Security Items
Phishing
Phishing attacks involve the mass distribution of 'spoofed' e-mail messages with return addresses, links, and branding which appear to come from banks, insurance agencies, retailers or credit card companies. These fraudulent messages are designed to fool the recipients into divulging personal authentication data such as account usernames and passwords, credit card numbers, social security numbers, etc. Because these emails look “official”, up to 20% of recipients may respond to them, resulting in financial losses, identity theft, and other fraudulent activity.
All the major banks have been affected and Amazon have also been affected by the problem.
Malicous attackers can copy web sites by adding specific digits to a web address, allowing them to run a copied site over their own servers that looks identical to the genuine one.
The perpetrators typically send an email to customers asking them to log on to the site for a security update. Some 20 per cent of people who receive these emails respond to them, according to web site www.anti-phishing.org.
'This is a problem that we are going to see more and more,' said Dinis Cruz, chief technology officer at security specialist CISSP.
One of the big give-aways of these bogus sites lies in their website address, as ALL secure websites have https://... at the start and NOT the usual http, so beware.
When ordering on site ensure that the address begins https:// and NOT just http to be more secure. No 's', no order!!
Another sign of a fraudulent message is one that appears to come from a bank, etc., but contains spelling mistakes and/or poor grammar, often indicating that the message has originated from the either far east or eastern europe.
One thing to remember here is that NO bank will ever ask you to divulge usernames and passwords so NEVER respond to one of these emails other than to forward it to your bank or at least TELL THEM you have received such an email as they can, and do, close down these sites within hours of finding them! Help them to help you!
Basically NEVER follow a link received in an email purporting to come from a bank and NEVER enter any of your personal details in response a request to "check" your details are correct or to verify. If in doubt contact your Bank/Building Society on your usual contact address or phone them to verify any suspect email.
There are quite a few going the rounds at the moment and will become more prevalent over the coming months so be on your guard. We will endeavour to keep you aware via the usual channels as and when we hear anything and if you do receive any that we haven't told you about then why not keep us informed such that we can share the information.
What Happens If Your Account Is Targeted
BANKS differ on their fraud procedures. Visit the banks' sites for the various information on how to report any occurrences of phishing or use the contact details below. If you know others not mentioned below then let us have the details andthey can be added accordingly.
Barclays will freeze internet or phone access to the account depending on how the fraud has been committed. But the account is still open for you to use via a branch. It says it hopes to refund you within three working days. It's down to you to inform the police, but where it thinks organised crime has occurred, it will do this. It has an email address – internetsecurity@barclays.co.uk – to which customers can forward phishing emails.
HSBC says it could take two weeks to refund the money, depending on how quickly you fill out its disclosure forms and inform police.
It won't freeze the account unless you want it to, but will just change your passwords and security details.
Royal Bank Of Scotland/NatWest works on a case-by-case basis and will freeze online access to the account. It has advice on internet security and protecting your computer on www.natwest.com.
Lloyds TSB says refunds will be made within two days and your account will be temporarily frozen while it investigates. It is trying out a new system among 23,000 customers, sent a new six-digit code on a key-ring-sized device to use when they log on.
Abbey works on a case-by-case basis so might freeze accounts, depending on how the fraud occurred. This will also determine how long it takes to refund you. It will inform police.
Halifax/Bank of Scotland will initially freeze both internet access to the account and the account itself while it investigates. It says the average refund takes six to eight weeks.
Phishing emails should be forwarded to onlineemailinvestigations@hbosplc.com.
Alliance & Leicester has launched a new system using images and phrases to combat phishing.
PROTECT YOURSELF
Despite constant warnings about online fraud, many Britons are still not heeding advice. Apacs has found that almost 50% of women and half of 16 to 24-year-olds don't know what phishing is.
Worryingly, a quarter of all online shoppers don't check whether a website is secure.
TOP TIPS INCLUDE:
AVOID USING an internet café or a library for online banking. If you have to use one, always make sure you log off properly when you have finished.
TEAR UP or shred any documents that contain information about your financial affairs.
VISIT the following websites for some helpful information on keeping safe whilst online:-
Spam and what's being done to resolve this unwanted intrusion
So far this year I've received so many spam emails, some carrying spyware, that it drives one mad! So I had a look round to see if anyone is doing anything about it and came across a web site called Spamhaus and the "Spamhaus Project", which basically is
Spamhaus tracks the Internet's Spammers, Spam Gangs and Spam Services, provides dependable realtime anti-spam protection for Internet networks, and works with Law Enforcement to identify and pursue spammers worldwide.
