Monday, March 28, 2011

My top stalkers hitting Facebook hard

 The My Top Stalkers fake app seems to be making a huge wave through Facebook at the moment. I notice a large amount of traffic going to the "My Top Stalkers hitting twitter" recently so I decide to take another look into what the scam was spreading on facebook was.

 The spam wave is currently spreading the the following spam social apps:
   111
   ,,,,
   ....
   ,.,.
   .,.,
   count your prof visits

  The message is is spreading is the following:

 My Tops Stalkers:
  A. Random Friend Name with X number of views this week
  B. Random Friend Name with X number of views this week
  C. Random Friend name with X number of views this week
  Find yours @(Bad App Link)

 Or this recently discovered message

I cant believe that you can see who is viewing your profile! I can see the TOP 10 people and I am really OPENMOUTHED that my EX is still checking me every hour. You can also see WH0 CHECKS YOUR PR0FILE here:- (Bad App Link)


Like always these apps are scams and can not tell you who is viewing your profile and how often they are viewing your profile weekly. To remove the spam apps go and remove the app from your accounts list of approved apps, delete all the posts it makes, and then finally change your password to be on the safe side. Remember if you see any friends spreading these fake apps point them to the blog so they can be able to get rid of it and stop spreading it.

Saturday, March 26, 2011

How to stay safe from Malverts

  Malverts have been a major topic recently. With Spotify getting hit from Malverts, and a report from Sophos (Sophos Article) that Facebook had some Malverts. Malverts have been spreading all over major ad supported websites. If you don't know what a Malvert is: A malvert is a malicious advertisement that leads to exploit code to infect machines with un-patched software.

 Most of the time these attacks target popular applications such as Adobe Reader, Adobe Flash, Internet Explorer, Firefox, Java. These programs are on machines everywhere and many users ignore the "Please Update your program now" alerts.

 These type of attacks come from many different sites. A friend I know got infected by a TDSS rootkit just be visiting a very small blog they got from an email news letter. They went to the site and as soon as it started to load Java started up and loaded up the rootkit/fakeav onto the machine without them even clicking anything. These attacks can come from a super popular site which many visit or a small unknown site that just got an infected ad by some random chance.

 Now for some prevention steps, now they may seem simple but they will keep your deeply lower the chances you have of getting hit by a Malvert.

 1. Keep all your products updated. Take some time each week (or each month) to make sure all your products are updated and have all the patches installed. It may seem like it will take much time but would you rather lose your personal data or take some time for preventing it from happening. Always remember those update alerts are there for a reason, to keep you safe from exploits.

2. Keep your security products up to date. This seems like simple advice but many either ignore the fact their av is not updated. Or decide its not worth it to subscribe to their av for another years worth of protection. Your security software is your line of defense, you take the time to replace your home locks when they break so you also must tune your pc like you do your house.

3. Use a secure dns service as an extra layer of protection. Blocking malware urls from the source will prevent the malverts from even having a chance at loading. ClearCloud from GFI/Sunbelt is a very good DNS service to protect the machine.

4. Use an Adblocker. If you use Firefox (which I recommend) I suggest adding Adblock Plus to help prevent ads loading. Without ads you can't have malverts/

Friday, March 25, 2011

Spotify Free ad system hit with malware

 Users of Spotify may have gotten virus warnings while using the Spotify service the other day. A 3rd party ad which contained exploit code went through the system of free users the other day. Researchers seem to have detected it as being created with the "Blackhole Exploit kit" and the Java Trojan attempted to drop other trojans on the machine. The exploit worked through outdated software vulnerability's which opened the machine to attack

  Spotify has pulled all 3rd party ads from their free user service as it looks into what ad caused it and more prevention steps to prevent this from happening again.

 I would like to encourage everyone to take the time to update all their software on their machine to stay safe from these types of attacks that can happen at any time. The warnings in your tray icon about software that needs updated are there for a reason.

Thursday, March 24, 2011

Be on the lookout for Rogue SSL Certs.

 Attacks can come from many different entry points. Trojan Downloaders, Phishing sites, usb worms, I am not going to name all the entry points attacks can come from. However today's topic will be on Fraud Certificates. Some of you may have already read about this story but I will give a quick overview.

