Google Warns Users of Malware – Take Action

July 20, 2011

You’ve been warned to be skeptical of notices that pop up warning you of malware on your device that is actually malicious software trying to get you to download fake ‘anti-virus’ software. However, if you see this notification from Google at the top of your Google search results, believe it.

Noticing an unusual pattern of activity in Google search traffic, the company enlisted the help of outside security professionals in the companies sending the modified traffic to determine the computers were infected with malware.

Google’s online security blog says “This particular malware causes infected computers to send traffic to Google through a small number of intermediary servers called “proxies.” We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their antivirus software and remove the infections.

We hope to use the knowledge we’ve gathered to assist as many people as possible. In case our notice doesn’t reach everyone directly, you can run a system scan on your computer yourself by following the steps in our Help Center article.”

Kudos to Google for being proactive and transparent about the issue as well as for providing clear, easy-to-follow steps users can take to fix the problem.

This is one more example of why everyone must keep their security software up to date.



Social Engineering Bigger Risk to Your Online Safety than Malware

June 8, 2011

Protect your computer! has been the mantra of safety, security and privacy experts for years. We tell you to be sure to have up-to-date security software installed. To use strong passwords. To password protect your home network.  To avoid using unknown networks. And so on…

But we also tell you that all the security in the world can’t protect you, if you, or someone else using your devices, act carelessly. 

You can protect your home by selecting a safe neighborhood, installing locks on the doors and windows, adding security systems, outdoor lighting, fencing and gate, and getting a guard dog. But you can also disable all that security in the blink of an eye by opening your front door. If the person at the door is safe, then no harm is done. But if the person at the door has fooled you into believing they’re safe – you could be at high risk.

The same scenario of security and disabling of security plays out online. The term social engineering refers to the ways criminals use non-technical tricks to convince you to disable your security measures so they can get into your computers, phones, consoles, etc., and cause harm.

Interesting data from AVG Technologies reported in the Virus Bulletin shows that users are more than four times more likely to come into contact with social engineering tactics as opposed to a site serving up an exploit. Why? Because criminals know that humans are usually the weakest link in the security chain.

Think about it, why would crooks struggle to dismantle or bypass your security when they can convince you to open the door and let their exploits in?

How do criminals convince users to allow them bypass the user’s security? By gathering information about their victims. Some attacks are fairly unsophisticated broad attempts sent out knowing that a certain percentage of users will have an account with a service like eBay, Facebook, Chase Bank, etc. and that some will click on a notice that appears to be from one of these companies.

In more sophisticated attacks the criminals learn more about your specific behaviors, interests and who your friends are. Once the criminals have learned these things about you, they can set up a scenario that significantly increases your likelihood of falling for their scam. The better they know you, the more likely you will click on their link or download their exploit.

How to defend yourself

Study and practice the easy to learn 14 Steps to Avoiding scams. If you follow these steps rigorously, they will help you avoid falling for socially engineered exploits.


Windows Getting Safer, but Study Finds that 1 of Every 14 Programs Downloaded is Later Confirmed as Malware

June 7, 2011

With all the news about Mac malware making Apple devices more vulnerable, Microsoft has announced that Windows is getting safer – particularly if you’re using Windows 7.

There are some pretty interesting discoveries in Microsoft’s most recent Security Intelligence Report covering the second half of 2010, and it’s worth the full read if you’re at all technically inclined.  Here are a few points I found particularly interesting:

  1. It really pays to upgrade your Windows OS to increase your security. A Windows 7 64-bit system (their most recently released Windows client) has the lowest infection rates at 2.5 infections per thousand computers.
    In comparison:
    1. Windows 7 32-bit systems have infection rates of 3.8 per thousand computers.
    2. Windows Vista SP2 32-bit PCs have a rate of 7.5 infections per thousand computers.
    3. Windows XP SP3 32-bit machines have an infection rate of 15.9 for every thousand computers.
  2. Malware infections are a global scourge – but not all parts of the globe are equally plagued.  The US, Mexico and Central and South America, France, Spain, Parts of the Arab world and Russia are hardest hit. This map paints a clear picture of the problem areas.
  3. The prevalence of various types of malware threats changes based on country factors.  For example, the U.S., England and Russia have significant issues with Miscellaneous Trojans, but are less likely than other countries to struggle with password stealers and backdoors.
  4. Though most phish scams target financial sites, it’s the phishes through social networks that get most of the impressions – an impression is measured as a single instance of a user attempting to visit a known phishing site with Internet Explorer. Phishing impressions that targeted social networks increased from a just 8.3% of all impressions in January to a whopping 84.5% of impressions in December. This trend was especially stark in the last four months of the year.Also note the increased focus on targeting gaming sites early in the year, the report suggests that with the tremendous success of phishing via social networks, the focus on gaming declined, but they expect to see this increase again when social networkers become more savvy to the attacks and new methods of delivery need to be found.