In addition to the spam problems a group of academics from the universities of Oxford and Harvard are teaming up to tackle the plague of 'badware' by naming and shaming the companies that develop and use adware, spyware and other malicious code.
The two universities have formed StopBadware.org under an advisory board that includes internet pioneers Vint Cerf and Esther Dyson.
The organisation will publish lists of software programs deemed to be malicious, and provide in-depth analysis of the software. It will also advise software houses on the best ways to block 'badware', and collect user experiences of infection.
If you think you may have "badware" on your PC then consult the StopBadware site and run any Spyware software you may have installed, like Ad-Aware or Spybot and this will both highlight any you may have and remove it for you!
Of course, none of these software packages will be effective if they aren't kept up to date, and whilst the Anti-virus software may update itself automatically, these packages usually require you to run an update check so please remember to do a periodic update!
One in four 'touched' by ID fraud
Identity theft could lead to theft from your bank account amongst other things.
A quarter of UK adults have had their identity stolen or know someone who has fallen victim to ID fraud, a Which? magazine survey has suggested.
Nevertheless, only one in three people said they shredded bills or used different passwords for every account.
ID thieves access accounts, run up bills, launder money, carry out benefit fraud and take out fraudulent loans.
ID fraud is one of the UK's fastest-growing crimes, with criminals netting an estimated £1.3bn last year.
The survey of 975 people found seven out of 10 favoured compulsory ID cards as a way to fight fraud.
Refuse hazard
Even a simple step taken by industry to stop accepting mother's maiden name and place of birth as default passwords would be a good start!
Fraudsters use a host of methods to steal people's identities.
Methods range from the high-tech, such as sending emails containing viruses that access information on people's computers to rooting around in refuse to find old till receipts and bank statements.
Which? advises consumers to take care in how they dispose of their personal documents, guard their passwords and to check their bank accounts and credit files regularly.
Easy theft
To highlight how easy it can be to steal a person's ID, Which? researchers decided to try to steal the identity of a volunteer.
By accessing public documents and posing as the volunteer, the researcher managed to get hold of the volunteer's birth certificate, mother's maiden name, place of birth, mortgage details and even how often they went to the gym.
How to avoid ID theft
- Do not use your mother's maiden name or place of birth as a security password
- Check your credit record annually
- If you move, make sure you let your bank know
- Shred or rip-up post before throwing it in the bin
- Never use the same password for all your accounts
- Do not carry address details in your wallet
An attempt to access the volunteer's credit card account failed but only because the volunteer had not told his bank that he had recently changed address.
Which? editor Malcolm Coles called on banks and institutions to take greater care with people's details.
"Even a simple step taken by industry to stop accepting mother's maiden name and place of birth as default passwords would be a good start," Mr Coles said.
"It's too easy for fraudsters to get hold of this basic information, which is where the process of stealing an identity begins."
Other steps you can take to protect your details on the PC is to keep your AntiVirus, Firewall and anti-spam software up to date and occasionally scan your PC drives totally to check for intrusions etc! And as the article above says, DON'T use the same passwords for everything and change them regularly!
The latter can be a pain and another thing to take on board is DO NOT pick obvious things/names etc as your passwords and where possible, include NUMBERS within your words etc.
Additional reading for online security
Additional Security measures - Host Intrusion Prevention Software
For those of you who are security conscious then in addition to the usual antivirus, firewall and anti-spy software, then think about using "Host Intrusion Prevention Software", such as Prevx.
For home users this free but only works on WinXP or Win2k.
To use their words, Prevx Home provides industrial-strength protection against:
* In-Memory/Buffer Overflow Attacks
* File System Attacks
* Registry Attacks
* Uncontrolled Program Execution
* Process Hijacking
One of the greatest threats to online privacy and transacting safely online comes from the spread of spyware, adware and browser hijacking software. And just because you are using a good spyware scanner, detector and remover doesn’t mean you can afford to ignore Prevx Home. Here’s why.
