Uncategorized

Red Five standing by. In my experience, there is no such thing as luck. Hokey religions and ancient weapons are no match for a good blaster at your side, kid.

May: Scams and Viruses on Facebook and Other Security Issues

LOL Trojan Is “laughing” at the Facebook Messaging Service

Malwarebytes is warning FB users to beware of a new scam and trojan called the “LOL” malware. It’s a message that appears to be from one of your FB friends with a photo file attached named “IMG_xxxx.zip”. Clicking on it allows a Facebook user’s data and login credentials to be accessed.

What to look for…

Messages like “LOL” or “I can’t beleive someone posted this” or “OMG, have a look at this” catch users off-guard. After downloading and unzipping the jar file named IMG_xxxx.zip, the malware executes and infects your system.The jar (or Java)file itself is the agent that actually downloads a pre-defined file from a select DropBox account. This is the file that infects the user’s machine. In the background, messages are being sent to the rest of the FB user’s friends’ accounts.

This sort of attack works because it goes through several steps to evade detection and to trick the user into trusting and opening. Once on your computer it further escapes detection by injecting itself (injection attack) into a legitimate process running on your computer.

How to protect yourself

Change your Facebook password if you receive one of these and delete the message. Then notify Facebook and your friendson a wall post.

Inside That Postal Stamp Kiosk May Be A Scam

It looks as if a fraudster gang is installing skimmers on postal vending machines across the US. The Banking industry started issuing reports earlier this month of fraudulent activity on debit cards used on postal vending machines such as stamp dispensers. According to the USPIS, the following warning has been urged to customers using the machines:

“USPIS recommends customers who use the APC machine should personally visually inspect the machine prior to use,” the USPIS said. “Look for any type of plastic piece that looks like it has been slid over the actual credit card reader. Look for any other type of marking on the machine that looks as though it has been applied by a third-party.”

Krebs on Security had this to advise on protecting yourself when using these vending machines:

One way to protect yourself against this type of fraud is to use a credit card in lieu of a debit card whenever possible. With a credit card, your liability is maxed out at $50 in the case of fraudulent transactions. Things get more complicated with debit cards. Although many banks also will observe the $50 limit on debit card fraud, customers could be facing losses of up to $500 if they wait more than two business days after learning about the fraud to report it. Also, while your bank is straightening out the situation, any cash you may be missing could be held in limbo, and other checks you have drawn on the account may bounce in the meantime if the fraudsters manage to clean out your checking account.

In addition, it’s a good idea to cover the PIN pad when you’re entering your PIN. Doing so effectively prevents thieves from stealing your PIN in cases where a hidden camera is present.

May 15, 2014 Melanie Security, SOS Blog, Uncategorized No comments

All the Presidents’ Heads

The more you tighten your grip, Tarkin, the more star systems will slip through your fingers.

The plans you refer to will soon be back in our hands. A tremor in the Force. The last time I felt it was in the presence of my old master. Don’t act so surprised, Your Highness. You weren’t on any mercy mission this time. Several transmissions were beamed to this ship by Rebel spies. I want to know what happened to the plans they sent you. You mean it controls your actions?

May 1, 2014 Art & Culture, Uncategorized No comments

RansomWare Strikes Again: CryptoLocker

That nasty thing above is the screen for a new, on the rise RansomWare called CryptoLocker. We’ve discussed RansomWare before in a previous couple of posts here and here. As a review of what this malware does – it locks your computer and then holds it for – yep, you guessed it – a ransom fee. Hence the name.

However with this particular RansomWare it encrypts all your files and then offers, as above in the screen shot, a way to decrypt them – for a price – anywhere from $100 – $700 or in some cases, 2 Bitcoins – 10 Bitcoins ( $450 – $2100). In fact, with this new attack, they offer a “Decryption Service” that allows victims to purchase a “decryption key”. Of course, that’s the last thing you want to do. Bottom line: your files get encrypted and you may lose them forever and ever. Amen. …unless you have the decryption key.

