SOURCE: AllTechNews.org

Malware is no strange thing for computer users nowadays. Several computers all over the world get infected every day and it grows more and more. With this increasing number, it can surely raise a question: how do cyber criminals spread malware?

Simple. Thru infected websites. All the hackers need to do is to place some infecting codes in a webpage and somehow entice computer users to visit that site.

Cyber criminals take full advantage of a raging Facebook addiction or a top trending tweet. Official looking emails and irresistible enticements that feature fascination with social networking sites are hard for some people to resist.

Social networking scams are very effective in getting users check out a link that gives them an access to the infected website.

So the next time you think you will see a funny video on Facebook, you get a fake anti-virus offer that just doesn’t go away. Some link, huh.

So, its not just email attachments that can expose a user to malware. Even links do. So as responsible computer users we must continue being careful on the stuff we click. Again, think before you click.

How can TechieNow help?

.
With the growing number of ways to infect computers, we can’t necessarily conclude that not clicking on email attachments makes our computer secure. We have to be responsible computer users that are not easily deceived by cyber criminals. However in the event that you slip, do not worry, TechieNow specializes in malware removal. We can assure a better, fast and safe service for a very affordable price.

We all have experienced many online threats last year. And as year changes to 2010, the more online threats are changing too. Cybercriminals will be more eager to spread online threats and attack computers to benefit with any valuable information challenging users for security.

Here are some of the predictions that will challenge computer security this year:

1. Spam, Scams on Social Networking and Real-time Sites – A group of security researchers belonging from Websense, Breach Security, IBM Internet Security Systems‘ X-Force, and Symantec agreed that cybercriminals will focus their attacks on social networking sites such as Facebook, MySpace, and LinkedIn, and on real-time social sites like Twitter. When it comes to real-time features, Google, especially Google Wave, as well as Bing will be their target. The attackers enjoy the fact it will take time for others to discover the existence of a malicious link or file. Users may recognize one but still one way or another, there will still be victims.

2. Crime Cloud – Security vendors specifically AVG, M86, and RSA predicted that criminals will be attacking and using use cloud services directly to control attacks. and using them to direct and control attacks. IBM researchers are anticipating to see attackers exploiting more services. Take Amazon AWS for example which already served as a host for a malware command and control server.

3. Malware Hijacking Trusted Sites – Breach Security observes continuous improvements when it comes to compromising trusted sites and infecting them with malware. Numerous incidents of SQL injection has been proven successful in attacking sites. No doubt, it will happen again. Cybercriminals prefer to have a third-party that will distribute their malware.

4. Macs Will Be Compromised – It’s been years now that security companies have been talking about Mac being targeted by attackers for malware. According to Websense, exploitation will happen affecting Safari under Mac OS X which will invite hackers to target the Mac platform. Symantec is worried that Mac users who are not spending money to buy antivirus software yearly will not be protected with such attack. Zscaler still believe that Apple can somehow oblige the company to strengthen its security to surpassed continuous attacks. Many think Macs will be widely affected because of Adobe Flash vulnerability.

5. Search Engine Poisoning and Malvertising – Cybercriminals will exert more efforts on exploiting trusted sites. For them to infect sites, they will make use of search engines and advertisements. They will continue to threaten and weaken search results and enjoy the attention breaking news and events. Google together with Microsoft will assure its users for a safe search and advertising. Of course, they wouldn’t want their users to not trust them.

6. Increasing Number of Bots – Why would cyber criminals waste their time with cloud-hosted malware when botnets can do the same thing? Botnets are better than cybercriminals. It can also be a source of income generating cash for criminals and hijacking other botnets for money. This will cause conflict preventing botnets to grow and attracting security experts and law enforcement. It’s botnets against other botnets. It’s like what happened to Zeus/Zbot being shut down by Bredolab botnet. Symantec claimed that botnets have become the foundation of cybercrime.

7. Piracy Gets Riskier – Microsoft has started making a move to lessen software piracy since last December. They received many complaints from users who buy the pirated version of Windows. IBM researchers are expecting that the continuous use of the pirated software will infection more users will malware.

8. Mobile Security Issue – Smartphones like iPhone and Android-based handsets are like miniature personal computers. They are being used for business purposes. In 2010, Websense predicted that smartphones will be targeted for attacks just like the computers. Nowadays, security vendors either have or are developing a mobile security product service. IBM thinks that mobile attacks will still be limited.

