Safety on line

[Ian]

Most folk know about scams and phishing, but the criminal fraternity out there is becoming more sophisticated by the day, so this topic will offer advice and links to places where there's a great deal more detail about what's happening right now.

Top links for online issues:

Getsafeonline/

The Register/

The UK Banking safety site

ebay's 'spot a fake email' tutorial

CERT's guide to tracking down site owners

The Home office ID theft site

Stop ID Fraud week

Click's Scam warning site

Boiler room scams

[Ian]

The man risk facing you on the internet is fraud. And despite being very careful and even web-savvy, you can get caught out.

The biggest risk at the moment is the criminal website.

Dodgy websites come in many shapes and sizes, including:

    * Phishing sites that try to steal your identity.
    * Fraudulent online shops.
    * Bogus charity websites
    * Tempting sites that contain viruses or spyware.
    * Sites that (unexpectedly) contain illegal or pirated content.
    * Sites that promote worthless investments or get-rich-quick schemes.

It's very easy to clone a real website and criminals can use virus-infected computers to host a dodgy website so it costs them nothing to put it up. It doesn’t take a skilled developer long to produce a very professional-looking site.

So how do you spot a dodgy website?

We recommend that you install the latest version of your web browser. Internet Explorer 7 and Firefox 2 both have sophisticated filters that can detect most fake websites.

Here are some other clues that might give away a fake:

    * Use your instincts and common sense. If it smells bad, it’s probably rotten.
    * Look for evidence of a real-world presence: an address and a phone number.  If in doubt make a phone call or write a letter to establish whether they really exist.
    * The website’s address is different from what you are used to
    * Right-clicking on a hyperlink and selecting “Properties” should reveal a link’s true destination – beware if this is different from what is displayed in the email.
    * Even though you are asked to enter private information there is NO padlock in the browser window or ‘https://’ at the beginning of the web address to signify that it is using a secure link and that the site is what it says it is (see Learn about secure web pages).
    * A request for personal information such as user name, password or other security details IN FULL, when you are normally only asked for SOME of them.
    * Although rare, it is possible for your computer to be corrupted by viruses in such a way that you can type a legitimate website address into your browser and still end up at a fake site.  This problem is known as 'pharming'.  Check the address in your browser's address bar after you arrive at a website to make sure it matches the address you typed.  Subtle changes ('eebay' instead of 'ebay' for example) may indicate that your computer is a victim of a pharming attack.

Test your knowledge of the above and spot the Phishing sites by taking Verisign's quiz "Phish or No Phish?".

[Ian]

Phishing emails have also become more sophisticated.  Links in emails often mask the true URL to which you're being directed. As a general rule, never, ever click on a link in an email that's arrived from anyone you don't know, and even if it's come from someone you think you do.  Phishers can make an email appear to have come from your bank very easily.  Only by right-clicking on the 'from' line can you see what they've done.

Remember: UK banks will not email you on any matter to do with your account.

[Ian]

One of the biggest risks in banking online is identity theft.  Fraudsters send out emails that look as though they come from banks (or other trusted organisations) and which contain links to fake websites which also resemble the real thing.  Think of Phishing scams as a fake cashpoint machine that looks like the real thing.

    * Be wary of phishing emails. These may appear to be from your bank but are really from criminals trying to lure you to a fake website to get your personal information
    * Banks will never send you emails asking you to disclose PIN numbers, passwords or other personal information or which link to a page that asks you for this kind of information. Banks will normally use your actual name in the email, not Sir or Madam and include a recognisable reference such as part of your account number or address.  If you click on a link in an email that takes you to a page that requires a password or personal information, it is very likely to be a scam.
    * Always make sure you are using a secure internet connection to connect to your bank. Look for ‘https’ at the beginning of the address and the padlock symbol.
    * Although many trusted organisations do send emails containing legitimate links (for example to websites that contain more information on a given subject), always be careful when clicking on them. It is better to enter your bank's address into your web browser directly or use a bookmark that you created using the correct address.
    * If you believe your details may have been compromised in some way, always contact the bank

[Ian]

If you've never seen it, the BBC programme Click (1130 Sundays on BBC1) is an excellent source for all things computing.  This week, they're highlighting the growing menace of the Fake Security Tool scam. 