 Someone got the passwords of one of Comodos trusted partners and bought the following domains:
• login.live.com
• mail.google.com
• www.google.com
• login.yahoo.com (3 certificates)
• login.skype.com
• addons.mozilla.org
• "Global Trustee" 

 These Certs would normally be used to verify the sites identity to users. However they can also be used to reroute to a different URL or load you into a phishing site.

 Users of Firefox and IE 9 are already protected. Users of IE 8 will need to turn on "Check for Server Certificate revocation" in the settings. Microsoft has pushed out an update that will also remove privileges, you can get that by updating Windows through Windows Update.

 I also highly recommend you read these two other blog posts on the topic. I will keep y'all updated if new news breaks out:

 Sophos Article
 F-Secure Article

  

Tuesday, March 22, 2011

Firefox v4 Released

 Today Firefox v4 has been released. As y'all know I have posted before about how I use Firefox and I have recommended security tools that work with FF. Now I have been playing around with the new version of Firefox and I must say its my favorite version of FireFox yet.

 For those of you who have not tried the latest Firefox I highly recommend that you try it. The new UI is 100% amazing, its quicker now also. Overall its very good. Like always its still secure and with the many addons you can get (I recommend AdblockPlus and Ghostery) you can really have a secure browser.

 You can get the latest version of Firefox here: Firefox Download

Monday, March 21, 2011

Get Panda Cloud PRO FREE for 6 months

 Do you want to try Panda Cloud PRO for free? Well then this offer is for you. Panda Security is offering a free 6 month copy of Panda Cloud AV pro in a special giveaway offer. All you need is a Facebook account and you will have access to a free 6 month copy of Panda Cloud PRO. Here is what you need to do:
 
 1. Go to Facebook and log on

 2. Go like the Panda Cloud Facebook page

 3. You should then get an offer to get Panda Cloud pro free, download the file it offers you.

 4. Enjoy your new computer security program

  I highly recommend Panda Cloud AV, I have been using it on all my machines for a while now and I can say its very good. It has never caused any of my machines any issues and best of all its very light. I have ran it on some very old low ram machines and it still ran like it was not running at all.

Sunday, March 20, 2011

So how much new malware do Anti-Malware vendors see daily?

 Most of the time when you think of an AV you think of detection not the work behind it. You use an AV product and say nothing when it works fine and most people complain when it's not working properly or misses malware. However as the amount of malware rises Anti-Malware products are turning to different techniques (Sandboxing, Cloud Detection) to protect against the quickly growing threats. Now you may think to yourself the malware prevention problem is not that bad, but with the amount of threats coming out each day its quickly growing harder harder to detect all the malware. A report that I have just seen today says PandaLabs see's about 73,000 new malware variants every day. 73k thats an amazingly high amount of malware coming out each day.

 I highly recommend you read the report here: http://www.securityweek.com/new-malware-jumps-73000-samples-every-day-says-pandalabs

Saturday, March 19, 2011

Social web may be the new top place for fraud

 Social web is a very popular place for scam, spam, fraud, and malware. If it was not a popular topic you would not see many article or blogs (like this one) that talk about it so much. Now as I opened up my homepage today (Yahoo) I saw on article talking about the "Biggest Facebook Security Threats". Now judging by the amount of people (68K!!! Now that's a lot compared to the amount of hits this blog gets) I figure it was a pretty popular article so I decided to read it. Now you can read the article here: Article this article did contain a lot of good advice but I still felt it missed a few tips. Now don't take this as I disliked the article it clearly put out good advice on social web scams but I felt it should have talked about those "Who stalked your profile" or "Get a free Ipad" scams that seem to be hitting all the social networks very hard all the time. So I want everyone to remember these tips:

 1. Do not add people you do not know. That one is very important because I know people break that all the time. Look over at the popular Facebook games fan pages. Most of the time people are saying add me and I will help you do this in this game. Adding a person just so they can help you in a game is not worth having your identity stolen. Just because they say they will help you on a game does not mean they will.

 2. If it seems to good to be true it most likely is. If someone says they can tell you who is stalking your profile or say they can get you a free Ipad for testing its highly likely that its a scam. As the common saying goes: if it is to true to be good it most likely is.

