Important Message For PC Users
Microsoft will be ending their support for XP on April 8th, 2014.
This means that you have a month to upgrade to retain support for your PC.
Their will be no new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates for this operating system so upgrading to Windows 7 or Windows 8
is recommended.
Please note that an upgrade to Windows 8.1 is provided free to those upgrading from XP or Vista to Windows 8
and that file backups are recommended prior to upgrading.
Suspended Membership Phishing/Hacking Scam
There appears to be a new Netflix scareware scam going around and I thought I’d inform you as to how it works.
Basically victims are sent a fake email directing victims to a fake Netflix site where members are asked to enter their email address and password.
Once entered this information is captured by the criminals and victims are then forwarded to another fake page claiming their account had been suspended.
This fake page then urges victims to call an 800 number to reinstate their membership which actually directs individuals to a call center in India, where fake Netflix technicians are waiting to continue their con.
When victims call this 800 number they are told that their computers have been taken over by hackers and are asked to download software to remove the hackers and/or clear their computers of viruses.
This software enables the fake Netflix technicians to access your computer and all the sensitive information found on this computer’s hard drive. But access to Netflix and your sensitive information is not the only objectives of this scam.
Victims who have gone through this process are also asked to pay for the privilege of being violated.
They are asked to pay for the clean-up, a five year membership for an anti-virus program and a five year membership for a firewall.
In exchange for payment by credit card the fake technicians offer a coupon code for a discount on Netflix membership. But not only do they request credit card information for payment but also ask their victims to send photo identification to them.
This information of course enables them to steal identities, as well as to defraud their victims through their credit card. And Netflix members will not likely be the only target because it can be adapted to target any online membership.
The best defense against this scam is to ignore the links and phone numbers provided in these emails and contact a company directly via their web site.
If there are real issues with your account at a particular company their customer service department should be able to help you.
I bookmark the sites I access the most in my internet browser and use those links instead. And using spam filters on your email also helps because some filters will keep these phishing attempts out of your inbox if enough people label it as spam.
Most webmail sites have spam filters and you can install free spam filters for your PC by clicking on the following logo :
The Road To Hell Is Paved With Good Intentions
Today you will notice many sites have gone dark in opposition to a law proposed in the United States House Of Representatives called CISPA.
The Cyber Intelligence Sharing and Protection Act enables private companies and the United States government to exchange information related to internet security issues including private information to prevent cyberattacks, without public disclosure or the need for warrants. And this is of course where the idiom in the subject line of this post comes in.
In order to prevent cyberattacks and attacks against the national security of the United States everyone’s information would be exchanged and stored on multiple computers for analysis, opening this information up to misuse, abuse or theft.
This bill enables the distribution of information that you don’t want made public, from private posts and email to your internet browsing information, without your knowledge or consent. And it also contains an exemption from liability, reducing an individual’s ability to sue if something were to go wrong during this exchange of information.
The proponents of the bill are also relying on people’s inability to understand that the definitions used in this bill may extend the coverage of this bill beyond “cyber attacks”, the term “national security of the United States” having been linked to that country’s commercial interests in past legislation.
Your choice to purchase something outside of the United States could cause your information to be taken under the premise that the purchase was a threat to the American intellectual property owners because the product might not be authentic or authorized by an American company.
Having unfortunately been subjected to counterfeit DVDs in the past via eBay, my personal, private information could be collected and distributed. And because of this, an act beyond my control, I could face further victimization without legal recourse to prevent it.
Yes, some intellectual property provisions have been removed from the bill but what’s to stop them from re-introducing them ? They have no qualms re-introducing warrantless searches, over and over again and warrants do not significantly impede their current efforts to stop crime on the internet. And I have yet to see and evidence substantiating the claim that privacy is a hindrance to law enforcement, so why are these sentiments remaining in Government ?
I suspect internet security firms want to be funded by the public and are doing their best to present these bills as solutions to politicians that have no idea of what is involved.
Vic Toews, for example, is proof positive that politicians can be severely illiterate when it comes to technology.
In February 2012 this Canadian politician had introduced a bill in Parliament that he had not read in its entirety, claiming that it would address child pornography. And he had been so well convinced that it would that he actually accused opponents of this legislation of standing with child pornographers, in the House of Commons of all places.
Even joint statements from the Privacy Commissioner of Canada and her provincial counterparts had failed to convince him that there were serious issues with the bill and it took a severe public backlash to get him to actually review what he was proposing.
This isn’t the time for half-baked, open ended legislation that can be exploited by the very criminals that these bills are trying to address. And it is rather stupid to believe criminals would not use arguments about the constitutionality of these laws in their defense.
Opposition has been strong within the United States and a White House petition has apparently convinced the President to threaten to veto the bill, “as currently crafted” in a April 16th, 2013 statement (pdf).
Another petition for Americans and non American alike is also available at Avaaz. There are currently over 800,000 signatories on this petition.
Yahoo Users – Change Your Passwords
It appears that an older part of Yahoo’s systems had been left exposed resulting in a security breach that could have compromised over 400,000 accounts.
To change your password, login and click on your user name on the top left of your screen. You will be given an option to change your password in the following screen, after having been prompted to login again.
Click here for information of how to create a strong password for Yahoo.
Partial Recovery For Playstation/Qriocity
A FAQ on the restoration of service for the USA, Canada and Europe is available on the Playstation Network Blog, as well as a video by Kazuo Hirai of Sony in regards to this restoration.
Online gaming (PS3 and PSP), chat service and music downloads are slowly being restored as the system is handling password reset requests.
Update On Playstation Network Breach
It appears that Playstation Network and Qriocity users can breathe more easily when it comes to their credit card information.
Sony has stated that a vital piece of information related to purchases, the card security code, was NOT stored or archived by their system.
This code, which is usually three or four digits long, is used to confirm purchases online and by phone. It is printed on the back on Visa and Mastercard credit cards, next to the signature strip, and in the front of many American Express cards, just above the credit card number.
This card verification code expires with the credit card and another code is issued whenever new cards are sent out. So if the credit card you used on the above mentioned networks was about to expire, you should have no problem.
Furthermore, with the introduction of chip cards and services like Visa‘s Verified by Visa and Mastercard‘s Securecode services, information gathered from the security breach would not likely be useable. But I would definately advise vigilance in regards to purchases, just in case.
Canada’s major credit card companies had adopted Zero Liability programs years back for unauthorized purchases so i’m guessing the issue wont cause many problems, though it should be noted that Sony will NOT be asking people to provide personal or credit card information via email or by phone.
BTW, Sony has stated that some of the services will be reactivated this week and some of their users will be eligible for a free month of Playstation Plus. Details can be found on their official blog.