Responding to Spam Volumes, Hotmail Adds “My Friend’s been Hacked” Feature

July 21, 2011

Sending spam from legitimate user’s email accounts has become rampant as spammers switch from using botnets. This week alone, I’ve received spam sent via my mother’s and two friend’s email accounts – and received frantic calls asking how to fix the problem. Read more on fixing the problem later in this blog.

To address the nearly 30% of Hotmail generated through compromised accounts, Microsoft has launched a new feature in Hotmail. Called “my friend’s been hacked” and found under the “Mark as” dropdown, a simple click allows friends to report compromised accounts directly to Hotmail.

Microsoft’s Dick Craddock explains that “when you report that your friend’s account has been compromised, Hotmail takes that report and combines it with the other information from the compromise detection engine to determine if the account in question has in fact been hijacked. It turns out that the report that comes from you can be one of the strongest “signals” to the detection engine, since you may be the first to notice the compromise.”

Once Hotmail has marked the account as compromised, two steps are taken:

  • The account can no longer be used by the spammer
  • You (or your compromised friend) are put through an account recovery flow that helps them take back control of their account.

What’s really cool about the work the Hotmail team has done is that it can be used to report problems with accounts hosted by other email providers as well. So for example, Yahoo! or Gmail receives a notice from Hotmail if one of their user’s accounts has been compromised and can take action.

Additionally, the Hotmail team has recognized that weak passwords are a large part of the problem – it’s just too easy for spammers to hack flimsy passwords. To address this, the service will soon roll out a new feature requiring stronger passwords. If you’re currently using a common password, you may be asked to strengthen it in the future.

Changing spam tactics

The takedown of the Rustock botnet dealt a telling blow to spammers and dropped spam volumes by almost 30% overnight (see Kudos to MSFT for Strangling the Rustock Spambot) and highlights a vulnerability in the botnet approach. Not only did spammers have to pay to rent the botnets, their distribution method could be shut off in one well-researched swoop.

A report out this month by Commtouch explains this shift in tactics sayingThe move away from botnet spam can be attributed to the use of IP reputation mechanisms that have been increasingly successful in blacklisting zombie IP addresses and therefore blocking botnet spam.

The blocking of spam from compromised accounts based on IP address is more difficult for many anti-spam technologies, since these accounts exist within whitelisted IP address ranges (such as Hotmail or Gmail).

One of the primary aims of the larger malware outbreaks and phishing attacks of this quarter is therefore to acquire enough compromised accounts to make spamming viable. The catch for spammers: While spam from compromised accounts is less likely to get blocked by IP reputation systems, the volumes that can be sent are lower due to the thresholds imposed on these accounts. This at least partially accounts for the lower spam volumes seen this quarter.”

What to do if your email account is hacked

  1. Check your security. Most hackers collect passwords using malware that has been installed on your computer or mobile phone. Be sure your anti-virus and anti-malware programs are up to date.  Also be sure that any operating system updates are installed. See my blog Are You a Malware Magnet? 4 simple steps can make all the difference
  2. Change your password and make it stronger after your anti-virus and anti-malware programs are updated. Learn how to create stronger passwords in my blog Safe passwords don’t have to be hard to create; just hard to guess.
  3. Practice greater safety online.
    1. Learn to spot spam and scams
    2. Secure your home’s wireless network
    3. Avoid logging into accounts when using public wireless networks – you don’t know if these are safe or compromised. See my blog Like Lambs to the Slaughter? Firesheep Lets Anyone be a Hacker
    4. Validate the legitimacy of any program/game/app before downloading it.  See my blogs Windows Getting Safer, but Study Finds that 1 of Every 14 Programs Downloaded is Later Confirmed as Malware

Linda

Comments Off | Linda's Blog | Tagged: , , , , , , , , , , , | Permalink
Posted by Linda Criddle

Kudos to MSFT for Strangling the Rustock Spambot

March 27, 2011

Microsoft’s Digital Crime Unit announced the takedown of one of the world’s largest bot networks that leveraged “approximately a million infected computers” and was capable of sending up to 30 billion spam emails per day.  Researchers watched a single Rustock-infected computer send 7,500 spam emails in just 45 minutes – a rate of 240,000 spam mails per day.