3. Lock down your profile, do not leave it open for all to see. That's a huge security risk to leave everything open. If you leave it all open everyone can see your photos, possibly your current location, you email address, and possibly your cell phone. Lock your privacy settings so only your friends can see your information.

 Finally while reading the articles I noticed in the comments people saying the only way to be safe is not to have any social networking memberships at all. You can be safe online while still being able to enjoy it. If you take the right steps you can have lots of fun on Facebook without having to worry about someone stealing your information.

Thursday, March 17, 2011

Who stalked your profile today? Fake apps won't tell you

 Its back!!! The "my ex is still stalking my profile" scam message is spreading around twitter again, this time however the message its spreading has changed a little. However like always it still another scam and its spreading around twitter quickly. Also it seems to be spreading very quickly and the number of fake posts on twitter is quickly rising.

 The fake message that is spreading is the following:

  OMG (random number) people viewed my Twitter profile TODAY! I can see that my ex is stalking on me! Check your stats: (Bad app url)


 At the moment it is posting directly from the web and from the bad social app Profile Views. Like always it leads you to a site that asks for access to your twitter profile so it can spread through your account. It will either ask your for account ID info or ask you to take a survey so they can get some cash. 


 To clean up your account go into your settings and remove the bad app/url from having access to your account so it can not spread again. Then delete all the posts it made on your account so you don't help spread it. Finally I would recommend to take the time to change your twitter password so you can be on the safe side. Please also inform others of the scam because it is spreading fast. So far 222 tweets have been spreading this fake message since I started to type this up.

Wednesday, March 16, 2011

Watch out for attachments that say they are from the UPS/FedEx

 Malware writers attempt to get your machine infected by using what looks like a normal email from your post office or shipping company saying your package was not delivered or that it will be delivered. In that email you will have an attachment (which many times is made to look like a office document) and when you open it you are infected.

 These infected emails are being sent out around the world from spam emails and bot infected machines. Make sure you keep you av updated with the latest database and watch out from random emails with attachments. I am watching my SpamTrap for any emails like this and if I get one I will inform y'all.

Free Ipad 2 scams once again hitting twitter hard

 Now that the highly popular Ipad 2 has hit the stores the scams have been hitting twitter. They are all linking to different websites where they will either try to get you to take a survey, give away your email address so they can spam you, collect credit card ids and pins so they can spam you. As I am typing this message the number of spam/scam websites being posted it rising quickly. Here are some of the messages that you will see offering them spam/scam.

 No Joke! (I almost Thought it was also) You Can Now Get a Free Ipad 2 (Bad url) 


 Wanna an iPad 2 completely FREE?? Get it, there are still available for FREE at (bad url)


Limited Time: Get the NEW Apple iPad 2 For FREE! Go Now! (bad url)

 Hey, if you want a new iPad 2 for FREE, go to (bad url) They are having a secret giveaway!!! :)

I may be the first to get an iPad 2 for FREE! :) You can get one on (bad url)


I will stop listing them now because the list of fake messages goes on and on and on. Like always these are all a scam. If your news feed starts spreading the message make sure you delete the posts and change your password. If you see friends start spreading the message make sure you inform them its a scam and tell them to delete the posts.

 

Tuesday, March 15, 2011

I have spent X hours on Twitter scam hitting twitter

 The scam that I have written about in the past seems to be making another strong round through Twitter. Using the following spam messages:  

 Hey I have spent 19.1 hours on twitter. Chec yours (bad app link)


 Awesome I have spent 44.1 hours on twitter. Beat that (bad app link)


 I have spent 11.9 hours on twitter. What about you: (bad app link)

 My twitter clock says I have spent 12.7 hours on twitter. Check it (bad app link)

 In front of these messages a popular search term is posted (example: Japan -> (bad message/link) this puts them into some of the top searches on Twitter and other social sites and gets them more clicks on users that are searching for updates on popular topics and events. Each of these bad urls takes you to a (badurl)/tweet-timer/ site. At that site it was request that the app can access your twitter account so it can check how long you have been on twitter. It then will start spamming your twitter feed and then ask you to take a survey. Once you take a survey you will be signed up for some un-needed service and the scam/spam creator will get some of the cash. Like always you will be spreading fake times for no app can tell you how long you have been on. These types of attacks are like the LikeJacking attacks you see on twitter, it seems soon ontop of Likejacking you will see Tweetjacking.


