Why Criminals Love Short URL’s

April 11, 2011

A newly released Symantec Internet Security Threat Report shows why the (mis)use of short URL codes has become one of criminal’s favored methods for distributing malicious code to unsuspecting consumers.

Using a compromised profile, criminals post links to malicious websites so the links will appear in their friend’s news feeds – and because these links have been shortened, it is even harder for recipients to identify the actual destination of the URL. During a three-month period in 2010, nearly two-thirds of malicious links included in news feeds observed by Symantec used shortened URLs, and 73% of these URLs were clicked on at least 11 times each. Thirty-three percent received between 11 and 50 clicks. And only 12 percent of the links were never clicked.

Learn how to avoid short URL scams by reading my blogs: Short URL Scams – Avoid the Traps, Report the Spammers and consider using the New Secure Short URL Service from McAfee.



Part 4: McAfee Threat Predictions for 2011 – Apple: No longer flying under the radar

January 16, 2011

This is the fourth installment of my series covering McAfee’s Threat Predictions for 2011. To make the predictions for 2011 more digestible, I’ve broken each area out to show McAfee’s drilldown on the risk, and what the risk means to you. Click here to read the first, second, and third segments.

From McAfee Threat Report – Apple: No longer flying under the radar

Historically, the Mac OS platform has remained relatively unscathed by malicious attackers, but McAfee Labs warns that Mac-targeted malware will continue to increase in sophistication in 2011. The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure, and will make Apple botnets and Trojans a common occurrence.

What this means to you

For Apple lovers, the Mac OS and Apple device’s underdog status against PC’s and the Windows OS long served as a hardy defense against criminal exploits – criminals target the largest possible segment for the largest possible return.

But with the Mac OS making stronger inroads, and the advent and mass adoption of  iPhones, and iPads, Apple is facing new threats – much like the general mobile market is now facing. (See Part 3: McAfee Threat Predictions for 2011 – Mobile: Usage is rising in the workplace, and so will attacks).  So it now appears that assuming you’re safe from malware on Apple devices is not longer a safe bet.

To gain some insight into why criminals are taking an interest in Apple, consider the company’s 2010 Sales data (Fiscal year ended Sept 25th 2010) results, it is easy to see why criminal interests are now focusing on these products. In just the past three years, Apple has sold 33.7 million computers, 72.5 million iPhones, and iPad sales are soaring.  Add to that the over 300 thousand applications in the Apple App store and the potential for exploitation becomes even more interesting. (To learn more about threats to the iPhone see Researcher warns of risks from rogue iPhone apps).

The future for Apple users is likely to adopt the same advice that PC users have been given for years. Protect your devices, only download apps from trusted and tested sites, and leverage Safari’s antiphishing, antivirus, and Malware Protection to avoid and block malware.


Part 3: McAfee Threat Predictions for 2011 – Mobile: Usage is rising in the workplace, and so will attacks

January 12, 2011

This is the third installment of my series covering McAfee’s Threat Predictions for 2011. To make the predictions for 2011 more digestible, I’ve broken each area out to show McAfee’s drilldown on the risk, and what the risk means to you. Click here to read the first and second segments.

From McAfee Threat Report – Mobile: Usage is rising in the workplace, and so will attacks

Threats on mobile devices have so far been few and far between, as “jailbreaking” on the iPhone and the arrival of Zeus were the primary mobile threats in 2010. With the widespread adoption of mobile devices in business environments, combined with historically fragile cellular infrastructure and slow strides toward encryption, McAfee Labs predicts that 2011 will bring a rapid escalation of attacks and threats to mobile devices, putting user and corporate data at very high risk.

What this means to you

It’s hard to recall that most people have owned a mobile phone for less than 15 years. How did we survive without them? You may remember the early Motorola phones of the mid-nineties, then the first 0.3 megapixel camera phones and the carrier networks that couldn’t send those lousy images to other provider’s networks. Then we got SMS (text messaging) – and the all-powerful MMS communications, and ringtones. Remember the challenges of getting email onto phones, the time when we all carried a pager, a PDA and a cell phone?

We’ve watched this rapid sprint from barely mobile “bricks” to today’s sleek phones with incredible capabilities. We’ve seen mobile phone adoption rates go from nearly zero to over 90%.

Yet for all the difficulties and lack of functionality in those old phones, they held one advantage. They were too primitive, too customized per handset, and had too few users to be interesting targets for criminal exploits. The bad news is that era has passed.

Mobile technologies are now less fractured, standardized around key platforms, services and applications. The phones themselves come with amazing computing capabilities. And, the number of mobile phone users was projected to exceed 5 Billion worldwide by the end of 2010 according to The International Telecommunication Union (October 2010).

