Computers & Technology

‘Erases’ files, icons as lead up to pitch for $80 to buy worthless utility

Scammers are trying to trick Windows users into paying to fix bogus hard drive errors that have apparently erased important files, a researcher said today.

The con is a variant of “scareware,” also called “rogueware,” software that pretends to be legitimate but actually is just a sales pitch based on spooking users into panicking. Most scareware masquerades as antivirus software.

But Symantec researcher Eoin Ward has found a new kind of scareware that impersonates a hard drive cleanup suite that repairs disk errors and speeds up data access.

Dubbed “Trojan.Fakefrag” by Symantec, the fake utility ends up on a Windows PC after its user surfs to a poisoned site — often because the scammers have manipulated search engines to get links near the top of a results list — and falls for a download pitch, typically because it’s presented as something quite different, like video of a hot news topic.

Fake system or disk cleanup programs aren’t new — Symantec has highlighted the scareware subcategory before — but this malware goes above and beyond the call of counterfeit duty.

“[Trojan.Fakefrag's] aim is to increases the likelihood of you purchasing a copy of Windows Recovery by craftily convincing you that your hard drive is failing,” said Ward in a company blog Monday, referring to the name of the fake suite that the Trojan shills.

The malware kicks off the scam by moving all the files in some folders to a temporary location, by hiding others and by making desktop icons disappear. All of that is followed by a message that looks like a valid Windows warning of impending hard drive doom.

“An error occurred while reading system files,” the on-screen message reads. “Run a system diagnostic utility to check your hard disk drive for errors.”

If the user clicks “OK,” the fraudulent “Windows Recovery” application launches, runs a series of sham scans that sound technical and legit, then reports multiple problems, including disk read-write errors.

With the hook set, the scammers try to reel in the victim by trying to get them to pay $79.50 for Windows Recovery, which will supposedly fix the make-believe issues.

Since the user has just seen his files and icons vanish, he or she is much more likely to fall for the scheme.

“It does a really convincing job of making it appear as though something is wrong,” said Ward. “When it ‘deletes’ files from your desktop, it does so in a very prominent way.”

No surprise, but the files aren’t deleted; they can be found with a quick local search, said Ward.

Windows isn’t the only operating system targeted by scammers. Last week, for example, Intego Security reported finding the first-ever Mac OS X rogueware.

Content by By Gregg Keizer at Computerworld

Facebook announced that it is now offering users the ability to use encryption to protect their accounts from being compromised when they are interacting with the site, something security experts have been seeking for a while.

The site currently uses HTTPS (Hypertext Transfer Protocol Secure) when users log in with their passwords, but now everything a user does on the site will be encrypted if he turns the feature on, the company said in a blog post.

Enabling full-session HTTPS eliminates the ability for attackers to use tools like the Firefox plug-in called Firesheep to snoop on communications between a person’s computer and the site’s server over Wi-Fi.

“Starting today we’ll provide you with the ability to experience Facebook entirely over HTTPS. You should consider enabling this option if you frequently use Facebook from public Internet access points found at coffee shops, airports, libraries, or schools,” the post says. “The option will exist as part of our advanced security features, which you can find in the Account Security section of the Account Settings page.”

Using HTTPS may mean that some pages will take a little bit longer to load, and some third-party applications aren’t currently supported, the company said. The option is rolling out over the next few weeks. “We hope to offer HTTPS as a default whenever you are using Facebook sometime in the future,” the post says.

“Every user’s Facebook page is unique and it’s been complex pulling together all the different parts,” said Facebook Chief Security Officer Joe Sullivan when asked what the time frame is to making HTTPS the default setting. “It’s an interesting technical challenge for the company.”

While banking and e-commerce sites use encryption, social media and other sites have been somewhat slow to move in that direction–the exception being Google. Google has always offered Gmail users the ability to use HTTPS and set it as a default a year ago. The company also offers encryption for use with Google Docs and Web search.

There are a lot of ways to sell, recycle or give away those old monitors, computers, phones and cameras.

