How to Avoid a Phishing Attack
With the breach of Epsilon, we are going to see a huge influx of phishing attacks before it settles back down to the normal level of tons of phishing attacks. So you aren’t a computer expert, how do you protect yourself?Don't worry about spotting the phish, it is more important that you do not take the actions that make the attack successful.There are a few simple rules to follow that will almost certainly prevent you from becoming a victim… if you are diligent.Fundamentally there are two ways the phishing attacks work.
San Diego, CA, April 4, 2011, Randy AbramsInformation Wants to be Free – So Epsilon Thinks
Information Wants to be FreeIf you are a member of the technology advocate crowd that uses this slogan for a mantra, you are going to love the Epsilon Company. Reports starting coming out on April 2nd that the mega email marketing giant, Epsilon was breached and millions of names and email addresses of customers of very large banks and retailers were “liberated”.If Epsilon isn’t familiar to you that is understandable They are a kind of behind the scenes company that major retailers and banks use who don’t really want you to know how much information about you they have aggregated use. Epsilon is the email machine these companies use to generate massive amounts of something that most people call spam.
San Diego, CA, March 31, 2011, Randy AbramsSamsung and I Got Bit by a VIPRE
Yesterday I reported that Samsung laptops were infected with a keystroke logger. This certainly appeared to be the case as a Samsung supervisor reportedly confirmed (http://www.networkworld.com/newsletters/sec/2011/040411sec1.
San Diego, CA, March 31, 2011, Randy AbramsFacebook Fixes Flaw – Farmville Compromises Facebook
After the release of FireSheep, Facebook took an important step to help protect Facebook user accounts by allowing users to choose to keep an encrypted connection as long as they used just Facebook and intelligently designed apps.Savvy users immediately discovered that if they tried to use grossly insecure apps such as Farmville, 21 Questions, or a variety of apps by Rockyou then you were switched back to an unencrypted connection.Having an unencrypted connection means that if you are on an unsecured network, such as those frequently found in coffee shops, airports, and many other public places, then another person can mess around with your account and do things like post messages as if they were you. In fact, they are actually logged into your account for the session, but they don’t have your password, so there are some security features they can’t change.
San Diego, CA, March 30, 2011, Randy AbramsGot a Samsung? You Got Owned
If you have a Samsung computer check it out. If there is a directory called c:\windows\SL. This is a directory used to house a commercial keystroke logger that it appears Samsung is using to steal your passwords, screen shots, and other data.An article at http://www.
San Diego, CA, March 28, 2011, Randy AbramsFacebook Parenting Skills
Many parents are rightfully concerned about their kid’s participation in social networks. There are a number of areas to be concerned with. Who are the kids talking to? Is there a pedophile stalking them? Parents might worry about the friends their kids are making online and what kind of people, even their kid's own age, they are associating with. Some parents will be concerned about how much time their kids are spending online versus out in the sun and developing interpersonal skills in person.
San Diego, CA, March 28, 2011, Randy AbramsDo You Like My Body?
The subject lines of our blog posts may, or may not be appealing to you, but we hope you’ll enjoy the body of our posts, and if you do, there is now a “Like” button down at the bottom of the page for each blog post.For those of you using NoScript, you’ll need to allow (or temporarily allow) facebook.net or you won’t see the button. Why a “Like” button, but no “Dislike” button? Well, “Liking” a post is like tipping the messenger, but disliking a post is like shooting the messenger, and that just isn’t cool If you really want to express your disapproval, you can always leave a comment.
San Diego, CA, March 26, 2011, Randy AbramsFacebook Retains Right to Exploit Minors
Facebook is really, really good at coming up with new ideas, but reasonably well thought out ideas from Facebook seem a bit harder to come by.This is an issue that recently came up when Facebook decided that they would start allowing third party developers to gather address and phone number information and share it with other people. It didn’t take long for more rational people to figure out that randomly giving out a 13 year old girl’s phone number was at best a completely mindless idea, although it might just be evil intent. You can see my interview on the subject for FOX TV if you wish to.
