Saturday, December 31, 2011

Daily Social Scam Report (12-31-2011)

 Time for the last social scam report of the year!

  Celebrate 40 years to Starbucks, Get a $50 Giftcard (Limited Time Only):

    One of the new social scams to start spreading around are Starbucks gift cards. Like always free facebook gift card offers on Facebook are scams 99.9999999% of the time and I highly recommend you do not click on the link and inform your friends they are scams by pointing them to a site like IGL-Security. So please avoid this scam.

 Receive a free $50 Walgreens Giftcard (Limited Time Only)

 Just like the Starbucks scam you will not be getting anything with this Walgreens gift card message so please ignore them.

Sunday, December 25, 2011

Common Malware Alert!: Ping.exe

 You may have accidentally visited a malware infected site and have some new weird file called ping.exe running in your process taking up a bunch of CPU. Well as I have been monitoring the trends of malware removal at the GeeksToGo and Bleeping Computer Malware removal forums I noticed a bunch of people have been complaining their machine has this Ping.exe file running. The first thing to note is that not all of the ping.exe files are bad so if you see it on your machine it does not mean you should go and delete it. If your computer is acting weird don't panic and start downloading computer security software left and right. Instead stay calm and go follow the directions at a site like GeeksToGo Malware Removal Forum or Bleeping Computer Malware Removal forum.

 This infection family seems to be spreading quite actively at the moment so make sure you keep your AV program updated with the latest program version of database version. Also make sure you copy of Windows is updated with the latest patches.

Tuesday, December 20, 2011

Be on the lookout for Phone Scammers

 As I was on twitter this morning I noticed a tweet from my friend that said their grandparents were called by a scammer saying that he was in jail and needed cash. The story went like this:

 "An unknown person called my Grandparents today sobbing and claiming to be me. He claimed to have driven with two friends out to Las Vegas to attend a friends mom's funeral. (The friends mom was only 44.) While there the friends that he (purportedly me) had driven with got drunk and we were in a car wreck and he (I) broke my nose and was jailed yesterday and spent the night in jail. His nose was broken. He begged
Grandma not to call my parents, since they didn't know yet and he wanted to tell them himself, and promised he would as soon as he got home. He was now with the public defender and was calling to get money to post bail. Ultimately it boiled down to needing $4,225 today so that he (I) wouldn't have to spend another night in jail"

 So please remember to always check the whole story out if you get a call like this and don't give any more until you are really sure this is them. It is unclear so far how the name was leaked along with their phone number so if you get a call like this make sure you check all your online accounts to make sure nothing was leaked out. Make sure you inform people you know that may fall for this that scams like this are going around (especially in this holiday season).


Be on the lookout for Christmas Scams

 So as this Christmas season comes upon us the scammers will most likely start trying to take advantage of those looking for last day deals. So please be on watch for these scams and have a Merry Christmas

Monday, December 12, 2011

SparkTrust Review

 I learned about SparkTrust after twitter from fellow security researcher Jerome tweeted that he was now working for the company and the malware research site he runs would be continued to be ran partnered with that company. I later saw a tweet about a free site vulnerability report that they were offering so I decided to take look at it. You may have noticed a link to it from the Webmaster Security tips page here on the IGL-Blog. After doing some research on it and trying it out myself I have became a partner with them because I thought the service is handy. Now I will review it for y'all looking for Website Security Services or programs to help protect your website and it's reputation.

 To get started was pretty simple, just fill out a short sign up sheet giving URL, email and other simple details. You will then be given a choice to either A. Upload a file to your web server or B. Add a meta-tag to your site's html. After a small issue with the way blogspot handled HTML Validation everything was good (thanks to the help of Jerome) and SparkTrust did a sweep of my site and sent me a report to my email.

 The report included a lot of information of what it found, but on top of that it was written in clear easy to understand language. It was clear enough that I think I could recommend it to someone who did not like to spend a bunch of time reading into computer security techniques. How ever this is just what the free vulnerability service provides.

 SparkTrust offers other services (which I have not go to test) which offers website owners access to a dashboard that provides over all status for all the sites they manage, malware blacklist monitoring, site malware removal service, access to experts that can help you secure your site. Overall this seems like a very handy service that is simple to use for web masters that don't want to spend a bunch of time researching and finding out about website security but still want to keep their site(s) secure. I highly recommend you check out their free report and see if it can come in handy for you.

Social Scam Report 12-12-2011

 Another new scam is starting to make it's rounds through popular social network site Facebook as reported by FaceCrooks.

 The scams main message is "Wow! Do you remember this photo?" and then below the post is a bunch of randomly tagged friends. Taking a look at the VirusTotal reports for two of the links only Kaspersy is reporting them as malware. I have not taken a deeper look at the links and what they go to so please keep an eye out for links like this.

 The next time of scam that has been going around recently (especially in this Christmas season) are the free gift card scams. Doing a quick search I have ran into the following:

 Get a Free CostCo Gift Card (Limited Time only - for all Facebook users)
 Get a free McDonalds Gift Card
 Get a free Amazon Gift Card (Limited Time Only)

 If you see any friends post one of these inform them its a scam and they will not be getting a free gift card.


Thursday, December 8, 2011

Twitter Spambots taking advantage of VA Tech Shooting

 As most of you may have heard today another shooting took place at Virginia Tech. In fact all day today #VirginiaTech has been trending on twitter as people have been searching for news. Well because of this Twitter Spams have starting attempting to take advantage of those keeping an eye on that trending topic. While watching the trending topic you may have seen tweets like the following:

 My ex say im ugly, can you look at my FB pics and DM me wah u think?