Downturn or no downturn, it’s nice to upgrade your tech gadgets now and again, especially when they are so old that your colleagues are looking at you sideways. But once you’ve bought — or been given — that great new digital camera, or smartphone, or laptop, what do you do with the old one?

You know you shouldn’t just throw it in the garbage — as a matter of fact, throwing electronics into your residential trash is against the law, here in Wisconsin. But many of us haven’t the vaguest idea how to dispose of the stuff safely.

The result? Piles of old tech gear gathering dust in basements and garages until somebody in the household just gives up and drags it all to the local dump.

Recycle it locally

While online recyclers try to make it as easy as possible to recycle your electronic gear, sometimes it’s just as easy to load the stuff into your car and haul it over to your local recycler.

In New Richmond, the Habitat for Humanity ReStore accepts electronics for recycling.  There is a small disposal fee that you will need to pay, but it goes to a great cause that you know helps people in our area.

Recycle it online

These days, one of the simplest ways to get rid of your old electronic gear is to find a company that will buy it back — or, if your device is too old or unpopular to be resold, that will recycle it for you.

It’s simple: You either find your device — or the category your device belongs to — in the site’s database. You fill out a form describing the item’s condition and how much of the original product is missing. (Do you still have the power cord? The CD with the driver? The manual?) Based on that, you get an estimate on how much the site will pay for the device (if anything). You send it in; the site’s staff looks it over and, if necessary, adjusts the payment amount or declines to pay for it. (For that reason, it’s wise to check the site’s return policy before you send your device.)

You get a check, a gift card for a popular retail outlet or payment to a charity; the site either resells the device or sends it off to be broken down and recycled.

There are now several sites that offer these services; which site you choose will depend on what types of products they accept, what types of payment they make and how easy it is to send them your devices (most provide prepaid labels, and some actually send you a box).

Below are details on two of the most popular online companies for recycling electronics.

Gazelle

Gazelle (formerly known as Second Rotation) calls itself “the nation’s largest reCommerce company” and certainly has an impressively well-organized and easy-to-navigate site. It accepts a wide range of devices, including digital cameras, external drives, camcorders, laptops, LCDs and satellite radios, among others.

Payment is via PayPal, check or Amazon gift card. It pays for shipping — in many cases, it even sends you a box — and you can donate your proceeds directly to charity if you want.

NextWorth

NextWorth’s motto is “Turn your unused into opportunity.” It allows you to trade in your iPods, iPhones, video games, game consoles, cameras, BlackBerries and GPS devices for store credit at retail outlets such as Target, Amazon or J&R. You can either walk into the store and drop off your item, or mail it in and get the check or gift card mailed to you.

The list of products that NextWorth actually pays for, though, seemed somewhat limited. For example, neither HP nor Panasonic was in NextWorth’s database of digital camera vendors during my testing. If it doesn’t have your device model listed, NextWorth does offer to give you a personalized quote and either give you cash back or (if it isn’t worth purchasing) recycle your item for free.

This is a continuation of last week’s blog post Do you really need antivirus software?

If you want your Windows PC to be secure, here are the essential steps.