As with so many technical advancements, criminals can spot an opportunity 10 miles off, and they’ve bided their time until this confluence of factors came together.  Prepping for this moment, over the past few years we’ve seen how criminals and hackers have probed for network weaknesses, devices weaknesses, and perhaps most importantly, consumer weaknesses.

Malware attacking phones will come via many methods, including text and multi-media messages, spam, downloadable content, and applications, and through access points like public Wi-Fi, or Bluetooth connections.

Defending Your Phone

Security companies have scrambled to provide mobile security software solutions, and if you have a smart phone, it’s time to purchase a mobile security suite.

TopTenReviews has created an excellent mobile security software comparison chart for consumers that I recommend.

Key features in these programs include antivirus protection, a firewall preventing unauthorized electronic access, antispam, and quarantine protection in real time.

Based on your phone usage patterns, the type of content you store on your phone,  or if you’re helping protect a minor’s phone, some additional features may be of interest:

  • Remote block and remote wipe to protect your information if your phone is lost or stolen.
  • Protection of internal memory and contents stored on memory cards
  • Ability to place phone numbers on either a black or white list – the ability to block people from calling is of keen interest to teens, and a key tool in blocking cyberbullies.
  • Parental control monitoring
  • SIM Card notice so that if your phone is stolen and the thief puts in a new SIM card, the phone will send you a notice of the new phone number to help track down the thief.

There are still far too few consumers that adequately protect their computers – only 37% of home computers are fully protected according to an Oct. 2010 report by Symantec – and this is a real safety, security and privacy issue.

Now, add your cell phone to the must protect list, or you’ll find that if it isn’t protected…. it will be infected.  Get security software and install it today.

For more information about other mobile phone risks and tips, see my blog Using Mobile Phones Safely.


Part 2: McAfee Threat Predictions for 2011 – Exploiting Social Media: Geolocation services

January 10, 2011

This is the second installment of my series covering McAfee’s Threat Predictions for 2011. To make the predictions for 2011 more digestible, I’ve broken each area out to show McAfee’s drilldown on the risk, and what the risk means to you. Click here to read the first segment.

From McAfee Threat Report – Exploiting Social Media: Geolocation services:

Locative services such as foursquare, Gowalla and Facebook Places can easily search, track and plot the whereabouts of friends and strangers. In just a few clicks, cybercriminals can see in real time who is tweeting, where they are located, what they are saying, what their interests are, and what operating systems and applications they are using. This wealth of personal information on individuals enables cybercriminals to craft a targeted attack. McAfee Labs predicts that cybercriminals will increasingly use these tactics across the most popular social networking sites in 2011.

What this means to you

There are two categories of geolocation tracking threats; the first covers the spectrum of malicious or criminal abuse of information as described above. The second category covers the non-criminal tracking and use of your location information for commercial purposes without your knowledge or express consent. A few examples of this type of use/abuse seen in 2010 include Google’s collection of personal data via WiFi networks (See my blog Google’s WiFi Data Collection Larger than Previously Known) and the explosion of consumer behavior and location tracking both online and offline by stores and advertisers (See my blogs The One-Way-Mirror Society – Privacy Implications of Surveillance Monitoring Networks, Managing Behavioral Advertising, and FTC’s Do-Not-Track Proposal for more information on these location/privacy controversies).

To a large extent, the actions needed take to protect yourself from one of these threat categories will also protect you against the other so I’ll address these together.

First, understand that your information, even things you find trivial, has financial value. Whether it be age, gender, relationship status, other demographic information, personally identifiable information, indirectly identifiable information, information about your emotional state, financial solvency, interest in purchasing, etc., information about your preferences of brands, books, movies, music, etc. – you get the point – all of it has financial value to some types of people, crooks, or companies.  Your location information can have particularly high value.

Information has value in entirely legitimate scenarios – to predict the fashions that will be a ‘hit’ next season or to offer you ads or discounts to nearby stores. Or, the value may be for use in legitimate-but-potentially-less-savory scenarios – reselling your data to data-brokers who use it in a variety of ways that you don’t know about, may not appreciate, and which may threaten your privacy or safety.   Or, the value may be for entirely criminal endeavors.

What makes sharing location information particularly valuable – and particularly risky – is that you are physically findable. Your property is findable. Your patterns are discoverable. This risk necessitates the need to make conscious choices about whom you choose to share this with – while erring on the side of caution.

Sometimes the value of your location is in knowing where you aren’t – for example, you aren’t home when you’re tweeting from another city, or across town, making it an ideal time to burglarize your home.  Sometimes the value is in your patterns – if you always stop at a doughnut shop on the way to work, but never stop at a gym, it may be of interest to your health insurance company, or the health insurance company with whom you’re applying for coverage.

