• Categories

  • Browsers
  • Business Software
  • Communications
  • Desktop Enhancements
  • Developer Tools
  • Digital Photo Software
  • Downloads
  • Drivers
  • Educational Software
  • Games
  • Graphic Design Software
  • Home Software
  • Internet Software
  • iTunes and iPod Software
  • Linux
  • MP3 Audio Software
  • Networking Software
  • Productivity Software
  • Screensavers and Wallpaper
  • Security Software
  • Software News
  • Utilities and Operating Systems
  • Video Software

• Archives

  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009

• Links

  • Gadget Mania
  • Gadget Reviews
  • USB World
  

• Meta

  • Log in
  • WordPress
  • XHTML

SonicWALL identifies growing threat of cybercriminals attacking new searches

Over 284 Top Search Terms attacked over the last 7 days with 6600 Malicious URLS; Threat team outlines tips to protect against searching threats

SonicWALL announced it identified that cybercriminals are continuing to attack Google’s top search items. In the last 7 days, more than 284 top search terms have been attacked by more than 6600 malicious URLS. The threat team has found up to nine of the top 20 search terms are under attack at any one time. To help individuals defend against these types of threats, SonicWALL’s threat research team has identified certain search terms that have returned the greatest number of malicious sites and has developed several tips for combing through search terms.

“Cybercriminals use whatever is at their disposal to spread malware. In this instance they are launching attacks against Google’s top search terms that identify the most popular stories of the day,” said Deepen Desai, Lead Malware Researcher, SonicWALL. “These criminals are now going after these top search terms using their knowledge to insert malware infected websites almost immediately after people show interest in a particular news site.”

Using social engineering tactics, cybercriminals are able to jump onto the latest news events ranking high on Hot Search to draw more traffic to their infected websites. Search Engine Optimization (SEO) tactics are then used to make the websites show up higher in the search results, thus making it more likely that individuals will click on them.

The counter offensive to remove these threats is on-going. However, some sites have remained within search results for a number of hours before being removed. Recent and topical infected searches include:

• A search on “elinor burkett” within a 24 hour period between March 8th and 9th presented 40 unique malicious URLs appearing in Google search’s top 30 results.
• A search on “the new tenants” on March 8th presented 56 unique malicious URLs appearing in Google search’s top 30 results.

SonicWALL suggests you remember the following tips when searching for a news event:

• Be diligent when clicking on the links that show up in search engine results. Be sure to look at the URL before you click on it. Quite often the legitimate sites show up with complete readable sentences in their description whereas the malicious sites show up with jumbled keywords.
• If you do click on a malicious website, quickly get out of it. Most of the malware found redirect to fake antivirus websites that pretend to discover malware on a computer and offers to sell antivirus software that will clean it up.
• Make sure that your antivirus is up to date. Use defense-in-depth by layering protection, having antivirus both on the gateway and the client.
• Steer clear of any kind of video codecs or protection software executables downloads prompted by most of these sites.
• Do not execute any files that come through e-mail attachments.

For more information and to track the latest network and e-mail security threats, go to: http://www.sonicwall.com/securitycenter.asp?tab=NS

Top 10 Malware Threats for January

Leading anti-malware developer finds continued prevalence of Trojan horse programs

Sunbelt Software announced the top 10 most prevalent malware threats for the month of January 2010. The report, compiled from monthly scans performed by Sunbelt’s award-winning anti-malware solution, VIPRE® Antivirus + Antispyware, and its antispyware tool, CounterSpy®, is a service of SunbeltLabs(TM).

In January, the malware landscape remained remarkably similar to December, according to Sunbelt Software ThreatNet statistics. The top seven detections were the same as December, but in a slightly different order. In December and January, six of the top 10 detections were Trojan horse programs.

Trojan.Win32.Generic!BT – a generic detection for Trojans that comprised nearly one quarter (23.15 percent) of all the malware found. It remained in the top position for the third month in a row, growing by nearly 20 percent from 18.69 percent of all detections in December. It is a detection that includes many downloaders associated with scareware or rogue security products.

After holding the top spot on the list for most of 2009, the password-stealing Trojan-Spy.Win32.Zbot.gen held the second position on the list for the third consecutive month, decreasing from 6.23 to 4.91 percent of all detections.

