We all have experienced many online threats last year. And as year changes to 2010, the more online threats are changing too. Cybercriminals will be more eager to spread online threats and attack computers to benefit with any valuable information challenging users for security.

Here are some of the predictions that will challenge computer security this year:

1. Spam, Scams on Social Networking and Real-time Sites – A group of security researchers belonging from Websense, Breach Security, IBM Internet Security Systems‘ X-Force, and Symantec agreed that cybercriminals will focus their attacks on social networking sites such as Facebook, MySpace, and LinkedIn, and on real-time social sites like Twitter. When it comes to real-time features, Google, especially Google Wave, as well as Bing will be their target. The attackers enjoy the fact it will take time for others to discover the existence of a malicious link or file. Users may recognize one but still one way or another, there will still be victims.

2. Crime Cloud – Security vendors specifically AVG, M86, and RSA predicted that criminals will be attacking and using use cloud services directly to control attacks. and using them to direct and control attacks. IBM researchers are anticipating to see attackers exploiting more services. Take Amazon AWS for example which already served as a host for a malware command and control server.

3. Malware Hijacking Trusted Sites – Breach Security observes continuous improvements when it comes to compromising trusted sites and infecting them with malware. Numerous incidents of SQL injection has been proven successful in attacking sites. No doubt, it will happen again. Cybercriminals prefer to have a third-party that will distribute their malware.

4. Macs Will Be Compromised – It’s been years now that security companies have been talking about Mac being targeted by attackers for malware. According to Websense, exploitation will happen affecting Safari under Mac OS X which will invite hackers to target the Mac platform. Symantec is worried that Mac users who are not spending money to buy antivirus software yearly will not be protected with such attack. Zscaler still believe that Apple can somehow oblige the company to strengthen its security to surpassed continuous attacks. Many think Macs will be widely affected because of Adobe Flash vulnerability.

5. Search Engine Poisoning and Malvertising – Cybercriminals will exert more efforts on exploiting trusted sites. For them to infect sites, they will make use of search engines and advertisements. They will continue to threaten and weaken search results and enjoy the attention breaking news and events. Google together with Microsoft will assure its users for a safe search and advertising. Of course, they wouldn’t want their users to not trust them.

6. Increasing Number of Bots – Why would cyber criminals waste their time with cloud-hosted malware when botnets can do the same thing? Botnets are better than cybercriminals. It can also be a source of income generating cash for criminals and hijacking other botnets for money. This will cause conflict preventing botnets to grow and attracting security experts and law enforcement. It’s botnets against other botnets. It’s like what happened to Zeus/Zbot being shut down by Bredolab botnet. Symantec claimed that botnets have become the foundation of cybercrime.

7. Piracy Gets Riskier – Microsoft has started making a move to lessen software piracy since last December. They received many complaints from users who buy the pirated version of Windows. IBM researchers are expecting that the continuous use of the pirated software will infection more users will malware.

8. Mobile Security Issue – Smartphones like iPhone and Android-based handsets are like miniature personal computers. They are being used for business purposes. In 2010, Websense predicted that smartphones will be targeted for attacks just like the computers. Nowadays, security vendors either have or are developing a mobile security product service. IBM thinks that mobile attacks will still be limited.

9. Major Insider Theft Scandal Will – It is expected next year that someone who has been in a large organization accessing company data will be caught to be working for or with a cybercrime group. The Identity Theft Resource expected that the number of insider cases will increase because of failure to follow basic workplace security protocols.

10. Clickjacking is Back – According to Zscaler, clickjacking will strike back. Clickjacking is a malicious technique that tricks users to reveal confidential information or take control of their computer while clicking the sites. Jeremiah Grossman of WhiteHat Security and Robert “RSnake” Hansen of SecTheory reveal about the technique in October 2008. Efforts have made to lessen the risk of clickjacking but it is still effective to use especially with a social engineering component.

How Can Techie Now Help?

