The PC Informant » Email

Another Facebook phish

Vic Laurie — Sun, 08 Nov 2009 18:13:50 +0000

The popularity of Facebook means it’s an inviting target for the cybercrooks. Another phishing attack is going around. TrendMicro describes the exploit:

Trend Micro security experts received email messages that supposedly came from Facebook. It asks recipients to update their login credentials for security purposes. It then instructs them to click the URL provided in the email message. When the user clicks the URL, it points them to a spoofed Facebook website where they are required to input their password only as their email address has been automatically filled up.

Have social sites made email obsolete?

Vic Laurie — Mon, 12 Oct 2009 15:20:47 +0000

An article in today’s Wall Street Journal says that email is no longer the communication method of choice:

Email has had a good run as king of communications. But its reign is over.

In its place, a new generation of services is starting to take hold—services like Twitter and Facebook and countless others vying for a piece of the new world. And just as email did more than a decade ago, this shift promises to profoundly rewrite the way we communicate—in ways we can only begin to imagine.

Check your phishing IQ

Vic Laurie — Mon, 12 Oct 2009 11:35:31 +0000

How good are you at detecting a phish? Phishers have become expert at fooling people so it’s not as easy as you may think. Periodically, I mention sites where you can test your ability to detect a phish and here’s one from SonicWall.

How to tell if an Internet address is a phish

Vic Laurie — Mon, 12 Oct 2009 10:30:10 +0000

Did you ever wonder what the different parts of an Internet address or URL actually signified? Some years ago I wrote an article over at my education site that explained what each of the various pieces of an URL meant. I also mentioned how rarely used portions of a standard URL could be used to mask or obfuscate addresses. With phishing rampant, it has become a very good idea to be able to understand Internet addresses so that you can detect when a phishing link is not what it purports to be. Then, if an email says it’s from your bank but careful attention to the header (see this previous post) shows that it came from a foreign country, you can know you’re being phished.

You can also check out links within an email but be very careful not to actually open a link. Right-click a link you want to investigate and choose “Properties” from the context menu. Then you can read what the link actually is. Note that what appears to be the link in the text of an email can say anything. What counts is the actual underlying HTML and that is what you can read by right-clicking. Whatever you do, don’t enter sensitive personal information into any form opened from an email unless you are 100% sure of its origin. Instead of using an email link, go to the Web site of your bank or whatever institution directly.

How can you tell if an URL is a phish once you read it? Check every component very carefully. Phishers are clever at placing pieces of what seems like legitimate destinations in an URL. But something will always look suspicious. For example, check the country code. Does your bank send emails from China?

A number of anti-malware programs now have link scanners that you can use to check if a link is legitimate. However, these scanners depend on some sort of database and the database may not be up to date. Phishers often use a link for a few hours only and then abandon it for a new one. So a clean bill of health from a link scanner is not definitive.

In addition to my article on the components of a link that is mentioned above, you can look at a recent post from SEOmoz, called SEO Cheat Sheet: Anatomy of A URL

Email phishing attack spreading

Vic Laurie — Tue, 06 Oct 2009 15:46:18 +0000

Following up on yesterday’s report of stolen Hotmail passwords, Neowin reports other services have also been attacked:

Microsoft confirmed yesterday evening that the popular web email service, Hotmail, had been targeted by malicious fraudsters in what is commonly referred to as a phishing scam, tricking users into revealing their credentials at fake websites.

Neowin can today reveal that more lists are circulating with genuine account information and that over 20,000 accounts have now been compromised. Non-Hotmail passport accounts have been affected too. A new list contains email accounts for Gmail, Yahoo, Comcast, Earthlink and other third party popular web mail services. It’s not clear if this is login information for the service itself or the Microsoft Passport passwords.