The link above will take you to the BBC's website where a step-by-step guide will take you through the things to watch out for if your computer suddenly alerts you to an infection.

This also highlights an important but crucial difference between Apple and Windows machines: when you open a browser, like Firefox, on a Windows machine, it fills the entire screen by default.  On Apple Macs, it appears in a floating window, making it very easy to see whether a message that suddenly appears has been generated by the browser or by the system software.

Links:

http://news.bbc.co.uk/1/hi/programmes/click_online/9161218.stm

[DaveR]

Yet another major security flaw in Internet Explorer - why does anyone use that rubbish?

Microsoft warning over browser security flaw

Microsoft has issued a "critical" warning over a newly-discovered flaw in Windows.

In a security advisory, the company warned of a loophole that could be used by malicious hackers to steal private information or hijack computers.

The bug potentially affects every user of the Internet Explorer web browser - around 900 million people worldwide.

Microsoft has issued a software patch to defend against attacks, and said it was working to develop a long-term fix.

The security advisory, which was published on Friday, details how the vulnerability can be used to manipulate users and take over their machines.

Although the flaw is actually inside Windows itself, it only appears to affect the way that Internet Explorer handles some web pages and documents.

Microsoft admitted that the problem meant users could easily be fooled into downloading malicious files by doing something as simple as clicking on a web link.

"When the user clicked that link, the malicious script would run on the user's computer for the rest of the current Internet Explorer session," wrote Microsoft representative Angela Gunn in a website announcement accompanying the advisory.

Once the computer had been hijacked, hackers could use it to steal personal data or send users to fake websites, she added.

"Such a script might collect user information, e.g e-mail, spoof content displayed in the browser or otherwise interfere with the user's experience."

Although Microsoft said it had seen no evidence that the glitch had already been exploited by hackers, it warned that research had shown it was a serious threat.

And while it has not been able to remove the bug itself, it issued a "fix it" security patch to block any attempts to use it.

All Windows users - particularly those who use Internet Explorer - are being urged to download the fix while the company's security team develop a way to plug the hole permanently.

http://www.bbc.co.uk/news/technology-12325139

[Ian]

What is a Boiler Room?
Boiler Rooms are businesses that use high-pressure sales techniques to sell ‘sure thing’
investments with the promise of massive returns. In fact, what they’re selling is worthless stock
in often unquoted companies that are either overvalued, or simply don’t exist at all.

How they work
Boiler Room operatives generally cold-call their targets, using phone numbers from publicly
available shareholder lists. Because it’s against the law for investors to cold-call in the UK,
they tend to be based abroad (often Spain, Switzerland, or the US) where they’re beyond the
jurisdiction of the Financial Services Authority (FSA). They can approach anyone, anywhere.

Boiler Room techniques
A Boiler Room can look and sound legitimate. They may mention companies you’ve heard of, give
themselves a UK address or phone number, and have a professional looking website. They’re
notoriously persistent, and can hound a victim for months in the hope of a sale, catching out even
seasoned investors. According to the FSA, Boiler Room Scam victims lose on average £20,000.
Remember, as a general rule, if an opportunity sounds too good to be true, then it almost
certainly is.

What to do if you’re called
If you think you’re being targeted by a Boiler Room, the FSA’s advice is not to worry about being
polite, just hang up. You should then dial the FSA contact centre on 0845 606 1234 with as much
detail as you can remember. You’ll find more information about Boiler Rooms on the FSA website
www.fsa.gov.uk

[Ian]

Just a short apology for the actions of something calling itself Alan Bowman, who managed to spam us - briefly - before we banned him and his IP address.

[Ian]

Notwithstanding that there's never been an actual Ransomware attack on Macs it's still a possibility and the excellent folks at Objective-see have released a free Ransom-Where tool, which sits on your Mac and monitors the system to check for any file encryption taking place.  If it spots any it stops the process and askyou what to do.

You can download the tool here.

When you  first install it. it has a tendency to flag up quite a few instances where legitimate encryption is taking place.