Spyware tools are designed to detect and clean up known attacks running on your PC. They will detect many but not all spyware attacks, but only do so after the attack is installed and deployed on your PC. This leaves a window of threat between the installation of spyware and its detection by the spyware tool. Indeed, certain types of spyware are very difficult to clean and some attacks attempt to disable or terminate the spyware scanning tool in order to avoid detection.
The best defense against spyware is to block the installation and deployment of the attack in the first place, rather than try and clean up afterwards. This is why you need Prevx Home and you can download it here.
You can also visit the Microsoft site for their Baseline Security Analyzer.
Microft says "MBSA is the free, best practices vulnerability assessment tool for the Microsoft platform. It is a tool designed for the IT Professional that helps with the assessment phase of an overall security management strategy. MBSA Version 1.2.1 includes a graphical and command line interface that can perform local or remote scans of Windows systems.
MBSA runs on Windows 2000, Windows XP, and Windows Server 2003 systems".
Please feed back any comments on either of these products so that we can pass these on to other users.
Unprotected PCs hit by viruses in minutes
Network worms can get onto a PC within minutes of connecting to the internet, according to security researchers at the Sans Institute.
The "survival time" for an unpatched PC connected to the internet averaged 20 minutes in 2004, compared to 40 minutes the year before.
Users of broadband, or poorly secured public networks, would be infected much more quickly, in under 10 minutes after connecting in some cases.
"The main issue here is that the time to download critical patches will exceed this survival time," the researchers said.
Security companies are also monitoring the state of play, and are even more pessimistic. Symantec estimates that it could take seconds rather than minutes to lose control of an unpatched PC.
"The Blaster worm is still the largest source of these sort of attacks," explained Tony Vincent, lead global security architect at Symantec Managed Security Services.
"It's like space junk: everything we've launched from the Earth is still up there in orbit. These attacks are all still out there on the internet due to unpatched servers, and never stop running."
Symantec runs a simulated network that is left poorly protected in order to track the methods used to enter it. The company has found worms written three or four years ago still in circulation.
Once worms infect machines the host PCs can be used to build networks of zombies that send out spam, or launch distributed denial of service attacks against web servers.
Online fraudsters target UK users
More than 100,000 people in the UK have been targeted by a virus designed to steal sensitive information from computer users.
The outbreak was considered serious enough for the National Hi-Tech Crime Unit (NHTCU) to issue a warning last week.
Criminals, believed to be operating out of North America and China, send emails containing an invoice claiming recipients have purchased electronic goods.
When users click through to the fake billing information website, a 'trojan' virus is downloaded, containing malicious code that records keystrokes, allowing fraudsters to access secret passwords and PINs when victims next visit secure web sites.
'It could capture information from all sorts of sites such as online trading and ecommerce,' said a spokesman for Abbey.
Police and banks have warned internet users to update Internet Explorer security patches and firewalls.
'The criminals behind these attacks are constantly evolving their techniques and changing tactics to target a wider range of victims,' said detective chief superintendent Len Hynds, head of the NHTCU.
UK payments association APACS is working with the NHTCU to track down the criminals, and warns that so-called 'phishing' attacks have cost the online banking industry £4.5m since December.
'These attacks are becoming more sophisticated and people need to protect themselves with the latest patches and firewalls,' said an APACS spokeswoman.
'You wouldn't open your front door to a stranger and the same should apply online,' she said.
The latest attack has advanced the sophistication of phishing and could damage consumer trust in ecommerce, says the Anti Phishing Working Group (APWG).
'It's becoming a multi-stage process and more advanced than previous attempts where criminals just sent emails pretending to be banks,' said Dave Brunswick, APWG's European spokesman and technical director at Tumbleweed.
'It's chipping away at the trust people have in online banking transactions.'
Spyware & What is it?
Spyware is ANY SOFTWARE which employs a user's Internet connection in the background without their knowledge or explicit permission.
Silent background use of an Internet connection MUST BE PRECEDED by a complete and truthful disclosure of proposed usage, followed by the receipt of explicit, informed, consent for such use.
ANY SOFTWARE communicating across the Internet absent of these elements is guilty of information theft and is properly and rightfully termed: Spyware.
If you read the small print before you accept either software updates or packages released over the web you'll possibly find you are signing up to accepting the loading of some Spyware onto your system.
Another potential problem is that many are poorly written, "contain bugs or errors", and can cause problems with the normal operation of your computer. If your web-browser experiences "General Protection Faults", hangs, or freezes it may be due to one or more of these types of programme interfering with its proper function.
If you'd like to read a more in depth article on this subject then I would suggest you visit the Spyware Watch website and on there you'll also find the link to the top 20 reviewed products.
Robs and Crashes
Spyware monitoring keyboard activity is the cause of a massive rise in thefts from online accounts - and a host of other problems, industry analysts say.
Most PCs harbour at least 30 pieces of spyware, much of it for relatively innocent purposes such as marketing. But, according to Microsoft, it causes more than one in two Windows crashes and users rarely spot it as the source of their problems.
Spyware-related support calls amount to 12 per cent of those to Dell in the US and cost millions.
Analyst Gartner reckons that unauthorised use of online accounts has become the the fastest-growing fraud in the US, where 1.98 million users have lost a total of $2.4b in a year.
Gartner research director Avivah Litan said in a statement: 'In most cases that are not inside jobs, thieves likely stole account numbers and passwords to get into accounts online or through telephone banking services. Neither method involves face-to-face transactions.'
Litan added: `Banks must implement stronger access controls to online and telephone banking systems.'
Spammers have taken to distributing spyware to collect information to help them target junk email and prime it with a subject line likely to catch a user's attention, according to the email security specialist Message Labs. But some sites dump spyware on the hard disk of any visitor.
The BBC reported last month that online fraud is reaching epidemic proportions, with the famous Nigerian 419 scam letters giving way to cons based on spurious prize offers.
One man with a son suffering from leukaemia was said to have parted with £16,000 in 'fees and taxes' after being told he had won €500,000 in a 'lucky day' lottery.
New Virus service from Sophos
Sophos has released a new service whereby one can link to their site in order to find out the latest situation on Viruses and Hoaxes which means I can link to their site, from this site, and get the latest information as to what you can expect to find out there on the web or as a nasty surprise to your email ...
Security Awareness
Security of your PC should be paramount nowadays and especially so if you use email and internet sites. A useful site for keeping abreast of this issue is SecuritySavvy.
SecuritySavvy.com is your non-technical guide to all aspects of IT security in the office and at home. Whatever you need to know, you'll find help and advice on there.
The site is edited by Robert Schifreen, one of the world's best-known writers and commentators on information security issues. And best of all, access to SecuritySavvy.com is totally free of charge so feel free to tell your colleagues and friends about them.
Virus Threats
I have, over the last few days, been receiving emails containing viruses but luckily my anti-virus software, AVG, has successfully trapped them and isolated them. Looking at the sender, I didn't recognise the name and have therefore deleted them immediately WITHOUT opening them. Some emails purport to come from reputable sources but on further investigation you'll possibly see reference to a request from yourself and if you haven't requested anything there's a good chance it's a nasty little surprise waiting to be opened!
There are a few viruses that, when they find their way onto a PC, select random addresses from your email software, usually Outlook or Outlook Express, and then send a message with the offending attachment containing the virus onto some unsuspecting individual and possibly infect their PC and then repeat this exercise ad infinitum until the message gets intercepted on a recipient's PC.
My advice, along with other professionals, is to immediately DELETE the file WITHOUT opening it.
Remember, if you have the preview screen open in Outlook or Outlook Express, then you will automatically OPEN the messages, so I would also advocate CLOSING the preview window for ALL incoming email to be on the safe side. Details of how to go about the closing of preview windows can be found in the Help section of your email program or alternatively, see my web page by clicking here.
This reinforces the need to regularly update your anti-virus signature files, and myself, I do this automatically and on a daily basis. If you know your PC is going to be on around the same time virtually on a daily basis then why not set your software up to do daily updates, as they don't take long but can save you the problems associated with a virus infection, which I may add, can be catastrophic!
If you don't power up your PC regularly, then leave your auto-update set to On and daily update, but do a manual update once connected. One of these days, you might otherwise come to regret not having done this! I have seen machines infected by viruses and it can be distressing to the user of that machine!
The decision is yours at the end of the day, and most of us learn the hard way! Do you really want to do that?
Fraud Alerts
As you are all aware there are a number of varying Frauds being committed via the internet and a fairly good site is run by the Metropolitan Police, called Fraud Alert, hence that's a reasonable place to visit to see what's out there!
If you do become aware of any youself, then please forward the details via Contact Us above.