 To remove this delete all the tweets from your twitter feed, remove the permissions the site/app has in your settings so it can not start spreading again and then finally change your password to be on the safe side. If you see anyone else that is spreading the spam make sure you point out to them its a scam and show them an article like this blog on how to remove it.

New round of who is stalking your profile scam

 Yeah even though I have been blogging about the Twitter "Who is stalking you" scams recently Facebook still has many going through it. While doing my scam research I ran into a new variant of the scam which seems to be going out through email. The message is the following:

 wow just saw my total facebook views and top stalker: Girls- X Boys- X to the person viewing my profile the most lol ...i will be talking to u about that ... see whos stalking ur page asap lol - (bad app link)

 The use of LOL does make it seem like a normal user and I guess if you see a friend that types LOL a lot post that it would seem more like a regular user.  Like always watch out for the scam and if you see a friend post it inform them it is a scam and have them delete the posts/app/change passwords to be on the safe side.

Monday, March 14, 2011

How addicted to Twitter are you?

 Yup the long time Facebook scam (How addicted are you to Facebook) seems to have jumped into the world of twitter. Under the message: How addicted to twitter are you. The app spreads the following message: : I am 48% addicted to Twitter (bad link). The percentage of the app is random I see some with 90% some with 10%. If you see this in your newsfeed make sure you delete it. It does not seem to be its own app this time but instead spreading through the web. Somehow you will eventually be linked to some survey to make cash for the scam writers.


 Remember these apps can't give you all this correct info, on Facebook or Twitter so make sure you stay away from these "to good to be true" scams.

80% of Children under 5 are already using the internet

 Its amazing how quickly the world is changing and parents are letting kids surf online. According to an article that came out on Mashable (http://mashable.com/2011/03/14/children-internet-stats/). It amazing on how many parents are letting their 5 and under children go online daily and even have Ipods to go online when they want.

 Thinking back when I was 5 I was never really online. High-speed internet was not really out yet and everyone had dial up. Cell phones did not have wide spread use and it was common to call people and be informed it was busy. Ipod touches were not even out yet, plus tapes were still very very popular.

  Its interesting to look back and see how things have changed. I just hope that all these kids under 5 have parents watching where they click.

Wednesday, March 9, 2011

When the virus uses an Antivirus

 Now you may be confused by reading this headline, I will admit I was confused also when I just saw the headline. Now the article I am talking about comes from AVG security labs blog. You can see the article here: http://viruslab.blog.avg.com/2011/03/virus-uses-antivirus.html . Its a very interesting article that shows the malware writers are willing to use an AV program to work against the user as a malware tool. I highly recommend you read it.

Tuesday, March 8, 2011

From TweetViewer to TweetStalk: The spam wave is hitting twitter again

 Well I guess the spam writers are thinking the third time is the charm because TweetViewer scam that has been making rounds a lot recently has taken to twitter again. This time it is no longer under Tweetviewer but under the name TweetStalker.

 The message has not really changed since the last time. This is the current message: I just viewed my TOP10 Profile STALKERS. I can't believe my EX is still checking me every day - (Bad goo.gl link)

 The other common message is: WOW! You can see WHO VISITS your TWITTER profile. That's fun! :)- (bad app link)


 Like always it will most likely lead to a scam or spam service to make the spammers money. They app will not not tell you who your is viewing/stalking your profile. Also remember deleting the tweets is not enough, you must remove the scam sites permission to access you account or else it can come alive again. Also it may be a good idea to change your twitter password to be on the safe side.


 I will be watching for changes and reporting them as I see them.

Monday, March 7, 2011

What do you get when you mix a Who's stalking you scam with a profile view count scam?

  A combo scam! While doing my scam/spam hunting I ran into a two for one deal on Facebok scams. Instead of offering to scam site (one that says it can tell you how many profile views you have and another to tell you who's stalking you) scam/spam makers on spreading a site on Facebook that says it can tell you who is viewing your profile the most and who is stalking you.