Hotmail hacked

Vic Laurie — Mon, 05 Oct 2009 18:48:49 +0000

If you use Hotmail, be aware that your password may have been revealed on the Internet. Neowin reports:

An anonymous user posted details of the accounts on October 1 at pastebin.com, a site commonly used by developers to share code snippets. The details have since been removed but Neowin has seen part of the list posted and can confirm the accounts are genuine and most appear to be based in Europe. The list details over 10,000 accounts starting from A through to B, suggesting there could be additional lists. Currently it appears only accounts used to access Microsoft’s Windows Live Hotmail have been posted, this includes @hotmail.com, @msn.com and @live.com accounts.

Added later: ZDNet reports some further developments:

However, considering the Windows Live ID is a single sign-on solution for all Microsoft and Windows Live services, the implications could be a lot greater than first considered.

While phishing is relatively new in the grand scheme of online malware and threats, it seems the tens of thousands of users have mistaken a genuine login page for a fake one, and are now suffering the consequences.

Spam and botnets flood the Internet

Vic Laurie — Thu, 01 Oct 2009 15:10:15 +0000

At Gigaom, Sebastian Rupley reports on a Symantec study of Web traffic from spam and botnets:

How much of a drag is spam putting on the global broadband and messaging infrastructure, and where is it coming from? According to Symantec’s newly released 2009 MessageLabs Intelligence Report, spam is a huge burden: In September, the global ratio of spam in email traffic from new and previously unknown bad sources was 86.4 percent. And botnets — autonomous and automated collections of compromised computers — are responsible for 87.9 percent of it. Despite efforts to curtail botnet activity, it looks like the spam problem continues to grow.

ISPs are trying to filter out as much spam as they can and you probably don’t see a lot of the stuff that is sent to you. But the spam traffic is a big consumer of bandwidth.

Why are the botnets still growing? Because of all the insecure Windows systems out there that are in the hands of technically untrained or careless users.

IRS spam scam becomes big problem

Vic Laurie — Sat, 26 Sep 2009 00:41:14 +0000

Fake IRS emails are flooding mailboxes. The subject is usually “Notice of Underreported Income”. Computerworld reports:

Criminals are waging a nasty online campaign right now, hoping that their victims’ fears of the tax collecter will lead them to inadvertently install malicious software.

The spam campaign, entering its third week now, is showing no signs of slowing down, according to Gary Warner, director of research in computer forensics with the University of Alabama at Birmingham. This one campaign accounts for about 10 percent of the spam e-mail that his group is presently tracking, he said. “This is the most prominent spam-delivered virus in the world right now,” he said.

Hackers R Us

Vic Laurie — Wed, 09 Sep 2009 11:00:43 +0000

Hacking has become a business. Not only are various kits for hacking available but you can hire your own hacker. Cracking email passwords from somebody else’s account is one service. The Washington Post reports:

When Elaine Cioni found out that her married boyfriend had other girlfriends, she became obsessed, federal prosecutors say. So she turned to YourHackerz.com.

And for only $100, YourHackerz.com provided Cioni, then living in Northern Virginia, with the password to her boyfriend’s AOL e-mail account, court records show. For another $100, she got her boyfriend’s wife’s e-mail password. And then the passwords of at least one other girlfriend and the boyfriend’s two children. None had any clue what Cioni was doing, they would later testify.

It seems that there are a number of hacking services and they advertise regularly. There doesn’t seem to be much that is done about the hacking activity as long as it is limited to reading other people’s mail. The article continues:

Federal law prohibits hacking into e-mail, but without further illegal activity, it’s only a misdemeanor, noted Orin Kerr, a law professor at George Washington University and a former trial attorney in the Justice Department’s computer crime section.

“The feds usually don’t have the resources to investigate and prosecute misdemeanors,” Kerr said. “And part of the reason is that normally it’s hard to know when an account has been compromised, because e-mail snooping doesn’t leave a trace.”

Every state has laws roughly similar to the federal computer laws, Kerr said, and rate the offenses as misdemeanors.

If you want to be sure to keep something private, don’t use email. Or at least encrypt it.

Moving accounts to Gmail

Vic Laurie — Mon, 24 Aug 2009 11:31:20 +0000

One thing that keeps people from changing email accounts is the major hassle of transferring everything from one account to another. The popular Web mail service Gmail from Google tries to make that easy. The site Google Operating System gives some information.