Author: Rick

Posted on

Beware Phishing Scams

Wikipedia describes computer phishing scams:

Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to fool users, and exploits the poor usability of current web security technologies.

Remember to avoid these scams by going directly to the site instead of clicking on a link sent to you in an email.

Here’s an email I just got. It’s either a classic phishing email, an attempt to infect your computer with a virus, or both.

From: Paypal <Services@support.com>

Subject: Your account has been temporarily limited

Date: November 12, 2010 1:26:37 PM EST

Dear customer,

Your account has been temporarily limited

Click here to resolve the problem

Thank You.

* Please do not reply to this email, as your reply will not be received. This is an automatic notification of new security messages.

Sincerely,

PayPal Security Department Team.

Posted on

Mapnificent Finds Where You Can Travel

Mapnificent is a new site using Google Maps that finds out where you can get to in a certain amount of time. It accounts for you using public transportation and you can tell it in the settings that you have a bike. It’s great for exploring restaurants near you, but in a direction that you never bothered to look.

Posted on

PC Malware Infections on the Rise

The Microsoft Security Intelligence Report (SIR) outlines PC security threats and is based on data captured by Microsoft. Here is a download to the latest volume, covering the first half of 2010.

Much of the report covers recent botnets. Botnets start when a virus infects a computer, either through spam or an infected web page. The virus puts the Windows machine under the control of the botnet, typically run by criminal syndicates. The report explains how criminals use and share your information.

Viruses are on the rise. In the three months between April and June 2010, Microsoft cleaned up more than 6.5 million infections, twice as much as the same period in 2009.

This chart shows the number of computers cleaned by Microsoft, listed by country.

This map illustrates the percentage of computers infected in particular regions. The infection rate was highest in South Korea where 14.6 out of every 1000 machines were found to be enrolled in botnets.

Stay Safe

As always, be sure to run Windows Updates and some form of Anti-virus. I prefer the free Microsoft Security Essentials, which I find to be just as effective but less of a memory hog than anti-virus by Symantec or McAfee.

Or you can just use a Mac which has had almost no threats. The only real-world attack that I know of for the Mac was a Trojan-infected version of Apple iWork that you would get from a pirated torrent download site. Besides that, the only Mac threats have been proof-of-concept attacks developed by researchers but never used.

Posted on

Stop the COICA Bill

COICA Bill

The Senate Judiciary Committee has before it a bill called “Combating Online Infringements and Counterfeits Act” or COICA that would allow censorship of the Internet.

This is a draconian law that one would expect from a dictatorship. It is supposed to stop copyright infringement, but it will only impact honset people. People who are really trying to steal content will have no difficulties getting over these technical hurdles.

If this passes, our Internet could theoretically become like China’s, with sites taken down without any due process. Only our rulers will be the commercial interests who are behind this bill.

From the EFF (Electronic Frontier Foundation):

The “Combating Online Infringements and Counterfeits Act” (COICA) is an Internet censorship bill which is rapidly making its way through the Senate. Although it is ostensibly focused on copyright infringement, an enormous amount of noninfringing content, including political and other speech, could disappear off the Web if it passes.

The main mechanism of the bill is to interfere with the Internet’s domain name system (DNS), which translates names like “www.eff.org” or “www.nytimes.com” into the IP addresses that computers use to communicate. The bill creates two blacklists of censored domains. The first is longer, and includes any sites where the DOJ decides that infringement is “central” to the purpose of the site. The bill gives ISPs and registrars strong legal incentives to censor the domains on that list. The Attorney General can also ask a court to put sites on a second, shorter blacklist; ISPs and registrars are required by law to censor those sites.

If this bill passes, the list of targets could conceivably include hosting websites such as Dropbox, MediaFire and Rapidshare; MP3 blogs and mashup/remix music sites like SoundCloud, MashupTown and Hype Machine ; and sites that discuss and make the controversial political and intellectual case for piracy, like pirate-party.us, p2pnet, InfoAnarchy, Slyck and ZeroPaid . Indeed, had this bill been passed five or ten years ago, YouTube might not exist today. In other words, the collateral damage from this legislation would be enormous. (Why would all these sites be targets?)