1. Use a modern operating system. Windows XP simply isn’t secure enough for people to use today. It was designed more than 10 years ago, and it lacks many of the core architectural changes that make later Windows versions more resistant to attacks. Address Space Layout Randomization and Data Execution Prevention are core features that block some classes of exploits completely. File and registry virtualization (a key part of the much-maligned and misunderstood User Account Control feature) prevents hostile programs from writing to system folders. Removable drive exploits, which have represented a very common vector for spreading malware recently, do not affect Windows 7.
2. Keep your OS up to date and backed up. Turn on Windows Update and make sure it’s running properly. That single step will protect you from virtually all widespread malware attacks these days. If you’re worried about a buggy update hosing your system (highly unlikely, but theoretically possible) make sure you have a full image backup on hand. Every version of Windows 7 allows you to perform a full image backup to an external hard drive; if you schedule that operation for the day before Patch Tuesday every month (or better yet, for every Monday), you’ll be able to recover from any kind of problem. Oh, and leave the Windows Firewall turned on unless you’ve replaced it with a third-party alternative.
3. Keep applications updated also. Adobe has greatly improved its updaters in the past year. If you’re prompted to update to a new version of Flash or Reader, do it. Microsoft Office updates are delivered automatically through Microsoft Update; make sure that those are being installed as well. Remove unwanted programs that could represent a security threat. Many new PCs come with Java installed automatically. If you don’t use it, remove it.
4. Be suspicious of any new software. As I noted on the previous page, malware authors count on tricking you into installing software that claims to do one thing but actually takes over your system, stealing passwords or adding your system to a worldwide botnet. If you’re not sure a program is safe, don’t install it.
5. Set up standard (non-administrator) accounts for unsophisticated users. That category includes kids, parents, employees, and all of your non-geek friends and family members. With a standard account a user needs to talk to you (and convince you to enter the administrator’s password) before installing any new software. That conversation is an ideal opportunity to teach your family members and employees about the warning signs of potentially dangerous programs. (This is another good reason to upgrade from Windows XP, by the way, where running with a standard account is difficult because of badly written programs that require administrator rights; both Vista and Windows 7 do a better job of allowing those programs to run without compromising the integrity of the system.)
6. Use a modern browser. If you’re still using Windows XP and Internet Explorer 6, stop. I think IE8 is a good alternative, especially when coupled with Protected Mode (a security feature in Windows Vista and Windows 7). If you prefer to avoid IE altogether, that works too. There are several good reasons to prefer alternative browsers such as Firefox or Google Chrome to any version of Internet Explorer. For starters, both Mozilla and Google have generally been faster at releasing updates to security issues than Microsoft.
7. Install an antivirus program and keep it up to date. There are plenty of effective programs in this category that can run with a minimum of chatter and will block the overwhelming majority of threats. I recommend the free Microsoft Security Essentials, which is available for download or as an optional update on systems where Windows does not detect an antivirus program. If you prefer an alternative program, paid or otherwise, be my guest. Just don’t let its subscription lapse.

Do you need antivirus software on your PC?

If you’re not sure of the answer to that question, then the short answer is yes. The longer answer is that security software is only one piece of what should be a simple, straightforward, and systematic approach to your PC’s health.

Just how dangerous is it out there? Here’s what you need to know:

• No computing environment is immune. Every platform can be exploited by an attacker. This month’s Mac OS X v10.6.5 and Security Update 2010-007 included well over 100 fixes to critical security vulnerabilities, many of which could lead to arbitrary code execution. These are exactly the same types of vulnerabilities that Windows malware writers take advantage of. Fortunately for Mac (and Linux) users, their worldwide market share is small enough that malware writers simply haven’t bothered with them. If you use OS X on a Mac, I don’t think you need to install security software, but that recommendation could change someday if Apple’s platform continues to grow in popularity and attracts enough attention from bad guys.
• Good behavior alone is not enough to protect you from attacks. Visiting porn sites and downloading pirated software puts you at a much higher risk of infection, but even legitimate web sites can be compromised, and seemingly innocent results in a search engine can lead to hostile sites.
• Antivirus software is one layer among several. Depending on the type of threat, it can be very helpful, even if you consider yourself an expert PC user. But it is not a magic bullet, and it is no replacement for a well-rounded approach to security.
• No antivirus software is perfect. It is literally impossible for any security product to identify every possible threat, especially when malware writers are constantly updating their products to avoid detection. Most of the leading antivirus programs can identify and block the overwhelming majority of threats you’re likely to encounter online. The fact that they can’t reach 100% protection is why security software is only one part of a layered security strategy.
• Many types of malware are installed voluntarily. Among the most common threats are Trojans, which spread via social engineering. The job of a malware writer is to convince you to run his innocent-sounding program, which secretly does something other than its stated purpose. It might claim to be a new video playback plugin (like the one I saw last week) but actually turns out to be a program that hides on your PC and steals passwords or sends spam. Social engineering explains how an entire class of malicious fake antivirus programs made it onto the top 10 malware list for the first half of this year.
• Malware writers make their living exploiting unpatched systems. One of the top 10 threats found and removed from Windows PCs in the first half of this year was Win32/Conficker. The vulnerability that Conficker exploits was blocked by a Microsoft patch released in October 2008. In fact, that’s true of most of the top PC malware variants found in the wild. Four of the entries on the top 10 list for 2010 are based on vulnerabilities that were identified and patched in 2007 or 2008, and none of the others could have been installed without explicit user interaction on a fully updated copy of Windows.
• It’s not just Windows that needs patching. Some of the most effective malware vectors these days are coming through vulnerabilities in products like Adobe Flash and Reader, in the Java runtime, and in Microsoft Office. In most cases, the vulnerabilities were patched quickly by the software maker, but if you didn’t apply that update, you remain vulnerable. Ironically, most of these exploited programs are cross-platform; in theory, malware authors can add code to their PDF or Java exploits that target Macs or Linux PCs. So far, they haven’t done that.
• Attacks via zero-day exploits are rare. Zero-day exploits get a lot of publicity, but they rarely have a widespread impact. The worst variants of these attacks are the ones aimed at specific companies, like the targeted wave of attacks against Adobe, Google, and other high-profile companies in early 2010. And even those only succeeded because they exploited unpatched systems using an outdated browser.

