E-mail is being used for communication by businesses and individuals, and by cybercriminals for online attacks affecting everyone when not used carefully. Proofpoint, a security firm, has enumerated its 2009’s top 10 terrifying e-mail blunders:

• Trojan Horse Steals Bank Accounts – URLZone, a banking Trojan horse, was reported in September. It steals money while users are logged in their accounts displaying a fake balance. Computers get infected when you click a malicious link in an e-mail or visit a website with hidden malware. It also keeps your bank account login credentials, take screenshots, and sneak on your other web accounts like Facebook, Gmail, Paypal and more.

• FBI Forgery- FBI Director Robert Mueller’s wife prohibited him from doing online banking transactions after he had given his personal information to a phishing website. He received an email from what he thought was his bank verifying his information. He even filled out some information but realized in the end that it was not a good idea. So he changed his passwords and told the incident to his wife. That incident did not stop Mr. Mueller’s  from doing his online activities.

• White House Spam – It took place in August when the White House sent thousands of e-mail messages to Americans explaining its stand on the controversial health reform issue. It was spread through an e-mail account to create and dispel rumors. Nevertheless, the White House admitted that it was an unsolicited e-mail and blamed third-party groups for the mass e-mail.

• Hotmail Phishing – In October, thousands of Hotmail accounts were compromised where passwords were posted on some websites where developers normally share programming code. News site Neowin was able to see the list which had been removed and reported to Microsoft about the issue. In this particular phishing scam, the hackers sent out the list of the e-mail accounts with the letterhead of banks, eBay and other institutions, to convince the consumers that they have to reset their online passwords to their websites for security purposes. As soon as Microsoft discovered the scam, they blocked thousands of Hotmail accounts believing the accounts have all been hacked.

• Start-up Suicide – RockYou, a social media advertising and application start-up, sent out a mass e-mail to their customers and associates announcing their new site redesign last September. Instead of using BCC: in sending the e-mails, RockYou displayed the entire mailing list of over 200 e-mail addresses in the CC: field and those e-mail addresses ended up on a spammer’s list. After two months, RockYou sent another mass e-mail using a mailing list asking contractors to provide information for their W9 tax forms. Unfortunately, some people unintentionally send personal information to the entire mailing list.

• Gmail Account Deactivated – Last August, Rocky Mountain Bank in Wyoming sent names, addresses, social security numbers and loan information of more than 1,300 customers to a Gmail address by mistake. Realizing what they did, the bank e-mailed the same address asking the recipient to contact them and destroy the sent file without opening it but they didn’t receive a respond. The bank contacted Google asking for the account holder’s information. So, Google received an order from U. S. District Court Judge James Ware of the northern district of California deactivating the e-mail account and disclosing the identity and contact information of the Gmail account holder. The said Gmail user has not done any wrongdoing. From then on, anyone from the bank is advised to be watchful when sending e-mails and typing in the TO: field an e-mail.

• Payroll Panic – PayChoice, a payroll processor, was the victim of a website breach in September. The customers received targeted e-mails claiming to be from the company. The said e-mail is used to trick people into downloading malware or visit a website that will allow them to access the Onlineemployer.com PayChoice portal. The site was shut down and clients were notified within hours. The e-mails were spread through a Yahoo account with the links hosted from servers in Poland.

• UK Tax Error – HM Revenue & Customs, Britain’s tax authority, warned the people about scam e-mails using fake government e-mail address to convince recipients into revealing their personal information to receive a tax refund in return. Those e-mail messages are claiming that recipients were entitled to receive a tax refund, so they have to give their bank or credit card details so that their refund could be paid out. HRMC stated that they would never inform tax rebate through e-mail like most of the legitimate business and government organizations do or invite the people to complete an online form just to receive a tax rebate.

• Death, Taxes and Phish – In September, a fake e-mail notice was widely spread attacking against businesses and individuals and was claimed to come from the Internal Revenue Service. According to US-Cert, the attack was hidden in a fake e-mail with a subject line of “Notice of Underreported Income” which contains a link or attachment infected with a Zbot/Zeus Trojan virus. It is a program which steals credentials for banking login information.

• UCSD Message of Acceptance by Mistake – University of California San Diego mistakenly sent the same message of acceptance to all 46,000 students who took the college entrance where there are only 18,000 students who passed and accepted in the said university.

How Techie Now Can Help?

E-mails are being used to communicate for personal and business purposes. Cybercriminals also use them to steal one’s identity and money. So computers’ users must be careful when opening attachments or links in their e-mails because it might infect their PCs or steal their information especially if the computer is not protected. To protect your computer from any online attacks, contact Techie Now: virus and spyware removal, performance optimization, installation and configuration, and general repair. Techie Now assists your PC needs better than what others do.

www.TechieNow.com

Twitter is being used by many people worldwide in these days. It’s a free social networking and micro-blogging service enabling its users to read and send messages. Because of its increasing popularity, Twitter has exerted its effort to stop attacks which includes spam, worms such as Mikeyy, and phishing. Twitter confirmed that the site was hacked last May where some individual account information were also leaked.

