Nerdy News Blog From A Geek To Go!

FRAUDULENT EMAIL ALERT!!!

FRAUDULENT EMAIL ALERT

Please be aware of a fraudulent email that you may receive with the subject title "ACH Transaction Rejected." This e-mail appears to be from NACHA - The Electronic Payments Association telling them that there is a problem with an ACH transaction they have originated. The e-mail includes a link which redirects the individual to a fake web page which appears like the NACHA website and contains a link which is almost certainly executable virus with malware. The Phishing Alert has been posted on the NACHA home page (www.nacha.org).

Labels: A Geek To Go, charleston, geek, internet security, Managed Services Program, MSP, phishing, ww.ageektogo.net

The Internet Is Under Seige!

by Miles West. A Geek To Go!

Infections are rampant on Facebook with multiple accounts spewing out links to everyone in the contact list. Tread very lightly! Also, beware of any 'Windows Looking' prompt warning you of Low Disk Space. It is a VERY DANGEROUS rootkit called Win Defrag that will sense eradication efforts and will shut down if it feels threatened!

Labels: A Geek To Go, charleston, facebook, internet security, Managed Services Program, Manged Services Program, online safety for kids, ww.ageektogo.net

Managed Services Program (M.S.P.) Hits Milestone

Thanks to the recent addition of the commercial M.S.P. contracts for Gold's Gym-James Island, SC, Harborside Remodeling, providing the majority of remodeling services for Kiawah and Seabrook Islands and Jimmy Johns - Downtown Charleston, SC - a popular national gourmet sandwich franchise... A Geek To Go! L.L.C. has reached its 225th Managed Services contract! Not to mention the 9 new residential M.S.P.'s created in the past two weeks. We're not sure what economic indicator this may represent, but obviously more users are realizing that internet security (and the maintenance of those programs) are better left in the hands of those experienced with these. A Geek To Go! has now customized the program to accommodate any user, either inside the Charleston, SC area where they are based, or for any user in the world at a reduced rate. We offer UNLIMITED U.S.-based phone and remote support to any computer anywhere in the world, as long as the computer has an active internet access. Please check out the details of the plan at http://www.ageektogo.net/msp.html and if you are interested, email or call us at 843.557.9378 and we'll provide the credentials to sign onto our CONTRACTS page where you may view and complete a contract and begin the remote setup and support of your M.S.P. from the leader, A Geek To Go!

Labels: A Geek To Go, botnets, BSOD, charleston, facebook, geek, internet, internet security, Managed Services Program, MSP, online safety for kids, remote management, safety, sexting, spam, teens

Mini-Post About Apple's Boast:

Steve Jobs from Apple on the rise of the iPad and the fall of the PC

FYI... while the iPad creates a frenzy; like the iPhone - there are copycats. Asus and HP have their own versions, and unlike Apple, you don't have to go to the store to get apps to run on these platforms. You see, the iPad requires the user to download everything from Apple's iTunes Store, while the PC-platform versions allow apps to come from multiple sources. Most of the good ones won't come without a price tag, although once the open-source community grabs a hold of it, then lots of free apps will trickle on down the line. Also, a word of advice; just like when a new restaurant opens, you usually wait a while for everything to fall into place before trying it out. There will be updates, service packs and continuous new versions morphing out of every nook and cranny. remember the first touchscreen on a phone? The first eReader? No matter who you choose to go with, let the 1st-Gen work out the kinks before you plunk down all your bets on the first horse out of the gate! ~ Miles West, President, A Geek To Go!

Labels: A Geek To Go, apple, apps, charleston, geek, internet, internet security, iPad, managed services, Manged Services Program, Windows XP updates, ww.ageektogo.net

Who makes Spyware? Why make Viruses?

We hear these questions nearly daily. Here's a great article from Ellen Messmer of Network World who sheds some light on the economics of the underworld.

For $10,000, criminals can take control of infected PCs

New capabilities are strengthening the Zeus botnet, which criminals use to steal financial credentials and execute unauthorized transactions in online banking, automated clearing house (ACH) networks and payroll systems.

The latest version of this cybercrime toolkit, which starts at about $3,000, offers a $10,000 module that can let attackers completely take control of a compromised PC.

Zeus v.1.3.4.x (code changes are always underway by the author and owner, who is believed to be one individual in Eastern Europe) has integrated a powerful remote-control function into the botnet so that the attacker can now "take complete control of the person's PC," says Don Jackson, director of threat intelligence at SecureWorks, which released an in-depth report on Zeus this week.