  5. Adding to our understanding of the phishing threats covered in MSFT’s security report is an article on the IEBlog that talks about how the company’s SmartScreen technology in IE9 is helping to block social engineering attacks.  The following are excerpts from the blog:

For context, recent studies show that despite the headlines that exploits of software vulnerabilities get, people browsing the Web are more likely to face a socially engineered attack. Recent articles have compared different approaches to protecting people. Application Reputation is a natural extension of the current protections introduced in IE7 & IE8 that block phishing sites and sites that distribute malicious programs.

…User-downloaded malware is a huge problem and getting bigger.

…IE blocks between 2 and 5 million attacks a day for IE8 and IE9 customers. Since the release of IE8, SmartScreen has blocked more than 1.5 billion attempted malware attacks. From our experience operating these services at scale, we have found that 1 out of every 14 programs downloaded is later confirmed as malware.

These reports paint a very sobering picture on the state of internet security, but there are clear steps you can take today to decrease your chances of malware infections – not matter which operating system, browser, or device type you are using.

Here’s a 12 point checklist to get you started on the road to Internet security and safety. If you want more detail, look to for straightforward practical advice on how to steer clear of Internet hazards whether you’re sending e-mail, dating online, making purchases or socializing – and whether you are on a computer, or your phone.

  1. Secure your computers and smartphones with anti-virus, anti-spyware, and tools.
    Keep them current and use them unfailingly-as automatically as locking your door when you leave the house. A computer that does not have security software installed and up-to-date will become infected with malicious software in an average of four minutes. That malicious software will steal your information and put you at risk for crimes.

