Saturday, September 1, 2007

iPhone Phishing Scams

Scammers are taking advantage of the excitement over Apple’s newest smart phone, the iPhone.

The scammers are sending malicious e-mails that try to trick recipients into thinking that they have won an iPhone of their own.

These e-mails contain a link that will attempt to connect to a website and install malicious software designed to take control of the victim’s computer.

Cell phone users urged to install anti-virus software

Dubai: Etisalat has urged cell phone users to install special software on their phones to prevent them from becoming infected with viruses.

The telecommunications company has also urged cell phone users to be extra vigilant before they open applications or attachments sent to their phones.

The warnings come following the return of the CommWarrior virus, which was widely reported by UAE cell phone users early last year.

Ahmad Bin Ali, Etisalat's Vice-President for Corporate Communications, said: "We encourage people to put anti-virus software on their cell phone.

"Also, they should be sure what they have received [on their phone] before they save it. They should be sure it is a safe programme or file."

Bin Ali said as well as MMS, Bluetooth was another common way of picking up cell phone viruses.
Click Here!

He said if users were not sure about applications or attachments received through Bluetooth or MMS, they should delete them without opening them.

He said: "These viruses do not affect all cell phones. They happen to mobiles with applications for these things."

Recipients with 'smartphone' handsets that use the Symbian operating system are at risk of being infected with the virus, although not all such smartphones will run the application.

Cabir virus

Other phones will get a message telling them to download the MMS from the Etisalat website, using a specific message ID and password.

One person who received CommWarrior said he thought it was safe to open the MMS because it came from a colleague's cell phone. "I opened it because I thought it was something my colleague wanted me to check," he said.

In a bid to stop the phone from continuing to send the message, he has removed the SIM card and transferred it to another handset. The original handset has been taken to a cell phone store to have the virus removed.

Another cell phone phone virus that has previously been reported in the UAE is Cabir, which launches a file that makes the mobile's screen display the word Caribe.

Those who received this virus on their phones reported that, as with CommWarrior, their phones began sending messages to other phones. Cabir also runs the battery down quickly.

As well as sending themselves to other phones selected from the handset's address book, Nokia has warned that viruses such as CommWarrior can spread themselves by attempting to reply with an infected MMS to all incoming messages.

Alternatively, the viruses sometimes send copies of themselves to cell phone devices that have the Bluetooth connection set to 'visible' mode

5 Essential laptop security tips

Laptop theft is a huge problem. It is common nowadays to use a laptop to get work done away from your home or office. Unfortunately, the mobility and technology that make laptops so valuable also make them the target for theft around the world.

If your laptop is stolen, company information can be exposed, as well as your personal information can lead to identity theft. In this hack, we’ll show you 5 essential tips to learn how you can keep your laptop more secure.

Tip #1: Never leave any passwords in your laptop case. If you do keep your passwords with your laptop, it’s much like keeping the keys in your car. Remember that without your passwords, it will be more difficult to unlock your computer and access your personal information.

Tip #2: Laptop theft is a crime of opportunity. Always take your laptop with you, and always keep your eye on it. For instance, if you’re meeting someone, lock your laptop in the trunk and make sure it’s stored out of the sight. Further more, try not to leave your laptop in an accessible area, such as your hotel’s front desk. If you do have a safe or a security cable, use it.

Tip #3: Have sensitive data? Encrypt it. If someone gets your laptop and gains access to your files, encryption can give you an extra layer of protection. Programs such as TrueCrypt make the job very easy. Windows users can use Encrypted File System (EFS) to encrypt files and folders.

Tip #4: Password protect your systems. Every laptop user should protect their laptop with startup passwords. Set a BIOS password to lock the system before the operating system even starts. Windows users can set a password to start Windows. Remember that startup passwords will prohibit any access to the computer at all.

Make sure you choose a good password - make it a long one and complex. Only hard-to-guess passwords will prevent thieves from guessing your password. If your laptop supports biometric authentication, you should use your fingerprint in place of a password.

Tip #5: If the worse happens, and your laptop does get stolen, wouldn’t it be great if you could trace it? There are companies that offer tracking software, allowing the stolen laptop to send its location (for example, LaptopLock). Unfortunately, those programs work only when the stolen laptop connects to the Internet.

Use these 5 tips to keep your laptop more secure when you’re on the road and off the house or work.