This new Zeus feature, which was picked up from an older public-domain project from AT&T Bell Labs known as "Virtual Network Computing," gives Zeus the kind of remote-control capability that might be found in a legitimate product like GoToMyPC, Jackson says. SecureWorks calls this a "total presence proxy," and it's so useful to criminals, just this one VNC module for ZeuS costs $10,000.

The Windows-based Zeus Trojan software, which takes up about 50,000 bytes on a compromised Windows-based computer, is designed to plunder accounts in North American and United Kingdom banking systems via the victim's computer. The criminal might be located a continent away, directing unauthorized transfers of funds to accounts through elaborate command-and-control systems.

Zeus, around since at least 2007, "was originally a spyware Trojan and it had good marketing" and became popular as botnets of all sorts proliferated, Jackson says.

A group called UpLevel was originally in a partnership working on the Zeus source code. But today researchers suspect there's only one author of Zeus, and this individual is now exerting tight control over the current Zeus 1.3 (and later) versions by instituting a hardware-based copyright-protection mechanism.

SecureWorks researcher Kevin Stevens says the Zeus hardware-based copyright mechanism is based on a hardware token method, similar to WinLicense, that takes into account a lot of hardware details about a computer before allowing the Zeus Builder toolkit code to be unlocked by an individual.

Older versions of Zeus are available for free, but the price for the current Zeus and its modules, out since the end of last year, is not cheap. In the online criminal underground, fraudsters often pay for crimeware through Western Union or Web Money, according to SecureWorks.

According to a report published by SecureWorks this week, the basic Zeus Builder kit runs $3,000 to $4,000, with another $1,500 for the "Backconnect" module to connect back to an infected machine to make financial transactions from it. This means banks that try to track money transfers will always trace it back to the computer of the account holder. To hack Windows 7 or Vista computers, criminals will have to ante up an extra $2,000 or be limited to Windows XP systems.

A "Firefox form grabber," costing another $2,000, lets a criminal grab data out of fields that are submitted using the Firefox Web browser, such as usernames and passwords for banks. A "Jabber (IM) chat notifier," costing another $500, will let the attacker get stolen data immediately in order to access the victim's account after the victim logs in using a token provided by the bank to randomly generate numbers. And the VNC module, which allows the attacker to get around any smartcard that's required for large-dollar transactions, is $10,000.

The latest version is also designed to blow through the most current defenses in place regarding two-factor and other authentication in banking systems, and is especially oriented toward facilitating high-dollar transactions of $100,000 or more, Jackson notes.

"Zeus automatically detects top-tier, gold-level targets" associated with online banking services, Jackson says. A signal is given to the botnet controller, and a highly automated transfer can be made into accounts the attacker desires.

There are many stories starting to appear of companies complaining about unauthorized ACH transfers, or fake employees fraudulently added to automated payroll systems, when high-dollar amounts are transferred into accounts where banks either can't or won't retrieve these sums.

Jackson says the latest version of Zeus gets around most of the advanced online authentication mechanisms used by banks today, with perhaps the exception of a transaction approval process based on at least two people, often randomly selected from a pool of people trained for this purpose, who manually authorize a transfer. "It's an arms race," he says.

The upcoming version of Zeus, v.1.4, is still in beta but promises yet more deadly features. Its "Web Injects for Firefox" capability, for instance, would let the attacker present a screen on the fly in the Firefox browser in order to elicit more sensitive information during the banking transaction by pretending the bank needs the information. The Zeus Trojan is also getting polymorphic encryption to re-encrypt itself to appear unique each time, thus making it even more difficult for antivirus software to detect it.

Labels: A Geek To Go, botnets, Manged Services Program

Internet Safety for Kids - published by Sag Harbor Press

This is very good scope of the burgeoning issue that we face in ALL municipalities.

Many thanks to the SAG community for sharing this online post!

School officials and Sag Harbor parents say problems of cyber bullying, online chatting, and most recently “sexting,” have been brewing in the district for many years. Before this week, instances of risky online behavior were handled amongst the children, at home or in the guidance counselors office.

But tonight, Thursday, January 14, US Congressman Tim Bishop and Detective Rory Forrester with the Suffolk County Police Department will host an Internet safety program at Pierson High School at 7 p.m. Local parents hope to bring this issue to light and reach out to the whole community to raise awareness about children’s vulnerability on the Internet. Sag Harbor students in grades six through eight, will also attend a modified version of the program during the day.

