Posts Tagged: ‘computer virus’

Scam of the day – February 17, 2013 – Facebook hacked – the lesson for us all

February 17, 2013 Posted by Steven Weisman, Esq.

Facebook has announced that its internal computer network has been hacked in what it described as a “sophisticated attack.  According to Facebook, users of Facebook did not have their data compromised – this time.  As I have warned you over and over again, your security is only as good as the security of the weakest place that holds information about you, which is why it is important to limit the information held by companies and others with which you do business to the minimum that they need.  The hacking of Facebook occurred when a Facebook employee went to the website of an app developer with which Facebook does business.  The app developer had unwittingly been hacked through the use of the Java program and when the Facebook employee went to the website of the app developer, the computer virus was passed on to Facebook.  This might be particularly disturbing to some people because Facebook uses, and was using at the time of its security breach, the latest security software programs, which did not protect Facebook from the hacking.  As I have told you previously, unfortunately, the makers of computer security software are always behind the hackers.  It has been estimated that when a new virus is developed only about 5% of security software programs are effective at first.  Generally, the computer security software companies take about a month to catch up with the new viruses.

TIPS

There are a few lessons for us all from this security breach.  According to the computer security company, Kaspersky Lab, Java is a dangerous program constantly exploited by hackers.  According to Kaspersky, Java software was the culprit in about half of all cyber attacks in 2012.  On January 12, 2013 I passed on a warning from the Department of Homeland Security warning people to disable Java due to serious security threats.  Five days later on January 17th I provided you with a link to remedy for that particularly vulnerability.  However, problems with Java continue to occur and some computer security experts suggest that you disable Java and not use it in order  to protect yourself.  I will discuss this in more detail in future Scams of the Day.  The particular problem with Java that led to the hacking of Facebook has been fixed, but it is likely that Java will be attacked again.  Another tip that you must follow is to make sure that your computer security software is constantly updated.  I will provide you with particular warnings and updates, but you should make sure that your security software is always current.  People who do not do so are easy targets for identity thieves.

Scam of the day – October 19, 2012 – New IRS scam

October 19, 2012 Posted by Steven Weisman, Esq.

Many of us pay our taxes online and many of us have a refund deposited electronically into our bank accounts.  It is a quick and efficient way to pay your taxes and get your refund safely.  However, scam artists are aware of this and are sending out phony emails purporting to be from the IRS telling their victims that their refund deposit failed and asking the potential victim to click on a link for the details of how to remedy the situation.  Of course, if you click on the link, what you will end up doing is downloading keystroke logging malware that will enable the scammer to steal all of the information from your computer.  Some of the notices are even followed up with another email telling you that it is a second notice and that your refund is being cancelled unless you click on the link to remedy the situation.  Don’t click on the link.

TIPS

Never click on links unless you are positive that it is legitimate and even then you cannot be sure, if it is something being sent by a friend that they are not passing on something to you that they do not realize is infected.  In regard to this particular phishing scam, although the email looks legitimate, it does not include your name and the address line on the email  and indicates it was sent from an email address other than the IRS.  However, even if the email address appears to be from the IRS, it is easy to spoof or copy the address to make it appear that it is from the IRS.   The safe thing to do if you have any questions as to the legitimacy of such an email is to call or email the IRS.

Scam of the day – March 22, 2012 – Windows security scam

March 22, 2012 Posted by Steven Weisman, Esq.

A new scam currently turning up involves people receiving a telephone call from someone purporting to be from Microsoft and that there is a dangerous computer virus infecting the Windows operating system on the person’s computer.  The caller then asks the person to log on to their computer and go through  with the scammer the steps necessary to clear the computer of the threat.  The threat, of course, comes from the caller who uses the call to gather personal information to turn the person receiving the call into a victim of identity theft.

TIP

Microsoft would not call you.  Never give personal information over the phone to someone you have not called or are not completely sure who they are.  As for your Windows software, make sure it is always up to date.  Automatic regular updating is best.  Also make sure that you have legitimate security software on your computer and up to date to protect you from viruses, spyware and malware.