In regards to this, Kaspersky revealed a new tool named “Krab Krawler”. It will analyze million of tweets posted on Twitter every day and will block any Malware associated with them.

Krab Krawler will:

• looks at every public post as it appears in on Twitter
• extracts any URLs in them and analyzes the web page they go to
• expands any URLs that have been shortened

Twitter scans almost 500,000 new unique URLs every day where there are about 100 to 1,000 Malware attacks happen. Koobface virus has targeted Twitter by posting malicious links from infected users’ accounts. Twenty-six (26) percent of the total Twitter posts contain URLs redirecting to spam sites which are marketing products or services and not considered Malware. Thousands of accounts post spam links created by bots. Most of the URLs redirect to online dating sites.

Kaspersky’s regular antivirus software can detect and block ninety-five (95) percent of the Malware Twitter users are afraid of. Some antivirus companies focus protecting e-mail-borne viruses but also give more attention to social-media sites now. For now, Finjan offers SecureTweets to Twitter users. SecureTweets is a  free browser plug-in that warns the users as they come upon a malicious URL in Twitter, also includes Blogger, Gmail, Google search, MSN, MySpace, Yahoo and more sites.

Attackers are fond of hitting social-media sites because there are many people using them and trusting messages in there with their friends more than they do in e-mails. According to Kaspersky, Trojan-Clicker.HTMLIFrame is the most common piece of Malware associated with Twitter. It is a malicious Javascript that can be transferred to computer when you visit a compromised web site.

How Can Techie Now Help?

If your PC gets infected while using Twitter and you need help, feel free to contact Techie Now. Our virus removal services will be the solution you are looking for. We offer better services at a lower price. With Techie Now, your PC is at good hands.

www.TechieNow.com

Do you know what social engineering is? Social engineering is the act of manipulating people into doing actions or exposing confidential information. It’s trickery or deception to gather information, fraud, or computer system access where in the hacker never comes face-to-face with the victim. Here are some of the social engineering techniques:

The hacker steals passwords through guessing the victim’s password reminder question with the help of gathered information from his or her social networking profile. One incident was when Hacker Roll was able to guess the password and broke into an e-mail account of Twitter’s administrative assistant using the Google’s password reset feature. After this, Hacker Roll was able to forward hundreds of pages of internal Twitter documents to different websites including TechCrunch which has published some and referred to others. Another college student also broke into Gov. Sarah Palin’s Yahoo e-mail account using Yahoo’s password reset questions.

People should be careful in creating passwords for their accounts. They should not disclose personal information on services like Facebook, Twitter and any other social networking sites because it will be easy for hackers to know your passwords. With the information available in your social sites, it’s easy to crack and discover your passwords. It’s like you are giving away your passwords or inviting hackers to have an access on your account.

The hacker befriends an individual or a group to gain their trust. And if the victims already trust him, he will make the victim click on links or attachment infected with Malware which can weaken a corporate system. There’s nothing wrong with meeting new friends in the Internet but it is very dangerous because you don’t really know the people who you are dealing with online. It’s not advisable to receive, accept or open links and attachments to unknown source. The hacker also pretends to be an insider to get information from the employees. If people think that you work for the same company, they will trust you a lot including the information that you need. This will be a big advantage on your part.

The hacker also impersonates you or your friends, even other people. He can message you anytime using the name of your friend. He will ask you a favor like asking for data from your office. Since you are not aware that you are talking to a stranger and not your friend, you’ll give him what he needs. After this, he can manipulate the data that you have given to him and this will really put you into trouble. A hacker can also call any company and claim that he is from technical support. In this situation, he can pretend that he is part of the technical support, help solve the problem and be able to have access from the victim’s computer and launch Malware.

Hackers and social engineering techniques can devastate your business or personal life. Include spoofing or hacking IDs for private e-mails, social networking sites or chat histories, phishing credit card account numbers and their passwords, and hacking websites of companies to destroy reputation. With the growing of numbers of hackers nowadays, it’s important to protect your system and company at the same time. You should be careful enough when dealing with unknown person because they might deceive or manipulate you. Remember, the only purpose of the hackers and social engineering techniques is to exploit human weaknesses to get personal benefits.

How Can Techie Now Help?

Hackers use social engineering to trick people and reveal passwords or information that will weaken the security of an individual, group or company. Social engineering really relies on human weakness than weakness of the computer system (hardware, software, network design, etc.) itself. If you have been victimized by hackers and your computer gets infected, worry no more. Techie Now can give a solution to your problem. Contact us now and we will remove the infections of your computer. Techie Now will work on your PC right away.

www.TechieNow.com