Next, you need to identify how these people, entities, or companies are protecting and/or sharing your information with others. How public is your information in the hands of friends? What are the privacy policies of the sites you are registered with? How much information is being collected about you from websites you just happen to visit? What information is being collected about you or your device at the WiFi hotspots you use? See my blog Starbucks Launches Digital Network – 6 Steps to Safer WiFi Use to learn more.

Consider Google’s response to the Canadian Privacy minister during hearings about their WiFi data collection Google’s future plans for its location-based services: Google still intends to offer location-based services, but does not intend to resume collection of WiFi data through its Street View cars. Collection is discontinued and Google has no plans to resume it. [Instead]Google intends to rely on its users’ handsets to collect the information on the location of WiFi networks that it needs for its location-based services database.  The improvements in smart-phone technology in the past few years have allowed Google to obtain the data it needs for this purpose from the handsets themselves.

You may be surprised to find that even many charitable organizations sell your information – including location information – as a way of raising funds. See my blog What’s the Privacy Policy of the Non-Profits You Support? to learn more about this issue.

In many cases a service may not be selling, renting or sharing your information behind the scenes, your location may be the primary information being shared, and shared with a potentially very broad audience. For example, if you’re a FourSquare user, ask yourself if being mayor of a bar is worth a potential increase in your auto insurance premiums, or having a would-be employer think twice about your drinking habits, or the potential impact this could have in a child custody dispute, etc.

Once you understand the potential financial value and potential risks associated with sharing your location information, you are positioned to make more informed decisions about the individuals, entities, or companies with whom you choose to share your location, and to what extent.  My recommendation? Be VERY conservative about giving anyone, any company, or any other entity access to your location information.


McAfee Threat Predictions for 2011 – Geolocation, Mobile Devices and Apple Will Be Top Targets

January 8, 2011

McAfee’s 2011 Threat Predictions report is out, and it highlights the key threats that McAfee Labs researchers expect to emerge or expand over the next 12 months.  In addition to Geolocation, mobile devices, and the Mac OS X platform, threats are also expected against Internet TV platforms, and short URL services. Political ‘hacktivism’ is another area where McAfee researches expect to see more activity with new political groups leveraging the WikiLeaks paradigm.

“We’ve seen significant advancements in device and social network adoption, placing a bulls-eye on the platforms and services users are embracing the most,” said Vincent Weafer, senior vice president of McAfee Labs. “These platforms and services have become very popular in a short amount of time, and we’re already seeing a significant increase in vulnerabilities, attacks and data loss.”

To make McAfee ’s threat predictions for 2011 more digestible, I’ve broken each area out to show McAfee’s drilldown on the risk, and what the risk means to you. Look for a new segment every day; these will contain links to the previous segments if you want to go through the whole lot in one sitting.

From McAfee Threat Report – Exploiting Social Media: URL-shortening services:

Social media sites such as Twitter and Facebook have created the movement toward an “instant” form of communication, a shift that will completely alter the threat landscape in 2011. Of the social media sites that will be most riddled with cybercriminal activity, McAfee Labs expects those with URL-shortening services will be at the forefront. The use of abbreviated URLs on sites like Twitter makes it easy for cybercriminals to mask and direct users to malicious websites. With more than 3,000 shortened URLs per minute being generated, McAfee Labs expects to see a growing number used for spam, scamming and other malicious purposes.

What this means to you

Blindly trusting links has wreaked havoc on people’s computers, game consoles, handheld devices, and resulted in stolen identities, financial fraud, and more. The advent of shortened URL’s however takes the risks to new heights.

It does not matter if a URL (whether in long-form or shortened) appears to come from a friend, a person you’ve followed for some time, or comes unsolicited. Caution is ALWAYS required, as is staying in control of your experience. Instead of clicking on a link, copy the URL into a search engine query and look at the results. Does the site have a positive safety rating? If you do not currently use a tool that shows you the safety rating of websites, start now. Without a tool like this, you have no way of judging if the site is legitimate or going to give you malware, spam, etc… Most browsers now include these tools, and several companies offer standalone services for this. McAfee offers a free service called SiteAdvisor that I’ve used for years.  I don’t care which service you use, just; pick one and use it faithfully!

Don’t be pulled by links that may or may not take you where you want to go. This is particularly true with ‘shortened’ or ‘mini’ links used on sites like Twitter. If you do not have 100% confidence that the link is going to take you to a legitimate site, look up the material yourself. To help you learn how, I’ve written the blog Mitigate Risks When Using Shortened URL’s.

And, since McAfee didn’t toot their own horn in their report, let me also mention McAfee’s relatively new Secure Short URL Service that tests the links for your safety. You can learn more about their service in my blog New Secure Short URL Service from McAfee.

Coming up in my next blog: ThreatExploiting Social Media: Geolocation services