9. Major Insider Theft Scandal Will – It is expected next year that someone who has been in a large organization accessing company data will be caught to be working for or with a cybercrime group. The Identity Theft Resource expected that the number of insider cases will increase because of failure to follow basic workplace security protocols.

10. Clickjacking is Back – According to Zscaler, clickjacking will strike back. Clickjacking is a malicious technique that tricks users to reveal confidential information or take control of their computer while clicking the sites. Jeremiah Grossman of WhiteHat Security and Robert “RSnake” Hansen of SecTheory reveal about the technique in October 2008. Efforts have made to lessen the risk of clickjacking but it is still effective to use especially with a social engineering component.

How Can Techie Now Help?

The above security threats serves as a reminder for computer users to be careful over the web. You’ll never know what security threat you will be into. For now, the best protection is a reliable and updated antivirus software that will keep you and your computer in trouble. When it comes to your computer’s protection, Techie Now is the name you can trust. Techie Now offers PC support services: virus and spyware removal, performance optimization, installation and configuration and general repair.

www.TechieNow.com

Facebook, a social networking site, has formed a Safety Advisory Board consulting on any issues related to online safety to better protect its 350 million users worldwide. It is consists of five (5) Internet safety organizations: Common Sense Media, ConnectSafely, WiredSafety, Childnet International and The Family Online Safety Institute, from North America and Europe.

Facebook is planning to meet the board members regularly to:

• review existing safety resources it provides its users
• develop new materials
• seek advice on general safety best practices

For the first task, the board needs to oversee an overhaul of safety content in Facebook’s Help Center. The main goal of the overhaul: to create a comprehensive resource with specific educational content for parents, teachers and teens.

According to Facebook’s director of European public policy, Richard Allan, we need group effort to improve safety online. We need to work together. Everyone who’s online or on Facebook should be diligent enough to report abusive behavior or make sure that the passwords for the accounts are kept secured. Safety issues for Facebook users include cyberbullying and phishing.

Facebook and its rival MySpace, owned by News Corp, wanted to increase their efforts for them to protect their youngest members from any kind of abuse.

How Can Techie Now Help?

Facebook is one of the biggest social networking sites being used by many today. It’s good to know that Facebook formed this Advisory Board for the safety of its millions of users online. If you also want to ensure online safety in your computer, Techie Now can do that for you. Contact us now and avail our PC support services: virus and spyware removal, performance optimization, installation and configuration, and general repair. Techie Now has everything you need with better services at better prices.

www.TechieNow.com

E-mail is being used for communication by businesses and individuals, and by cybercriminals for online attacks affecting everyone when not used carefully. Proofpoint, a security firm, has enumerated its 2009’s top 10 terrifying e-mail blunders:

• Trojan Horse Steals Bank Accounts – URLZone, a banking Trojan horse, was reported in September. It steals money while users are logged in their accounts displaying a fake balance. Computers get infected when you click a malicious link in an e-mail or visit a website with hidden malware. It also keeps your bank account login credentials, take screenshots, and sneak on your other web accounts like Facebook, Gmail, Paypal and more.

• FBI Forgery- FBI Director Robert Mueller’s wife prohibited him from doing online banking transactions after he had given his personal information to a phishing website. He received an email from what he thought was his bank verifying his information. He even filled out some information but realized in the end that it was not a good idea. So he changed his passwords and told the incident to his wife. That incident did not stop Mr. Mueller’s  from doing his online activities.

• White House Spam – It took place in August when the White House sent thousands of e-mail messages to Americans explaining its stand on the controversial health reform issue. It was spread through an e-mail account to create and dispel rumors. Nevertheless, the White House admitted that it was an unsolicited e-mail and blamed third-party groups for the mass e-mail.

• Hotmail Phishing – In October, thousands of Hotmail accounts were compromised where passwords were posted on some websites where developers normally share programming code. News site Neowin was able to see the list which had been removed and reported to Microsoft about the issue. In this particular phishing scam, the hackers sent out the list of the e-mail accounts with the letterhead of banks, eBay and other institutions, to convince the consumers that they have to reset their online passwords to their websites for security purposes. As soon as Microsoft discovered the scam, they blocked thousands of Hotmail accounts believing the accounts have all been hacked.

• Start-up Suicide – RockYou, a social media advertising and application start-up, sent out a mass e-mail to their customers and associates announcing their new site redesign last September. Instead of using BCC: in sending the e-mails, RockYou displayed the entire mailing list of over 200 e-mail addresses in the CC: field and those e-mail addresses ended up on a spammer’s list. After two months, RockYou sent another mass e-mail using a mailing list asking contractors to provide information for their W9 tax forms. Unfortunately, some people unintentionally send personal information to the entire mailing list.