The above security threats serves as a reminder for computer users to be careful over the web. You’ll never know what security threat you will be into. For now, the best protection is a reliable and updated antivirus software that will keep you and your computer in trouble. When it comes to your computer’s protection, Techie Now is the name you can trust. Techie Now offers PC support services: virus and spyware removal, performance optimization, installation and configuration and general repair.

www.TechieNow.com

E-mail is being used for communication by businesses and individuals, and by cybercriminals for online attacks affecting everyone when not used carefully. Proofpoint, a security firm, has enumerated its 2009’s top 10 terrifying e-mail blunders:

• Trojan Horse Steals Bank Accounts – URLZone, a banking Trojan horse, was reported in September. It steals money while users are logged in their accounts displaying a fake balance. Computers get infected when you click a malicious link in an e-mail or visit a website with hidden malware. It also keeps your bank account login credentials, take screenshots, and sneak on your other web accounts like Facebook, Gmail, Paypal and more.

• FBI Forgery- FBI Director Robert Mueller’s wife prohibited him from doing online banking transactions after he had given his personal information to a phishing website. He received an email from what he thought was his bank verifying his information. He even filled out some information but realized in the end that it was not a good idea. So he changed his passwords and told the incident to his wife. That incident did not stop Mr. Mueller’s  from doing his online activities.

• White House Spam – It took place in August when the White House sent thousands of e-mail messages to Americans explaining its stand on the controversial health reform issue. It was spread through an e-mail account to create and dispel rumors. Nevertheless, the White House admitted that it was an unsolicited e-mail and blamed third-party groups for the mass e-mail.

• Hotmail Phishing – In October, thousands of Hotmail accounts were compromised where passwords were posted on some websites where developers normally share programming code. News site Neowin was able to see the list which had been removed and reported to Microsoft about the issue. In this particular phishing scam, the hackers sent out the list of the e-mail accounts with the letterhead of banks, eBay and other institutions, to convince the consumers that they have to reset their online passwords to their websites for security purposes. As soon as Microsoft discovered the scam, they blocked thousands of Hotmail accounts believing the accounts have all been hacked.

• Start-up Suicide – RockYou, a social media advertising and application start-up, sent out a mass e-mail to their customers and associates announcing their new site redesign last September. Instead of using BCC: in sending the e-mails, RockYou displayed the entire mailing list of over 200 e-mail addresses in the CC: field and those e-mail addresses ended up on a spammer’s list. After two months, RockYou sent another mass e-mail using a mailing list asking contractors to provide information for their W9 tax forms. Unfortunately, some people unintentionally send personal information to the entire mailing list.

• Gmail Account Deactivated – Last August, Rocky Mountain Bank in Wyoming sent names, addresses, social security numbers and loan information of more than 1,300 customers to a Gmail address by mistake. Realizing what they did, the bank e-mailed the same address asking the recipient to contact them and destroy the sent file without opening it but they didn’t receive a respond. The bank contacted Google asking for the account holder’s information. So, Google received an order from U. S. District Court Judge James Ware of the northern district of California deactivating the e-mail account and disclosing the identity and contact information of the Gmail account holder. The said Gmail user has not done any wrongdoing. From then on, anyone from the bank is advised to be watchful when sending e-mails and typing in the TO: field an e-mail.

• Payroll Panic – PayChoice, a payroll processor, was the victim of a website breach in September. The customers received targeted e-mails claiming to be from the company. The said e-mail is used to trick people into downloading malware or visit a website that will allow them to access the Onlineemployer.com PayChoice portal. The site was shut down and clients were notified within hours. The e-mails were spread through a Yahoo account with the links hosted from servers in Poland.

• UK Tax Error – HM Revenue & Customs, Britain’s tax authority, warned the people about scam e-mails using fake government e-mail address to convince recipients into revealing their personal information to receive a tax refund in return. Those e-mail messages are claiming that recipients were entitled to receive a tax refund, so they have to give their bank or credit card details so that their refund could be paid out. HRMC stated that they would never inform tax rebate through e-mail like most of the legitimate business and government organizations do or invite the people to complete an online form just to receive a tax rebate.

• Death, Taxes and Phish – In September, a fake e-mail notice was widely spread attacking against businesses and individuals and was claimed to come from the Internal Revenue Service. According to US-Cert, the attack was hidden in a fake e-mail with a subject line of “Notice of Underreported Income” which contains a link or attachment infected with a Zbot/Zeus Trojan virus. It is a program which steals credentials for banking login information.