Canon May Bust Harry Potter Hacker!

Late last week, the new Harry Potter book leaked onto the torrents in painstaking, photographic form. But instead of the uploader's identity remaining anonymous, the pictures actually left a trail in their metadata [read: those meddling wizards were gossiping again]. In fact, Canon was able to clearly identify the model of camera used (Canon Rebel 350) and claim that if the 3-year-old unit has ever been serviced, they will be all, "Accio thief!" Authorities think there's a high chance that the camera was serviced, but we're not sure just how many customers take such good care of their tech. So until investigators track down a repair order for the camera, the informant will remain He-Who-Must-Not-Be-Named. As for those S&M pics you uploaded with a might be time to take those down.

Computer crime is slicker than you think

If the public's image of the online criminal--the brilliant but maladjusted teen breaking into systems just to prove he can--were ever true, those days are long gone.

If the public's image of the online criminal -- the brilliant but maladjusted teen breaking into systems just to prove he can -- were ever true, those days are long gone.

Not long after people first figured out how to break into computer systems, they started creating tools to make it easier for themselves; not long after that, those tools made their way into the hands of people who could use them without really understanding how they worked.

Today, few malware developers use their own code. They write it for the same reason commercial software developers do: to sell it for a healthy profit. If you've ever bought anything online, buying from them may be disconcertingly familiar. If you want to break into a computer or steal credit card numbers, you can buy the necessary software online, just like almost anything else. More than that, you can find user friendly, point-and-click attack applications that have been pre-tested and reviewed by experts, and read through customer feedback before making your purchase.

You might even be able to buy technical support or get a money back guarantee. Some developers offer their malware through a software-as-a-service model. If you prefer an even more hands-off approach, you can simply buy pre-screened credit card numbers and identity information itself, or sign a services agreement with someone who will do the dirty work for you. As in many other industries, money has given rise to professionalism.

Online crime and malware development has become a full-blown and extremely profitable commercial enterprise that in many ways mirrors the legitimate software market. "We're in a world where these guys might as well just incorporate," says David Parry, Trend Micro's Global Director of Security Education. "There's certainly more money in the cybercrime market than the antivirus market. The internet security industry is a drop in the bucket; we're talking about hundreds of billions of dollars."

"The general dynamics within this market are just like any other business model," says to Thomas Holt of the University of North Carolina at Charlotte's Department of Criminal Justice. "You have to offer a good price, you have to be readily able to communicate with your customers, you have to give them reliable products, because nobody's going to buy something if it doesn't quite work like you say it can." According to Shane Coursen, Senior Technical Consultant at Kaspersky Labs, malware development is easily profitable enough to attract professional talent.

"The financial model is absolutely huge. The amount of money that a developer could make at least matches what they can make at a software company. You could even set it up as a legitimate business, reporting earnings and everything." Go To Market Holt leads a team of researchers that tracks the online marketplaces where malware developers, brokers, and criminal "service providers" sell their wares. Starting with nothing more than Google searches, they have identified a network of approximately 30 publicly accessible sites of surprising sophistication, with features that rival eBay and Amazon.

The particular marketplaces Holt's team tracks are generally incorporated into hacker community forum sites hosted in Russia, Eastern Europe, and other regions where criminal prosecution and extradition are difficult or impossible. Prospective sellers post detailed descriptions of their products and services. Those selling malware will often including screenshots, claims about resistance to antivirus or other countermeasures, and penetration capabilities. Those selling stolen account data will often specify the nationality of the account, the bank, the type of account (Visa v. Mastercard, gold v. platinum), and the total value of each account. In many cases, they will also have complex pricing models, including purchase minimums and volume discounts.

At the same time, the purchaser sends a sample their product to a forum moderator -- a copy of the malware code or a sample of the stolen data -- who will then review and test it. If the moderator finds that the product does not work as advertised or that the data is invalid, they will block the seller from posting; otherwise, they will post a detailed review alongside the seller's product description. Moderators may also block products or services they consider too risky.

VPN services, for example, have been widely turned away by various site moderators after law enforcement tracked down a particularly well-known online gang through their VPN connections. Next: A Buyers' Market Prospective buyers are then free to ask detailed questions about the product, and actual buyers will post their own feedback and reviews. "Thank you for a FreeJoiner, is the best program in its class I have ever seen," wrote a satisfied customer wrote on one of these sites. "Purchased a freejoiner 2 and left very happy," wrote another.