So how do you protect your PC online?  Check out next week’s blog post for the answer.

Online shopping is convenient. Unfortunately, that convenience can put your personal and financial information at risk.

1: Use a credit card provider that offers one-time credit card numbers

Most major credit card providers allow you to log into their secure website and generate a one-time use credit card number.  Since it can only be used once, if it is stolen, no harm will come to your credit card.

2: Make sure the Web site is valid and trustworthy

Criminals are subverting real Web sites with malware or creating believable copies of real Web sites loaded with malware. I suggest using one or more of the site-rating Web-browser extensions. If the site is problematic, you will know.

Some of the better-known extensions are Web of Trust, LinkExtend, and McAfee SiteAdvisor. You also have the option to check questionable domains on the extension developer’s Web site.

3: Check to see whether the Internet connection is secure

This may seem obvious, but people get lulled into complacency. I have to remind myself to double-check that a closed padlock is displayed, that https is used, and that the certificate is valid — ideally, an EV certificate. Each Web browser uses a slightly different approach, so make sure you understand how your browser advertises secure Internet connections.

4: Beware of deceptive or disguised offers

When you’re filling out the information required to make an online purchase, carefully read what all the check boxes represent, regardless of whether they’re selected. Opt-in and opt-out wording may be interchanged.

5: If actively shopping on the Internet, check often for unusual debit/credit card transactions

This tip is important. In almost all cases, discovering fraudulent charges early will lessen the impact of the problem. In fact, financial institutions usually absorb the charges if they’re reported within a few days. So check often and know the liability limits used by your debit/credit card provider.

Extra tip: Call the order in if there is any doubt

Sounds simple enough, but many people don’t think of it. If I have any concerns at all, call the order in. The company may still have problems, but you don’t have to worry about its Web site being malicious or phishing for your financial information.

Another extra tip: Keep track of monthly or revolving debit/credit card charges

Have a list of all your monthly charges, like utility payments. If your credit card information is compromised, you will know who to contact.

Content courtesy of Michael Kassner http://blogs.techrepublic.com.com/five-tips/?p=322

Makers of phony security software spoof anti-malware alerts in IE, Firefox and Chrome

Scammers are spoofing the anti-malware warnings of popular browsers to dupe Windows users into downloading fake security software, Symantec said Monday.

Several malicious Web sites are displaying phony versions of the alerts that Google’s Chrome and Mozilla’s Firefox present when users encounter pages suspected of hosting attack code, said Symantec researcher Parveen Vashishtha in a post to the firm’s blog.

Rather than simply warn users that the page they’re about to visit may be dangerous — as do the legitimate alerts — the sham versions also include a prominent message that suggests downloading a browser security update.