    1. You must have anti-virus and anti-spyware software installed and up-to-date. If your computer or phone isn’t protected from Trojans, viruses and other malware, your financial information, passwords and identity will be stolen. This concept is so basic, yet only 20% of the US population adequately protects their computers. If the cost of security software is prohibitive, use a free service.
    2. Secure your internet connection – Make sure your computer’s firewall is on. If you use a wireless network it needs to be encrypted so someone who is lurking outside the house can’t collect your information. If you need a free firewall, click here. Never use a public WiFi service for any type of financial transaction or other type of sensitive information transfer.
    3. Use added protection on sensitive financial information with passwords or store on a flash drive, CD or external hard drive For added protection all year, keep your finances inaccessible to anyone who uses (or hacks into) your computer. You can do this by password protecting individual files or folders on your computer, or choose to keep this information on a flash drive or CD that you keep in your safe or other secure location.
  2. Use strong, unique passwords for every site. Creating strong memorable passwords is easy and can actually be fun – and the payoff in increased safety is big. The key aspects of a strong password are length (the longer the better); a mix of letters, numbers, and symbols; and no tie to your personal information. Learn how with my blog Safe passwords don’t have to be hard to create; just hard to guess
  3. Review the privacy terms and settings. This needs to be done for every social site you use. Create an environment of safety for yourself by understanding how any website you use treats your privacy and information. That fine print may tell you the company can own, resell, rent, or give your information to anyone they want. If it does, find a more respectful site.
  4. Discuss online safety with your family and friends.  Decide together how you will help protect each other’s privacy online and set rules that reflect your personal values. Decide what information about yourself you are willing to have shared online, and with whom you are willing to share it. This includes asking friends to put your email address on the Bcc: line if they are including you on an email to people that you don’t know. Learn more here
  5. Be selective about who you interact with online and what information you make public.
    1. The risks are relatively low when you stick with people you know—your family, and friends. Going into public chat rooms or opening your blog up to the general public, for example, significantly increases your risk.
    2. Think carefully before you post online any information that can personally identify you, a family member, or friend on a public site like a blog, in online white pages, on job hunt sites, or in any other place anyone on the Internet can see the information. Sensitive information includes real name, birth date, gender, town, e-mail address, school name, place of work, and personal photos.
  6. Pay attention to messaging risks.
    1. Think twice before you open attachments or click links in messages -even if you know the sender-as these can be used to transmit spam and viruses to your computer.
    2. Never respond to messages asking you to provide personal information, especially your account number or password, even if it seems to be from a business you trust. Reputable businesses will not ask you for this information in e-mail.
    3. Never click on links provided in messages, unless you are sure of the sender. Instead, use a search engine to find the website yourself.
    4. Don’t forward spam. Whether it’s a cute ‘thought of the day’, ‘set of jokes’, ‘amazing photo’,  ‘recipe tree’ or similar email, if you don’t personally know the sender the email is surely a scam designed to collect the email accounts – and relationships – of everyone you share it with.
  7. Don’t trade personal information for “freebies.”   Online freebies come in two forms:
    1. The free games, free offers, and ‘great deals’. Just as in the physical world, if these types of offers sound too good to be true, they probably are. Not only will these collect and sell your personal information, these ‘deals’, and ‘free’ applications are usually riddled with spyware, viruses or other malicious software.
    2. Through survey’s, sweepstakes, quizzes, and the like. These marketing tools are designed for one purpose – to get as much information from you as they can, so they can sell that to interested parties. Even the most innocuous ‘survey’s learn far more than you imagine, and they may give you malicious software or download tracking cookies, so just skip these entirely.
  8. Periodically review your internet contacts, and online activities.   Internet housekeeping is important. Review who you have as contacts, and who can see your online profiles periodically to prune out everyone you no longer have a close relationship with. Review any images and content you’ve posted online to see if collectively these tell more about you than should be known.
  9. Check your credit reports.  Under the Fair Credit Reporting Act, you have the right to one free credit disclosure in every 12-month period from each of the three national credit reporting companies—TransUnion, Experian, and Equifax.
    1. Request a free credit report from one of the three companies for yourself, your spouse, and any minors over the age of 13 living at home to check for credit fraud or inaccuracies that could put you at financial risk. (Although exact figures are difficult to get, the latest data shows that at least 7 percent of identity theft targets the identities of children.) The easiest way to do this is through
    2. You can also pay for credit monitoring services that will alert you to any suspicious activity or changes in your credit scores.
  10. Block people you don’t want to interact with.   You don’t have to accept invitations to be friends with people just because they ask. Women in particular can find it difficult to turn someone down – and creeps and crooks count on this very thing. If you don’t want to be friends, delete the request. If you are already connected with someone you would rather not be, block them from your social sites. You can also block their email account so they can never contact you through email, and block their phone number from calling or sending text messages to your phone.  YOU get to choose who, how, and when you are contacted.
  11. Trust your instincts.   Online and offline, your instincts play a critical role in your protection. If something feels ‘off’, go with your instinct. You don’t have to explain your reasoning to anyone.
  12. If you are exploited, it is not your fault.   Following the fourteen steps outlined above can go a long way to keeping you safe, but bad things sometimes do happen. If you fall victim to a scam, fraudster, abuser or criminal, don’t blame yourself. The only person guilty is the abuser or criminal.  You didn’t cheat, scam, lie, threaten, harm, steal, or abuse yourself in some other way, so don’t lay a burden of guilt where none belongs. Don’t let the abuser or criminal shame you into silence. Speak out and get the help you need.

For even more information and help, check out these two blogs:


Twenty-Five New Malicious Apps on Android; 30,000 to 120,000 Users Affected

May 31, 2011

Criminal interest in Google’s Android platform appears to be increasing. In March Google had to remove more than 50 malicious mobile apps from their Android Market for exploiting as many as 250,000 consumers information and downloading malware known as Droid Dream (see my blog More Mobile Apps Caught Inappropriately Collecting User Info and Installing Malware for more on that outbreak).

Now security experts from Lookout Security, have identified 25 new malicious applications in the Android Market (since removed) that have potentially damaged somewhere between 30k-120k users. This is a variant on the original malware launched in March, and Lookout believes it has been launched by the same malware developers according to a news article in Forbes.