 Can you DM me & look at my FB profile n tell me do I look fat 2 u?

 My ex says im fax can u look at my fb pix & dm what you think?

 The spam messages are spreading through a short google url. They learn either to some random url or to a blogspot blog. Scanning on VirusTotal reported all avs found the html of the site clean, doing a URLVoid said only MyWot found it suspicious. So please do not click these links are report them to Twitter as spam.

Wednesday, December 7, 2011

Comodo vs AV-C Part 3

 At first it seemed like things were over between Comodo and AV-C however it seems like the public discussions between them are not over. Comodo has offered to pay AV-C $50,000 to have an auditor confirm that AV-C tests are really independent. AV-C has since responded saying they are already in the process of getting ISO 17025 accreditation and requested that once they get accreditation that the 50k gets donated to a charity of AV-C's choice.

 So we once again must wait and see what happen, and wait for the results of AV-C accreditation. It's nice that AV-C wanted the money donated to a charity and I hope the money goes to good use.

Tuesday, December 6, 2011

Do you trust your download site?

 CNET is one of the internets most popular download sites. Out of all the download sites out there from CNET is normally my first pick to grab files when I need to download something. Looking at the latest Krebs on Security report it seems that CNET is not including PUPS (Potentially Unwanted Programs) with their download. One reported install users are getting if they don't pay close attention to their install is the Babylon toolbar. Users have reported issues with trying to remove the toolbar completely and I have seen some people go to sites like GeeksToGo for help to remove the toolbar. Some blogs have even reported getting the toolbar when attempting to install security software, which in my opinion is slightly funny because most of the time users are install security software to remove toolbars not add them. Now it's important to note not all CNET Downloads are offering the toolbar, I just download Panda Cloud from CNET and got the same installer I got when I downloaded from the official Panda Cloud site.

 So it all comes down to can you download site be trusted. Personally I don't feel it's right to include these PUPs with your download. Now it would be different if this was some well known vendors toolbar (Yahoo, Google, Bing, Aol) for they are trustworthy but instead it's a toolbar that people have been having issues removing. So until this whole thing gets cleared out I will be using other download sites such as Softpedia or I will just download the product directly from the vendor.

Monday, December 5, 2011

Daily Social Scam Report (12-5-2011)

 For a while the profile view and profile stalker Facebook scams calmed down, however they are back in full swing now. Here is the look at the latest social scam messages:

LOL,friends ! I got my Top Boy stalker and Top Girl stalker of my Profile ! That's a so Sick ! check yours

 This message is spreading through a social app called Profile Activity and is leading to a shortened URL. Like it was before its a scam so please don't click on it.

My total profile views today: (random number)
Male Viewers:(random number)
Female Viewers: (random number)
See your total views and who is viewing you here:

 Once again this is a scam so please ignore any posts like this. Now lets look at some of the scams going through twitter at the moment.

 My Total profile views today: X Male viewers: X Female Views: See your total views and who is viewing you.. (url)

 Twitter does not let you see who is viewing your profile so those links are scam do not click on them.


Why YouTube tests don't show the full picture

 YouTube Antivirus reviews, some like them other do not. What makes these tests so popular and what dangers can you face by relying fully on YouTube reviews?

 YouTube Antivirus tests do have some good things going for them:

 1. Users can see the UI, Alerts, and the program in action before they install it on their machine. That way they have some idea of what they are getting in to when they install the program.

 However although YouTube Antivirus Tests bring users closer into what is going on YouTube tests also have a lot of problems.

1. The Sample size is not very large: A majority of YouTube tests only test Antivirus Products against 10 samples. Ten samples out of all the malware out there is not a good way to judge how good an AV product is. You need a lot more samples then that to get a good idea how an antivirus is.

2. Not enough sources of malware: Most of the time the malware urls in YouTube Antivirus tests come from popular well known malware black sites such as MalwareDomainsList (MDl), MalwareBlackList, ScumWare, and so on. The problem with this is that all the antimalware vendors are aware of this site and are most likely importing results as they become available. So it does not show a true picture of ZeroDay malware detection rates.

3. The test is done on one machine: Just because the product is light on the video machine does not mean it will be light on your machine

 Although my list of bad things is longer then my list of good things I still find it useful to watch YouTube reviews of AV programs to see what the UI is like and what the alerts are like. So if you watch YouTube Antivirus tests don't take them as an 100% accurate showing of how good an AV is.

Thursday, December 1, 2011

Dear Apple,

 Some of you may have recently seen the reports about Siri not telling anyone where abortion clinics are. Now I am not a huge Apple fan, I do not own a single Apple product in my home at the moment. However I want to say one thing to Apple: Please don't change the way Siri works. I am glad that the Tim Tebow ad was shown on national TV, people need to stand up against Abortion and the murdering of these kids. I want to encourage Apple to to be the same way and to stand up against something that is wrong..

 I am glad that Siri is refusing to help in the killing of innocent children and I honestly hope it stays that way. Remember what Exodus 20:14 says, it says "You shall not murder". Abortion is a form of murder, its the murder of unborn children.

 So Apple what do you say? Will you take a stand and keep Siri the way it currently is or will you change it just because someone asked?