• Gmail Account Deactivated – Last August, Rocky Mountain Bank in Wyoming sent names, addresses, social security numbers and loan information of more than 1,300 customers to a Gmail address by mistake. Realizing what they did, the bank e-mailed the same address asking the recipient to contact them and destroy the sent file without opening it but they didn’t receive a respond. The bank contacted Google asking for the account holder’s information. So, Google received an order from U. S. District Court Judge James Ware of the northern district of California deactivating the e-mail account and disclosing the identity and contact information of the Gmail account holder. The said Gmail user has not done any wrongdoing. From then on, anyone from the bank is advised to be watchful when sending e-mails and typing in the TO: field an e-mail.

• Payroll Panic – PayChoice, a payroll processor, was the victim of a website breach in September. The customers received targeted e-mails claiming to be from the company. The said e-mail is used to trick people into downloading malware or visit a website that will allow them to access the Onlineemployer.com PayChoice portal. The site was shut down and clients were notified within hours. The e-mails were spread through a Yahoo account with the links hosted from servers in Poland.

• UK Tax Error – HM Revenue & Customs, Britain’s tax authority, warned the people about scam e-mails using fake government e-mail address to convince recipients into revealing their personal information to receive a tax refund in return. Those e-mail messages are claiming that recipients were entitled to receive a tax refund, so they have to give their bank or credit card details so that their refund could be paid out. HRMC stated that they would never inform tax rebate through e-mail like most of the legitimate business and government organizations do or invite the people to complete an online form just to receive a tax rebate.

• Death, Taxes and Phish – In September, a fake e-mail notice was widely spread attacking against businesses and individuals and was claimed to come from the Internal Revenue Service. According to US-Cert, the attack was hidden in a fake e-mail with a subject line of “Notice of Underreported Income” which contains a link or attachment infected with a Zbot/Zeus Trojan virus. It is a program which steals credentials for banking login information.

• UCSD Message of Acceptance by Mistake – University of California San Diego mistakenly sent the same message of acceptance to all 46,000 students who took the college entrance where there are only 18,000 students who passed and accepted in the said university.

How Techie Now Can Help?

E-mails are being used to communicate for personal and business purposes. Cybercriminals also use them to steal one’s identity and money. So computers’ users must be careful when opening attachments or links in their e-mails because it might infect their PCs or steal their information especially if the computer is not protected. To protect your computer from any online attacks, contact Techie Now: virus and spyware removal, performance optimization, installation and configuration, and general repair. Techie Now assists your PC needs better than what others do.

www.TechieNow.com

The British police arrested a couple from Manchester, aged 20, for purportedly using a sophisticated and malicious virus to infect thousands of computers and steal millions of pounds worth of personal information.

The said virus is known to be the notorious ZeuS or Zbot Trojan which bypasses security safeguards to record online bank account details, passwords and credit card numbers. It also copies passwords for social networking sites and let the hackers control the computer by forwarding the data to the servers. The said virus appears in different guises, which includes false Facebook page encouraging users to download a software update. It can steal passwords or sends your personal information hackers. It also hijacks computers pressing them into the services of botnets which can be used to send spam e-mails, distribute more malware and do other malicious things. All the taken information is worth millions of pounds making the criminals sell or use it themselves.

According to Detective Superintendent Charlie McMurdie, the couple was the first in Europe to be arrested in connection with the scam. Zeus or Zbot Trojan is a known malware which can be used for infecting or accessing personal information. It has affected 10,000 computers worldwide. The couple gathered millions of lines of data from infected computers. The scam uses the taken data of users and quickly harms them financially. Cyber criminals use Zeus because it threatens the people from using the Internet globally.

Zeus viruses is the biggest and most sophisticated “banking trojan” in the world. It targets the online banking accounts of millions of people. As it first came out in 2007, Zeus had grown more flexible and complicated after a few months that it was able to adjust and look for more ways to prevent from being detected by anti-virus software. Symantec’s analyst, Orla Cox said that ZeuS spreads fast because there’s an available toolkit online which allowed the cybercriminals to customize and create their own versions. The toolkit makes it easy for people to steal from online accounts. Since it’s easy to find on the web, it’s a useful kit for those who wants to be an Internet crime lord. Ghost is one of the best know open source toolkit. In the past year, more than 90,000 variations of Zeus virus have infected computers.

