Homer's PSA's

[Homer]

Local Bank Scam:

Fox Chase Bank. Websense Security Labs has received reports of a new phishing attack that targets customers of Fox Chase Bank. Users receive a spoofed e-mail, which claims that recent security improvements to the bank's servers require users to verify their account information.

[Homer]

The "New Coke" Scam


June 19, VNUNet - ID thieves purport Coke l.o.t.t.e.r.y win. Security experts have

published details of a newly discovered e-mail-based fraud that tries to

ensnare recipients with a bogus notification purporting to be a l.o.t.t.e.r.y win

from Coca-Cola. The e-mails, which have the subject line 'Coca Cola

Promotion', have been spammed out to Internet users claiming that the

recipient has won $2.5m in a l.o.t.t.e.r.y held by the soft drinks firm earlier

this month. The recipient is told that they are one of 50 lucky winners

around the world selected randomly after computers found their e-mail

address on Internet Websites. To collect their winnings, people are told to

call, phone, or fax an agent who claims to be working on behalf of

Coca-Cola. However, security firm Sophos warned that the spam is a ruse to

steal personal details, and that the scammers can use the information to

steal money from bank accounts and commit identity fraud.

[Homer]

June 16, Sophos - Spammed Trojan claims Bush/Blair Middle East oil cover-up.

Sophos has warned of a Trojan horse that has been spammed out to e-mail

addresses disguised as a message claiming that George W. Bush and Tony Blair

are conspiring with oil companies to push up petrol prices. Other disguises

being used by the hackers to distribute the Trojan horse include news

reports that Osama Bin Laden has been killed or Michael Jackson has

committed suicide, CCTV photos of an alleged university rapist, and requests

for a photograph to be approved for a magazine. The Troj/Stinx-W Trojan

horse has been spammed out in e-mail messages, which can have a variety of

subject lines including "Petrol Price Conspiracy," "Campus Student Raped,"

or "Bush and Blair Conspire.

[hades]

thanks for posting.

[Homer]

June 21, Websense Security Labs - Malicious Code Alert: SMS lures for Trojan

bot. Websense Security Labs has received reports of users being lured to

install malicious code via Short Message Service (SMS) messages (also known

as text messages). Victims receive an SMS message on their mobile phone,

thanking them for subscribing to a fictitious dating service. The message

states that the subscription fee of $2.00 per day will be automatically

charged to their cell phone bill until their subscription is cancelled at

the online site. Users who visit the site to unsubscribe from the service

are prompted to download a Trojan bot. The site does not attempt to exploit

any vulnerabilities; instead, the attacker provides instructions to bypass

the Internet Explorer security warning prompt. This bot is Dumador variant

and is controlled by the Webbased HTTP controller.

[Homer]

Peer-to-peer (P2P) networks such as Limewire, Kazaa, Grokster, and others aren't helping

to quell the increase in crimes committed via the Internet. The Internet

cultivates careless and ignorant use of P2P applications as a major part of

the current identity theft problem. People who use P2P applications to

download music, software, and photos may leave themselves wide open to

identity theft by simply being unaware of their computer settings. "One

woman's credit-card information was found in such disparate places as Troy,

MI, Tobago, and Slovenia. Why? We found that the "shared" folder in her

music-downloading application was in fact making readily available her

entire "My Documents" folder to that app's entire P2P audience, 24 hours per

day," Schmidt said. By typing in common search terms such as "bank May

statement," or "stop payment" in Limewire's search function, personal

information is often getting into the wrong hands, enabling cyber-looting.

[Tara]

 To bad I don't understand a word you said, I use Limewire.

[Homer]

It means you may be unknowingly giving strangers access to your personal info.

[Tara]

The only thing I have checked which I share is the file/folder that my music is in. That's all anyone can see or rather suppose to be able to see.   :(

[Homer]

The only thing I have checked which I share is the file/folder that my music is in. That's all anyone can see or rather suppose to be able to see.   :(

We found that the "shared" folder in her

music-downloading application was in fact making readily available her

entire "My Documents" folder to that app's entire P2P audience, 24 hours per

day," Schmidt said. By typing in common search terms such as "bank May

statement," or "stop payment" in Limewire's search function, personal

information is often getting into the wrong hands, enabling cyber-looting.

