security

Important Warning : DNSChanger Virus

In November 2011, The FBI charged seven individuals from Estonia who concocted a scheme to redirect internet traffic through their web sites to collect affiliation fees.

Through email attachments and web sites, these individuals infected an unknown amount of computers with a virus that changed the DNS settings of computers, rerouting them to a series of web sites that have since been disabled by the FBI during Operation Ghost Click.

Unfortunately the FBI will cease to operate their clean DSN servers on July 9th and computers that remain infected with the DNSchanger virus will no longer be able to access the internet.

To check whether your computer is infected, you can visit the Canadian DNS OK web site by July 8th. And if you are infected removal instructions are available from the DNS Changer Working Group.

Security Warning

The Canadian Anti Fraud Centre has been reporting an unusually high number of Scareware cases in Canada.

Apparently numerous PC users have been victimized by con artists claiming to be RCMP and/or CSIS officers, who demanded payment to clean the victims’ computers of child pornography and/or terrorism related material.

Like most scareware incidents, these begin with an unsolicited pop up message containing a warning of an infection that requires immediate attention, which appears on a victim’s computer screen whilst the victim is browsing the internet.

In this case, the victim is told they must send $100 or $250 via Ukash to unlock and clean their computer of the aforementioned illicit material. But there is of course no illicit material to remove on the victim’s computer.

When the victim clicks on the pop-up message, his or her computer is infected with malware, disabling access to the computer. But this infection can be avoided.

If you encounter this or a similar pop-up message :

  1. Do not click on the pop-up window.
  2. Close the browser via Task Manager or shut down your computer.

Enabling a pop-up blocker and regularly updating anti-virus software will prevent future occurrences.

Pop-up blockers have been implemented in all of the following browsers :

Chrome / Firefox / Internet Explorer 7 or 8 / Opera /Safari

Attention Mac Users : Update ASAP

A Russian web security firm has discovered a Mac Trojan that is disguised as a Adobe Flash update.

When installed this virus enables hackers to access passwords and other information typed into browsers and Skype.

Apple has issued an update in response to the Flashback Trojan on Tuesday. Removal instructions are also available from F-Secure.

Lawful Access = Higher Internet Fees

There’s no way around it. Lawful access will be costly to consumers in Canada.

The internet providers do not have the necessary technology and manpower to give law enforcement in Canada real time access to internet communications, especially the smaller internet providers. And these extra expenditures will be passed on to Canadians.

We are talking about technology used to distinguish criminal activity from normal internet traffic and according to Statistic Canada‘s Canadian Internet Use Survey, 79% of Canadian households accessed the internet in 2010.

The task is not only overwhelming but could possibly be open to abuse and security breaches.

After all, we are talking about individual internet providers here, some of which use different technologies to secure their networks. And I’m sure there are plenty of identity thieves that would love to access the weaker of these networks, some of which are probably tied to the criminal organizations our law enforcement is trying to expose with this legislation.

The 2011 Canadians and Privacy Survey conducted by Harris/Decima for The Office of the Privacy Commissioner of Canada found that 8 out of 10 Canadians opposed this legislation because of numerous concerns about privacy and security. And in 2009, Statistics Canada found that 48% of Canadian consumers were concerned about credit card purchases online.

Is this really the time to make consumers nervous about security and privacy online ?

Scammers On The Prowl

Warning – If you receive a call from someone claiming to be from the “Software Maintenance Department of Online PC Care“, do not give them any information and do not give them access to your computer.

I’ve been receiving calls from these India based scam artists and identity thieves for a while now. And the routine is generally the same.

They call you at random from an VOIP site based in the states and with an Indian accent claim to be calling people in your city in regards to software that is alledgely downloading material without your knowledge or consent.

They ask you for five minutes of your time and ask to gain access to your computer remotely to correct the alledged issue. Then they proceed to install malicious software on your machine, in essence creating the issue they claim to be correcting whilst gaining access to sensitive financial and/or personal information on your hard drive.

Basically they peddle anti-virus software that they first ask you to install and then later demand renewal fees for, which is usually upwards of $150. And they can claim you consented to all of this nonsense because they’ve recorded you, if they happen to have charged your credit card using information they got from your hard drive.

An online version of this scareware scam can also be found at certain sites, that install software through your internet browser. But of course there are plenty of more reasonably priced anti-virus programs out there, some of which i’ve listed under “Consumer Security” on my Consumer Links page.

Not only do these programs address the issue alledged by the con artists but Microsoft itself issues patches against these problems via their web site. And no, Microsoft does not call people over these issues.

They will of course alter their pitch at will in their attempts to gain access to your computer. But in the end the results are the same if you allow these people access ; An infected computer and a large credit card bill, at least.

Meanwile, you can address any concern in regards to any infection by using Microsoft Safety Scanner, which costs nothing and does not conflict with your existing anti-virus software.

Security Warning Issued

On Wednesday information relating to the jailbreaking of Apple devices the iPad, iPhone and iPod Touch had been published online resulting in a warning that this information could be used maliciously.

This hack of the iOS operating system takes advantage of a security flaw that Apple is currently working to patch for an upcoming update. And security experts through-out the world are warning the users of these devices to be careful opening PDF files, which could contain malicious code.