“We want to help parents understand what is going on with our kids,” said elementary school assistant principal Donna Denon. The program, which is paid for through a grant secured by Congressman Bishop and presented at schools throughout Suffolk County, is sponsored at Pierson with the help of the Sag Harbor Parenting Center, The Sag Harbor Elementary PTA and the Pierson Parent Teacher Student Association. Of the children’s portion, Denon added, “According to Det. Forrester, research shows this age group is the most influenced. Their developmental age isn’t catching up. If we can target this middle school age group and raise awareness we will have better success in high school.”

According to parents and middle school guidance counselor Carl Brandl, jabs aren’t only reserved for the bathroom wall or the playground anymore. Verbal forms of cruelty have now gone viral. Parent Mary Anne Miller, whose daughter is a fifth-grader, said cyber bullying is present in the older elementary school grades and takes many shapes. Students use Facebook to write demeaning things about a fellow classmate, noted Miller. Brandl referenced a Facebook application called the “Truth Box” which can be added to a child’s profile. On the website, the application is advertised as a way to learn “what your friends really think about you” by allowing them to post anonymous comments.

“In the old days you would get bullied on the playground and then it was finished. Cyber bullying is never ending. It can go on for weeks or months. It is a continuous dialogue,” remarked Miller. “The children are hurting and disrespecting each other.”

Another arena of the Internet Det. Forrester finds particularly disconcerting is “sexting,” in which young adults send racy or sometime obscene texts, photographs or videos to one another. The prevalence of “sexting,” said Det. Forrester, spiked as smart phones with Internet access and cameras became ubiquitous.

While working on the Internet safety program, Det. Forrester learned of a 12-year-old girl from Mount Sinai who made a revealing video of herself. The video was eventually posted online by someone else and now when people type in this young girl’s nickname her homemade movie pops up in the search results. Det. Forrester noted that legislation hasn’t caught up to the advances in technology and how children are using these new mediums. Technically, by producing this video, the girl created child pornography which is a felony charge. If convicted she could become a registered sex offender. Det. Forrester added these videos and images are often intended for one recipient but with the click of one button the intended receiver can distribute the information throughout a whole school district and community.

“The laws need to be adjusted for what is going on. I know a lot of states are struggling with this,” said Det. Forrester, adding that some states have resorted to charging children as a way to curtail these practices.

Children may have the skill set to readily adapt with technology but Brandl argues developmentally they aren’t prepared to connect their actions online with any possible consequences. Brandl said he receives reports of cyber bullying nearly ever day and although he wouldn’t elaborate on instances of “sexting,” he said the Sag Harbor school district wasn’t immune to this problem.

“There really isn’t a whole lot of foresight with what they are doing today and how it will impact them 30 minutes, a month, or a year down the road. Their brains are still developing,” explained Brandl. “A major theme of my job is showing them that what they do right now will have an impact later.”

Brandl noted that children also find a greater comfort in saying cruel things online instead of face to face.

To help control this behavior, as part of the program, Det. Forrester will teach children to “think before they send. In addition, he will also school them on the ways to protect their online information by establishing and understanding privacy settings.

Because Internet companies’ incentives are to increase the number of subscribers, noted parent Chris Tice, who has worked in the Internet business, the onus is on parents to monitor their children’s online accessibility and activity.

“Parents can set the parameters for how their kids use these technologies. They can make sure there isn’t a computer in their room or put filters on any of their electronic media so the kids can’t accidentally go to the wrong site,” said Tice. “I think many parents hand their children computers and don’t install that kind of software.” In an elementary school survey Brandl helped complete five years ago, nearly 85 percent of students in fourth grade said they had computers their parents couldn’t monitor.

Det. Forrester suggests first and foremost that parents become involved in their children’s Internet and texting habits. He tells parents to know which sites their children are visiting, open a dialogue about the Internet with their youngsters, join Facebook and become a friend of their children’s and also take a close look at their phone bills.

“I think parents in general just want to understand more of what their kids are doing. It is kind of out of sight and out of view, right now,” added Denon.

Technology is growing so rapidly and has become such a common resource in society, officials say parents need to address these critical issues instead of ignoring them. Parents and educators hope the benefits provided by the Internet to young minds will be tempered with increased awareness surrounding its dangers as well.

Pre-registration for the Internet safety program is required. Please contact Mrs. Cohen at 725-5301 for more information.

Popularity: 1% [?]

Bookmark & Share: