By Andy O'Donnell
Facebook can be a wonderful and magical place. You can connect with old friends and share the latest funny cat videos all at the same time. As with all things good, there is also a dark side to Facebook. Rogue applications, Facebook hackers, identity thieves and other assorted bad guys love Facebook almost as much as you do.
Here are several steps you can take to make your Facebook experience as safe as possible:
1. Create a Strong Password
The first key to Facebook security is making sure that you create a strong password so your account doesn't get hacked. A weak password is a sure way to have your account compromised by hackers and identity thieves.
2. Check and tighten up your privacy settings
Facebook is constantly evolving. As are result, your privacy options may change as well. You should check to see what your privacy settings are set to at least once a month. If new privacy options become available, take advantage of them. Opt for the "Friends Only" viewing option whenever possible to tighten the reigns on who can see your data.
Facebook also has advanced privacy options that let you restrict certain people (i.e. your mom) from being able to see specific posts.
3. Learn how to spot a Facebook hacker
Many times hackers are foreign and don't have a good grasp of your local language. This is a good tip off. See the link above for other clues on how to spot a Facebook hacker.
4. Don't post everything on Facebook
There are certain things that are better left off of Facebook, such as your whereabouts, your full birth date, and your relationship status (stalkers would love to know you just broke up with someone). These are just a few of the 5 Things You Should Never Post on Facebook. (see link above for more).
5. If you or a friend's account has been hacked, report it immediately
If you've already become the victim of a Facebook hacker, you need to report your compromised account to Facebook as soon as possible so that you can regain control of your Facebook account and keep the hackers from convincing your friends that they are you, which could lead to your friends being scammed as well.
6. Backup Your Facebook data
Facebook now makes it easier than ever to back up most everything that you've ever posted. It's a good idea to backup this information every few months in case your account is hacked, deleted, or disabled.
The Shadowy World of Malware Affiliate Marketing
By Andy O'Donnell
Every night for the past week I have been trying to rid my in-law's computer of malware that has gone undetected by just about every anti-virus, anti-spyware/adware, and anti-rootkit scanner that I can throw at it, and yes, I ran all the updates.
Not wanting to give up, I started to delve into the malware world to find out what the bad guys are up to these days. I discovered that malware isn't as easy to detect and fix as it used to be in the good ole days when you could run a scan, find the problem, disinfect the computer, and be on your merry way.
I also learned that cybercriminals have developed new classes of sophisticated malware such as rootkits that can be inserted into low-level drivers that load prior to your PC's operating system. Some rootkits can even be inserted into the computer's firmware, making them extremely hard to detect and remove even after completely wiping and reloading the computer.
What is the motive behind the creation of all of this malware that we are constantly bombarded with? The answer is simple: greed.
There is a new economy on the internet, and it's all about bad guys getting paid to infect computers. Control and use of the infected computers is sold to other criminals. Once purchased, the criminals use the infected PCs for whatever purposes they see fit. The hacked computers may be used in bot nets to attack other systems, or the victim's data may be harvested so that the criminals can steal their credit card information or other personal info useful for identity theft, blackmail, extortion, or other bad things.
It all starts with affiliate marketing programs run by malware developers who pay anyone who is willing to infect or "install" their malware to a large number of computers. According to Kaspersky's Securelist site, malware developers may pay affiliates $250 or more per 1000 PCs that their malware is installed on. Each affiliate gets an ID number that is embedded in the installed software. The affiliate ID number makes sure the bad guy that installed the malware on the victims' computers gets credit for the installs so that the malware developer can keep track of how much money to pay them.
It can be extremely lucrative for the criminals running the affiliate marketing program as well as the people who are willing to install their malware to thousands of computers.
Let's imagine an example:
If I'm a developer of malicious fake antivirus software and I pay my affiliates $250 for installing my malware on 1000 PCs, and I charge unsuspecting users $50 to remove the fake virus that my software claims to have found on their computers, even if only a quarter of the users fall for the scam and end up purchasing a license of my software, I would clear $12,250 after I pay off the affiliate.