These scams included fake Microsoft lottery scams, but it appears that the bulk of the spam sent via this botnet focused on advertising counterfeit or unapproved knock-off versions of pharmaceuticals.

The Rustock spambot was officially taken offline yesterday after a federal investigation into the criminal operators behind the bot ended. The investigation began as a result of Microsoft suing the spammers. (Don’t know what as bot is? Read my post What are Bots, Zombies, and Botnets?)

Here is an excerpt from Microsoft’s blog post:

Botnets are known to be the tool of choice for cybercriminals to conduct a variety of online attacks, using the power of thousands of malware-infected computers around the world to send spam, conduct denial-of-service attacks on websites, spread malware, facilitate click fraud in online advertising and much more. This particular botnet is no exception.

….Spam is annoying and it can advertise potentially dangerous or illegal products. It is also significant as a symptom of greater threats to Internet health. Although Rustock’s primary use appears to have been to send spam, it’s important to note that a large botnet can be used for almost any cybercrime a bot-herder can dream up. Botnets are powerful and, with a simple command, can be switched from a spambot to a password thief or DDOS attacker.

Again, DCU’s research shows there may be close to 1 million computers infected with Rustock malware, all under the control of the person or people operating the network like a remote army, usually without the computer’s owner even aware that his computer has been hijacked. Bot-herders infect computers with malware in a number of ways, such as when a computer owner visits a website booby-trapped with malware and clicks on a malicious advertisement or opens an infected e-mail attachment. Bot-herders do this so discretely that owners often never suspect their PC is living a double life.

It’s like a gang setting up a drug den in someone’s home while they’re on vacation and coming back to do so every time the owner leaves the house, without the owner ever knowing anything is happening. Home owners can better protect themselves with good locks on their doors and security systems for their homes. Similarly, computer owners can be better protected from malware if they run up-to-date software – including up-to-date antivirus and antimalware software – on their computers.

Finally, we encourage every computer owner to make sure their machine isn’t doing a criminal’s dirty work. If you believe your computer may be infected by Rustock or other type of malware, we encourage you to visit support.microsoft.com/botnets for free information and resources to clean your computer.

What this means to you

You must protect your internet connected devices. Unlike your toaster, the internet is not a plug-it-in-and-go experience.

  • It requires installing, or turning on security software onto your devices – and then setting the software to auto-update so it keeps your safety level current.
  • It requires creating strong passwords to log-in to the computer.
  • It requires ensuring any WiFi connection is password protected.
  • It requires changing passwords periodically
  • It requires getting educated on how to avoid scams, spam, and protect your privacy.

It also requires that you step up to your civic duty of protecting others. An infected device is the digital equivalent of Typhoid Mary – you may not intend to send infected documents, or be part of a botnet spewing spam and scams, contributing to denial of service attacks, or spreading viruses, but if you haven’t taken security precautions to keep your devices clean, you are part of the problem.

Linda

Comments Off | Linda's Blog | Tagged: , , , , | Permalink
Posted by Linda Criddle

Internet Safety Calendar Is Popular Download

October 25, 2010

Thousands of consumers have downloaded the iLOOKBOTHWAYS Internet Safety Calendar since its launch less than a month ago.

Sponsored by Microsoft, the calendar offers actionable online safety tips for you and your family has been featured in TV, print, and radio shows and is now featured on The Windows Club website.

The calendar sends you a reminder at the beginning of each month to help you take action on important online safety issues.

Using the calendar, you will learn how to:

  • Protect yourself from identity theft
  • Talk about cyberbullying with kids
  • Shop online more safely
  • Protect your information when you are traveling.

LOOKBOTHWAYS is an Internet safety technology company that provides products, consulting, and information about online safety.

The company provides the iLOOKBOTHWAYS website as a benefit to consumers.

LOOKBOTHWAYS also has a foundation that develops Internet safety courses for elementary through high school students that will be available free of charge. The first lessons will be ready for use in early 2011.

Linda

Comments Off | Linda's Blog | Tagged: , | Permalink
Posted by Linda Criddle

Microsoft Sponsors New Internet Safety Calendar App by LOOKBOTHWAYS

September 22, 2010

Microsoft has sponsored the creation of a new, free, Internet Safety Calendar application, that consumers can download to their Internet Explorer browser (Note: only IE is supported at this time).

