InfoManager_TM

Be very careful with your online banking. Don’t underestimate the bad guys! Read the warnings in this issue. Then follow: * IBM: Biggest threat to the cloud could be security issues * Anti-Phishing Group Targeting Fax-Based Scams * Phishing Attacks Target Car Sales Companies * Facebook Phishing Increases, Making It Second Most Phished Brand * iTunes accounts hacked * Safety tips for banking online * ‘LOL is this you?’ spam spreading via Facebook chat * University e-mail fraud threatens student security . . . and more

Check your online banking bank

I have spoken, now, with two victims and read a number of accounts of subtle online banking hacks. One local vendor lost $4,900 on one occassion, then another $1,789 a second time — BOTH were PayPal withdrawls. This victim either compromised his account at a public Wi-Fi spot, or through a trojan key-logger.
      Three months later, after changing accounts, he gets hit again. A 2-cent deposit showed up, and several hours later a 7-cent deposit showed up. This is instant evidence that someone is “testing” a PayPal or other online finance account against YOUR account number. The bank actually had a watch for this, and called the possible victim. NO, he does not have a PayPal account, and wasn’t setting one up.

GUARD YOUR ONLINE BANKING ACTIVITIES: contact your bank and ask if they have PayPal alerts when ever PayPal attempts accessing the account. This new technique involves robots pinging PayPal thousands of hits per minute, ‘testing’ banking account numbers. When it hits one that works, it makes a withdrawl — or at least attempts to make a withdrawl. Even if you do NOT have PayPal, this can get you.

My best advice: Set up a special account used ONLY for online transactions. Keep ONLY the minimum amount in the account. If you get hit, you don’t lose much. If you make purchases, it’s easy enough to pump new cash into the account.
DO NOT transact online banking at public Wi-Fi locations. DO NOT transact banking activities on mobile devices like the iPhone.
Below, you’ll find another story with tips for online banking.

Facebook Phishing Increases, Making It Second Most Phished Brand

Security researchers at a German Antivirus vendor ‘Avira’ caution that the number of phishing assaults against Facebook users rose by nearly 64% in July 2010, making the site the second most phished brand.
      As per statistics released by Avira, although phishing activities against PayPal showed a major reduction of 37.30% compared to June 2010, the e-commerce site remained the most phished brand on the web with 65.45% of such attacks.
Full story : www.spamfighter.com

‘LOL is this you?’ spam spreading via Facebook chat

Facebook on Friday afternoon was investigating what appeared to be a new spam scheme that results in users getting messages from friends over Facebook chat that have malicious links.
      The messages say “LOL is this you?” and are accompanied by a link that looks like it leads to a video on Facebook, one victim told CNET. In his case, clicking the link directed to a Web page with a “404-Page Not Found” error message and his account sent the spam out to at least one of his friends, he said.
Full story : Elinor Mills – CNET

iTunes accounts hacked

Apple Inc. is still receiving numerous complaints from users of iTunes concerning accounts being hacked. In spite of continued user complaints, Apple denies there are any security flaws in its iTunes system.
      Among the issues reported are various phishing scams that lead users to bogus websites in order to glean PayPal and iTune account information. Apple advises its users to reset their password manually if they have detected any suspicious activity on their account.
Full story : overthelimit.info

IBM: Biggest threat to the cloud could be security issues

The number of exploitable options in computer programs grew by 36 percent in 2010, largely a result of the increased prevalence of Web apps and looming cloud-computing security threats, according to IBM’s X-force security report released Thursday.
      IBM researchers said the recent growth of cloud computing and remote desktop access will likely become a sore point for security issues, as hackers cracking into a master rig that controls several virtual desktops could theoretically access all of those desktops.
Full story : Faye Abloeser – IBM Media Relations

Anti-Phishing Group Targeting Fax-Based Scams

The heyday of faxing may have passed twenty years ago, but scam artists haven’t given up on the old technology, especially when it comes to wheedling personally identifiable information out of unsuspecting office workers. Now a leading anti-phishing group is tackling the problem of fax based phishing scams.
      The Anti Phishing Working Group announced the Fax Back Phishing Education program this week to help telecommunications firms and Fax over Internet Protocol (FoIP) providers track and respond to scam artists that are using fax-ed, hard copy appeals and pitches to steal sensitive data.
Full story : Paul Roberts

Phishing Attacks Target Car Sales Companies

Symantec is warning of a flood of phishing emails that claim to come from legitimate auto sales brands.
      “In attacks tracked by Symantec, a number of fake web pages were crafted, claiming the brand was offering the facility to advertise for free,” writes IT PRO’s Tom Brewster. “These sites also featured the claim, ‘We fight fraud for you.’”
Full story : esecurityplanet.com

University e-mail fraud threatens student security

DoIT advises students on how to protect their Internet identity. An increase in fraudulent e-mails coming through MU accounts has created concern for both the Division of Information Technology and students affected by the scam.
      In an e-mail sent to all student accounts, DoIT warned against e-mails claiming “to be from IT support or a ‘system administrator’ and attempt to deceive you into disclosing personal information.”
Full story : themaneater.com

Sophos: Don’t underestimate the bad guys

Security firm Sophos has recently produced its 2010 mid-year Security Threat Report, and whilst many things remain the same, there are plenty of new security vectors for the connected among us to deal with. And with a NBN on the horizon, there may be plenty more of us connected in the near future. iTWire sat down with Sophos AP Managing director Rob Forsyth and Senior Vice President of Worldwide Field Ops, Michael McGuinness to discuss.
      If there is one thing that is clear from the latest Sophos mid-year security threat report, it is that traditional attacks on private data are still prevalent. Perhaps the vectors are shifting but figures show Spam, Phishing and Malware are still a major source of worry for security personnel world-wide.
Full story : Mike Bantick –

Safety tips for banking online

The Internet has made it so convenient for us in the sense that it makes doing certain daily or common activities much easier. One of such activities is banking. Despite the convenience of banking on the Internet, one has to take the necessary precaution to prevent any unforeseen circumstances.
      Here are some safe tips for baking online.
Full story : Rainier Wong – www.helium.com

Thanks for reading…

You can also keep up with the efforts to curb spam and cybercrime by reading the news at
Knujon and
HostExploit.com. And, you should
switch to SpamCop and take a stand against spam.