San Diego, CA, March 24, 2011, Randy AbramsMore Spam for Tripadvisor.com users
It is unfortunate, but a fact that many organizations are going to suffer hacks. The internet was designed to be a cybercriminal’s dream. That was not the intent of the internet, but the design certainly is such that it serves the purpose well. Fortunately it also serves many great purposes quite well too.
San Diego, CA, March 24, 2011, Randy AbramsThe Sleazy, Sneaky, Facebook Marketing Brigade
My good friend David Harley just blogged about Facebook’s brand new way to misappropriate your data without your consent. Alas, in underestimating how far Facebook will go to attempt to avoid allowing you to control your privacy, David missed the second setting that is required if you do not want Facebook to decide what companies your name and face are used to endorse.You see when you go to “account settings” and then the Facebook Ads tab, only one of the two settings will show up on most computers. You actually have to scroll down to the bottom of the page in order to access the setting that makes you an unwitting and unpaid spokesperson for some advertiser that you may or may not wish to publicly endorse.
San Diego, CA, March 16, 2011, Randy AbramsSmart Phone, Bad App
As the number of apps for smartphones continues to grow, perhaps your paranoia about such apps should be growing as well. In an unusual statement, the former director of the CIA has warned that the government isn’t sharing enough information about cyber security.In an article at http://www.wired.
San Diego, CA, March 10, 2011, Randy AbramsSticky Criminals
CBS in San Francisco is reporting a rather novel cash machine attack. .It seems that crooks are applying superglue to the clear, enter, and cancel buttons on cash machines at banks. A customer goes to the cash machine, inserts their card and enters their PIN.
San Diego, CA, March 4, 2011, Randy AbramsPoliticians Better at Security than Twitter, Yahoo, and Amazon
Recently Senator Schumer from New York wrote a letter (http://www.infosecurity-us.com/view/16328/senator-schumer-current-internet-security-welcome-mat-for-wouldbe-hackers/) to Twitter, Yahoo, and Amazon asking them to make SSL the default for internet connections. What this means is that instead of an http connection they should provide and https connection by default.
San Diego, CA, March 4, 2011, Randy AbramsWordPress.com Survives DDOS Attack
WordPress.com is a popular blogging host. Recently, for unknown reasons miscreants launched a massive distributed denial of service attack (DDOS) against WordPress.com.
San Diego, CA, January 7, 2011, Randy AbramsArrested for Cheating the Cheaters
Picture from https://secure.wikimedia.org/wikipedia/en/wiki/File:Casino_slots.jpgThis is a really bizarre computer crimes case.
San Diego, CA, January 7, 2011, Randy AbramsIs it the iPhone or the User?
The folks at Trusteer got their hands on the logs from some phishing sites and found that people using iPhones are more likely to fall for phishing attacks than users of other devices, including PCs.Some of the findings included:Mobile users get to the phishing site sooner than PC users.Mobile users are 3 times more likely to submit their credentials to a phishing site than desktop users8 times as many iPhone users accessed these phishing sites than did BlackBerry users.It should come as no surprise that mobile users get to the phishing sites first.
Quick Links: Store | Renew | Activate | Free Trial | Online Scanner | ESET vs. Competition | Press Center | Blog | Threat Center | Support
© 2012 ESET North America. All rights reserved. Trademarks used herein are trademarks or registered trademarks of ESET spol. s r.o. or ESET North America. All other names and brands are registered trademarks of their respective companies.
ESET – globálna centrála, Aupark Tower, Einsteinova 24, 851 01 Bratislava, Slovenská republika, Spojovateľka: +421 (2) 322 44 111
Obchodné oddelenie: +421 (2) 322 44 250 (obchod@eset.sk), Fax: +421 (2) 322 44 109
Technická podpora: +421 (2) 322 44 444