[swissmissy63]

Yikes! I use Limewire but I don't have a cc or bank account so I really don't have much presonal info on this thing LOL

[Tara]

My music is not even on the same drive as my documents are, but my bank account info isn't in there so I don't know.

[hades]

if you have a good anti spyware program it detects all that junk.

[Mr. Scandalous]

if you have a good anti spyware program it detects all that junk.

And by good, it doesn't mean Norton Antivirus... that program doesn't work at all. I had that on my old computer and got SpySheriff virus, which is really, really nasty.

If you want a good one, try avast! Virus Recovery Database Generator and On-Access Scanner.

http://www.avast.com and download the free home version.

*edit: You should probably do a deep-registry scan too once you get it.

[Homer]

IT security watchers have warned of a Trojan -- Kukudro-A -- that is being propagated

via an infected Microsoft Word document in spammed e-mails, which promise

information about Apple, HP and Sony laptop computers for sale. When opened

the Word document attempts to install another Trojan horse -- Kuku-A -- onto

the user's hard drive. The spam comes with a variety of subject lines

including "worth to see," "prices," and "Hello."

[hades]

i spam all that type of mail.

[Tara]

http://www.pcworld.com/news/article/0,aid,126313,tk,nl_dnxnws,00.asp

Microsoft Hit With Second Lawsuit Over WGA

Class-action suit filed in Seattle alleges Windows Genuine Advantage is spyware.

Jeremy Kirk, IDG News Service
Wednesday, July 05, 2006
Microsoft has been hit with a second lawsuit over Windows Genuine Advantage, its antipiracy program that checks if the Windows operating system on a machine has a valid license.

 
 
The class-action suit was filed Friday in U.S. District Court in Seattle, just four days after the first one. The new suit lists its plaintiff as Engineered Process Controls and Univex, along with citizens Edward Misfud, David DiDomizio, and Martin Sifuentes, who are listed as owners of licensed copies of Windows XP running WGA.


Microsoft Accused of Misleading Customers
The suit alleges WGA is spyware and that Microsoft mislead consumers by labeling it as a critical security update. The plaintiffs maintain Microsoft did not make users aware that WGA frequently contacted its central servers.

"WGA gathers data that can easily identify individual PCs, and WGA can be modified remotely to collect additional information at Microsoft's initiation," according to the filing.

WGA collects a computer's IP address, BIOS data, system version and local language and settings information, the suit says.


Company Tries to Placate Users
Microsoft acknowledges WGA collects hardware and software data but maintains it is only used to verify that only one copy of an OS has been registered on one computer. If Microsoft finds a discrepancy, WGA can notify users their OS may be unlicensed through pop-up warnings.

Users have complained WGA is flawed, identifying legitimate copies of an OS as fraudulent. Microsoft blocks the download of some programs but allows security patches if an OS is judged to be invalid.

Last week, Microsoft changed some features of WGA, including adding an option that let users turn off warnings that their OS may be invalid and the frequency with which WGA communicated with its servers.

The suit asks for compensation and for Microsoft to warn users of the risks of WGA and produce a tool to remove it.

[hades]

wonder if theyll attempt fixing it anytime soon.

[Homer]

Trojan horse masquerades as message of love. An email attachment
containing a number of loosely philosophical ponderings on the art of love
is threatening businesses and home computer users across the world. This
latest online attack contains a malicious Microsoft PowerPoint file that
is able to exploit an unpatched vulnerability in the software. The file
contains exploit code that drops the Troj/EdepolC keylogging Trojan,
which in turn allows the hacker to spy on computer users. This
particularly irritating Trojan horse also tries to disable antivirus
products running on the infected computer, which only aggravates the
threat.

[~Ãutolovér~]

Trojan horse masquerades as message of love. An email attachment
containing a number of loosely philosophical ponderings on the art of love
is threatening businesses and home computer users across the world. This
latest online attack contains a malicious Microsoft PowerPoint file that
is able to exploit an unpatched vulnerability in the software. The file
contains exploit code that drops the Troj/EdepolC keylogging Trojan,
which in turn allows the hacker to spy on computer users. This
particularly irritating Trojan horse also tries to disable antivirus
products running on the infected computer, which only aggravates the
threat.

:o Is it called "Message of Love"?

I don't even click on anything, unless I know who its from.