To access the new Internet Safety Calendar application, go to Microsoft’s http://www.microsoft.com/protect/resources/addon.aspx.

Built by LOOKBOTHWAYS, the calendar provides relevant monthly advice to help you increase your online safety whether you’re looking out for your own safety, or you are a parent watching over your family’s safety. The calendar also includes reminders for recurring those safety actions you know you should be doing, but that frequently get forgotten in the rush of day-to-day activities.

Each month, the calendar will send you a note reminding you to check the calendar for important online safety advice, but you can also view the app at any time by selecting Online Safety Calendar under the Tools menu.

Here’s a view of the Online Safety Calendar application, and September’s content for parents:

It’s easy to improve your safety with just a few simple actions each month.

Linda

Comments Off | In The News | Tagged: , , , , | Permalink
Posted by ilookbothways

Download Family Online Safety Tips brochure from Microsoft

September 13, 2010

Microsoft

has released a new brochure on Family Safety called, Microsoft Tools Help Keep Families Safer Online with tips for Windows 7, Windows

Live, XBOX, Zune & MediaRoom users. If you’re using one of these products and have kids, this is an excellent resource for you.

FULL DISCLOSURE: My company, LOOKBOTHWAYS, contributed content to this brochure.

Microsoft has also created a chart that can help you decide which settings are right for your family.

Another great resource for families is the Xbox Live Code of Conduct, which provides guidelines or safe and respectful online gaming. You may want to check them out here.

The tools also let you modify restrictions based on reports of actual activity so you can have informed discussions with kids about how they use the Internet

You can download the brochure here: Family Online Safety Tips brochure Note, you’ll need to scroll down the page to the section titled Files in this Download, then select the third option, (I’ve highlighted it in blue).

For more information on this resource, check out the Windows Club.

To see more Microsoft safety brochures, go to Microsoft Online Safety, Brochures and fact sheets.

Linda

Comments Off | Linda's Blog | Tagged: , , , , , | Permalink
Posted by Linda Criddle

Microsoft Teaches Hard Lesson to Those Using Pirated Product

November 13, 2009

The new Xbox game Call of Duty: Modern Warfare 2 went on sale this week. In classic software launch fashion, thousands of gamers lined up hours in advance to secure the first copies of the new game as it was released at the stroke of midnight.

But up to a million other gamers chose the pirated route, modifying their Xboxes to circumvent the digital rights management features so they could download illegal copies of the game. Now they’re paying for it. InformationWeek reports that Microsoft has banned as many as a million players from Xbox Live for playing pirated versions of games.

Hats off to Microsoft for teaching consumers that theft has consequences, and for their commitment to stopping piracy.

It’s particularly refreshing to see MSFT’s integrity in light of the recent news about the scandalous behavior of some social gaming companies.

Linda

Comments Off | In The News | Tagged: , , , | Permalink
Posted by Linda Criddle

Microsoft’s Online Forensics Tool for Law Enforcement Leaked

November 13, 2009

I have not written about Microsoft’s COFEE (Computer Online Forensic Evidence Extractor) tool in the past due to its specific purpose in helping law enforcement agencies. Now that it is in the wild, there are a couple of things to note:

  1. The leak won’t help criminals. “COFEE was designed and provided for use by law enforcement with proper legal authority, but is essentially a collection of digital forensic tools already commonly used around the world. Its value for law enforcement is not in secret functionality unknown to cybercriminals, its value is in the way COFEE brings those tools together in a simple and customizable format for law enforcement use in the field,” noted Richard Boscovich, senior attorney, Internet Safety at Microsoft.
  2. Microsoft deserves huge kudos for putting together this suite of forensics tools in an easy format for law enforcement, and for ensuring the tool is in the hands of so many law enforcement bodies around the world – their press release says they are “in no less than 187 markets”.

In a time where internet companies deliberately exploit consumers (see Scamming Users Part of Social Gaming Company Zynga’s business model), trample privacy (see Date Check Tramples Privacy, Calls it “Look up before you hook up.”), claim ownership of personal content (see Facebook Withdraws Changes in Data Use), etc., it is worth showcasing the socially responsible companies.