• UCSD Message of Acceptance by Mistake – University of California San Diego mistakenly sent the same message of acceptance to all 46,000 students who took the college entrance where there are only 18,000 students who passed and accepted in the said university.

How Techie Now Can Help?

E-mails are being used to communicate for personal and business purposes. Cybercriminals also use them to steal one’s identity and money. So computers’ users must be careful when opening attachments or links in their e-mails because it might infect their PCs or steal their information especially if the computer is not protected. To protect your computer from any online attacks, contact Techie Now: virus and spyware removal, performance optimization, installation and configuration, and general repair. Techie Now assists your PC needs better than what others do.

www.TechieNow.com

Worm attack

The Internet is very useful to our everyday lives. However, we must know how to protect our PC from any online attacks. Viruses are one of the threats for PC users nowadays. Some send worms in chat message displaying a link to a web site which is also infected with a Trojan horse. Worms spread through programs exposing new vulnerabilities, then report them back to the hackers. The hackers will create the malware that will exploit the vulnerability before the people can download a fix.

Do you know what malware can do to your PC? Malware exposes your PC to online attacks. It also gives hackers direct access to your PC. It enables the hacker to get your personal information or control your PC remotely and be used in a criminal activity. Viruses are commonly found through peer-to-peer (P2P) networking. Spyware, Trojan horses, viruses and worms are being integrated into free downloads. Many users don’t know the danger of using the “browse host” feature of the P2P applications. It is very risky to use because it allows others to directly connect to your computer and browse through file shares.

Through using P2P, hackers can access your logins, user IDs and passwords, personal information such as letters, chat logs, cookies, and emails and other private and accessible folders on your PC. When it comes to email and instant messages, viruses in P2P files can steal your information, give it to cybercriminals to forge your identities and commit fraud.

You must protect your PC, follow these rules:

1. Protect your computer with updated security software. You need a security software that will protect your PC from hackers. Your computer should have an anti-virus, anti-spyware, anti-phishing, anti-spam and firewall to fight online attacks. It should scan any files including disks, email attachments, files downloaded from the web, and documents generated by word processing and spreadsheet programs.
2. Use a secure Internet service provider (ISP). It should have anti-spam and anti-phishing procedures.
3. Always update your Windows automatically or to prevent your PC from any known vulnerabilities. You can install patches from other software manufacturers. A fully patched computer behind a firewall can prevent lessen the risk of being infected with a Trojan and spyware installation.
4. Be careful when opening attachments. Set your anti-virus software to scan all your email and instant message attachments automatically. Don’t open unwanted emails, or attachments even from people you know.
5. Be cautious when using P2P file sharing. Some Trojans are just hiding within the programs and waiting for users to be downloaded. Also be careful in downloading files through email and instant messaging like files with the extensions .bat, .bin, .dll, .cmd, .exe, .lnk, .scr, .com and .vbs.
6. Use security protections for your cell phone, PDA, and Wi-Fi devices. Viruses and Trojans can be attached through email/IM, downloaded from the Internet, or are uploaded along with other data from a desktop. In time, cell phone viruses and mobile phishing attacks will be popular especially now that more people are accessing multimedia services and Internet content using their phones. It is advisable if you always use a PIN code on your cell phone. Don’t ever install or download mobile software from unknown source.
7. Set your instant messaging application correctly. Don’t set your instant messaging to open automatically as your computer opens.
8. Watch out for spam-based phishing schemes. Never click on links in emails or IM.
9. Always back up your files. So if ever you become a victim of a virus attack, you can recover all your important files.

How Can Techie Now Help?

Virus and worms are easily spread over the Internet. With all these threats, you have to protect your PC to prevent online attacks. As soon you become their victim, it will risk your personal and business life. If you need help with anti-virus software installation or virus removal, Techie Now is the best PC support provider that can help you. We do it fast, safe, better and with lower prices than others do. Contact Techie Now and get your PC protected.

www.TechieNow.com

A.U.K. security company is giving SafeOnline, a free security software, to banks that will stop malicious software from controlling online banking transactions or stealing data, even if the computer is infected. SafeOnline comes from a small security company in Derby, England, known as Prevx.