How do you get infected?

CryptoWare is spread through email attachments and it ihas been noted that the hackers are targeting companies through phishing attacks.

What kind of files are being targeted on an infected computer?

The file extensions, according to MalwareBytes, are listed below:

3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx

How far has this malware spread?

According to The Hacker News, “…64% of its victims are from the US.” It targets Windows systems.

Removal:

Regretfully, there is no specific tool known to be able to decrypt and restore asymmetrically encrypted files except a private key. MalwareBytes will detect CryptoLocker as “Trojan.Ransom” but it also cannot restore your encysted files. Your best defense is to back up your files frequently. And since this malware can cross through external drives such as USB and mapped drives, don’t leave X-drives mounted. Keep your anti-virus up to date and work at using file sharing services rather than relying on email attachments.

November 6, 2013 Melanie Security, SOS Blog, Uncategorized No comments

SOS SEO Tips: Searcher Intent and Relevant Key Phrases vs Key Word Searches.

Most people understand about keywords when it comes to meeting the basic requirements of search engine optimization. If you are selling ice cream, then you’re going to have the words “ice cream” in your meta tags. But search engines look for more than just single keywords these days.

Why?

Because their algorithms are much more complex than when search engines started and that’s because the way people search for what they want is more complex, too. It has to do with the Searcher’s intent.

Searcher Intent

Breaking it down, there are 3 basic ways that people search:

Navigation: The searcher is going for a specific site he or she knows they want to visit. The means? The site’s search box or the browser Address bar. Doe s it make a difference which they use as to site rankings? Definitely. Its your site search box competing against the address bar of the browser . Which does the site user trust to find them what they want?
Information: The searcher wants to know how to do something, or where to find some ice cream in the city. They are searching about some idea or more information about a category of products. A good example is “Where is the best ice cream in my city?”
Transactions: This is very straightforward. The searcher wants to sign up for something, like email. Or purchase a product from an online store. Or perhaps download a coupon file.

Key Phrases: Relevance and Authority

Since its much more costly to compete with the big search engines on navigation searches, its best for smaller businesses and organizations to focus on information and transaction searches. How do you do that?

Let’s say your site sells ice cream ( I like to stick with what I know, er, like a lot). You may side specialize in selling dietetic ice cream so you might want to rank your site for “diet foods”. Diet foods is a big market and getting even a small percentage of those searches would mean a chance of converting at least some to sales, right? But here’s where the relevance factor comes in because that is how you will be ranked by the search engines. The question to ask yourself is this: Is my eCommerce ice cream site really relevant for “diet foods”? No, its relevant for ice cream – that’s how the search engine will look at it. So, unless you plan on building up a lot of content and promoting your site as an authority on ice cream as a diet food, there’s a better and less costlier way. Using a relevant key phrase like “best tasting diet ice cream” will gain you more searches in your niche, especially adding the city.

It’s a good idea though to work on a plan to promote your business as the authority in its niche and do so in a relevant way. You do this by listening to your customers: what they do like and what they don’t. In the “old days” it was more about link-building. Now its all about the content on your site. So make your content relevant to your customers and be determined to be the authority in your niche.

Now, I wonder if my favorite ice cream site will show me how to build the best tasting diet banana split? I think I’ll do a search…

Image Source: Handel’s Homemade Ice Cream

Want to know more about how Switched-On-Sites can help you with your SEO?

[maxbutton id=”1″]

September 15, 2013 Melanie SEO Tips, SOS Blog, Uncategorized No comments

Will Linkedin Finally Challenge University ePortfolios For Students?

I’ve decided to focus on a little Back-To-School social media with this post of the SOS blog. So this is for all you parents and students out there.