“I think we can expect to see Trojan horse programs continue to be the top detections for the foreseeable future,” said Michael St. Neitzel, Sunbelt Software vice president of Threat Research. “Trojans used to download and install a wide variety of other malware and those are the real moneymakers for the bad guys.”

Other Trojans in the top 10 were:
– Trojan.Win32.Generic!SB.0
– Trojan.Win32.Malware
– Trojan.ASF.Wimad (v)
– Trojan.HTML.FakeAlert.a (v)

Meanwhile, three new detections moved onto this month’s top 10 list. Virtumonde — a generalized description of an adware program with many versions of pop up advertising — constituted 1.23 percent of overall detections. Packed.Win32.TDSS.aa.3 (v) — a sophisticated rootkit and Trojan that is used primarily to redirect search engine results — made up 1.21 percent. Finally, Trojan.HTML.FakeAlert.a (v) — a detection for an HTML file which replaces a desktop background and works with other rogue malware — made up just under one percent of all detections.

The top 10 results represent the number of times a particular malware infection was detected during VIPRE and CounterSpy scans that report back to ThreatNet, Sunbelt’s community of opt-in users. These threats are classified as moderate to severe based on method of installation among other criteria established by SunbeltLabs. The majority of these threats propagate through stealth installations or social engineering.

The top 10 most prevalent malware threats for the month of January are:
1. Trojan.Win32.Generic!BT 23.15%
2. Trojan-Spy.Win32.Zbot.gen 4.91%
3. Exploit.PDF-JS.Gen (v) 4.55%
4. Trojan.Win32.Generic!SB.0 2.40%
5. Trojan.Win32.Malware 1.93%
6. Trojan.ASF.Wimad (v) 1.92%
7. INF.Autorun (v) 1.46%
8. Virtumonde 1.23%
9. Packed.Win32.TDSS.aa.3 (v) 1.21%
10. Trojan.HTML.FakeAlert.a (v) 0.98%

Source: Sunbelt Software

Panda Cloud Antivirus now compatible with Windows 7

Panda Security’s industry acclaimed free antivirus service, Panda Cloud Antivirus, has received Microsoft’s ‘Compatible with Windows 7′ certification after passing the company’s quality checks for both 32-bit and 64-bit systems.

Since the launch of Panda Cloud Antivirus on November 10, 2009, millions of users have enjoyed the simplest, most effective and easy-to-use protection on the market.

Panda Cloud Antivirus is the world’s first free antivirus service that provides real-time protection against the newest and most dangerous viruses. This level of protection is made possible because Panda gathers malware information from its global community of users in the cloud to automatically process malware strains in minutes, versus hours or even days compared to other products. Panda’s approach combines local detection technologies with real-time cloud scanning to maximize protection while significantly minimizing the impact on PC performance.

Panda Cloud Antivirus has recently won the PCMag.com Editor’s Choice Award for Best Free Antivirus, as well as top honors in PCWorld’s comparative review of free antivirus software. Panda Cloud Antivirus is available for download free of charge at www.cloudantivirus.com.

Source: Panda Security

2010 Computer Threat Trends, PandaLabs forecast

Fake antivirus, bots and banker Trojans will continue to increase

Cyber-criminals will keep fine-tuning their social engineering skills to trick victims

More malware will be created for Windows 7 and Mac operating systems

The term ‘cyber war’ will become more familiar as politically-motivated attacks across the Internet increase

PandaLabs, Panda Security’s malware analysis and detection laboratory, has released its forecast of computer threat trends for 2010. PandaLabs predicts that in 2010, the amount of malware in circulation will continue to grow exponentially as it has in 2009. As anti-malware technologies are able to respond closer to real-time through cloud-based innovations such as Panda’s Collective Intelligence, malware creators will respond by generating even more diverse threats to evade detection and elimination. Once again malware will be designed almost exclusively for financial gain, and we can expect to see many new fake antivirus strains (rogueware), bots and banker Trojans.

Social Engineering Continues to Rise

Cyber-criminals will again be focusing on social engineering techniques to infect computers, particularly those targeting search engines (BlackHat SEO) and social networks, along with ‘drive-by-download’ infections from Web pages.

