The seven deadly security sins

halloweenAs well as the witches, ghosts, ghouls and demons out this Halloween, beware of another trickster – the faceless internet criminal.  To avoid a scary Halloween trick, we here at Symantec are advising people to avoid the Seven Deadly Sins of Internet Security to keep their PCs, their cash and their personal identities safe. So, put away your garlic and silver stakes, instead, avoid indulging in one of the Seven Deadly Internet Security Sins below:

Sloth:  Feeling too lazy to install security updates or patch your machine because you can’t be bothered? This leaves you wide open to infection and potential upset when your identity is stolen!

Gluttony:  Gorging yourself on internet gossip – amongst the cream cakes of celebrity pictures, there may be a dirty malware worm hiding, which could leave a nasty taste in your mouth.

Pride: “I know better than my security software” – people who turn their software off, or ignore the warnings, and proceed to sites or to download stuff anyway may be in for a nasty shock when the viruses creep in!

Lust: Just be careful what you click on. If pictures, videos or links to exciting content take your fancy, check that the site is safe or trusted before you go! Website rating services like Norton SafeWeb will give you some guidance.

Envy: So you want a designer handbag or shoes just like Cheryl Cole’s, but don’t want to pay full price?  Beware of the tricksters who will try and con you into buying  fake goods and potentially hand over your credit card details to criminals.

Greed:   Bargain sales? Two for the price of one? If it sounds too good to be true, it probably is.

Wrath: What might happen if you succumb to all of the above? You’ll be full of wrath, as your PC could get infected, your cash could get stolen and your Halloween could prove to be a real life horror!

We continue to advise you to take a common sense approach to combating cybercrime by keeping vigilant with online security. This involves keeping an up to date browser and operating system and ensuring antivirus and firewall software is up to date with the latest definition set.

October 30, 2009 | Filed Under Announcements, Security | Leave a Comment 

Rogue applications

AV2009They say that imitation is the sincerest form of flattery. Well, if that is the case then the cyber-criminals are showering us with it. Today, we issued a report into rogue security software. The drumbeat to this year, has been the prevalence of scareware, fake security alerts that trick users into downloading rogue security products. These provide no security at all, their purpose is to simply extort money from the unfortunate user. Worse than that, once you have handed over your hard earned cash, they then have your credit/debit card details that they can then make additional money from. You can see what one of these rogue security products looks and how the scam works in this video, created by Symantec security response. To date we have found over 250 different types of rogue security products, blocking some 43 million attempted installations.

The prevalence of these rogue products has been driven, in no small part, by a multi-level marketing and distribution model. The affiliate network mechanism, that fuelled the growth in adware and spyware , a few years back, has been dusted down and reused to distribute rogue security products. Affiliates, can earn up to 30-40 pence per installation and we have evidence that, the top affiliates, could earn over £800k per annum simply by helping to distribute this stuff.

October 19, 2009 | Filed Under Announcements, Security | Leave a Comment 

Password Armageddon

phishingThe story that Hotmail passwords had been broken received massive coverage this week. However, it has now emerged that it wasn’t just hotmail and a whole host of other sites have also been hit, including Gmail, Yahoo and AOL. The story is appearing everywhere (438 news articles as of last count on Google news )and so it should. These four make up the biggest names in personal emails and suddenly the users’ personal details are being compromised.

I wonder how many users of these sites have changed their passwords, just in case, today?  In my view, consumers, people like you and me, need to be wary about these things the whole time. We need to look out for scams, and it’s rare that anybody would email you for your password, so think it through before offering up this information. What this week’s events show is just how simple it can be to pull this off. It also points out that people are still woefully naive.  In my mind, this highlights that the ordinary user really needs to have a really effective anti-phishing capability, to let them be forewarned, that the site that is asking for this information is not legitimate. That would have helped ensure that people were not put in a position where they could be asked to provide this valuable information. It also shows how important using, maintaining and changing passwords is.  Again, the ordinary user needs help and assistance here. They need tools that will allow them to store individual and unique passwords, tools that help them generate strong passwords and encourages them to use them. These tools exist, but the lesson of this week must be that people need to be encouraged to go find and use them.

October 9, 2009 | Filed Under Security | Leave a Comment 

A new generation of Banking Trojans

TrojanBanking Trojans have been around for some time now and we have seen numerous variants of them. They have at the end of the day used a variety of tactics to gather up you user name and passwords as you transact with banks. This week saw information about a new banking Trojan that not that doesn’t just steal your bank log-in credentials but actually steals money from your account while you are logged in and displays a fake balance. CNet cover the story here.

The Trojan, called URLZone exploits holes in the browser you are using  when you visit an infected or compromised web site. In this case the malware, a toolkit called LuckySploit, exploits a known security hole in the browser, and installs the Trojan on the computer. When the Trojan notices the computer user visiting the site of a targeted bank it springs into action. It would appear that several hundred people have had money taken from their account, with an estimate of the total take reaching $438,000.

URLZone marks the emergence of a new generation of banking Trojan horses that provide a greater threat. This is the first that hijacks a victim’s browser session, steals the money while the victim is doing online banking, and then covers its tracks by modifying information displayed to the victim, all in real time. It really does show the level of sophistication that the creators of this will go to continue to pursue their crime.  So, how can you protect yourself? Well, this type of Trojan needs to exploit your browser and if it cannot then it cannot proceed. Keep your security product, operating system and browser updated to thwart this type of attack.

October 2, 2009 | Filed Under Security | Leave a Comment