The couple was suspected of offenses against the Computer Misuse Act 1990 and the 2006 Fraud Act on November 3. Unfortunately, they have been released on bail. Reports showed that many businesses and individuals have experienced the online attack worldwide where money are stolen from their accounts and transferred to the criminals through complex banking networks. The accounts of willing “money mules” receive the money and withdraw it.

How Can Techie Now Help?

With the virus like Zeus, online bank accounts are not safe from the cyber criminals. It can steal your passwords or send your personal information, only to find out that your all your money is being stolen under your nose. It’s good to know that cyber criminals like this couple from Manchester was arrested for committing the crime. To protect your money from being stolen in your bank account online, always use updated anti-virus software. If you need assistance with this and other PC support services (virus and spyware removal, performance optimization, installation and configuration, and general repair), contact Techie Now. Techie Now will keep your computer running and protected all the time!

Face Book email with worms

Help Net Security reported that Facebook users should be careful with Facebook spam e-mails claiming to be from Facebook administrators. Aside from being part of a phishing campaign, the said e-mail also transmit a nasty Trojan responsible for stealing the user’s banking information. Incidentally, Red Condor, a Web security company, was able to notice the new phishing e-mail attack.

The spam e-mail contains a web-link that redirects recipients to a hoax login page of Facebook getting account information from them. As soon as all the credentials are typed in, a page will then ask the user to download “updatetool.exe”, which is a kind of Trojan Zbot. Once the virus is installed, it will go through the hard drive of the user and gather stored personal banking information and other login information. It also does key logging and other malicious activities to obtain your information. According to Red Condor, phishers have made the fake Facebook login page for users to log on to Facebook in a refined manner. As a result, some users might believe that the login page is real.

Since million of Internet users are enjoying Facebook every day, users should be aware of these various hoax Facebook e-mails that were arriving in their mailboxes. Additionally, Jamie Tomasello, Cloudmark’s Abuse Operations Manager, stated that the Facebook scam is a result of a social engineering technique. Facebook is very popular in these days making it to be a prime target of cybercriminals and spammers. Malware authors are repeating their techniques to exploit Facebook’s popularity and control e-mail users to open their malicious e-mails. A Trojan malware Bredolab was also discovered disguising as a Facebook Password Reset. Internet security specialists noted that social networks still doesn’t impose using of HTTPS in place of HTTP in the URL because phishing pages imitating Facebook tends to succeed more.

How Can Techie Now Help?

Facebook is widely known for social networking, also being used by malware authors and spammers to victimize other people. If you feel that your PC is infected with malware, don’t worry. Techie Now can give you a hand with your PC needs – be it virus and spyware removal, performance optimization, installation and configuration, and general repair. Contact Techie Now and we will protect your PC before these malware get a chance to infect your system.

www.TechieNow.com

Trend Micro’s threat research revealed that Koobface botnet is abusing Google Reader by spamming URLS redirecting Internet users to infected websites through Youtube.

Google Reader is a Google-owned free service allowing users to monitor and share websites for new content. Koobface has been spamming URLs on social networking sites like Facebook, Myspace and Twitter. Koobface is spamming Google Reader now. A Google account is made and controlled by Koobface gang, hosting a page with a fake YouTube video. As the victim clicks the fake video, it will redirect to a compromised website, which also hosts another fake YouTube video. The user will be infected and becomes part of the Koobface botnet. Attackers use Google Reader’s to share links and messages between users to host an image resembling a Flash video. When the user tries to view the video, it will redirect to a fake YouTube page containing a video. As in previous attacks, the user was soon prompted with an alert that invited them to upgrade their Flash player. Hidden was the fact that instead of the updated software, the user was downloading the Koobface downloader component that would that take over the victim’s computer.

Trend Micro, the IT security vendor, has reported Koobface to Google for spamming more than 1300 known and unique fake Google Reader accounts. Nowadays, cybercriminals take advantage of Google because of its credibility that they hide malicious links behind Google Reader.

How Can Techie Now Help?

To keep your PC protected, contact Techie Now. We are here to help you with PC support services: virus and spyware removal, performance optimization, installation and configuration, and general repair. Techie Now offers you better service for the best price!

www.TechieNow.com

Are you addicted to Facebook? Beware!

Because MX Lab, a security firm, detected a new variant of Bredolab Trojan horse attached to a fake “Facebook Password Reset Confirmation” email. Some users claim that the e-mail comes from “The Facebook Team” where the sender’s e-mail address is displays as “service@facebook.com.”  Unfortunately, the address and sender were disguised.

The said e-mail is accompanied with an attachment named “Facebook_Password_4cf91.zip”, also includes the file Facebook_Password_4cf91.exe” and contains the new Facebook password of the user. When you run the file, it could cause destruction on your computer. According to MX Lab, Trojan horse Bredolab executes files from the Internet such as rogue anti-spyware. It is a malicious Malware that injects its own code into legitimate processes svchost.exe and explorer.exe to bypass firewalls. It also contains anti-sandbox code which allows Bredolab to quit by itself when an external program investigates its actions.

M86 Security, another security watchdog, said that Bredolab don’t just sneak into the computer of the user but also downloads a bot called Pushdo. Pushdo will immediately start spamming out more Facebook password reset e-mails. Facebook explained that the e-mail containing the virus is not coming from them. According to them, they will never send users a new password as attachment. They advised the users to immediately have their computers run a virus scan. Facebook users should be careful with a fake e-mail disguising as a Facebook password reset e-mail containing an attachment of the new password but in reality, contains a virus.

How Can Techie Now Help?

Facebook is one of the most popular social networking sites worldwide. With these fake and infected Facebook e-mails spreading around, users must be careful in opening and downloading malicious e-mails and attachments. If your computer has been infected with Bredolab Trojan horse, contact Techie Now. We are willing to solve your problem. With our virus removal services, Techie Now will treat your computer right and everything will be alright.

www.TechieNow.com

Do you know what social engineering is? Social engineering is the act of manipulating people into doing actions or exposing confidential information. It’s trickery or deception to gather information, fraud, or computer system access where in the hacker never comes face-to-face with the victim. Here are some of the social engineering techniques:

The hacker steals passwords through guessing the victim’s password reminder question with the help of gathered information from his or her social networking profile. One incident was when Hacker Roll was able to guess the password and broke into an e-mail account of Twitter’s administrative assistant using the Google’s password reset feature. After this, Hacker Roll was able to forward hundreds of pages of internal Twitter documents to different websites including TechCrunch which has published some and referred to others. Another college student also broke into Gov. Sarah Palin’s Yahoo e-mail account using Yahoo’s password reset questions.

People should be careful in creating passwords for their accounts. They should not disclose personal information on services like Facebook, Twitter and any other social networking sites because it will be easy for hackers to know your passwords. With the information available in your social sites, it’s easy to crack and discover your passwords. It’s like you are giving away your passwords or inviting hackers to have an access on your account.

The hacker befriends an individual or a group to gain their trust. And if the victims already trust him, he will make the victim click on links or attachment infected with Malware which can weaken a corporate system. There’s nothing wrong with meeting new friends in the Internet but it is very dangerous because you don’t really know the people who you are dealing with online. It’s not advisable to receive, accept or open links and attachments to unknown source. The hacker also pretends to be an insider to get information from the employees. If people think that you work for the same company, they will trust you a lot including the information that you need. This will be a big advantage on your part.

The hacker also impersonates you or your friends, even other people. He can message you anytime using the name of your friend. He will ask you a favor like asking for data from your office. Since you are not aware that you are talking to a stranger and not your friend, you’ll give him what he needs. After this, he can manipulate the data that you have given to him and this will really put you into trouble. A hacker can also call any company and claim that he is from technical support. In this situation, he can pretend that he is part of the technical support, help solve the problem and be able to have access from the victim’s computer and launch Malware.

Hackers and social engineering techniques can devastate your business or personal life. Include spoofing or hacking IDs for private e-mails, social networking sites or chat histories, phishing credit card account numbers and their passwords, and hacking websites of companies to destroy reputation. With the growing of numbers of hackers nowadays, it’s important to protect your system and company at the same time. You should be careful enough when dealing with unknown person because they might deceive or manipulate you. Remember, the only purpose of the hackers and social engineering techniques is to exploit human weaknesses to get personal benefits.

How Can Techie Now Help?

Hackers use social engineering to trick people and reveal passwords or information that will weaken the security of an individual, group or company. Social engineering really relies on human weakness than weakness of the computer system (hardware, software, network design, etc.) itself. If you have been victimized by hackers and your computer gets infected, worry no more. Techie Now can give a solution to your problem. Contact us now and we will remove the infections of your computer. Techie Now will work on your PC right away.

www.TechieNow.com