As the football World Cup takes place in South Africa, we can also expect to see significant amounts of malware related to this event: false ticket offers, junk mail, etc. It is always a good idea to be suspicious of any messages related with current affairs and large events such as this.

In the case of social networks, there have already been many examples of worms and Trojans targeting Twitter and Facebook. Malware creators will continue to be drawn to these types of platforms that are used by millions of people.

Watch Out Windows 7

Windows 7 will have a major impact on malware development: where Windows Vista hardly caused a ripple, Windows 7 will make waves. One of the main reasons is the widespread market acceptance of this new operating system, and since practically every new computer comes loaded with Windows 7 64-bit, criminals will be busy adapting malware to the new environment. It may take time, but we expect to see a major shift towards this platform over the next two years.

Mobile Phone Attacks – Not Yet!

Several security companies have been warning for some time that malware is soon to affect cell phones in much the same way as it affects PCs. Well, we hate to rain on their parade, but 2010 will not be the year of malware for cell phones.

The PC is a homogenous platform, with 90 percent of the world’s computers running Windows on Intel, meaning that any new Trojan, or worm has a potential victim pool of 90 percent of the world’s computers. The mobile phone environment is much more heterogeneous, with numerous vendors using different hardware and different operating systems.

Applications continue to be incompatible from one operating system to another. Therefore it is unlikely that 2010 will see widespread targeting of cell phones by malware. In any event, this year will witness many changes in the world of mobile telephony with more smartphones offering practically the same features as a PC; the emergence of Google Phone — the first phone sold directly by Google without tying users to specific operators; the increasing popularity of Android; and of course the iPhone. If in the next couple of years there are only two or three popular platforms, and if people make significantly more financial transactions from their phones, then the potential breeding ground for cyber-crime will be significant enough to be concerned.

Mac Becoming Increasingly Attractive to Cyber-Criminals

Mac’s market share has increased in recent years. Although the number of users has yet to reach the critical mass required to make it as profitable as PCs for cyber-criminals, it is nevertheless becoming more attractive. Mac is used just as PCs are to access social networks, email, and the Internet: the main malware distribution systems used by cyber-criminals. Consequently, Mac is no longer a safe haven against malware. These criminals can easily distinguish whether a system is Mac, and they are creating malware designed especially to target this OS. In 2009, we have already seen some attacks, and predict there are more to come in 2010.

Cyber war

Throughout 2009, governments around the world including the United States, the UK and Spain, have expressed concern about the potential for cyber-attacks to affect economies or critical infrastructure. We also saw this year how several Web pages in the United States and South Korea were the subject of attacks, with suspicion — as yet unapproved — pointing at North Korea. In 2010, we can expect to see similar politically-motivated attacks.

Securing the Cloud

Cloud-based services will continue to grow in popularity among consumers and business users alike. As this happens, the security industry must be acutely aware of cybercriminals’ moves to take advantage of this new platform.

Cloud Antivirus Technology on the Rise

2010 will be the year in which all anti-malware companies will innovate to remain competitive as cloud-based security becomes the most effective way to fight today’s malware. In 2007, Panda Security launched its first product which took advantage of the cloud. Now in 2009, all the company’s products use it and we have launched the first 100 percent cloud-based free antivirus: Panda Cloud Antivirus (www.cloudantivirus.com), and Panda has noticed that the rest of the marketplace is beginning to follow suit.

Source: Panda Security

Trend Micro 2010 Future Threat Report

Virtualization, Cloud-Computing and a Shifting Internet Infrastructure Will Widen the Scope of Cybercrime

Using news headlines and the latest technological trends, cybercriminals are brilliantly agile at exploiting whatever is trendy for cash and profit. Now, the growing popularity of cloud computing and virtualization among companies is likely to catch the attention of criminals scheming for the next hot cyber-swindle.

According to the Trend Micro 2010 Future Threat Report, cloud computing and virtualization — while offering significant benefits and cost-savings — move servers outside the traditional security perimeter and expand the playing field for cybercriminals. The industry already witnessed Danger/Sidekick’s cloud-based server failure that caused major data outages in November 2009, highlighting cloud-computing risks that cybercriminals will likely abuse. Trend Micro believes cybercriminals will either be manipulating the connection to the cloud, or attacking the data center and cloud itself.