As of September 12, Linkedin has just updated their TOS (Terms of Service) with what appears to be an interesting challenge to the lifetime aspect of the university ePortfolio site. Their new User Agreement now states the following:

We are updating our User Agreement to make LinkedIn available to students 13 years and older, depending on country. Smart, ambitious students are already thinking about their futures when they step foot into high school – where they want to go to college, what they want to study, where they want to live and work. We want to encourage these students to leverage the insights and connections of the millions of successful professionals on LinkedIn, so they can make the most informed decisions and start their careers off right. (Eric Heath, LinkedIn Blog)

They are calling this new feature University Pages. And promising:

… we are providing a new way for schools, students, and alumni to connect, communicate, and explore unique insights about the full range of career possibilities – wherever your educational starting point may be.

Basically, students can check schools out on Linkedin using University Pages and start their networking with University representatives and future classmates before they even meet them face to face. Below is a sample page:

So while University Pages is not ePortfolio replacement, it is a big inducement for students to further focus on developing their Linkedin accounts in connection with the networking advantage of University Pages. What seems to be the unique challenge now to universities espousing ePortfolios is that Linkedin has beat them to the punch on a unified global system for pre-university students that actually has the capability to do what ePortfolios have been promising: to allow a student a way to collect and house a student’s artifacts that will follow them throughout their scholastic career and into the job market for a lifetime. Its likely that Linkedin won’t stop with the current interface features that highlight work artifacts and could easily expand its capabilities to support students.

Linkedin has also implemented some extra security and privacy features to protect user that are under the age of 18:

Minors will have different default settings to protect certain sections from public view
Minors will have select service for trouble tickets
Minors will have easy access to LinkedIN’s Safety Center and Family Center support

If you are a student or a parent with a student in school, University Pages are definitely worth a looksee as Linkedin is here to stay for awhile. As of June 2013, Linkedin reports more than 225 million acquired users according to Wikipedia.

September 15, 2013 Melanie Social Media Tips, SOS Blog, Uncategorized No comments

SECURITY ALERT: RansomWare Disguised As False DHS Warning

This is a special notice from CERT that we have just been made aware of: Ransomware is back but under the guise of a false warning from the Department of Homeland Security. For a review of what Ransomware is and how it works, you might want to read our past post on this malware.

So how does this new Ransomware work?

Users who are being targeted by the ransomware receive a message claiming that use of their computer has been suspended and that the user must pay a fine to unblock it. One iteration of this malware also takes a webcam (if available) photo or video of a recipient and posts it in a pop-up to add to the appearance of legitimacy. The ransomware falsely claims to be from the U.S. Department of Homeland Security and the National Cyber Security Division. – CERT

Reports of this particular nastiness are said to be occurring in the wild which means that this is a malware that has been reported by at least two verifiable occurrences along with a sample submitted by Wildlist reporters (those with expertise in the field).

Advice:

Don’t pay the ransom
Notify the FBI – Internet Crime Complaint Center
If infected by this Ransomware,
- Contact a skilled professional OR
- Reformat your Hard Drive and then perform a clean reinstall of your OS.
Change ALL passwords after safely removing the malware from your system to STRONG PASSWORDS. If its easy for you to remember, its easy for it to be hacked – socially or using hacking software.

Prevention Tips:

Don’t click on unsolicited links in email messages.
Make sure your email program SCANS ALL INCOMING EMAIL MESSAGES AND ATTACHMENTS
Reduce reliance on Email Attachments. Instead use Google Drive inside a protected intranet and maintain strong password usage.
Maintain updated antivirus and malware software. Scan frequently.
Don’t pass along email chain letters. Delete them
Log out of all instances online.
Review this CERT document on recognizing Email Scams
Review this CERT document on Avoiding Social Engineering and Phishing Attacks. We’ve covered this information in past posts but its always good to go over it again.

You really don’t want this on your computer. So be safe and obey the rules of the road on this one.

July 31, 2013 Melanie Security, SOS Blog, Uncategorized No comments

SOS SEO Tips: Let Your Images Support The Search

Did you know there is way you can help your web site SEO with your images?

One of the places people forget that they can mention a keyword is by naming their images with that keyword. By doing so, you help your keyword ranking along with your title and meta tags.

