CyberSoft – Anti Virus Computer Security Blog

I stay up late at night watching TV and I see a lot of advertisements for computer security products.  As far as I know all of these products are legitimate but some of them may not be such a good deal price wise.  Then there are the fake scareware programs.   My definition of scareware is simple.  Scareware is any program  that temps the user to buy it by scaring them and could have criminal potential.  The least that can happen to you when you buy or test a scareware program is that you lose the price of the product.  The worst thing is that it installs a Trojan horse or back door program that is used to empty your online financial accounts. The programs on late night TV are not presumed to be so dangerous but you might do better with a do it yourself approach.  A lot of what these programs state as threats are tracking cookies.  Yes, tracking cookies are an invasion of privacy but to call them a threat is overboard.  Microsoft Windows provides all kinds of tools that allow you to tune the system.  Disk Cleanup and Disk Defragmentation are two of the most important.  Windows 7 Professional runs the Disk Defragmentation when it is not busy doing something else so with that version of Windows you don’t even need to run it.  Save yourself $35 and do it yourself.  It is easy to find instructions for your specific version of Windows on the Internet using any search engine with the keywords “Windows Tuneup Instructions”.  Don’t download any programs.

Scareware is an international problem.  Last year I wrote about a multinational effort lead in this country by the FBI called Operating Trident Tribunal.  The FBI and other national police arrested many scareware operators.  One group of crooks conned 960,000 victims into paying them $72 million dollars.  They got a 10-year sentence.  Others diverted a legitimate advertisement to install a scareware program without permission.  They got a 20-year sentence.

The FBI provides the following hints on how to spot scareware on your computer:

1. Scareware pop-ups may look like actual warnings from you system but upon closer inspection, some elements aren’t fully functional.  For instance, to appear authentic, you may see a list of reputable icons, like software companies or security publications, but you can’t click through to go to those actual sites.
2. Scareware pop-ups are hard to close, even after clicking on the Close or the X button.
3. Fake antivirus products are designed to appear legitimate, with names such as Virus Shield, Antivirus or VirusRemover.

To help not become a victim make sure that you have a real antivirus program installed on your computer and it is kept up to date.  You also need to make sure your operating system auto update feature is turned on and is up to date.  These two things together will help to protect you when these scam artists try to get to you.  Of course nothing is 100% so keep your eyes open and stay skeptical of claims from unknown sources.

CyberSoft Computer Crime Report – Issue February 20, 2012

By Peter V. Radatti CEO CyberSoft Operating Corporation www.cybersoft.com

Subtitle:  Congress, Thanks for Nothing!

I don’t know if I am angry with the Federal Government for skirting their responsibility to protect us on the Internet or happy that they are not messing it up.  It seems lately that most of the laws Congress has been trying to pass “for our protection” are aimed at protecting special interests such as the music industry and Hollywood.  Can’t say I will lose any tears for either of those guys.

The Federal Government has a responsibility to protect us and they are failing.  The Internet was invented by the Federal Government and given to the world.  A point for them, the Internet has been a world changer.  The bad part is that it has let criminals’ world wide into our homes, businesses and defense facilities.  It doesn’t require big resources to steal, only brains, an old computer and access to even the slowest of Internet connections.  Brains are in good supply in countries where the morals don’t match ours, where people are desperately poor and feel justified in stealing, where people just hate us and where the Wild West mentality has taken hold.

Having said the Federal Government has failed us there is one Federal organization that is working hard to protect us and that is the FBI.  The problem is that it is too big of a job and the FBI is under funded to tackle something of that size.  They can police it but they can’t fix it.  Congress is totally to blame for what is happening and the longer the problem festers the worse it will get.  It is like a cancer, take care of it while it is small and survive, ignore it until it is a big problem and the results may not be good.  In any case a small problem has less pain.  We are already past the small level and are rapidly moving into serious.  It is hurting our banking industry, defense industry and high technology industries.  The fact that we are ineffective is encouraging more attacks and more brazen attacks.  What is Congress doing about the real issues?  Nothing.

What could Congress do?  A great deal.  Congress could give authority to NIST or the FBI or any other Federal agency to create technical standards that protect us then use the power of the Federal Dollar to make sure that anyone who does business with the government implements them.  Of course it may not work out.  Look at the War on Cancer, the War on Hunger, and the War on Drugs!  The result is wasted money, wasted food and wasted lives.  That is why I am not sure if I am happy or not about the government’s failure to protect us.