 The different with this one is that its a lot of random url's spreading it instead of an app spreading it so facebook can not just disable the app. The site is spreading the following message: This is strange, why is she checking my profile so much?... so like all the other scam apps/sites it tempts you that it can tell you who is viewing your profile the most.

 Like always this site can not tell you who is viewing your profile, social app's can not tell you either. I highly recommend that you do not click on any "who viewed your profile" and "who's stalking you" apps/sites because all of them are fake and will not give you true answers.

Sunday, March 6, 2011

TweetViewer scam back alive

 The TweetViewer scam that has been spreading through Twitter is back alive. The old social app "Who viewed y0ur profile" does not seem to be active and it now spreading it scam under the app name TweetViews at the moment. This app seems to at the moment be spreading the following message:

I just viewed my TOP20 Profile STALKERS. I can't believe my EX is still checking me every day - (Bad App Link)

 Its url is spreading through a goo.gl short link and it seems to be spreading rapidly. In the first few moments of me having the search window open is said I had 375+ new scam tweets so I hit refresh. Now that I just checked it again it says I have 455+ new tweets to view so as you can see its spreading rapidly.

 Just in case you are wondering why a scam/spam/malware writer would do this, like most scams it's all about the cash. They could start spreading links to malware and infect users machines. They could take the users to a website which they would take a survey and collect some cash. Or they could tell the users they need to sign up for a service in order to see who viewed their profile and get users to sign up for something they don't need.

 Another thing is to keep in mind is that just deleting the tweets the spam app makes is not enough. You must also take away the access it has to your account in your settings. If you don't take away access it can start spreading again any time it wants. 

Saturday, March 5, 2011

TweetViewer scam made another round through Twitter today

 The TweetViewer scam has been making some big news recently. It has became so popular that TechCrunch wrote an article about how its a scam and you should not go to the link TechCrunch Article. So I did a search on twitter to see if any of the scams were still alive. Gladly Bit.ly's spam filtering has the links blocked at the moment the short url it was using but it may come back at any moment under a different url/name. Be on the lookout of the scam and make sure you do not click it.


 Note: At the moment the app is still alive, however the current shortlink is dead. If they update the app with a new URL it can start spreading again till you deny it access from your list of permitted sites and services. I will keep checking on it to see if it wakes up again. 

Friday, March 4, 2011

Free Ipad 2 scams start showing up on twitter

 Just days after the Apple Ipad 2 announcement spammers are already attempting to spam out scams to get a free Ipad 2. Even though the Ipad 2 is not out yet spammers are telling users if they visit site x they will get a free Ipad 2. Like always these are scams and you will not be getting an Ipad 2. I have also noticed some users posting if they mentioned the Ipad/Iphone in their post they got a DM offering them a free Ipad. Watch out for all these scams spreading around your favorite social network. Remember if it sounds to good to be true it most likely is not true.

New beta tools being added to the blog

 You may have noticed that I have been adding/removing different widgets today. I am sorry if its driving you crazy as I mess with the site. I ran into these new Blekko widgets while reading online and I wanted to test them out. From reading it seems these Blekko widgets are very new so if they keep acting odd just know they are a beta. If you have any suggestions for new widgets leave a note in the comment section and I will look into them.

Firefox Addons to help protect your machine

  I am a FireFox user, and I personally love testing Firefox adds to help add security. Some add-ons I have liked some I have not but I have found a couple good ones. While checking out the blog stats I noticed that a majority of all the readers use Firefox, since a majority does I wanted to share my two Firefox add-ons I recommend to add security to your pc.
 
 1. Adblock Plus although its main function is an adblocker it has saved my machines more then once from hacked ads. This is a very simple add-on to use, and I have never seen it cause any issues on any site I have been on.

2. Ghostery is my other favorite add-on. It blocks web trackers that attempt to track you. Using both of these apps provide a nice extra layer of security

Thursday, March 3, 2011

I have been on Twitter for X hours scam

 The old "I have been on Facebook for X hours" scam has gotten a make over. Its new look is the "I have been on Twitter for X hours" scam. Now twitter users are spreading the fake message, and allowing the scam writers to make some more cash. The twitter-version of the once only Facebook scam is the following:

(Bad app link) I have been on twitter for 187 hours! Check out how long you spent tweeting.

 As you can see the fake scam messages you normally see on Facebook are expanding over into the Twitter-World. Just yesterday I blogged about the "Who's stalking your profile" scam that was spreading quickly in the the twitter-world yesterday. You can see how quickly scams change in the twitter-world because if you attempt to look up who's stalking you now you will not see the large amount of scam posts that were up yesterday.

 Remember to also watch what you click on your favorite social networking site because if you allow an a bad app to access your profile you will be part of spreading the scam.

Wednesday, March 2, 2011

My top profile stalkers are spam wave hits twitter

 Facebook is not the only one that has been hit with the "who's viewing your profile" spam. While checking out blog stats I noticed I was getting a wave of traffic from users searching for "My top 10 stalkers on Facebook" and "My top 10 stalkers on twitter". Since getting a wave of traffic from one topic is not normal for my blog I decided to take a look into what was causing those a hits.

  A quick twitter search showed me why people were searching for it. A fake spam wave of "Top ten stalkers"  was spreading through twitter accounts. Instead of saying they could see who was viewing your Facebook page they were saying they could see who was viewing your twitter page. The fake message looks like the following:  I just viewed my TOP10 Profile STALKERS. I can't believe my EX is still checking me every day - (Bad app like) and is going under the app name: Who viewed your profile?

 Like the Facebook variant of this scam none of these Twitter apps can show you who is viewing your profile and if your twitter account starts spreading this message make sure you delete all the tweets so no other users click the link.

Mobile Malware: A rising threat

 Although most malware targets Windows based machines Mobile OS malware is on the rise. Today around 21 app's were removed from the Android market place and Android phones are the world due to malware being discovered inside the app. Reports say the malware app's had a large amount of downloads. Like much Windows malware they came in the form of cracked/pirated apps.

 As you can see when a OS rises to popularity malware writers start targeting it. Some reports have said the infected apps were pirated versions of popular mobile apps. Remember to always get the legal version of every app you have, mobile or desktop versions.

  Source: http://reviews.cnet.com/8301-19736_7-20038240-251.html?part=rss&tag=feed&subj=TheDownloadBlog

Tuesday, March 1, 2011

Why using an Ad blocker can help protect your machine

 I personally never had to start using ad blockers to last year. Up till then I just ignored the ad's as long as they were not video or popping out in front where I was reading. That all started changing late last year. Late last year when ever my parents attempted the check their email a fake av took over the screen. After I researched it a bit I found the URL that caused it and after a little more research I found what was loading it. It turned out in the end a hacked ad script was pointing the users to a fake av site.A quick install of Firefox with Adblock Plus took care of the problem and they were able to check their email without any Fake AV's taking over the screen.

 So as you can see an AdBlocker can be counted as a malware prevention tool. Ever since our home had that problem with ads I have been running an AdBlocker as a malware prevention tool. Now you may say that blocks sites from making money, I unblock trusted sites they I personally think have a lower chance of having an infected script start loading. I also have a DNS blocker that can block Malware ads before they can even have a chance.

Facebook is not closing on March 15th

 The rumor that Facebook will close down March 15th keeps rising then dieing. Even though its a false story it still has caused panic in the social world. I have seen people updating their status saying now that Facebook will be gone they will be at social media site x. I see people rapidly spreading news about this on friends walls and telling them to prepare in case it shuts down. Like many other stories that rapidly spread on Facebook, this story is fake and Facebook will not be shutting down March 15th.

  So you don't need to worry about spreading this false news, if you see a friend that is spreading this you can kindly point them to a blog post like this and show them it is highly unlikely they would just shut Facebook down without notice. If Facebook were to ever really close down you would seen every major news network talking about it and much advance notice to grab everything off of it you wanted.

Facebook shutting down on days that don't exist

 A report has just come out today that Facebook is shutting down Feb 29th till the 31st. Now you may think that is just another scam and read over it. However if have been paying attention to your calendar none of these dates exist this year. Yet many people did not pay any attention to that and have been spreading the message quickly around Facebook. Like always check if what you spreading is true, and check the calendar and make sure the date is real.

 Source: http://www.msnbc.msn.com/id/41838059/ns/technology_and_science-security/