The Internet infrastructure is changing, opening more opportunities for cybercrime

The “next-generation” protocol designed by the Internet Engineering Task Force, Internet Protocol v. 6, is still in the experimentation stages of replacing the current IPv4, now 20 years old. As users start to explore IPv6, so will cybercriminals, and we can expect to see proof-of-concept elements in IPv6 start to materialize in the upcoming new year. Possible avenues for abuse include new covert channels or C&C. But don’t expect active targeting of IPv6 address space–at least not in the very immediate future.

Domain names are becoming more internationalized and the introduction of regional top-level domains (Russian, Chinese, and Arabic characters) will create new opportunities to launch age-old attacks through look-alike domains for phishing – using Cyrillic characters in place of similar looking Latin characters. Trend Micro predicts this will lead to reputation problems and abuse that will challenge security companies.

Social media and social networks will be used by cybercriminals to enter the users’ “circle of trust”

Social engineering will continue to play a big role in the propagation of threats. But given the increasing saturation of social media with content intended to be shared via online social interactions, cybercriminals will definitely try to penetrate and compromise popular communities more than ever in 2010.

Social networks are also ripe venues for stealing personally identifiable information (PII). The quality and quantity of data posted openly by most trusting users on their profile pages, combined with interaction clues, are more than enough for cybercriminals to stage identity thefts and targeted social engineering attacks. The situation will worsen in 2010, with high-profile personalities suffering from online impersonators or stolen bank accounts.

The extinction of global outbreaks, and the growth of localized, targeted attacks

The threat landscape has shifted and we are no longer seeing global outbreaks like Slammer or CodeRed. Even the much covered Conficker incident of 2008 and early 2009 was not a global outbreak by its true definition; rather it was a carefully orchestrated and architected attack. Moving forward, localized and targeted attacks are expected to grow in their number and sophistication.

More key forecasts for 2010 and beyond:
– It’s all about money, so cybercrime will not go away.
– Windows 7 will have an impact since it is less secure than Vista in the default configuration.
– Risk mitigation is not as viable an option anymore-even with alternative Browsers /alternative operating systems.
– Malware is changing its shape – every few hours.
– Drive-by infections are the norm – one Web visit is enough to get infected.
– New attack vectors will arise for virtualized/cloud environments.
– Bots can’t be stopped anymore, and will be around forever.
– Company/Social networks will continue to be shaken by data breaches.

Source: Trend Micro Incorporated

CA report: Fake security software, search engines and social networks 2009’s Top Internet Threats

CA “State of the Internet 2009″ Report Analyzes Top Internet Threats; Researchers Predict Online Threats for 2010

The latest State of the Internet 2009 report issued today by CA, Inc. states that the most notable 2009 online threats were rogue/fake security software, major search engines, social networks and Web 2.0 threats. The report, based on data compiled by CA’s Global Security Advisor researchers, compiles trends from the first half of 2009. CA security researchers also offer predictions for the top Internet threats for 2010, including an increase in “malvertising” and the potential for another big computer worm outbreak like Conficker.

“Cybercriminals have made a business out of conducting attacks on the most popular online destinations because they promise the highest payoff,” said Don DeBolt, director of threat research for CA’s Internet Security Business Unit. “Cybercriminals keep up with trends, major events, holidays, and the like, and focus on where they’ll get the biggest returns. Search engines, like Google and Yahoo, or social networking sites, like Twitter or Facebook, have the mass appeal to attract these criminals. In addition to Internet security software, the best weapon against today’s threats is education, so that consumers know what to look for when they are conducting activities online.”

