Tag Archives: Online Security

Gmail Displays Suspicious Message Warnings From Hacked Accounts

Back in 2008, had introduced a new feature which allowed you to track suspicious access to your account. This feature was gradually made more prominent in 2010 through Google Suspicious Login Protection. Google has in fact taken this protection further with the introduction of two-step login verification thanks to Gmail accounts in China being hacked and several other security measures they have put in place.

However, your Gmail account can get hacked nevertheless (Read: How to find if your Gmail account is hacked and what to do) and there is nothing you can do about it. But what if your friends email account gets hacked and you receive a desperate email from them asking for cash or some help?

Well, this is not unusual and there are several times when you might receive emails from your contacts which come from a legitimate email address asking you for financial help. These messages "might" be genuine but many a times these are nothing but online scams. Thankfully, you can avoid such scams if your friend is using a Gmail or Google Apps related email address. How? Well, thanks to several security measures, Gmail now display a suspicious email warning if they believe that the account has been hijacked.

gmail_suspicious_email_contact

Take for example an email from my friend who is on my contact list. The above screenshot displays a warning saying that the message might be suspicious (and it is indeed because my friends account was compromised). This is definitely a good feature because it will allow users to instantly know that something is wrong. Based on this message (and the content of the email), I alerted my friend and he confirmed that his account was compromised.

I am not sure if Gmail does this for emails from non-Gmail accounts, but it is definitely helpful when a email service is intelligent enough to know when an account has been hijacked. This information might be collected using several security measures, one of them might be the suspicious account login feature Gmail has. However, it might not just be limited to it.

WARNING: Fotos_Osama_Bin_Laden.exe Email Attachment Is A Banking Trojan

As if the various Osama Bin Laden video scams on were not enough, a new malware is being spread through emails now. If you receive any emails with an attachment named Fotos_Osama_Bin_Laden.zip or something similar, DO NOT OPEN IT.

Banking Trojan

According to F-Secure Labs, an email is doing the rounds of the internet with an attachment named Fotos_Osama_Bin_Laden.zip, this could be named differently too as Photos_Osama_Bin_Laden.zip. The file contains an executable named Fotos_Osama_Bin_Laden.exe.

The executable does not contain any photos of Osama Bin Laden but is infected with the Trojan-Downloader:W32/Banload.BKHJ, which is a banking Trojan. It installs on the system and will start to monitor your online banking sessions via a Browse Helper Object (BHO) and try to redirect your payments to wrong accounts.

If you have downloaded or clicked on the attachment run an free online scanner or a anti-malware after disabling access to the internet. You might also want to run scans using your Antivirus. If you don’t have one, head over to our Free Antivirus section to find one.

The new Trojan is playing on human curiosity generated by the death of Osama Bin Laden. There are actually no leaked photos or videos of the event. As an advice, please don’t click on any links which tell you that you can watch a censored video or pictures of Osama Bin Laden’s death.

You will not be able to watch any videos or pictures unless the US government releases them. So hold your horses until then and don’t spread the virus of become affected by it.

Osama Dead – Censored Video Leaked Wikileaks Video Facebook Spam

Yesterday, a Facebook scam was spreading across about a Shocking NEW VIDEO of Osama Bin Laden’s DEATH!!!. The video was obviously fake but it spread wildly across .

Osama Bin Laden Wikileaks Video Scam

Today morning, a new kind of scam is spreading on Facebook where another fake Osama Bin Laden video is being circulated on Facebook. The new spam is spreading with the text; "Watch the Osama Shoot Down video – Osama Dead – Censored Video Leaked – Osama is dead, watch this exclusive CNN video which was censored by Obama Administration due to level of violence, a must watch. Leaked by Wikileaks."

Osama Bin Laden Death Video Fan Page

The scammers are using the name of the whistle blowing organization; , to make people think that the video is genuine. However, the video is a scam. Clicking on the link will take you to a fan page (which is being liked by more than 45K people right now) and ask you to complete a new 5 second security check before you can watch the video.

However, following the steps listed does nothing and the fan page will instead post a message to your wall and your friends with a link to the fan page. This Facebook scam is a bit different from yesterday as it does not ask users to fill out stupid surveys, but once this gets widespread it could exploit users differently.

Please be aware that this scam is also spreading under various other links including "Osama Bin Laden Execution Video", "Aljazira Newz – Ossama Biin Ladden Raid Video Scam" and "Shocking NEW VIDEO of Osama Bin Ladens DEATH!!!" among others. Do not click any link that claims to show you Osama Bin Laden’s videos or pictures, it is all a sham. I believe that this scam might be spreading in various other ways too and might go on for next few weeks.

