Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

2008 — A Watershed Year For Cybercrime

Experts say 2008 was watershed year, as cybercriminals perfected their techniques, building automated “SQL Injection” programs (to poison websites) and running massive botnet networks.

2008 cybercrime report

Hmmm... seems to me I was just saying..

The Internet Crime Complaint Center (IC3), which began operation on May 8, 2000, as the Internet Fraud Complaint Center was established as a partnership between the National White Collar Crime Center (NW3C) and the Federal Bureau of Investigation (FBI) to serve as a vehicle to receive, process, and refer criminal complaints regarding the rapidly expanding arena of cyber crime.

Complaints are up 33%.. to view this report, click here.

Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix

Share this post :

March 31, 2009 Posted by | computers, cyber crime | , , , , , , , , , | Leave a comment

A Vast Criminal Enterprise Aimed At You

– Five Defensive Strategies

“Today’s Internet attacks are organized and designed to steal information and resources¹ from consumers and corporations. The web is now the primary route by which cybercriminals infect computers. Cybercriminals are planting malicious code on innocent websites. This code then simply lies in wait and silently infects visiting computers.

The scale of this global criminal operation has reached such proportions that Sophos discovers one new infected webpage every 4.5 seconds – 24 hours a day, 365 days a year. In addition, SophosLabs, our global network of threat analysis centers, is sent some 20,000 new samples of suspect code² every single day.

2008 at a glance

  • Biggest malware threats – SQL injection attacks against (legitimate) websites and the rise of scareware (aka “rogue” anti-malware programs)
  • New web infections – one new infected webpage discovered by Sophos every 4.5 seconds (24/7 x 365)
  • Malicious email attachments – five times more at the end of 2008 than at the beginning
  • Spam-related webpages – one new webpage discovered by Sophos every 15 seconds
  • New scareware websites – five identified every day
  • Top malware-hosting country – US with 37 percent
  • Top spam-relaying continent – Asia with 36.6 percent
  • Amount of business email that is spam – 97 percent

Injection attack? coming to get you By exploiting poorly secured legitimate websites, hackers have been able to implant malicious code onto them, which then attempts to infect every visitor. One of the reasons the web is so popular is that legitimate websites can attract large numbers of visitors, all of whom are a potential victim.
(This as also known as “poisoning”.)

Many well known organizations and brands have fallen victim to this kind of attack during 2008. Both large and small organizations have been targeted.
January 2008: Thousands of websites belonging to Fortune 500 companies, government agencies and schools/universities were infected with malicious code. more..

¹ read “money”
² read “malware”

Folks, this is taken from a whitepaper titled “Security Threat Report 2009” and produced by the IT Security firm Sophos. Some of the emphasis is mine. You can download the document here.
I want to take a moment to thank them for publishing this, and saluting their effort to combat malware and the criminals behind it. In fact, let me go a step further and salute all you whitehats out there. Thank you.

What you can do

1: please read Top 10 things you should do to your computer–updated. It is a checklist, and provides you with the How To’s for a (more) secure computer, as well as providing links to important (free) security downloads.
2: enable an anti-phishing filter, which can help alert you to poisoned websites before you go there. All modern browsers have a filter built in, and all you have to do is turn it on; or, you can add a toolbar/plug-in such as McAfee’s Site Advisor or the excellent WOT.
3: make sure ALL the programs on your computer are patched and up-to-date. The easiest and most effective way to do this (IMHO) is to download and install the PSI (Personal Software Inspector) from Secunia.
4: Never respond to e-mails asking for personal information. Legitimate businesses never contact you about “important issues” via e-mail. But criminals love to go phishing!
5: Be PARANOID on the Internet. (Use common sense) Think someone can’t trace back to you? Guess again; your browser reveals a wealth of information by default. Sound too good to be true? It is. There’s no such thing as a “free iPod”… and, no, you did not win the Irish Lottery. Is looking at sexually explicit material simply irresistible? Go to one of those video rental shops that has a back room instead of clicking links and images — a malware infection can cost you all your data and/or several hundred dollars in cleanup.. and/or many hours of your time..

Folks, the Internet is not Disneyland. Most knowledgeable people refer to it as the “wild, wild, West” (a reference to sheer lawlessness) but I like a different analogy better.. think of it as going into the Big City, and going down to the docks/warehouse district, alone, and at night.
You can do it, but you best be careful.

Copyright 2007-8 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

December 12, 2008 Posted by | advice, anti-spyware, antivirus, computers, cyber crime, e-mail, hackers, how to, Internet, PC, Phishing, phraud, security, software, tech | , , , , , , , , , , , , , , , , , , | 3 Comments

A Noteworthy Achievement

Folks, I can tell you you that being an Internationally Renown 6 days-a-week Tech Blogger is a challenging, difficult, and often unrewarding endeavor. Coming up with fresh topics, properly doing your research, writing and rewriting, etc. is time consuming, and it’s work.
On an ad-free site, such as this one, there is no (read $0.00) financial reward.

So why do people blog? Or, maybe a better question is, why does the number of blogs double every six months? Can you earn a living blogging?
(an absolutely wonderful in-depth article looking at these questions can be found here, http://alexiskold.wordpress.com/2007/11/15/who-is-blogging-and-why/ {yes, it’s a bit dated, but still accurate.})

The fact is: something like 90% of all blogs fail (or, “go inactive”) within just a few months. Or sooner.

One thing that that keeps me going is the support I’ve received from fellow bloggers.. and another is stats.
(https://techpaul.wordpress.com/2008/03/29/nobody-reads-me-on-saturdays/)

My Website statistics show me all kinds of interesting things about you, the “site visitor” — the most important one (to me, anyway) is how many of you are there?
If I went to all this work and trouble, wrote 400 How-To’s, and only six people read them (total)… well, even a dim bulb like me would figure out that I could spend my time more wisely.

Which brings me to today’s title:
There are some rewards to being a member of the Tech Blogger community, and one closest to my heart is the support I’ve received and friendships I have made since starting Tech–for Everyone.

And so I would like to point your attention to a man whose Tech Blog Bill_Mullins was the very first one I put on my “Blogroll”, and ask you indulge me while I acknowledge what to me is a remarkable achievement.

Bill Mullins launched his Website, titled, Bill Mullins’ Weblog – Tech ThoughtsSecurity and System Tools and Tips. Software Reviews, News, Views, Downloads and Links on January 1st of this year. It has not quite reached its first ‘birthday’.

Since I discovered his site, I have referred my readers to several of his articles, and generally recommended it every chance I had– but most especially when he would share his security expertise with his readers, and/or warn of a new cyber-crime threat.
I consider his site an invaluable resource, and wish every web surfer would read it (and follow his advice).

Today, when I looked at his site, I noticed that his StatCounter showed over 500,000 visits. Wow! Remember when I said 90%+ fail within weeks? Well, there’s also another factor… most blog viewers land on a handful of “popular sites”.. and bloggers like me get the crumbs.
500,000 readers in less than a year is remarkable!

So I invite you to join me in congratulating Mr. Mullins on a job well-done, and suggest to you that you click here and take a look-see at his site if you haven’t done so yet.

PS– No. Mr. Mullins did not pay me to write this (and is probable unaware that I have). Remember? $0.00?

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

Share this post :

November 8, 2008 Posted by | advice, blogging, tech | , , , , , , , , , , , | 5 Comments