CA researchers tracked the following trends in 2009:
– Rogue or Fake Security Software: Software that poses as legitimate Internet security software but is actually malware has experienced a significant surge in popularity. In the first half of 2009, CA added detection for 1,186 new variants of Rogue security software, which is a 40% increase compared to the last half of 2008.
– Search Index Poisoning: Google is a frequent target of online threats. Attackers employ sophisticated search engine optimizations to manipulate search engine rankings and poison users’ search results, which direct them to compromised Web sites that can cause malware infections.
– Social Networks/Web 2.0: Popular online communities, blogs and social media sites, such as YouTube, MySpace, Facebook and Twitter, are highly targeted. Financially motivated organized groups are among the aggressive attackers, creating hundreds of bogus profiles to perform various tasks, including distributing malware, spamming and stealing users’ online identities to perpetrate further cybercrime. Win32/Koobface is an example of a worm propagating through social networking sites. It uses the affected user’s login credentials to send messages to the user’s list of connected friends and family. In 2009, CA ISBU discovered more than 100 components and mutated strains belonging to the Win32/Koobface family.
– Identity Theft: Attacks targeting online credentials allowed attackers to distribute further cybercriminal activities, such as email address harvesting for Spam bots, sweeping FTP accounts for web infection and attributing to social network worm propagation, like Win32/Koobface. Stealing Trojans accounted for 23% of the most prevalent malware infections in 2009.
– Cybersquatting and typosquatting: Malicious Web sites that masquerade as legitimate, reputable sites deceive users into undertaking transactions or activities in which they divulge sensitive data.
– Mac OS X Threats: Security threats have come to the Mac. In 2009, CA ISBU has added 15 intelligent signatures detecting Mac OS X threats. The most prevalent being OSX/Jahlav.

“Malware doubled in 2009 and the ability to purchase bots and other malicious programs online is becoming more prevalent,” DeBolt continued. “It is a cat and mouse game. Cybercriminals are evolving along with the malware community and are constantly looking for new vulnerabilities to exploit, from online banking to search index poisoning.”

While spam and phishing scams are still on the rise, the breakdown for how malware was distributed in 2009 was dominated by the Internet at 78 percent, followed by email (via attachments or phishing) at 17 percent, and finally removable media (such as USB drives, digital photo frames, etc.) with 5 percent.

CA forward looking online security predictions for 2010:

1. Search engine optimization exploits and malicious advertising (Malvertising) will increase as a means to distribute Malware.
2. Another big computer worm like Conficker is likely. The increasing popularity of web-based applications and discovery of critical zero-day vulnerabilities, especially for new operating systems such as Windows 7 and Google Chrome, present good opportunities for a new worm outbreak.
3. Threats to Web 2.0 technologies such as social networks will continue to grow.
4. Denial-of-Service attacks will increase in popularity as a means to make a political statement. Popular websites like Twitter and Facebook are likely to fall victim once again.
5. Banking Trojans: These Trojans manifest as banking-related threats orchestrated to steal users’ identities for financial gain.
6. Malware actors will focus on the 64 bit and Apple platform.

The CA 2009 State of Internet Security report is intended to inform consumers and businesses of the newest and most dangerous Internet threats, forecast trends and provide practical advice for protection. The analysis provided is based on incident information from the CA Global Security Advisor team, submitted by CA customers and consumers from January to June 2009, as well as publicly available information. For the full CA 2009 State of Internet Security report, please visit www.ca.com/securityadvisor.

The CA Global Security Advisor Team delivers the around-the-clock, dependable security expertise, offering trusted security advice to the world for more than 16 years. Providing a complete threat management resource, CA’s Security Advisor Team is staffed by industry-leading researchers and skilled support professionals. CA Global Security Advisor is available at www.ca.com/securityadvisor. It offers free security alerts, RSS feeds, PC scans and a regular blog updated by the worldwide team of researchers. CA’s entire portfolio of threat-related products for home, small and medium businesses, and enterprises are updated and protected by the CA Global Security Advisor team.

Source: CA

WatchGuard announces Top Threats to education

Education-related Threats Expected to Rise – According to the U.S. Department of Homeland Security, 25 percent of all cyber-security breaches involve schools, and although a majority of educators believe that their campus networks are more secure now than last year, WatchGuard predicts that significant breaches, vulnerabilities and threats will continue to plague schools and universities. WatchGuard deems the following to be the leading network, application and data threats to education:

– Malware & Spyware - As students and faculty utilize the Web for education as well as entertainment purposes, many unwittingly expose themselves to drive-by downloads, or corrupted websites, which injects malicious forms of software on their computers. Once infected, they risk becoming victims of identity theft or loss of personal information via spyware and keyloggers.
– Viruses – Today, e-mail remains to be one of the primary vectors for delivering viruses. Unfortunately, a recent survey showed that 27 percent of users fail to keep their antivirus signatures up to date.  With viruses taking on innovative polymorphic properties, antivirus signatures alone may not be enough to stop the next wave of new viruses to come.
– Botnets – It has been estimated that 15 to 20 percent of all school and university computers connected to the Internet may be part of a botnet. As part of a botnet, school and university systems may be used in a variety of unknown exploits, including spam delivery, denial of service attacks, click-fraud, identity theft and more.
– Phishing – Phishing scams continue to get more sophisticated and selective, with students being specifically targeted. A recent report states that phishing attacks via social networks achieve a success rate of over 70 percent, which indicates that a majority of students are vulnerable to phishing scams.
– Hacking - In a recent survey of education IT professionals, 23 percent ranked student hackers as one of their greatest threats to their network security. Whether the hacks are designed to alter grades or for more sinister purposes, student hackers continue to push the envelope for network and data protection.
– Access Control – Usage of mobile devices and wireless access continues to plague network administrators. Concerns of thwarting unauthorized user access to education IT resources is top of mind with many administrators. As use of mobile devices escalates, schools will face
increasing challenges in managing authorized network access.
– Social Networks – The number one threat to school and university networks is social networks, such as Facebook and MySpace.  Unfortunately, social networks act as an ideal platform to launch a myriad of attacks against students and faculty, including spam, viruses, malware, phishing and more. Adding to this, socially engineered attacks are often extremely successful due to the “trusted” environment that social networks create.

– Because of the sensitive nature of student and faculty information, such as social security numbers, credit card information, and other personal identifying data at risk, WatchGuard recommends that schools and universities review their security controls and IT policies regularly to ensure they have the most effective, up-to-date security solutions in place.

Source: WatchGuard Technologies

In Rogues We Trust: Webroot survey reveals internet users of all skill levels fall for cybercriminals tricky tactics

Webroot Also Finds 2 Out of Every 10 Threats Detected in August Were Fake Security Alerts & Products

Computer-savvy consumers are more susceptible than novices to “fake alerts” and rogue security products – bogus malware infection warnings and malicious programs masquerading as legitimate security applications – according to a new survey from Webroot, a leading provider of Internet security for the consumer, enterprise and SMB markets.

Surveying nearly 1,200 individuals ranging in age and computer proficiency levels, Webroot explored the risks and consequences of infection by malware associated with fake alerts. Among the key findings:

– Advanced users clicked on suspicious messages at a greater rate than less experienced users
– 20 percent of respondents strongly trust the first page of search results – a common target for fraudulent links
– Nearly one fifth reported varying levels of financial or data loss following infection
– Over half experienced infections consistent with those of fake alert-related malware

“Cybercriminals prey on our curiosity,” said Mike Kronenberg, chief technology officer of Webroot’s Consumer Business Unit. “Links to seemingly real search results and videos — and now even ads on reputable news sites – trigger fake warnings claiming you’re infected or need ‘Home Antivirus 2010′ or another bogus product. And business must be booming for these thieves, judging from the rapid rate at which Webroot is seeing new programs and variants created in an attempt to bypass security technology. But with the right education, vigilance and technology, consumers can take steps to protect themselves.”

The Anatomy of a Fake Alert

Webroot has seen a rise in the incidence of fake alerts and rogue security products. According to the Webroot Threat Research team, two out of every 10 threats detected by Webroot’s products in the month of August were associated with fake alerts and rogue security products.

The appearance of fake alerts changes frequently. Ranging from phony Windows Security Center warnings to notifications for security scans and viewer or codec downloads, each is designed to appear legitimate and urgent. According to the Webroot Threat Research team, Internet users can encounter fake alerts through three main vectors:

– Fraudulent links appearing at or near the top of search results. For example, on Monday Webroot found that a search for news stories about the arrest of film director Roman Polanski yielded links that redirected to a fake security scan and to “Windows PC Defender,” a known rogue security product.
– Phony file links. Webroot recently reported on its Threat Blog that the Koobface worm is now sending phony video links, seemingly from a friend, to members of Facebook, MySpace, Twitter and other social networks. The links trigger viewer download messages that activate infection when clicked.
– Ads on legitimate Web sites. Webroot researchers recently investigated the origins of a bogus ad on NYTimes.com earlier this month which contained code leading to a fake alert and rogue product.