As a precautionary measure, always check which applications you use and remove unwanted or suspicious ones. If you aren’t sure how to do it, you can always check our guide on removing apps from Facebook. In addition to that, don’t forget to check out our article about Avoiding Facebook Lifejacking and Clickjacking scams.

Osama Bin Death Video Scam Spreading on Facebook

Yesterday marked a big day in world history where the FBIs most wanted terrorist was killed in a US attack. However, it looks like several scammers are now taking advantage of the situation and spreading fake videos on about Osama Bin Laden’s death.

Osama Bin Laden Death Video Facebook Scam

Naked Security is reporting that the new Facebook scam is spreading virally with the message "Shocking NEW VIDEO of Osama Bin Ladens DEATH!!!". The message claims that it has access to banned video footage of Osama Bin Lanen’s death.

This scam is similar to the recent Justin Bieber scam, Miley Cyrus scam, teen from Egypt commits suicide scam and girl killed herself after dad posted on here wall scam. The modus operandi of all these scams are similar and they entice users to click on a link and then ask them to fill a survey while posting an update to their wall.

It is best to avoid clicking on such links because the video is 100% fake and the US government has not yet released any pictures or videos of the said incident. Please stay safe and spread this message on Facebook.

As a precautionary measure, always check which applications you use and remove unwanted or suspicious ones. If you aren’t sure how to do it, you can always check our guide on removing apps from Facebook. In addition to that, don’t forget to check out our article about Avoiding Facebook Lifejacking and Clickjacking scams.

OMG Can’t Believe Justin Beiber Did This To A Girl Spam Spreading

It looks like scamsters love to use celebrities to spread a widespread scam on . A new one doing the rounds right now is a scam which is spreading with the text "OMG Can’t Believe Justine Beiber Did This To A Girl".

Justin Bieber

The scam is just like previous Facebook scams where scammers spread messages like Miley Cyrus Sick Video. As always there is no such video about Justin Bieber doing anything to a girl and the scammers have also cleverly misspelt his surname.

Clicking on the link will ask you to fill out surveys which will make the scammers money and then take you to a video which does not exist at all. Be careful about what you share on Facebook and what links  you click.

As a precautionary measure, always check which applications you use and remove unwanted or suspicious ones. If you aren’t sure how to do it, you can always check our guide on removing apps from Facebook. In addition to that, don’t forget to check out our article about Avoiding Facebook Lifejacking and Clickjacking scams.

Post to be updated..

The Biggest Data Thefts in the Past Five Years

You must have heard by now that Sony’s PlayStation Network and Qriocity services were compromised severely, and sensitive data belonging pertaining to many as 77 million registered users might have been stolen. The full ramifications of the breach will become obvious only in the days to come. However, Sony might have lost the trust and goodwill of millions of customers forever. The severity of this intrusion is mind bogging, both in scope and scale. However, this is not the biggest incident of online data theft. It’s not even close. DataLossDB.org and PrivacyRights.org tracks all data theft incidents of note. Here are the top fifteen incidents of data theft through hacking* in the past five years (2007-11):

  • 2007
    • 1. T.J. Maxx – In a carefully planned and long drawn out operation, Albert Gonzalez stole sensitive information belonging to more than 100 million customers of T.J. Maxx, an American departmental stores chain. The hack was carried out over a period of 18 months, ending in 2007. As many as 45.6 million credit and debit card numbers were stolen. Unlike other entries in this list, this wasn’t an entirely remote operation. Instead, poorly secured in-store computer kiosks were exploited to gain access to company’s networks.

