you are not using the default password and username that came with your equipment. Consult the materials that came with your device or the manufacturer's website for instructions on how to change your username and password. If you're worried that your router have been infected, a simple factory reset of the device will kill the worm. If you have any questions or concerns about the security of your modem/router, contact your Internet Service Provider.  More information

[Editor’s Note (Reichert): Unless you need to leave your cable or DSL modem/router on 24/7 to support other devices such as Voice over IP telephones, consider shutting it off when not needed. You should also periodically change the passwords on the device to help fend off these types of attacks…but make sure you use strong passwords.]