Key Findings

Results from the Webroot survey indicate a general lack of awareness of fake alerts and rogue security products, a higher rate of engagement among advanced and power users, and costly and inconvenient consequences of infection.

Lack of awareness leaves individuals vulnerable:
– 20 percent strongly agree the first page of search results includes trustworthy links
– 40 percent did not know the meaning of “fake alerts,” and 69 percent were unfamiliar with “rogue security products”
– 25 percent clicked on links to unfamiliar sites
– 13 percent clicked on pop-up messages requiring the download of a special viewer or codec

Experienced computer users are more susceptible:
– Over 50 percent of advanced users encountered a fake Windows Security enter alert, versus 33 percent of novice users
– 26 percent of advanced users encountered a fake security scan, compared to approximately 10 percent of less experienced users
– 23 percent of advanced users clicked on a fake alert and in some cases purchased rogue security products; conversely, 10 percent of novice users did the same

Clicking a fake alert can lead to consequences ranging from nuisance to costly:

– 43 percent of respondents experienced ongoing pop-up messages after clicking
– 26 percent had to have their computers repaired
– 11 percent lost files and documents following infection
– 8 percent had to purchase a new computer or experienced unauthorized credit card charges

Tips for Safer Surfing

Webroot recommends the following actions to protect against the risks and consequences of fake alerts:

Be vigilant – Do not click pop-up security alerts from unfamiliar companies, or poorly worded messages from known providers. Only purchase security products from reputable companies. Check for links to familiar sites among search engine results. On social networks, do not follow suspicious video links from “friends,” or emails, friend requests, site links and other items from unknown sources
Even with security programs in place, remain vigilant – Malware authors are continually writing new programs to avoid detection, so pay close attention to suspicious behavior
Always install updates – Equally if not more important, if you’re using antimalware software, be sure to install updates which include the latest malware definitions to protect you from new variants of known threats; do the same with updates to your operating system
If you’re not protected – Scan your machine for dormant viruses with a free scan; and protect your PC with an Internet security suite that includes antivirus, antispyware, and firewall technologies

Webroot offers several comprehensive Internet security solutions for consumers including Webroot® AntiVirus with Spy Sweeper®, and Webroot® Internet Security Essentials. For more information about these and other products, please visit http://www.webroot.com/En_US/consumer.html.

U.S. ranks 9th in Global PC Infection Report, according to PandaLabs

Average number of worldwide infections grew 15 percent over last month – Global infection ratio hits all time high this year at nearly 60 percent

PandaLabs, Panda Security’s malware analysis and detection laboratory, announced that it has detected a 15 percent increase in the total number of malware-infected computers in September in comparison to the previous month of August. According to data gathered from users that scanned and disinfected their computers with the free Panda ActiveScan online antivirus, the average infection ratio rose to 59 percent, the highest rate this year.

In comparison to the infection rates of 29 countries, the U.S. ranks ninth with an infection ratio of 58.25 percent, just below the worldwide average. Taiwan has the most infected PCs, with a 69.10 percent corruption, followed by Russia and China at 67.99 percent and 61.97 percent, respectively. The country with the least infections is Norway at 39.60 percent. To view a table that outlines the percentage of infected computers by country, please visit: http://www.flickr.com/photos/panda_security/3963144168/.

According to Luis Corrons, Technical Director of PandaLabs, “There is a false sense of security, as users perceive there to be no real danger at the moment. When their computers get infected, they rarely notice any symptoms.”

Panda’s study revealed that U.S. computers are infected by the most dangerous malware strains: Trojans, followed by adware, worms and viruses. To see the number and types of malware on infected computers in the U.S., please visit: http://www.flickr.com/photos/lithium-/3963437003/sizes/o/.

“This is a clear sign that hackers are becoming more and more sophisticated,” explains Corrons. “Cybercriminals have found news ways to spread their creations, frequently exploiting the latest news stories to launch attacks through social networks, videos, and email. The huge amount of Trojans in circulation is due to the spectacular increase in the number of banker Trojans aimed at stealing user data.”