If not the government then who will protect us?  First, if you have been reading these articles you know that in my opinion the first level of protect has to be yourself.  You have to develop the skills to be street smart in the Internet. I have been giving you those tools.  After that I believe in the power of the free market.  Business is getting tired of being ripped off and they are concerned that the Internet could become such a dangerous place that people will avoid it.  These are legitimate concerns.   Recently Google, Microsoft, AOL, Bank of America, American Greetings, Facebook, LinkedIn, Fidelity Investments and others have joined together to do the job that needs doing.  They created a new organization called Domain Based Message Authentication, Reporting and Conformance that is going after one of the most common and nastiest attacks on the Internet, phishing.  Phishing is an identity theft problem and affects everyone.  It drives up costs and damages trust.  DMARC believes that by creating and implementing standards on how email systems perform authentication and using common mechanisms already in place anyone will be able to tell a real message from a fake one sent by a criminal.   Not only will this mean that crooks will have to find a different way to scam the public but also it should help reduce unsolicited bulk email.   Expect DMARC to be implemented soon.  To learn more about DMARC visit their website at dmarc.org.  Now why couldn’t Congress have done that?

To read more CyberSoft Computer Crime Reports by Pete Radatti visit www.cybersoft.com/Blog

Today’s article contains some quirky news items that I use to illustrate some common problems that occur when technology is involved.

Lucian Constantin of the IDG News Service reports that a German police officer was concerned that his daughter was hanging out with a bad element.  In order to protect her he installed a parental control system in the computer that monitored her activity.  It appears that the father was correct in being worried because one of his daughter’s friends was a hacker who discovered the monitor and decided to break into the father’s private computer.  As most of us do, the father was doing some work at home on his personal computer. The father was a senior officer within the German Federal Police, which is the equivalent of the USA Federal Bureau of Investigation (FBI).  The father’s work involved monitoring GPS tracking of criminals and the hacker was able to find the father’s account and password to the monitoring server. The hacker then turned this information over to a German hacking group called No-Name-Crew who published significant information about the criminals involved.  Thinking about this, why would No-Name-Crew do such a stupid thing?  Was there any kind of political statement involved?  Did they care that the daughter’s father may have gotten in serious trouble, which had to affect the daughter?  Did they really think helping criminals was a smart idea?

Here are my reasons for why No-Name-Crew should be named No-Brain-Crew.  First, they attacked the national police.  Not a good idea.  Secondly, they had to hurt their friend when her father was investigated and found to be the inadvertent source of the hackers invading the police’s server.  Thirdly the suspected leader of the crew and one other member was arrested.  There was no money involved for these guys but there was a huge amount of ego, self-confidence and most of all arrogance.  They just thought they were better than the police and could get away with doing what they wanted, even serious criminal activity.

Why should you care?  This exact thing can happen to you.  Maybe you don’t have access to national police servers but if you access servers at work from your personal computer or you access your bank account online this information is on your computer.  If someone steals your computer or a “guest” in your house comes across the computer they can potentially access these systems.  What can you do?  Use one of the free web browsers that allow you to encrypt the password file.  If the browser you want to use doesn’t have this feature then use one of the many password management programs that will.  If someone does get access to your computer this will slow them down enough to give you time to change passwords and notify appropriate people.  Secondly, treat your computer as if it were a pile of cash.  Criminals view your computer that way.  Would you leave a pile of cash on the desk?  Try to arrange to physically lock up your computer.  If you are using a full size computer then lock the room or the desk.  If you can’t, consider buying a removable drive device canister and have it installed.  Using this device, your hard drive can be removed after the computer is powered off.  All of the information is stored on the drive.  Drives are small and you could even lock it in a small metal box.  Finally, if none of this is practical consider whole disk encryption.  It will slow down your computer but if whoever steals your computer doesn’t know the decryption password they are not going to even boot the operating system.