In reality, no browser offers its users security updates from its anti-malware warning screen.

Anyone who accepts the update actually downloads bogus software, often called “scareware” because it bombards users with endless fictitious infection warnings until people pay $40 to $50 to buy the useless program.

Even the cautious can be nailed by these sites. Users who refuse the mock updates are assaulted by a multi-exploit toolkit that includes attack code for 10 different vulnerabilities in Windows, Adobe Reader, Internet Explorer and Java. Windows PCs that have been kept up-to-date with bug patches will be immune from the exploit kit, however.

“Malware authors are employing innovative social engineering tricks to fool users — it’s as simple as that,” said Vashishtha.

The strategy that Symantec pointed out isn’t new. A month ago, Microsoft‘s malware protection center warned that fake antivirus scammers were putting up bogus alerts in Internet Explorer, Firefox and Chrome.

“The similarity between the fake warning pages [and the real things] is so accurate that it can trick even highly trained eyes,” Microsoft said in early September.

It’s no surprise that scareware dealers are constantly looking for new ways to con users into downloading their good-for-nothing software: It’s a serious business.

According to the FBI, rogue security makers have made at least $150 million by duping the public.

Little wonder, then, that the fake security software industry is huge. During the 12 months from July 1, 2008, to June 30, 2009, more than 250 different phony programs tried to get on more than 43 million machines worldwide, Symantec said in a report issued last October.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg’s RSS feed . His e-mail address is gkeizer@computerworld.com.

This post is about surge protectors and ways on how to try and protect your electrical components from surges of power and how they don’t always work for lightning strikes.

Surge protectors come in all different shapes and sizes, but some don’t function very well as surge protectors at all they are more like an extension cord with a power strip attached to it.  I’ll delve into more detail on how to make sure you find a good surge protector later.

A surge protector works by taking any “surge” of voltage over a specified voltage that lasts more than 3 nanoseconds, which are billionths of a second, and dissipating it through different methods.  One of these methods is to send that surge back to the ground line through different components inside the surge protector and then let the ground line carry it out from there.  Another method is storing the extra energy into a series of circuits that let the energy back into the main line slowly so as not to disrupt the ground line and maybe cause more problems.  Lastly there is usually a fuse installed in the main line as well as a kind of last line of defense, if the fuse blows than nothing will work.

Surges can from just about anywhere or anything that can cause a surge in electricity in the power lines.  The most people are familiar with is lightning strikes, although these are not the most common forms of power surges.  Lightning strikes nearby on power lines are the leading cause to burnt out electrical components including computer hardware.  The problem with these lightning strike surges are that they cause such a huge surge of voltage that it overpowers just about all the surge protectors made.  The best guarantee to protect yourself from this surge is the unplug your computer during a thunderstorm/lightning strike.

Make sure you replace your surge protectors every two years due to the fact that the surge protector is constantly getting hit with surges in voltage.

What to look for in a good surge protector:

• Price: As a rule of thumb the higher the price the better the quality.
• Underwriters Laboratories (UL): Only buy surge protectors with a UL listed sticker on it and make sure it says Transient Voltage Surge Suppressor.
• Clamping Voltage: This is the voltage at which the surge protector will dissipate the surge.  The lower the number the better. EX: 400 V is good.
• Energy absorption/dissipation: This is given in Joules and it states how much energy it can absorb before it fails completely.  The higher the number the better. EX: 200 to 400 Joules is good.  600 and higher is Excellent.
• Response Time: This is how fast the surge protector responds to the surge.  Look for one under 1 nanosecond

With these facts in mind you should be able to find yourself a good surge protector from any store that sells them.  Some surge protectors come with a guarantee that they will protect your electronic equipment from burning out or they will replace them, but these are usually more expensive.  If you have any questions about where to buy a good surge protector or if you already have a good one, contact us at Computer Troubleshooters.  Also for more information and how the nitty gritty details of a surge portector works go to this website:

http://electronics.howstuffworks.com/surge-protector.htm