Five tips to protect your business from online banking fraud

Guardian Analytics CEO, Terry Austin, provides insight on how business owners can safeguard their finances online

Guardian Analytics, a provider of fraud prevention software for the financial services industry, is advising businesses on the risks of Internet banking, and how they can protect their companies from becoming a victim of online banking fraud.

The need for businesses to examine their online business banking practices has never been more important. In August alone, the FDIC, NACHA – The Electronic Payments Association, and the Financial Services Information Sharing and Analysis Center (FS-ISAC) all published alerts warning about rising Internet threats to businesses. Analyst firm Gartner issued a report on the issue in August, and last week the Senate Committee on Homeland Security and Governmental Affairs held a special hearing to discuss cybercriminals targeting small- and medium- sized businesses. Committee Chairman Joe Lieberman, ID-Conn., and Ranking Member Susan Collins, R-Me., have also started drafting legislation to address this as well as other cyber security issues, and is working to bring public and private organizations together to spearhead the initiative.

“In the last several weeks, business banking fraud has become a dominant discussion point in the financial and security industries,” said Avivah Litan, VP and distinguished analyst at Gartner. “With cybercriminals circumventing strong authentication and using sophisticated reconnaissance on accounts during the attacks, increased fraud awareness has never been more important.”

Terry Austin, Guardian Analytics CEO, provides the following advice to entrepreneurs to protect their companies against online banking fraud:

1. Be aware of your financial rights: If your business becomes the victim of online business banking fraud, you have fewer rights than you do as an individual. Regulation E of the Federal Electronic Funds Transfer Act requires banks to reimburse consumer fraud victims within 10 days of a fraud report, but it does not protect businesses the same way it protects individual accounts. Ask your bank what their policies are on protecting business accounts.
2. Ask your bank to increase investment in protection technologies: Your bank’s online account platform is only as secure as the technology behind it. Ask your bank if they have a proactive online banking fraud monitoring system in place to detect suspicious account activity and how they are responding to the recent alerts. Despite increased regulations, many financial institutions still have not implemented the technologies beyond authentication that are necessary to fight today’s sophisticated threats.
3. Update your anti-malware software and firewalls: Not keeping your anti-malware and firewalls updated is a huge risk for anyone, and even more so when it could jeopardize your businesses’ entire financial health. Still, know that your business can fall victim even with updated computer security protection.
4. Monitor for irregularities and missing funds: It is imperative for any business to always be on the lookout for anything abnormal occurring in its account/s. Many banks offer transaction alerts so customers can be notified of important account activity, so ask your bank about this service.
5. Educate your financial managers on the threats: Forward the latest advisories on to whoever manages your online business banking accounts. If anyone needs to know about the threats, it is the person closest to your online banking account/s, whether that is the CEO, CFO, or accountant.

Source: Guardian Analytics

Next Page »

• Recent Posts

  • Trend Micro Threat Research Report: 9 Million ZeuS attacks blocked by Trend Micro in the last 6 months
  • SonicWALL identifies growing threat of cybercriminals attacking new searches
  • Introducing the Fraud Prevention Suite to combat fraud in international eCommerce
  • Panda Security and Defence Intelligence coordinate massive botnet shutdown with international law enforcement
  • SAP Business One 8.8 beckons new era of software for small businesses
  • Microsoft announces global launch of Windows MultiPoint Server 2010
  • SIIA announces finalists for 2010 CODiE Awards in Education categories
  • New Emotional Technology in KODAK Picture Kiosks creates opportunity to tap into trillions of images
  • Cybercriminals continue to show their love for Valentine’s Day
  • Tableau launches free software to make data social
  • Apple releases Aperture 3
  • Solutionary identifies Top Security Risks and provides precautionary tips for Winter Olympic Games
  • Top 10 Malware Threats for January
  • Microsoft study reveals small and midsize businesses using hosted services have better financial performance
  • Cowbell2010 iPhone App supercharges the Olympic fan experience

• Tags

  2009 2010 America antivirus Apple application beta browser business Conficker cybercriminals data protection download educational encryption free Home Software IBM internet iPhone Mac Malware Microsoft news office online PandaLabs Panda Security productivity protection safety security Security Software service software Software News tech technology threats Trend Micro United States US USA Windows Windows 7