Hold on, the money doesn't stop rolling in there. If I embed other malware into my fake antivirus program as a bundle and it gets installed, then every time my software is installed, I make even more money as an affiliate of the other malware developer, since I bundled their software with mine.
As most infomercials say: "but wait, there's more", I can also turn around and sell control of those 1000 computers that my software was installed on and make even more money from people who want to use them for bot net attacks or other malicious purposes
Your probably saying to yourself: "My antivirus software is top notch, I keep it updated, and I run scheduled scans and everything is in the green. I'm safe, right?"
I wish I could give you a pat answer and reassure you, but after the week I've spent trying to rid my in-law's computer of malware, I can say that no one is safe just because they have updated anti-virus. The bad guys are extremely vigilant and creative when it comes to developing new ways to fool anti-malware scanners into thinking that all is well and right with your computer.
I scanned my in-law's computer with no less than 5 of the top anti-virus and anti-malware scanners and had different results each time. None of them were able to fix the rootkit that is currently still on their computer.
An old boss of mine once said "Don't bring me a problem unless you bring a solution with you" so here we go, here are some tips on what to do about serious malware infections:
1. Look for warning signs of a possible undetected malware infection
If your browser is getting constantly redirected to sites that you did not request or if you notice that your computer won't let you start applications or perform basic functions such as opening the control panel in Windows, then you might have undetected malware.
2. Get a "second opinion" malware scanner
There is a high likelihood that your main anti-virus / anti-malware scanner may not catch all infections. It's always best to get a second opinion from a scanner that may be looking for malware using a different method. There are many free malware scanners that can detect things that aren't traditionally covered by regular anti-virus scanners. One that I found to be effective is a program called Malwarebytes(free version available). Do your research before installing any purported anti-malware software to your PC to avoid loading a malicious fake anti-malware product by mistake. They can look very convincing so be extra careful.
3. Seek expert help if needed
There are some excellent free resources out there for people who believe their computer is infected by something that is not being caught by their virus or malware scanners. An excellent resource that I used was a site called Bleeping Computer. They have active forums with helpful techs that guide users through the process of ridding their computers of infection. They also have links to many legitimate malware scanners and other great tools.
4. If all else fails, backup your data, and then wipe and reload.
Some malware infections, like the one on my in-law's computer, are extremely stubborn and just refuse to be killed. If you want to be extra sure you removed the infection you need to backup all your data and do a wipe and reload from trusted media . Make sure you check for rootkits with a anti-rootkit scanner when you reinstall your operating system.
4 Secrets Wireless Hackers Don't Want You to Know
You're using a wireless access point that has encryption so you're safe, right? Wrong! Hackers want you to believe that you are protected so you will remain vulnerable to their attacks. Here are 4 things that wireless hackers hope you won't find out, otherwise they might not be able to break into your network and/or computer:
1. WEP encryption is useless for protecting your wireless network. WEP is easily cracked within minutes and only provides users with a false sense of security.
Even a mediocre hacker can defeat Wired Equivalent Privacy (WEP)-based security in a matter of minutes, making it essentially useless as a protection mechanism. Many people set their wireless routers up years ago and have never bothered to change their wireless encryption from WEP to the newer and stronger WPA2 security. Updating your router to WPA2 is a fairly simple process. Visit your wireless router manufacturer's website for instructions
.
2. Using your wireless router's MAC filter to prevent unauthorized devices from joining your network is ineffective and easily defeated.
Every piece of IP-based hardware, whether it's a computer, game system, printer, etc, has a unique hard-coded MAC address in its network interface. Many routers will allow you to permit or deny network access based on a device's MAC address. The wireless router inspects the MAC address of the network device requesting access and compares it your list of permitted or denied MACs. This sounds like a great security mechanism but the problem is that hackers can "spoof" or forge a fake MAC address that matches an approved one. All they need to do is use a wireless packet capture program to sniff (eavesdrop) on the wireless traffic and see which MAC addresses are traversing the network. They can then set their MAC address to match one of that is allowed and join the network.