      Albert-Gonzalez
      Albert Gonzalez

    • 2. TD Ameritrade Holding Corporation – In September 2007, Joe Moglia, the CEO of Ameritrade, an online brokerage company revealed to clients that one of its databases with 6.3 million customer records had been hacked. Ameritrade had fallen victim to a backdoor based network. Although the same database contained extremely sensitive information like Social Security Numbers, they were not taken. Other confidential data such as passwords were not violated either.
  • 2008
    • 3. Hannaford Bros. Supermarket chain – In March 2007, another supermarket chain was compromised. Hannaford lost credit and debit card numbers, expiration dates and PIN numbers of 4.2 million customers. The leak has led to over 1,800 reported incidents of fraud. The culprit was once again Albert Gonzalez. This time around he broke in by using SQL-injection attack.
    • 4. Chilean Ministry of Education – In May 2007, Chilean government servers were hacked, and identity card numbers, names, and addresses of 6 million people were posted on public forums. The hacker claimed that his intention was to highlight the lackluster security infrastructure.
    • 5. RBS WorldPay – Four Russians – Viktor Pleshchuk, Sergei Tsurikov, Oleg Covelin and an unnamed guy known as “Hacker 3″ carried out this attack. The hackers managed to gain personal information of 1.5 million users, including sensitive information like social security numbers of 1.1 million users. This was a highly sophisticated and coordinated attack that led to the theft of $9 million from ATMs through a network of “cashers”.
  • 2009
    • 6. CheckFree Corporation – CheckFree, an online bill payment service, fell victim to a DNS hijacking scheme in December, 2008. However, the incident didn’t come to light until January 2009. The company’s website was redirected to a Ukrainian website that hosted Trojan horses that were designed to steal data from customers. Since, CheckFree lost control of its website, the exact extent of the damage couldn’t be calculated. However, an estimated 5 million consumers might have been affected.
    • Heartland7. Heartland Payment Systems – Heartland is chiefly a payment processor, but it also provides a range of services to other merchants. In the single biggest incident of data theft reported so far, Albert Gonzalez, whose name has already appeared twice in this list, reportedly broke in after managing to successfully install sniffing software on Heartland’s network. The software was installed in early 2008 and went undetected for months. During that period, Heartland was said to be processing about 100 million transactions per month. The estimated number of credit card information harvested is above 130 million.
    • 8. pHpBB – The popular free forum (bulletin board) software was hit hard in February 2009, when an attacker managed to gain access to its entire database through a security bug in (an outdated version of) PHPlist, a third party email application. The intruder managed to scrape 400,000 names, email, address, and hashed passwords.
    • 9. RockYou – A severe SQL-injection flaw in the popular developer of social games allowed at least one hacker to gain access to its complete user list, along with information like userid, and password, which was shockingly enough stored in plain text. The number of affected users was 4.2 million.
    • 10. Network Solutions – The webhosting company Networking Solutions has a particularly poor security track record. Between March 12 and June 8 of 2009, hackers broke through its defenses, and managed to install malware that stole name, address, and credit card numbers of more than 570,000 customers. If that wasn’t bad enough, the very next year, Network Solutions was hacked twice in the space of one week.
  • 2010
    • 11. Triple C Inc. – The Puerto Rico Department of Health was breached in a series of attacks spread out over several years. The breach was finally discovered in September 2010. The hackers are believed to have gained access to health information of 400,000 patients.
    • 12. Gawker – In December 2010, Gawker Media blogs were hacked by a group called Gnosis. Not only did this group go on to give interviews to competitors of Gawker Media, but it also uploaded the entire database of 1.3 million registered users (with usernames and hashed passwords), and confidential staff conversations to a torrent website. The breach prompted many other web services (like Twitter and LinkedIn) to carry out forced password resets for affected members.
  • 2011
    • Heartland13. Epsilon – Epsilon is a leading email marketing service provider that has dozens of tier-1 companies as its client. On March 30, a hacker succeeded in gaining access to a subset of Epsilon clients’ customer data. Data stolen included names and email addresses. Epsilon maintains that only 2% of its customers were affected, and hasn’t disclosed exactly how many records were breached. However, given that the affected clients include big names like CitiGroup, Best Buy, and JPMorgan Chase, this breach might turn out to be the biggest ever.
    • 14. WordPress.com – Earlier this month, the hosted blogging solution owned by Automattic suffered from a low-level break-in to several of its servers. All information on these servers could have been accessed. However, it’s unlikely that financial information was stolen. Passwords were hashed and salted, which should make cracking them almost impossible. Nevertheless, the hacker might have obtained information on as many as 18 million users.
    • 15. Sony – Of course, this is the big breaking news of the week. There’s a lot of things that we still don’t know about this incident. However, Sony has confirmed that the hacker could have accessed all personal information, including password and address. Credit card details (excluding security code) could also have been obtained by the hacker. However, the credit card table was encrypted. According to Sony, the total number of accounts affected is in the range of 77 million. However, many of them are probably inactive or duplicates.

As we continue to increasingly rely on online services, it’s imperative that the vendors we entrust our personal information with take the appropriate precautions to protect that data. The frequency of data thefts is alarming. Every year confidential information on millions of web users are exposed through data breaches. I had earlier called upon the Congress to enforce certain minimum security practices upon all entities that store sensitive data like credit card information. Several members of the Congress are already preparing to introduce legislation that will “provide consumers with additional safeguards to protect against such data breaches”. A consensus needs to emerge in order to reduce the probability of such incidents happening in the future.

