Tag Archive for TrustPort

| November 27, 2010
Comments Off on Social Networks Are Risky

Social Networks Are Risky

Social Networks Are RiskyAccording to the Czech security firm TrustPort, social networking’s popularity and ease of use can cause users to forget its risks.  These risks include the loss of private personal data and malware infection.  Even though social networking is new, a recent IBM (IBM) X-Force report says the threats are not.  According to IBM, traditional threats like phishing, malware, 419 fraud schemes, identity theft, data harvesting, and botnets now use social networks as attack vectors.

FacebookMany social networking users fall victim to attackers offering new apps or features for joining the group.  Net Security.org cites the Facebook Stalker Catcher as an example of such a scam.  Even though this malicious app appeared in 2009, Facebook users still fall victim to it.  To start a Stalker Catcher attack, Net Security.org says users are lured to the group on the pretext that they will see exactly who and when is visiting their personal profile.  The alleged instructions for feature activation result in nothing more and nothing less than sending group invitations to all contacts of the victim.

Sunbelt Software reports that the latest scam targeting Facebook users specifically targets kids.  The scam promises a free proxy service for those who want to bypass parental controls and blocks set up by schools.  The scam tempts the victims to try the service at hxxp://myfatherisonline.com to access Facebook in school.  Of course, when the victims visit the website, they can’t find the advertised service.  The researchers instead found a plethora of scam attempts.  The victims are faced with an affiliate site containing malware, surveys, quizzes, and offers for free iPhones that will try to get them to subscribe to a premium rate service or sign up for spam.

The number of users who voluntarily join fraudulent groups and send invitations to all their contacts is strikingly high.  In the Net Security.org article, IBM says the informal feel of social networks is the real risk.

We’re all friends here,” you’re thinking to yourself, and you’re mind chooses to ignore the things that would usually set off alarm bells in your head. Who knows – maybe it’s our inherent sense of safety that we get when surrounded by lot of people? Safety in numbers, so to speak. In any case, most of us are just less careful.

SPAM

These same users then access Facebook at work, exposing their employers to more risks.  The anti-malware firm Sophos recently found that reports (PDF) by companies of spam and malware derived from social networks were up 70 percent from a year earlier and concludes that “Because of this, social networks have become one of the most significant vectors for data loss and identity theft.”

Due to this carelessness, the criminals behind the scams quickly gain large databases of contacts.  These databases are later sold to other cybercriminals and used for sending spam or for further phishing scams.  Some fraudulent groups explicitly invite users to install a particular application, which is even more dangerous.  According to the article, the risk of malware infection should never be underestimated.

rb-

So the important message here is:

  1. Keep your computer up to date
  2. Use regularly updated antivirus and antispyware software
  3. Verify what you are doing before you do it
  4. If it is too good to be true, it probably is

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005.  You can follow him on LinkedInFacebook, and Twitter.  Email the Bach Seat here.

Category: Social Networking | Tags: , , , , , ,
| December 9, 2009
Comments Off on Which Anti-Malware is Best?

Which Anti-Malware is Best?

Which Anti-Malware is Best?In a report, AV-Comparatives compared the base performance of some of the top anti-malware products on the market. The objective of these tests was to identify how well antivirus scanners can detect new malware using their base functions.

Base anti-malware functions included their proactive scanning and heuristics methods, without the advantage of downloading the latest signatures. Forcing a test without the latest virus signatures makes it possible to evaluate the strength of the heuristic-or proactive, technology of the anti-malware engines.

ArsTechnica summarizes that the tests were run on two sets of malware. Set A, which contains malware from December 2007 to December 2008 (of which most products could detect over 97%). Set B, contained 1.6 million samples of malware collected between August 11 and August 17, 2009. This set included the following categories of malware: Trojans (69.5%), Backdoors/Bots (20.7%), Worms (6.1%), other malware (1.5%), and Windows viruses (0.4%).

Results

Ars reported these proactive detection results (rounded to the nearest percent):

After taking these results into consideration and adjusting for false positives, AV-Comparatives rated the security companies from best to worst in three categories:

  • Advanced+:
    • G DATA,
    • Kaspersky,
    • ESET,
    • F-Secure,
    • Microsoft,
    • Avast,
    • eScan.
  • Advanced:
  • Standard:

In September of 2008 NetworkWorld reported on Gartner claims that enterprises are paying too much for security software. Gartner says vendors simply aren’t doing enough to keep up with the prevalence of threats on the Internet. Neil MacDonald, a research vice president at Gartner says that security vendors are “maintaining high-profit margins on firewalls and antivirus software despite these products being nothing more than commodities.NetworkWorld says that during his presentation at the Gartner’s 2008 IT Security Summit in London, Mr. MacDonald was vociferous in his condemnation of how security products are actually increasing their prices over the years across a backdrop of lowered effectiveness, contradicting pricing schemes across the rest of the IT industry.

Anti-malware pricing is broken

Security vendors have maintained a pricing scheme that contradicts the rest of the IT industry, Mr. MacDonald said. Typically with software or hardware, prices go down year after year with the introduction of new and better products. In some cases, however, security software often loses its effectiveness as new threats emerge, while prices stay high. “Why in antivirus year after year do we pay more for something that gives us less?” MacDonald asked. “It’s insanity. Why is information security immune from the trends of the IT industry?

Gartner recommends that firms use the commodity status of security software to their advantage, “I know it’s hard to switch but you have to seriously enter the negotiations,” MacDonald said. “Let the vendors know that you are not afraid to switch.”  And he recommends that buyers should aggressively negotiate for better prices.

rb-

While most malware writers are script kiddies with an affinity to making minor modifications to existing malware there are some very good black hat hackers out there that are not dummies.  These tests are important for buyers to understand which product’s core functionality is more efficient against new threats and not rely on constant updates to augment their capabilities. In the face of new threats, superior heuristic capabilities are crucial to anti-malware software? The weekly, daily, or even multiple times a day, definitions updates are the lifeline of the anti-malware industry. The need for constant updates is what drives the annual payments for subscriptions.

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,