3. Disabling your wireless router's remote administration feature can be a very effective measure to prevent a hacker from taking over your wireless network.
Many wireless routers have a setting that allows you to administer the router via a wireless connection. This means that you can access all of the routers security settings and other features without having to be on a computer that is plugged into the router using an Ethernet cable. While this is convenient for being able to administer the router remotely, it also provides another point of entry for the hacker to get to your security settings and change them to something a little more hacker friendly. Many people never change the factory default admin passwords to their wireless router which makes things even easier for the hacker. I recommend turning the "allow admin via wireless" feature off so only someone with a physical connection to the network can attempt to administer the wireless router settings.
4. If you use public hotspots you are an easy target for man-in-the-middle and session hijacking attacks.
Hackers can use tools like Firesheep and AirJack to perform "man-in-the-middle" attacks where they insert themselves into the wireless conversation between sender and receiver. Once they have successfully inserted themselves into the line of communications, they can harvest your account passwords, read your e-mail, view your IMs, etc. They can even use tools such as SSL Strip to obtain passwords for secure websites that you visit. I recommend using a commercial VPN service provider to protect all of your traffic when you are using wi-fi networks. Costs range from $7 and up per month. A secure VPN provides an additional layer of security that is extremely difficult to defeat. Unless the hacker is extremely determined they will most likely move on and try an easier target.
Should you be Afraid of Scareware?
It's not a slasher movie. It's much worse.
We've all heard about computer viruses, worms, trojan horses, and bot nets, but have you heard of Scareware? It's not a new concept, although it seems to be coming back into fashion in the internet malware world.
Scareware is a term used to describe an application that is usually associated with a scam to trick unsuspecting users into thinking that they have a computer virus or some other kind of major computer issue that only the Scareware application can fix.
Once the unsuspecting user downloads and installs the Scareware application that is supposed to fix the "problem", a malicious payload may also be installed on the computer that can be used to harvest a user's personal data or control the victim's PC remotely to carry out other attacks.
Some Scareware's sole purpose is to make money for its developers. They may pass it off as an anti-virus program, PC performance enhancing software, or some other legitimate application. The application usually does not perform its advertised function at all and is merely a facade to scheme users out of their money or install malware onto their computers.
The reason it's called Scareware is because it plays on people's fear and anxiety about computer viruses to convince them to install malware that they would normally not install.
Some Scareware may be purely a prank intended to make someone sweat a little bit, but most has good old fashion greed as a motive. There are many classes of Scareware from the innocent prank type, all the way to a class of Scareware called Ransomware, where a user's data is literally held for ransom through the use of encryption. The Ransomware developer will contact the user and tell them that he will provide them with the encryption key that he used to encrypt the contents of their hard drive, but only after the user wires him a sum of money first. If the user doesn't comply and wire the money, then the victim's data will remain encrypted and completely unreadable.
How do you recognize and avoid Scareware? Follow these simple tips below:
1. Turn on your browser's pop-up blocking feature
Many Scareware programs enter a user's system when the user is presented with a cleverly designed pop-up box that looks like it is a message from their computer's operating system telling them that there is a virus and then giving them further instructions on how to fix it. The pop-up is actually created by the Scareware developer and is designed to convince the user that they have a virus when they really do not. If the user clicks a link anywhere in the pop up message it usually leads to them having Scareware installed onto their PC.
Turning on your browser's pop-up blocker will squash many of these types of attacks, but some may still get through if they are done in Flash, or some other method that might not be caught by the pop-up blocker.
2. Never download any anti-virus software from a pop-up window or link sent to you via an e-mail
Always go to the anti-virus software developer's main website to download it. Never trust a link sent via e-mail or found in a pop-up. Stay away from brands of anti-virus that you have never heard of. Check out About.com's Anti-virus Site for more guidance on choosing a good AV application for your computer.