* Only data-theft cases that involved hacking have been considered. Data breaches resulting due to insider efforts, or lost assets have not been included.

Bad News For AdSense Users Scam Spreading on Facebook

In my research in unearthing Facebook scams, I have come across scams that entice users to watch a video, check who viewed their profile, give free Facebook credits for games, see how many times their profiles have been viewed and more. However, for the first time I have come across a scam that is targeted at users and webmasters in general.

Facebook AdSense Scam

The new scam spreads with a message "Hello Bad News for AdSense Users – Check this out >>> [link redacted]" and is actively spreading on considering the number of updates I have seen.

facebook_scam_clickbank

This new scam leads users to a website which offers them to monetize their website using "Clickbank Tag Clouds" and is similar to one of those "I made $5000 in a day scam" landing page. The website boasts that it has been featured on Yahoo, Google MSN, AOL, Ask Jeeves and Lycos. Though these claims might be true because of search engine listings and paid advertisements, these sites are definitely not endorsing them.

As usual, do not click on those links as they will just lead you to nothing and then spread to your friends too.

Warning: Young Teen From Egypt Commits SUICIDE Scam Spreading on Facebook

A new scam is rapidly spreading on , this time it is spreading through tagged photos in Facebook albums. The scam basically makes use of Facebook Connect to gain access to a users account and then posts enticing photos to their album and randomly tags friends along.

Egypt Suicide Facebook Scam

The scam is spreading with the text "INSANE: young teen from Egypt commits SUICIDE in front of web cam – Watch video here [link redacted]". Once users click on the link they are redirected to sign into Facebook with "gokasol" which is a Facebook application.

Facebook Permissions Scam

It then asks for permission to a users basic information, posting to their wall and their photos and videos. Once you give the app permissions, it will take you to another website where you will be asked to verify your age to watch the video. In order to do so, you will have to fill up a survey. This eventually makes money for the scamster.

In addition to that, the rogue app will now upload images to your album and then tag your friends with the above message. In the end your friends and their friends will see the wall update and click on the link. The cycle will continue till a lot of users are scammed by the app.

Since the scam spreads through an app, you will have to cleanse your Facebook account and remove the app from it. If you aren’t sure how to do it, you can always check our guide on removing apps from Facebook. In addition to that, don’t forget to check out our article about Avoiding Facebook Lifejacking and Clickjacking scams.

Microsoft Safety Scanner Scans Your PC For Virus, Spyware and Malicious Software

Over the past couple of years or so, I have used Microsoft Security Essentials as my only virus and malware protection tool. The Free Antivirus tool from Microsoft is definitely worth installing on your PC.

Microsoft Safety Scanner

If you are someone who does not like to install Antivirus on your PC or just want to check whether your current Antivirus is really working well, a new tool from Microsoft will come in handy.

Microsoft Safety Scanner is a free security software from Microsoft which provides users with on-demand scanning while allowing users to remove viruses, spywares, Trojans and another malicious software from their PC. Safety Scanner works along with your current Antivirus software, so you don’t have to uninstall your current AV protection to use it.

One of the bad things about Microsoft Safety Scanner is that it expires every 10 days. Users will have to download a new version to scan your system every ten days which could be annoying considering that it is around 70MB in size. A simple definition update should be added so that users don’t have to download new versions every 10 days.

Users must also note that unlike traditional Antivirus systems the Safety Scanner does not provide continuous protection and should not be used as a replacement for traditional Antivirus software. Microsoft Security Scanner should only be used to additionally scan your PC. If you intend to replace your current Antivirus you might check out our Free Antivirus section to find a suitable alternative.

Additionally, you may also want to read the following articles related to :

Download Microsoft Safety Scanner

Encrypt and Password Protect Your Notes in Evernote

I have come to love Evernote as a note-taking and idea collecting software. I have used it extensively for the past couple of years or more to store bits and pieces of information that has come in handy all through these years.

Evernote

I always had a problem with storing sensitive information in Evernote, because of the lack of security/password protection in the app. For example, if you login to the Evernote app and leave it open, anyone who has access to your PC or mobile device can view the notes and get access to your sensitive information.

Also Read:

In fact, anyone who has access to the local database storage file on your PC will be able to view those notes on another PC or installation. This is a scary proposition considering how much losing sensitive information could affect you.

Luckily, Evernote provides users with a very handy feature that allows them to encrypt part of their notes. Users can use it to encrypt sensitive text in their notes (It only works with text). To encrypt your notes in Evernote, follow the steps given below.