Over time, moderators use their own reviews and customer feedback to track each seller's reputation, and maintain rankings ranging from "Verified Seller" (good) to "Ripper" (bad). Sites will often develop "blacklists" and "whitelists" to block out or provide quicker access to specific sellers, and a number of "ripper databases" are distributed throughout these communities. These "open forum" sites represent only one subset of the cybercrime market; other models may look very different, but can be just as sophisticated. Some malware developers, for example, maintain what amounts to their own channel programs.

"There are programmers who are working for brokers, and the brokers are selling the malware to other criminals, who are then reselling the malware to other criminals," says Trend Micro's Parry. "When they capture a bunch of systems, they resell those systems to another criminal, and another criminal. The actual hacker types don't want to get their hands dirty with something that would actually send them to prison." Other groups build affiliate networks that tap into legitimate and semi-legitimate businesses. In a presentation at the Defcon hacking conference this year, Peter Gutmann of the University of Auckland's Department of Computer Science described networks in which businesses would pay affiliates up to 30 cents for each machine they infect with spyware or adware.

Some of these companies claim to terminate unethical affiliates and include user licensing agreements in their software, while the software itself is hidden and often includes keystroke loggers and measures to render it difficult or impossible to delete. Customer Service Just like their go-to-market strategies, the array of services offered by malware developers and other online criminals have grown in sophistication alongside their legitimate counterparts. Extensive customer service, technical support, and update subscriptions have all become standard practice. "They have to provide good customer support to compete," notes Holt.

"If you buy 50 dumps [credit card or bank account records] from somebody, and 25 of them are invalid, the 'good' sellers are the ones who are going to say, "You know what, here's 25 dumps in return.' The malware writers will say, 'You know what, if you're having a problem, just contact me. I'm always around. I'll be happy to help you with whatever I can.'" Some of these vendors focus entirely on services.

They may offer technical support or customisation contracts on existing malware packages, for example. Others offer to conduct attacks or spam campaigns on your behalf. One group advertises an hour-long denial of service attack for $20, and 24 hours for $100, noting that their botnet is distributed across multiple time zones and can therefore launch and maintain attacks at any time, day or night. "One group in particular says, kind of like Dominoes Pizza, 'if the first hour of our denial service attack doesn't work, you get your money back'," notes Holt. "That's pretty common."

Other operations mirror legitimate software as a service providers. These "malware-as-a-service" providers rent out access to botnets or Web-based attack tools. Gutmann noted one example in which a Russian group rented out its malicious Website. A prospective buyer could get the 100 visitors for free, but then had to pay US$4 per 1,000 visitors up to 5,000, US$3.80 per 1000 up to 10000, and US$3.50 per 1,000 if they bought 10,000 or more. "Software rental is just another way to get money out of this market," says Oliver Friedrichs, Symantec's Director of Security Response. "It's common to see authors who write keyloggers and botnetworks, and then rent them out to people ultimately who may launch a phishing campaign or a spam campaign."

Next: Quality Product Given the competition for the enormous sums of money in the cybercrime market, it is not surprising that the quality of the products and services available to the would-be cybercriminal are increasing along with the sophistication of the markets and vendors. The most recent versions of many malware applications are extremely user-friendly, with point-and-click graphical interfaces and a wide range of functionality. They tout their ability to evade detection and defeat antivirus software and other countermeasures. Most importantly, they require little or no expertise to use.

"Code has had to become much, much more sophisticated and very professional in quality in order to turn a profit," says Friedrichs. "We've certainly seen spyware, for example, that leverages very advanced rootkit capabilities in order to hide and stay resident on a system once it's installed itself." The availability of cracked versions of older software and low-cost applications created in developing countries forces malware writers to polish their product if they want to compete.

Nevertheless, quality software can command a healthy premium. "Nuclear Grabber goes for $3,000 because this is a fantastic product that has multiple functionalities in multiple environments," Holt says of one popular attack tool. "So, if you want to do phishing, you can use it for phishing. If you want a keylogger, you can use it for keylogging. It's up to you." According to Gutmann, some vendors have hired professional linguists to craft spam messages that bypass filters while remaining meaningful to the recipient, while phishers use psychology graduate students to develop scams that will lure victims into giving up their personal data.