Many cybercriminals are developing complicated software, which they call as “man-in-the middle” or “man-in-the-browser attacks”. These software can be used to intercept banking transactions online while in progress and transfer funds with the user unaware that there’s something wrong. SafeOnline installs its own kernel-level driver on your Windows PCs. Since it is designed for secure browsing sessions conducted with SSL (Secure Sockets Layer) technology, all information from the keyboard is routed through that driver defeating attempts to record keystrokes or other interference. It has been tested by Immunity, a company that specializes in evaluating security technology.  Zeus, SilentBanker and Mebroot/Sinowal/Torpig are some of the most complicated banking malware tested against SafeOnline.

SafeOnline has an antiphishing feature preventing authentication information from being stored into a suspicious Web site. It also verifies DNS (Domain Name System) lookups against other trusted DNS servers to prevent pharming. In pharming, you redirect a website’s traffic to another bogus website.

Prevx is also giving an antimalware, its self-titled security product called Prevx 3.0.5, to the banks that decide to use SafeOnline with their customers.  Prevx is a small company but it is brutally competitive in the security market with other big players like McAfee, Symantec and Trend Micro. Prevx decide to give SafeOnline for free because as we all know, banks don’t want to pay for security software.

As of now, six (6) banking organizations are interested to use SafeOnline. Prevx has met the special requirements of the banks. According to the banks, they don’t want to modify their existing Web sites to accommodate a security technology. What they want is something that is easy for users and compatible with other security products their customers are using. Fortunately, Prevx’s software can run together with other security suites.

How Can Techie Now Help?

With so many cybercriminals around, it’s not that safe to engage your banking transactions online in these days. It’s best to use an antivirus software to protect your PC from infection and protect your money from being stolen. Do you have troubles detecting and halting Malware? You don’t need to worry. Contact Techie Now and we will do it easily for you. With Techie Now, you and your PC are protected at all time.

www.TechieNow.com

Most banks nowadays provide online banking services. With the increasing number of cybercriminals, you have to be very areful when doing money matters over the web. One of the evidences was the discovery of the URLZone virus.

URL Zone is a new type of banking Trojan horse that steals your login credentials and steals your money from your account at the same time. It is said to be controlled by servers in Ukraine discovered by the help of the researchers of a security firm, Finjan. It targets Firefox, Opera and last three versions of Internet Explorer – IE6, IE7 and IE8. It displays your fake balance while you are logged in. It steals the exact amount money from your account during the time when you are logged in.

At present, the said virus is only affecting computers in Germany. Generally, URLZone infects your PC when you open an e-mail and click a link or visit an infected site. Once the virus infected your PC, URLZone waits for you to transact banking online. While you are doing your bank transactions online, the virus is also present in the background with the bank server and you not knowing that it’s already stealing your money. It sound impossible but it’s really happening.

URLZone virus cleans its tracks on your account by displaying a fake balance in your computer. Of course, it wouldn’t show the amount of your stolen money. You will be able to distinguish the discrepancy in your balance if you use an uninfected PC, use an ATM or your transaction is denied because of insufficient funds.

For your own security, you should always update and run your antivirus, spyware and firewall protection automatically. In this way, virus and other malware will not sneak to your PC, infect it and steal the money that you have been saving all your life. Use the latest version of your web browser. It’s not safe to use out-of-date web browser because it is often riddled with holes that worms can get through. You must update your operating systems critical security patches automatically. It is one of the best protections against any type of security threat. Bank account users like you should not click on unsolicited web links in e-mails that you receive. You should also check your bank statements frequently.

How Can Techie Now Help?

With URLZone virus being discovered, it warns people to be careful when doing bank transactions online. For the first time, a virus hijacks a user’s browser session, steals money while doing online banking, and clean its tracks by displaying fake information to you. Beware! If you are concerned that your computer may already be infected with a virus, seek a PC support to help you. Techie Now can help you with that! Techie Now offers better services including virus and spyware removal, performance optimization, installation and configuration and general repair for your PC needs. With Techie Now, your PC, money and identity are safe.

www.TechieNow.com