There are already laws and procedures in place for taking down sites that violate the law. This act would allow the Attorney General to censor sites even when no court has found they have infringed copyright or any other law.

How You Can Help

For more information, go to the EFF (Electronic Frontier Foundation) COICA page.

To help stop this, click “Take Action” on the right side of the EFF page to email your Senator.

Letter From Internet Engineers

Here’s a letter from Internet Engineers (basically the people who invented the Internet):

We, the undersigned, have played various parts in building a network called the Internet. We wrote and debugged the software; we defined the standards and protocols that talk over that network. Many of us invented parts of it. We’re just a little proud of the social and economic benefits that our project, the Internet, has brought with it.

We are writing to oppose the Committee’s proposed new Internet censorship and copyright bill. If enacted, this legislation will risk fragmenting the Internet’s global domain name system (DNS), create an environment of tremendous fear and uncertainty for technological innovation, and seriously harm the credibility of the United States in its role as a steward of key Internet infrastructure. In exchange for this, the bill will introduce censorship that will simultaneously be circumvented by deliberate infringers while hampering innocent parties’ ability to communicate.

All censorship schemes impact speech beyond the category they were intended to restrict, but this bill will be particularly egregious in that regard because it causes entire domains to vanish from the Web, not just infringing pages or files. Worse, an incredible range of useful, law-abiding sites can be blacklisted under this bill. These problems will be enough to ensure that alternative name-lookup infrastructures will come into widespread use, outside the control of US service providers but easily used by American citizens. Errors and divergences will appear between these new services and the current global DNS, and contradictory addresses will confuse browsers and frustrate the people using them. These problems will be widespread and will affect sites other than those blacklisted by the American government.

The US government has regularly claimed that it supports a free and open Internet, both domestically and abroad. We can’t have a free and open Internet without a global domain name system that sits above the political concerns and objectives of any one government or industry. To date, the leading role the US has played in this infrastructure has been fairly uncontroversial because America is seen as a trustworthy arbiter and a neutral bastion of free expression. If the US suddenly begins to use its central position in the DNS for censorship that advances its political and economic agenda, the consequences will be far-reaching and destructive.

Senators, we believe the Internet is too important and too valuable to be endangered in this way, and implore you to put this bill aside.

Posted on

Bogus Search Engine Optimization Services

As an owner of websites, I regularly get email like this:

Hi,

I am Maria, Business Development Manager.

I went to your website: “www.techdc.com” and saw that you are an online service provider.

Would you be interested in outsourcing Link Building Services to us? We will be happy to deliver one way thematic links for any theme and numbers. We have delivered over 40,000 links to various retail and agency clients spread over different verticals.

OUR USP:-

* Links from Unique IP’s

* Regular Caching sites

* Less Outbound Links

* Start pricing USD 1.5 only

We have our quality department checking each and every link as per the quality parameters.

We would pick the exact anchor text and will be happy to provide a choice of using as many anchors as you want. Besides all our links pass thorough the quality parameters set for link building ensuring only high quality link building for a website.

Do let me know if you are interested and we would be happy to discuss this further.

For more info you can visit our website URL: – [removed]

I look forward to your Positive response.

Kind Regards,

Name: – Maria

Post: – Business Development Manager

E-mail:- maria@[removed]

NONE of these services are legitimate. There are two possible things these companies do:

1) They could just take your money and do nothing.

2) Or they could do something worse than nothing. Some companies actually try to do what they say, creating “Link Building Services.” One of the elements of the Google PageRank algorithm is how many links there are to your site. By putting your link on a bunch of sites, they attempt to game the Google PageRank algorithm and improve your search ranking. The problem with this is that Google isn’t stupid. Google can easily and automatically identify bogus links from link farms. Google can then penalize you by lowering your search rank or removing you completely from their search results, the mark of death on the Internet.

Even if these little companies could outsmart Google, it’s a sleazy business. To improve your site’s search results, write good content and get legitimate links. For more information on Search Engine Optimization and PageRank, see our post Google SEO and Other Search Engine Results Performance Suggestions.