Fake Shipping Alert

Be careful of fake emails pretending to be from your bank or shopping sites. Many are phishing scams trying to get your personal information. To avoid those scams, it’s best to go directly to the site instead of clicking to the site from an email.

Other fake emails are trying to infect your computer with a virus. This fake email with a shipping alert has been making the rounds lately:

Subject: Shipping Notification

Message Body:

Shipping Notification Thank you for shopping with us. We look forward to serving you again.

The following is your receipt. Please retain a copy for your records.
Qty  Item no  Description  Price  S&H  Tax  Return
Code
1 FC864-2038B Msg Drma7303 White 650.99 6.95 3.37 ____

Merchandise total 650.99
Shipping and handling 6.95
Tax on mdse 6.75% 3.37
Invoice total 706.31

Welcome to the convenience of shopping JCPenney Catalog

Doing a web search, we confirmed that this was malicious from Cisco Security:

Cisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a shipping notification attachment for the recipient.  The text in the e-mail message instructs the recipient to open the attached file to view the notification.  However, the .zip attachment contains a malicious .exe file that, when executed, attempts to infect the targeted system with malicious code.

E-mail messages that are related to this threat (RuleID2979) may contain the following files:

Shipping Notification.zip
Shipping Notification.exe

Microsoft Security Essentials 2.0 Beta

My favorite free security software for Windows is Microsoft Security Essentials from Microsoft, the folks who should be protecting their operating system.

Microsoft just came out with a beta of their next version, Microsoft Security Essentials 2.0 featuring:

  • Windows Firewall integration– allows you to turn on or off the Windows Firewall during setup.
  • Enhanced protection from web-based threats – integrates with Internet Explorer to provide improved protection against web-based attacks.
  • New protection engine – offers enhanced detection and cleanup capabilities with better performance.
  • Network inspection system – protects against network-based exploits.

To get the new version, go to the Microsoft Connect site and fill out the beta registration information. Then you’ll see instructions for downloading and installing the beta.

Fighting Conficker

I have mentioned several times that Conficker is considered the most dangerous virus to date.

The Atlantic Monthy magazine has a great article titled The Enemy Within on the history of Conficker and where we are now. It’s a fascinating read for both technical security buffs and non techies.

It starts:

The Enemy Within by Mark Bowden

When the Conficker computer “worm” was unleashed on the world in November 2008, cyber-security experts didn’t know what to make of it. It infiltrated millions of computers around the globe. It constantly checks in with its unknown creators. It uses an encryption code so sophisticated that only a very few people could have deployed it. For the first time ever, the cyber-security elites of the world have joined forces in a high-tech game of cops and robbers, trying to find Conficker’s creators and defeat them. The cops are failing. And now the worm lies there, waiting …

Image credit: Alex Ostroy

Windows “AntiSpyware” 2009

Gina Trapani wrote up a great article on the infamous Antispyware 2009 and how to get rid of it. This software pretends to be legitimate antivirus software, but is itself a virus. There are many variants of the software and I wrote about one of them called Antivirus XP 2008.

How to Remove XP AntiSpyware by Gina Trapani

It’s been a long time since I’ve had to deal with a malware-laden PC, but my long streak of luck ran out this weekend when a family friend–who describes himself as computer illiterate–called. “Every time I try to do anything on the computer,” he told me, “I get a message saying it’s infected, and I have to pay $69 to clean it, but I tried to do that and I couldn’t.” He couldn’t even navigate to the Mozilla site to download Firefox; Internet Explorer was completely hijacked.

Read the rest of How to Remove XP AntiSpyware

XP Antispyware 2009


Microsoft Security Essentials

Microsoft officially released Microsoft Security Essentials (MSE) today. It is a free tool to protect your computer from malware, viruses, spyware, rootkits, and trojans. Unlike the previously released Microsoft Malicious Software Removal Tool (MSRT), MSE runs all the time and actively searches for threats.

Blurb from Microsoft:
Microsoft Security Essentials

Early tests show MSE to be very effective at catching threats. It updates itself automatically and without hassle.

It takes over all antivirus functions and is recommended to be run as the ONLY antivirus software on a computer. You should not run it alongside other popular software such as Norton Antivirus, McAfee, or AVG. Presumably this would cause the antivirus software to fight it out on your computer, hurting system resources and confusing one antivirus program, for example, when it finds a virus in the other antivirus’ quarantined vault.

I recommend this for all Windows computers: Windows XP, Vista, and 7.  The only exceptions are pirated versions of Windows since MSE requires Windows Genuine Advantage to run and make sure that your copy of Windows is legit.

MSE has a small footprint with low minimum requirements:

  • For Windows XP, a PC with a CPU clock speed of at least 500MHz and at least 1GB of RAM
  • For Windows Vista and Windows 7, a PC with a CPU with clock speed of at least 1.0GHz and at least 1GB of RAM
  • VGA (display): 800×600 or higher
  • Storage: 140MB of available hard-disk space
  • An Internet connection is required for installation and to download the latest virus and spyware definitions

MSE Quick Scan