"They have better experts than we do!" he said in his Defcon presentation. Malware applications are even beginning to incorporate their own security measures, both to outmaneuver competitors and avoid detection. A trojan, for example, might update a computer's antivirus signatures to block subsequent infection attempts by competing malware, while server attack tools might install patches or fix misconfigurations to protect a Web host delivering malicious code to unsuspecting visitors. "It's ironic, but the bad guys need security too," notes Parry.

"They hack each other, and they want to keep us from getting access to their backend mechanics." The bottom line is that the good guys are facing more and better equipped opponents. " "Anything that you want to find, you can buy at these markets," Holt concludes. "It's so deep that you don't have to have a technical background to really get into identity theft and credit card fraud and hard core kinds of computer crime." Damon Poeter contributed to this article.

Mobile workers still struggling with security

A new study shows that even as the business use of mobile devices increases, many users are unconcerned or uninformed about security issues and practices

A fair amount of business users remain oblivious or unconcerned about many of the security issues involved with mobile devices, according to a new study published by Cisco and the National Cyber Security Alliance.

While a greater number of business users are carrying laptop computers and mobile handhelds every year, a good number of people either ignore security threats related to the machines or policies meant to protect them from attack or data loss, the report finds.

Cisco and the NCSA cite IDC research which predicts that roughly 70 percent of all workers in the United States will be armed with some sort of mobile device by 2009. Another piece of research cited in the report and published by Korn/Ferry concludes that 81 percent of all business executives worldwide are already using mobiles of some kind.

Based on those figures and their findings, the report authors said that a great deal of end-user education still needs to occur to help people avoid making bad decisions in protecting mobile devices against potential attacks or data loss.

In the study, which was carried out via interviews with 700 business people who use mobile devices in the United States, United Kingdom, Germany, China, India, South Korea, and Singapore, the researchers contend that the situation merits an increased focus on helping organizations to overcome the lack of acknowledgement of potential security problems among users.

The interviews themselves were carried out by independent research firm InsightExpress.

According to the report, some 73 percent of those surveyed said they do not always consider security issues when using their mobile devices, and 28 percent admitted that they hardly ever give thought to adhering to recommended procedures.

When pushed for the reasons why they failed to consider potential moble security risks, most users said they were more focused on getting their work done as quickly as possible.

Logging on to unknown or untrusted sources of wireless Internet access remains one of the most significant issues, the researchers said, with roughly one-third of all respondents admitting that they have done so at times. Users in China were the most grievous offenders, with 54 percent of those users saying they've gone onto unknown wireless networks, followed by users in Germany (46 percent) and South Korea (44 percent).

Many respondents claimed that they couldn't initially tell when they were doing so or only did so when their own networks weren't up and running, while others admitted they simply wanted free access.

As in the world of e-mail, the practice of opening messages or attachments from unverified sources remains a major issue in the mobile sector, according to the report. The mistake is amplified by the knowledge that most of today's mobile malware threats demand such user interaction to get onto devices in the first place.

Some 44 percent of those surveyed said that they have opened messages or attachments from unknown sources. Part of the problem is that 76 percent of those interviewed said that they have a hard time differentiating such messages from legitimate content. The smaller screen size of handheld devices was cited as a primary contributor to the problem.

Experts said that educating end-users will play the most important role in righting the existing issues of perception over mobile security because the biggest problems are related to process, versus tangible threats, at this point.

"While this study shows mobility provides businesses with new risks, so do other Internet services and new technologies," Ron Teixeira, executive director of NCSA, said in a report summary. "Mobility and the Internet can be used securely and safely if businesses institute a culture of security within their workforce by providing their employees with continuous cyber security awareness and education programs."

Among the tips offered to improve mobile worker behavior by the NCSA -- a nonprofit dedicated to advancing public awareness of security and privacy issues -- are for users to adopt mobile device passwords, use anti-virus programs, download any recommended security patches, and back up all important content on their machines.

The group also advises users to encrypt sensitive data stored on mobiles and for businesses to have a response plan in place for handling wireless security incidents.

On a higher level, organizations should attempt to "marry" education with technological protections for both networks and devices, according to the report.