3. Update your anti-virus software often and run regularly scheduled scans
If your anti-virus software has the latest definitions, then you can be reasonably certain that the pop-up message you just received that says you are infected is a Scareware scam. When in doubt, update and do a full system scan. If the pop-up claims that only their tool can detect and clean the infection this is a further hint that it's a Scareware scam.
4. When closing a pop-up ad, always use the operating system's "X" button in the corner of the pop-up window.
Some Scareware pop-ups may present a false "Close" button in their pop-up message. The fake "Close" button may actually open another Scareware pop-up or download and execute malicious code.
If you think you may already be a victim of a Scareware attack you should take action immediately to make sure that your computer is cleaned of the Scareware and is malware free.
What are the Primary Online Security Threats?
Most security threats are made by attackers using a relatively small number of vulnerabilities. Attackers, being relatively opportunistic, take the path of least resistance, and continue to take advantage of these most common failures, rather than seeking out new exploits or taking advantage of more difficult ones. Fortunately, in many cases, their predictability makes it easier to prevent attack by following a few simple rules:
- Apply regular updates and patches as they become available.
- Employ security software and hardware such as firewalls and authentication servers.
- Do not use default passwords and other values that are provided with your software.According to the SANS Institute (SysAdmin, Audit, Network, Security Institute), the top ten threats are:
- Web servers and services. Default HTTP (Web) servers have had several vulnerabilities, and numerous patches have been issued over the past several years. Make sure all your patches are up to date, and do not use default configurations or default demonstration applications. These vulnerabilities may lead to denial-of-service attacks and other types of threats.
- Workstation service. An attacker can obtain full control over a computer by compromising the Windows Workstation service, which is normally used to route user requests.
- Windows remote access services. A variety of remote access methods are included by default on most systems. These systems can be very useful, but also very dangerous, and an attacker with the right tools can easily gain control over a host.
- Microsoft SQL Server (MSSQL). Several vulnerabilities exist in MSSQL that could allow an attacker to gain information from a database or compromise the server. In addition to applying all the latest patches, enabling SQL Server Authentication Logging and securing the server at both the network and system level will prevent most of these attacks.
- Windows authentication. Most Windows systems use passwords, but passwords can be easily guessed or stolen. Creating stronger, more difficult to guess passwords, not using default passwords, and following a recommended password policy will prevent password attacks.
- Web browsers. Your window to the Internet, a Web browser contains many vulnerabilities. Common exploits may include disclosure of "cookies" with personal information, the execution of rogue code that could compromise a system, and exposure of locally-stored files. Configuring the browser's security settings for a setting higher than the default value will prevent most Web browser attacks.
- File sharing applications. Peer-to-peer (P2P) programs are commonly used to share files. In a P2P system, computers are open to others in the P2P network to allow for all participants to search for and download files from one another. Many corporations forbid use of P2P networks because of the obvious risk of compromised data.
- LSAS exposures. The Windows Local Security Authority Subsystem (LSAS) has a critical buffer overflow that can be exploited by an attacker to gain control over the system. Again, proper configuration and application of patches will prevent most exploits.
- Mail client. Attackers can use the mail client on a computer to spread worms or viruses, by including them as attachments in emails. Configuring the mail server appropriately, and blocking attachments such as .exe or .vbs files, will prevent most mail client attacks.
- Instant messaging. Many corporations also block employees from using instant messaging, not only because of the technical threats but also because of the possibility of lost productivity. Configuring IM properly, applying all the latest patches, and taking control over any file transfers that occur over IM will prevent most attacks.
A wireless security camera is typically a small, inconspicuous battery-powered video camera that, instead of recording images internally, transmits the signal wirelessly to a receiving device. The receiver must be within 300 - 500 feet (91 - 152 meters) of the camera, depending on the model. Connecting the receiver to a television will allow remote monitoring of the video signal. Connecting it to a VCR or DVR will allow recording of the signal for later viewing or archiving.