The next story is another no-good-deed-goes-unpunished event.  The Associated Press reports that a Canadian man approached a US border officer wanting to enter the United States to drop off Christmas gifts.  The man, Martin Reisch, forgot his passport and by law should not have been granted entry with just his driver’s license, however Martin presented the officer with a scanned copy of his passport that he kept in his iPad.  The officer considered everything and made an exception to allow Martin to cross into the United States.  This became international news.  I can’t see this enhancing the employment of the officer involved.  Who do you think broke this news, the officer who could potentially lose his job or Martin who was given an early Christmas gift of being cut some slack?  Martin got the fame and paid for it with the officer’s pain.   I could be wrong on who did what here but my guess is that Mr. Reisch played the part of the Grinch this last Christmas.  How does this affect you?  At least part of what happened is that the guard may have been influenced by the fact that he was shown a scanned copy of the passport on a computer!  High technology devices tend to dazzle people and can cause them to lower their guard.  If the officer was presented with a photocopy of the passport I am sure he would have rejected it.  After all a piece of paper doesn’t have the dazzling effect of an Apple iPad.  What can you do about it?  Any time a computer is involved in your decision making ask yourself if you would do this if what is being displayed on the computer was on paper instead!  If the answer is no then don’t be impressed, use normal caution, and proceed with your decision making process.

Remember just because a computer is involved that doesn’t mean it is correct and the value of your computer is not its replacement cost but all the personal information and account access in it that a thief can steal.

A fantastic new opportunity is coming for Internet crooks.  ICANN is the organization, chartered by the US Commerce Department, to oversee the Domain Names for the Internet.  The organization is international in scope and wants to be more international by loosing the controls by the US government.   When you enter a domain name such as www.cybersoft.com it breaks down in the following way; the .com is the top or first level domain while CyberSoft is the second level and www is the third level.  It can be expanded from there.  When a company buys a domain they are buying the second level attached to a first level.  Most people are familiar with the .com, .mil, .net and other first level domains.  When you buy CyberSoft as a second level domain it is associated with only one first level domain.  If you want to protect the name CyberSoft from potential poachers then you need to buy the domain CyberSoft for every first level domain, assuming that you can.    There are currently about 22 topical first level domains and another 250 country code domains.  That means that a company that didn’t want any confusion and wanted to protect their name needs to buy 272 domains plus all common misspellings for those domains.  ICANN wants to expand this by another 1,000 top-level domains per year. One of the best arguments given to ICANN for not doing this is the fact that this is going to be a field day for Internet crooks.  Right now typo squatters are common.  Again, lets use the cybersoft.com domain.  A typo squatter may register sybersoft.com or sibersoft.com or some other common misspelling.  They can then use the site for crooked purposes while the users thought they were dealing with the CyberSoft company.  Consider that now the crooks don’t have to use a misspelling they can register some new domain.  Would you think cybersoft.con was still CyberSoft?  You might not even notice the letter M was replaced with the letter N!  Remember most people click on their links; they don’t enter them by hand.

Yet another crooked game the thieves can play isn't illegal.  Lets say someone in another country registers coke.xyz or ibm.xyz.  They offer to sell the domain to the real Coke or IBM Company for $100,000, which is less, then the cost of fighting them.  This is nothing short of blackmail but it is being made possible by ICANN’s greed.

Why?  It is always about the money.  ICANN makes money-selling domain services and this is a great way to force people to buy more domains.  ICANN splits their operating costs between the domain registries, which are normally companies.  The more registries there are the higher their operating costs can be without complaints.  There has been a lot of people complaining to ICANN including business, people involved in trademark enforcement, Congressional hearings, etc. about this new plan.  ICANN doesn’t care.  ICANN is a nonprofit so it doesn’t have to pay taxes.

To be totally fair some expansion of the first level domains are needed.  Domains in other languages such as Chinese should have been allowed a long time ago but that is a far cry from what ICANN is proposing.  ICANN claims that they are putting in protections but personally, I think their protections are too little.  My guess is that this is going to hurt everyone except for big companies, crooks and ICANN.  What can you do?  Go to www.icann.org/en/contact and register a complaint about the expansion of first level domains.  If you use the form on the page click the button that says “New gTLDs” as the subject category.  I also suggest you write to your congressmen.  Finally, one last thought.  ICANN makes money simply because everyone has agreed to use their domain service.  There is no law saying you have to.  If ICANN becomes too greedy or the Internet becomes too dangerous because of their actions expect others to step up to the plate and create a competitor to ICANN.