Droid users beware

This won’t be the last outbreak on Android Apps for two reasons; money, and ease of inclusion.

With Android enjoying 53% of the mobile market the revenue potential for criminals is huge.  Add to this the awareness that Google does less than other mobile platforms to test products offered through their market place, and you’ve got a scenario ripe for exploitation. Android users who aren’t careful about what they download now have a red target on their backs.

In this outbreak, legitimate applications were copied, had malware inserted, and then posted to the Android marketplace so it is critical that if you’ve downloaded one of the apps listed below that you check who is listed as the developer. According to the Forbes article, if the developer listed is Magic Photo Studio, Mango Studio, E.T. Tean, or BeeGoo you phone may be infected:

  • Sexy Girls: Hot Japanese
  • Sexy Legs
  • HOT Girls 4
  • Beauty Breasts
  • Sex Sound
  • Sex Sound: Japanese
  • HOT Girls 1
  • HOT Girls 2
  • HOT Girls 3
  • Floating Image Free
  • System Monitor
  • Super StopWatch and Timer
  • System Info Manager
  • Call End Vibrate
  • Quick Photo Grid
  • Delete Contacts
  • Quick Uninstaller
  • Contact Master
  • Brightness Settings
  • Volume Manager
  • Super Photo Enhance
  • Super Color Flashlight
  • Paint Master

Defend Your Phone!

Users need to stay vigilant by always checking to see who has developed an app and what their reputation is. Look at reviews they’ve received and only download apps from sources that have a strong history and trust rating.

Lookout Security also recommends that you check the permissions the app is requesting, be aware of any unusual behavior on your phone and install a mobile security app.

To see a listing of top mobile security products, and gain a deeper understanding of mobile malware risks, see my blog It’s No Accident – Mobile Money and Mobile Malware Set to Go Big in 2011.


Mac Attack – Apple Malware Evolves, Company Finally Responds

May 30, 2011

After a 25-day delay Apple finally responded to the appearance of the fake anti-virus scam called Mac Defender (there are other variants called Mac Protector and Mac Security) designed to trick Apple users into paying for bogus security software.

Apple’s response countermands the company’s earlier directive insisting support reps NOT help users remove the malware. Now they’ve provided reps with a “How to avoid or remove Mac Defender malware,” script for helping consumers who have been exposed to the malware. Apple also committed to developing a security update to remove infections automatically.

Unfortunately, it took less than 12 hours for the malware writer to morph his code so that the instructions for fixing the problem were no longer effective according to an article in ZDNet.

Malware isn’t Static

According to the ZDNet article, the malware variant was found in a Google search under yet another name, MacGuard, and does not require the user to enter the administrator password to be installed. These permutations will continue because all malware evolves; to expect this to be different for Apple users is absurd.

Apple OSx users have now joined Windows  users in the perpetual cat and mouse world of malware where variations and entirely new forms of malware spring up to enable criminals revenue streams, the real question is what will users and Apple do about it? There are really only three choices: 1) pretend this is a one-time experience and do nothing, 2) address the issue and any future issue as they arise, 3) acknowledge the Apple OSx will face ongoing exploits and proactively prepare for defense.

For users this means installing anti-malware software if you have not already done so. It may also mean taking the time to learn a few skills to help you identify and avoid malware that comes creeping your way.

For Apple, which has prided itself on their ‘it just works’ clean experiences, the refusal to help infected users, then the 25-day response time is a double black eye.

As windows users can attest, sticking your head in the sand will leave your rear end rather exposed.


Are You Sure Your PC is Malware Free??

May 15, 2011

If you aren’t sure you have anti-virus or other anti-malware software protecting your computer, or if you aren’t sure these tools are up-to-date or effective, there’s a 5 click way to find out. Your time commitment? Less than 7 seconds. Less time than it has taken you to read this blog this far.

For 90% of computer users, some version of Windows is your operating system.  If you aren’t a Windows user, you can stop reading here because unfortunately this solution won’t help you, I’ll try to give you tips in a later blog.


BUT… if you are among the 90% using Windows, take 7 seconds to:

  1. Log onto Microsoft’s Security Scanner page, either from this link or from the security newsletter Microsoft sent out earlier this month. (3 seconds)
  2. Click on the big Download Now button. (1 second)
  3. Select your download version (1 second)
  4. Accept license terms (1 second)
  5. Select a full scan of your computer (1 second)

Now relax and let the scanner do its work. When done, it will tell you if your computer has a clean bill of health, or if you need to do something to clean it.