There are many feature variations on wireless security cameras to suit different applications. In some cases the camera does not need to be inconspicuous, and might be AC-powered. A mother who wants to keep an eye on her sleeping baby while she's in other areas of the house can purchase a wireless security camera that comes with an AC adapter. By placing the camera so that it views the baby's crib, then connecting the receiver to a television in another room, she can watch her baby sleeping soundly with a mere glance at the TV, even while she tends to other things. This is particularly handy in a two-story house where a physical check means climbing stairs repeatedly.
Other situations, however, call for a more discreet camera that will record in secret.
Though most people are decent, news reports of abusive "caretakers" caught on film by nanny cams or spy cameras have shocked parents. Nanny cams are nothing more than small wireless security cameras. These tiny battery-operated cameras, no bigger than a coin, can be hidden anywhere in the house. Instead of being monitored live, the signal can be recorded to a VCR or DVR for later viewing.
Alternately, there are internet wireless security cameras that will allow you to remotely monitor the camera's video over the internet. The camera transfers the signal via your existing wireless network router or LAN adapter. It is sent to a specific IP address. By entering this IP address in a browser window, you can watch and listen in from anywhere. Software might also include manipulation of the camera, where panning, tilting or zooming is possible.
Internet wireless security cameras can be used to keep an eye on your business, house, pets, or property, and are especially handy for vacationing. By logging on with a laptop, for example, you can take a quick peek back home to make sure everything is okay. The signal can also be recorded to the hard drive. Some cameras are motion-activated, remaining off unless there is movement, at which time the camera not only activates but can send you an email notification or a text message.
Wireless security cameras can be used for countless purposes including overlooking the front porch, driveway or other areas of personal or business property. They can be used to monitor employees, children, or to discourage theft and vandalism. They can be used to protect, spy, guard or invade, and unfortunately unscrupulous uses are also not uncommon.
Security cameras installed around properties are a known deterrent to crime. Some companies even sell fake security cameras for those on a budget. Many come complete with a red LED flashing light and panning motions to imitate the real thing.
From the very expensive to the relatively cheap, with the wide variety of wireless security cameras available today, there is a system ready to serve your needs and budget, whatever your requirements.
What Is Security Software?
Security software is computer software which is designed to enhance security for an individual computer or for a computer network. This software is meant to be used as part of a total security plan, rather than as a standalone security measure. Numerous software companies make security products, ranging from freeware which can be downloaded by individual computer users to specialty programs designed for particular networks, such as those used to store information for governments.
Security software can serve a number of security functions. Some programs are designed for a single and specific purpose, such as spyware removal, while others can accomplish several functions. Security software is used to establish firewalls, to detect and remove viruses, to secure information on a network, to detect attacks on a computer or network, and so forth. As a general rule, it runs all the time, providing background protection, and users can also run utilities to scan their computers for specific computer threats.
Such software can also be used for access filtering. With some computers and networks, access filtering may be desired to keep people away from sites which could threaten security, such as sites which automatically start downloads of malicious code. Access filtering may also be utilized to ensure that people in the workplace only access work-appropriate sites, and to protect young computer users such as children from material which could be threatening or dangerous.
Most programs are highly flexible. The program may have settings which ensure that only an administrator can execute certain tasks with the program, and the program can be configured to meet the needs of a specific system. Security software programs can also be directed to issue reports which are sent to an administrator when problems are detected. They can also be used to secure specific content on a particular computer; for example, someone can create password protected files or directories with security software to limit unauthorized access.
The term “security software” is also used to describe cryptographic software. This software is used to send and receive encoded messages, ensuring that even if a message is intercepted, it will not be readable. Truly robust cryptographic software which is extremely difficult to crack can be quite costly and resource intensive, while basic programs provide a low level of encryption for people who want moderately secure communications.
Reviews of security software are available through many reputable websites and computer magazines. Such reviews discuss the cost, ease of use, installation process, and other features to help consumers make an informed choice about which product will be most suitable.
