Scam of the day – April 18, 2014 – American banks victimized by foreign hackers

Although the theft actually goes back to 2009, it was only now that the Department of Justice unsealed indictments made by a federal grand jury in 2012 in which nine people including six Ukrainians and a Russian were charged with using malware to steal passwords, account numbers and other information enabling the hackers to steal millions of dollars from American banks.  The particular malware that was used is called “Zeus” and has been used for years by hackers to get access to passwords and account numbers which, in turn, enabled the hackers to log on to their victims’ online banking accounts.  The Zeus malware is particularly effective and allowed the hackers to overcome the two-factor identification systems used by the banks.  The funds stolen were wired to other banks in America where co-conspirators would withdraw the money and wire the money back to Eastern Europe.

TIPS

The Zeus malware is spread through phishing, which means that the hackers and identity thieves send emails luring their victims to click on infected links or download infected attachments that appear to be legitimate, but in fact, contain the malware.  The malware then enables the hacker to steal all of the personal banking information from the victim’s computer that they need in order to access their accounts.  So the lesson is clear.  Don’t click on links or download attachments unless you are absolutely sure that they are legitimate.  Also, it is important to have anti-virus and anti-malware software on all of your computers, smartphones and other electronic devices.  However, don’t depend on the anti-virus software and anti-malware software to do your thinking for you.  Security software is helpful, particularly if they are kept up to date with the latest security patches, however, they are never 100% effective against the latest malware.

Scam of the day – January 6, 2014 – The threat to you of Yahoo hacking

Fox IT, an Internet security firm has just uncovered a hacking of Yahoo’s ad network that appears to have started on December 30th, but may well have begun earlier.  Estimates are that about 27,000 people had their computers and other electronic devices infected each and every hour since the hacking began.  The vulnerability exploited by the hackers involves flaws in the security of Java software used in the online advertisements and by many individual computer users.  As I have warned you for more than a year, Java is a dangerous software program.  Java software which is popular software program made by Oracle has been a particularly successful target of hackers and identity thieves.  According to Kaspersky Lab, flaws in Java software was responsible for about half of all the cyber attacks by hackers in 2012.    Much of the recent wave of attacks against American companies by the hundreds involved Java software vulnerabilities.  The Department of Homeland Security earlier this year identified new and dangerous vulnerabilities in Java software that can lead to your identity being stolen and your computer being compromised by hackers.  The Department of Homeland Security even advised that people disable Java or prevent Java apps from running in their browsers.A recent study from Palo Alto Networks, a software security company found that only 6% of malware infections are coming from tainted email while 90% came from malware unwittingly downloaded when people went to legitimate websites that you had reason to trust, but had been infiltrated by hackers.  This type of identity theft has come to be known as a “drive by” identity theft.  To make things worse it usually takes as long as three weeks for anti-malware software makers to identify the latest malware threats.  Java software which is used on many legitimate websites has proven to be a rich target for identity thieves because of its continuing vulnerabilities to hackers.  It is for this reason that the Department of Homeland Security advised people to consider uninstalling Java software.The Yahoo hacking, which the company says has now been fixed enabled the hackers, while the hacking was active, to install various malware programs called ZeuS, Andromeda, Dorkbot, Tinb and Necurs, which enabled the hackers to steal personal information from people who unwittingly installed the malware by clicking on infected ads unless the computer user was protected by proper anti-malware security programs or was not using Java.  You can find out if your computer was infected by going to Microsoft’s safety scanner at http://www.microsoft.com/security/scanner/en-us/default.aspx

TIPS

Along with avoiding obvious scam emails, the best thing you can do is to make sure that your security software and anti-malware software are constantly kept up to date with the latest revisions, updates and patches.  You also may want to uninstall software programs, such as Java which have proven to be an Achilles heel for many legitimate websites.  Finally, if you want to be extra careful, you may even want to consider having a separate computer for your financial dealings and purchases while using a separate computer for surfing the Internet so that if you do go to a tainted website, there would be nothing of value on that computer for an identity thief to use.

I strongly advise people who do not need to use Java that they disable it.  Here is an important link from the Department of Homeland Security with information as to how to disable Java or to otherwise deal with its vulnerabilities: http://www.us-cert.gov/ncas/alerts/TA13-064A