"What's key is knowing that the issues outlined in this study can be addressed," said Jeff Platon, vice president of security solutions at Cisco. "Technology is important in helping to resolve security issues for wireless mobile users, but education and communication are proactive measures IT can take to help address corporate security and generate greater ROI on their investments."

"IT should be a strategic asset to the business, enabling business process transformation and unlocking the power of collaboration," said Platon. "As more workers become mobile, proactively educating them to practice good security behavior should be a key tenet of any business' approach to IT security, and risk management."

* I do agree that sometimes we just need to get the work done quickly and we never think about the security issues we might get ourself into by using other wireless access. Probably in brunei we do not have to worry so much about this but if you're a frequent travelling businessman, you might want to connect yourself to a safer network

Genius Phone Hacker Dead At 58

A blind genius, who insisted on being 5 years old forever, has died in Minneapolis. He was 58.

Joe Engressia, who legally changed his name to Joybubbles in 1991, played a pivotal role in the 1970s subculture of "phone phreaks" after discovering at a young age that he could make free phone calls by whistling tones, The New York Times reported Monday.

The precursors of today's computer hackers, the reign of phone phreaks ended when digitalization replaced the tone-based system.

MP3 eating computer virus threatens fans music collections

A computer virus that targets MP3s has turned up online, according to computer industry experts.

The worm - called W32. Deletemusic - goes through an infected user's hard drive deleting all the MP3s it finds.

It also looks for any MP3s on any external drives and memory cards attached to the machine.

The memory card can then spread the worm to any other computer it is put into.

Ian Yarlott, Director Consumer Business EMEA at Trend Micro, gave tips on how to keep your machine clean.

He said: "It always pays to think before attaching an external memory card to your computer.

"Secondly, having all of your music on your hard drive and not backing it up is asking for trouble - try to back it up onto a DVD for safekeeping. Thirdly always make sure your anti-virus is up to date.

Credit-card fraud, cybercrime rockets

While cybercrimes and credit card frauds are growing, so is the concern among the customers who want their banks to use advanced methods to protect their hard earned money. In India, however, the concern is comparatively lower.
According to the annual Financial Institution Consumer Online Fraud Survey, conducted by RSA, The Security Division of EMC, trust in online channels has eroded, as 82 per cent of account-holders are less likely to respond to an e-mail from their bank due to scams including ‘phishing’. More than half of the customers said that they would be less likely to sign-up for or use online banking facilities.
The survey also revealed that 82 per cent of the customers now want their banks to monitor online and telephone banking sessions to spot irregular activities. About 91 per cent of those surveyed were willing to use any advanced authentication method, apart from the standard ‘username and password’, to ensure an enhanced security. “If I am sure that my money will be safer, I won’t mind making some extra effort,” said an internet banking subscriber. The online survey, conducted in eight countries including India, asked the Internet banking and online transaction practitioners for their opinions on online fraud. It also revealed that while 69 per cent respondents in UK, 65 per cent in Australia claimed to be familiar with the term ‘phishing’ and other hacking methods, the figure was as high as 83 per cent in the US. In India the figure was much lower than 50 per cent. “India is still low on the list of hackers and online swindlers as the volume of money involved is also low. India, however should acquire the technology in advance as online banking will increase,” said Mr Sri Kiran Raghavan, of RSA.
Elaborating further he added that the hackers are becoming smarter with stricter security systems in place. “Now with attacks like phising and ‘pharming’ being tackled well, a new method known as ‘vishing’, a seemingly more dangerous version of ‘phising’, has come to the fore.” Mr Raghavan said.
Till date just four ‘vishing’ scams have been identified, but the practice is expected to “explode”.
The most prominent attack was involving an online money transfer service. The victims were directed to dial a number by an e-mail claiming his account have been breached. The consumer was then tricked into revealing every detail and millions were swindled from his account.
“In ‘vishing’, identity thieves ask people to call a phone number attached to a VoIP account which they easily obtain online. Later, they are trapped into revealing details like security PIN as well as the three digit CVV code, which is then recorded. Globally banks are increasingly adapting advanced systems like adaptive identification authentication in which the software records consumer behaviour and matches it each time the account is operated.
There are other methods like tokens or online passwords in which the consumer is provided with a small device which displays a password for his account. The password in the device keeps changing every 60 seconds. In India, however only one or two banks provide them.