One tip: Running the scanner takes time, you may want to start this before going to bed, or before stepping away from the computer for a while so it doesn’t slow you down while working.


Are You a Malware Magnet? 4 simple steps can make all the difference

April 12, 2011

It’s update time. Operating systems (like Windows and Mac) and browsers (IE and Firefox) have just come out with significant patches to existing versions, or created entirely new versions, to fix security flaws and add features. And while you may be able to live without the new features, you need those security fixes NOW.

It only takes minutes for an unprotected, internet connected computer to be infected with malicious software that may damage your device, steal your information and identity, add bogus charges to your internet bill or credit cards, turn your machine into a bot   that is remotely controlled by criminals sending out spam, scams, and malware,(See What are Bots, Zombies, and Botnets? for more information), pose a threat to the safety of your friends and family, and even the country.

Sound bad? It is. If any of the following statements sound familiar, you are a malware magnet.

  • Your anti-virus and anti-malware tools haven’t been updated since you bought your computer.
  • You’ve ignore those pesky popups telling you that your computer, browser, or programs need updating to get the latest security fixes installed.
  • You love chain emails, and answering survey’s and quizzes.
  • You respond to spammers asking them to stop spamming you.
  • You trust links you come across in emails, Twitter & Facebook and in online ads.
  • You don’t know a phish from a fish, a worm from a grub, or what malware is.

3 simple steps can make all the difference. 1) Start by ensuring your computers are up-to-date with all available patches, fixes, and upgrades. 2) Then ensure your browers are up-to-date with all available patches, fixes, and upgrades. 3) Confirm your security software is up-to-date with all available patches, fixes, and upgrades. 4) Now, strengthen your spam filters – on your email and through your actions.

  1. Update Operating Systems: If you do not have your operating system set up to automatically update, follow these steps to get updated – then choose the option to have this automatically done for you in the future.
    1. For Windows users:
    2. For Mac Users:
  2. Update Browsers: If you aren’t already using the latest browser version, update your browser:
    1. Download Firefox 4 here.
    2. Download IE 9 here.
  3. Update Security Software: Open your security software program on your computer. You should be able to instantly see if your security software is working. I happen to be using McAfee’s tools at the moment, and this is the message I see, but every program will have a simple way to show you whether you are up-to-date or not.

    Don’t have security software?  Get it now. It doesn’t have to cost a penny, but you’ll never be secure without it.  Start with TopTenReviews’ AntiVirus Software Review for a great comparison of products by features as well as by reviewer and user comments.

    If free is more your style, consider either of these highly regarded options:
    AVG Anti-Virus Free Edition 2011
    Microsoft Security Essentials
  4. Strengthen your Spam protection: This takes setting your email spam filters to an appropriately high level, and some smartening up on your part. Safe, responsible computer and internet use does not require you to have a PhD in engineering or computer science, it just requires precaution and a few skills.
    1. Strengthen your settings:  Here are examples of Hotmail and Aol Mail filters, search online to learn how to change settings if you’re using a different service.

    2. Smarten up about Spam: Spam comes at us from all angles; in the mailbox in front of your home (junk mail) in your email inbox, via IM, social networking sites, chats, forums, websites, and sadly, now also on your phone. Learn these  14 Steps to Avoiding Scams, and practice on some of the examples (scroll further down the page) to see how well you can avoid the common consumer pitfalls scammers want you to stumble over.

To help you stay safer year-round, we’ve worked with Microsoft to development a free, Internet Safety Calendar application that you can download to your Internet Explorer browser (Note: only IE is supported at this time).

Built by LOOKBOTHWAYS, the calendar provides relevant monthly advice to help you increase your online safety and the safety of those you help protect. The calendar also includes recurring reminders for those safety actions you know you should be doing, but that frequently get forgotten in the rush of day-to-day activities.

Each month, the calendar will send you a note reminding you to check the calendar for important online safety advice, but you can also view the app at any time by selecting Online Safety Calendar under the Tools menu.

Even with these steps, you might not be able to dodge every last aggressive malware, but you WILL be much safer.