So the next time you are tempted to upload an image and use the default name, or even worse, leaving it as a default number identifier (some cameras do this to photos), think about renaming that image to something that will help your web site ranking.

Oh, and don’t forget to use that keyword again, in your alt tag on the image!

June 15, 2013 Melanie SEO Tips, SOS Blog, Uncategorized No comments

Safety At the Wi

No, this isn’t about pool safety at the YMCA, this is about making sure you have a secure connection on an insecure connection, namely every time you connect to the Internet at a public wi-fi spot.

Wifi is a public network and any data transfer passing through can be intercepted, monitored or recorded by any number of interested parties with the right software and know how. That means if you try to access your bank online or make a purchase or login to a web application while on a public wifi network your banking details, credit card numbers, passwords, and other sensitive data can be stolen. So what can you do to protect yourself?

By now you may have heard the term VPN. What is it exactly? Its an acronym that stands for Virtual Private Network, a secure , encrypted “tunnel”, if you will, through which all your online data can pass safely. It works for any application that requires an Internet connection: be it a web browser, email client, or an IM client (chat).

Searching Google will turn up a number of free VPN’s you can use, one such is proXPN*, but take note, they don’t all provide the same level of protection. If you want to be sure that you are getting as much protection as you can get, you might want to think about making the monthly investment.

* Switched-On-Sites does not necessarily endorse this service.

June 15, 2013 Melanie Security, SOS Blog, Uncategorized No comments

MS Updates, DDoS, and the Need for Threat-Centric Security

If you have read anything in the media about security on the Internet you know that attacks on the web and on web sites are increasing. In this month’s discussion, we’ll talk about the new Microsoft Updates rolling out today, the current news on DDoS attack increases across the web, and finally the need for threat-centric security for your website.

Microsoft Updates For Multiple Vulnerabilities

There are a number of MS products that have been discovered to have vulnerabilities among them are:

Microsoft Windows,
Internet Explorer
Microsoft .NET Framework
Microsoft Lync
Microsoft Office
Microsoft Windows Essential

All of these products have had flaws privately discovered (as Microsoft stated in their recent bulletin) that allow:

A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.

Breaking this down, it means the Windows flaw could allow a Denial of Service (DoS) attack, the Microsoft .NET Framework (off which several programs run) could allow spoofing through a “specially crafted XML file” that can let an attacker gain the rights of an authenticated user to access functions on your computer. Lync, Publisher and Word all have flaws that could allow remote code execution. Both Microsoft Visio and Windows Essential have flaws that expose potential information exposure to an attacker. Internet Explorer has flaws that could allow a user to gain the user rights of the current user and this is especially a vulnerability for those who operate their systems solely through the administrative user.

Advice:

If you haven’t already, enable Windows Automatic Updates. Here’s how

DDoS and DoS (Denial of Service) Attacks

We won’t dwell too much on this one except to say that it is one of the least sophisticated ways of attacking a network or a website …but its one of the most effective at bringing both down. They have increased in frequency and severity over the last few months and industry predictions are that this trend is expected to continue. So what can you do to protect yourself?

Advice:

Make sure your web designer/developer or server admin has set you up with a security layer to slow down attacks and isolate and block attackers. Give me a call at Switched-On-Sites (use our free call widget) to discuss how I can implement this to protect your site.

Threat-Centric Security For Your Web Site

What’s the advantage of having a threat-centric security package for your web site? With the increased capabilities of hackers to attack multiple end points on the web, your site is always at risk. What does it mean to have a threat-centric web designer/developer? It means your web designer/developer has developed a proactive plan for continuously monitoring and detecting threats against your web site. It means they know how to respond to these threats and block them. It means that your web site getting breached isn’t the issue so much as how they respond when the breach happens. Give me a call at Switched-On-Sites to discuss how a Threat-Centric Security Package can protect your site.

May 15, 2013 Melanie Security, Uncategorized No comments