Linda

Comments Off | In The News | Tagged: | Permalink
Posted by Linda Criddle

History Repeated – Is Google the new Microsoft?

November 10, 2009

Was it only in 2004 that the pundits posed the question as to whether Microsoft was the new IBM? How time flies. Last week, freelance journalist Erik Sherman raised the question “Is Google the new Microsoft?” as he reviewed Google’s latest behaviors and market dominance. For evidence, Sherman listed several similarities:

  • Google asks users to trust them with an explanation essentially of “because we say so” and because we care
  • Dominates search almost to the extent that Microsoft dominated the desktop and laptop
  • Acts first, asks later – after the lawsuits start hitting the fan, as with the book scanning
  • Ignores antitrust concerns, drawing government attention in the U.S. and Europe

What do Google’s dominance and actions mean to your privacy and safety?

Google’s services have the ability to collect, data mine and resell information – whether it be your content, your location, or elements of your identity – to a far greater extent than an operating system or productivity tools ever could.

This means that transparency, consumer choice, and the ability to opt out of features, services, or to have your information erased entirely are more critical than ever. In the face of these risks, the points noted above are more than a little concerning.

  • Trust must be earned, on a user-by-user basis; and trust-but-verify applies even when trust has been earned. Every user should be able to see the information collected, stored, or shared about them at any time – and be able to have it removed.
  • Monopolies become dictatorships – benevolent or otherwise. At the end of the day, companies and corporations are responsible to their bottom line. The actions taken by Google that have drawn governments’ attention should concern every internet user. Their seeming disregard for antitrust concerns only heightens the unease.
  • Ask first, act later must guide decision-making.

Do you know Your Internet Safety Bill of Rights?

If not, it’s time to consider what you should be demanding from every online service. I wrote your Internet safety bill of rights in 2005, and they are more relevant today than ever.

Linda

Comments Off | In The News | Tagged: , , , , | Permalink
Posted by Linda Criddle

Microsoft Updates their Online Safety Website

November 6, 2009

micupdates1

 

 

 

To address advances in technologies (to so-called Web 2.0), Microsoft has redesigned their Consumer Online Safety Education website at www.microsoft.com/protect.

Caveat: LOOKBOTHWAYS provided the content for Microsoft’s brochure series, as well as some other materials for the site. We are also listed as a resource on their community page.

The site is clean, easy to navigate and has updated, relevant materials to help protect yourself, your family, your computers and I recommend the site.

In addition to solid advice on Internet safety, security and privacy topics, be sure to check out some of their other features:

Sadly, my all-time favorite Microsoft safety video is not on the site – it uses a little live mouse to teach concepts. Maybe they’ll get it on the site shortly…

Linda

Comments Off | In The News | Tagged: , , , , , , , , , | Permalink
Posted by Linda Criddle

Encouraging Girls to Consider Careers in Technology

August 24, 2009

Earlier this month I had the privilege of once again volunteering my time to teach at Microsoft’s regional DigiGirlz conference in Charlotte, NC. Microsoft established these camps to help dispel the all-male stereotypes of the high-tech industry and to give girls a chance to experience, firsthand, what it is like to develop cutting-edge technology.

Presenting information Internet Safety and interacting with the girls at these conferences is always inspiring – the idea that Internet safety is something you have to force down kids throats is absurd. No kid or teen wants to be bullied, scammed, disrespected, or stalked nor do they want to place their family or home at risk. Youth are in fact eager to learn the skills needed to have a safer online experience and they are remarkably diligent in sharing their knowledge with others.

Girls at these camps have a great time, get to try several technologies, and gain tremendous insight into careers they might never even have heard of within the hi-tech industry – not everyone writes code!

Microsoft’s DigiGirlz program is primarily targeted towards high school aged students, but will accept young ladies as young as 13, and there are is no cost for participating. This year the camps were held in 10 locations across the US, and in 6 international locations.

I strongly encourage you to think about the young women you know in the appropriate age range and help them apply when registration opens in early spring 2010. Put a reminder on your calendars today.

Again, click here to go to the DigiGirlz website.

Comments Off | In The News | Tagged: , , | Permalink
Posted by Linda Criddle

Follow

Get every new post delivered to your Inbox.

Join 1,614 other followers