Trojan alert: “Your credit balance is over its limit”

An e-mail purporting to be from Verizon Wireless is hitting mailboxes around the globe. The e-mail warns the reader that their Verizon Wireless account is over the limit.  The message has a ZIP file attached named “balancechecker.zip”.  This contains an executable file that the reader is asked to run in order to check their account balance.  In reality, the file installs a Trojan known as Regrun.  Trojans are usually designed to allow remote users to take control of the infected systems.

The district spam filter is correctly identifying these e-mails and preventing them from reaching district e-mail boxes.  If you receive messages such as these in your personal e-mail, immediately delete them.

Defending your home computer, part 1: Locking the front door

What constitutes a “well-defended” home computer?  As with any system, relying on a single form of defense is an invitation to disaster.  A good computer security system relies on a layered approach, called in the business a “defense in depth” strategy.  Implementing such a strategy does not have to  be complicated or expensive. Over the next several days. I am going to discuss several aspects of a “defense in depth” strategy that you can easily implement at h0me with little cost and a little effort.

Mention the topic of computer security to the average home user, and their eyes begin to glaze over.  It is a subject that you hear a lot about, but it is hard for the typical home user to relate.  Usually, they bought a new PC that had a trial version of an anti-virus product installed, and that’s good enough for them.  They may have actually purchased a subscription to the AV product on their system, at least for the first year.  But that is often the extent of their attempts to secure their computer and data.  Unless they or someone they know has been hacked or had their identity stolen, security is just not on their radar.

This is unfortunate, because it really doesn’t take a lot of effort to make your system an unattractive target to a hacker or identity thief. In general, these criminals deal in a volume business – they hit thousands, even millions of systems at a time.  They only need to succeed in about 0.5% of the attempts in order for it to be profitable to them.  Unless you are a bank, big retailer or credit card company, they don’t have the time or the inclination to try attack a well-defended system.  They will just move on to the next system, looking for easier pickings.

Continue reading

Apple issues 2nd Safari security patch in 4 months

On Thursday, Apple issued the second security patch in less than a week. This update does not patch vulnerabilities in the OS X operating system, but rather in the Safari web browser. The fix patches 7 vulnerabilities. Six of these vulnerabilities affect Safari on Windows, six affect Safari on OS X 10.4.x (Tiger), and three affect Safari on OS X 10.5 (Leopard) and 10.6 (Snow Leopard). This follws a patch issued in August to fix six additional vulnerabilities. Continue reading

Security patches:They’re not just for Windows anymore…

Do you think your Mac is immune to the type of attacks suffered by Windows users?  Think again…

For years, the argument has gone on between Mac afficianados and Windows users.  Those who prefer one platform over another tend to be almost evangelistic in their fervor, and so we will not attempt to tackle the issue of which platform is better for a particular use.

Mac has always had a reputation as the more secure platform.  One side will argue that has the Mac always been inherently more secure by design. The other side will argue that no one bothered to attack it because of Apple’s relatively small portion of the PC market.  That’s another argument we will not try to resolve.  However, Mac’s history of security has made a lot of users fairly lax about performing updates and running security software on their systems.  Continue reading

Could someone be storing CP on your computer?

An article from the Associated Press provides yet another reason to keep your anti-virus software up to date, and to turn your computer off when not in use:

Of all the sinister things that Internet viruses do, this might be the worst: They can make you an unsuspecting collector of child pornography.

“Heinous pictures and videos can be deposited on computers by viruses — the malicious programs better known for swiping your credit card numbers. In this twist, it’s your reputation that’s stolen.

Pedophiles can exploit virus-infected PCs to remotely store and view their stash without fear they’ll get caught. Pranksters or someone trying to frame you can tap viruses to make it appear that you surf illegal Web sites.

Whatever the motivation, you get child porn on your computer — and might not realize it until police knock at your door.”

Read more at AP.com.

Is “always on” always best?

We’ve come a long way from the days of the dial-up modem as a way of accessing the Internet.  Nowadays, most users with home Internet access have a high-speed broadband connection like DSL or a cable modem.  These connections allow us to surf the web quickly, providing access to fast downloads, streaming media and many other great features.

One feature of a broadband connection is that it is “always on”.  That is, rather than requiring you to connect to your Internet Service Provider (ISP) and log in each time you want to access the Internet, your connection is always available.  All you have to do is sit down at your computer and start surfing.  This is a great time-saver, but it can open you up to the possibility of having your system attacked and your personal information stolen or having your computer become part of a “botnet”, to be used for any number of illicit or nefarious schemes.

So how can you protect yourself in these situations?  What are some best practices? Here are a few suggestions: Continue reading