Apr 22

Public Bank Internet banking phishing email scam

Security and Cyber crime 1 Comment »

Today I got this email, I don’t have an account at Public Bank so I can tell this is fake immediately

Fake email lure user to go to Fake site

Fake email lure user to go to Fake site

Identify phishing email

How do you know it is a phishing email? there are some suspicious spot you can find in phishing email and sites

Bank will not ask you to reset/login/update to your account

Bank will not request you to update your Passwords, Login IDs, NRIC numbers or any other personal information through e-mails / phone calls. So be VERY cautious when receiving those email

Suspicious URL/Address

The link point to suspicious URL/address, when you put your mouse cursor to a link (underlined blue word that point you to other site), the status bar below the screen will show the URL/address that the link will direct you when u click on it. Example of fake site URL are

  • http://78.176.159.50/ww2.publicbank.com.my/?main.html/
  • http://923fw2934d/ww2.publicbank.com.my/?main.html/
  • http://www.publiebank.com.my

As you can see there are suspicious IP/hex/random character in front of the address, or wrong spelling in the address. In example 3 if you don’t look properly you might overlook and got fooled

How to avoid?

Always manually type in the address, or add the internet bank to favorite/bookmark and go to the site manually instead of click on the link by email.

Fake/Phishing site to capture password

Fake/Phishing web site imitate Public bank login page

Fake/Phishing web site imitate Public bank login page

Notice the additional random character in front of the address. The site imitate public bank login page, if you type your user ID and password on it, your password will be captured by bad guys and your savings are in danger!!!

Want to familiar yourself on phishing email? This is another example

That’s all for today. Stay safe.

Tagged with:
Mar 02

Search for movie online is that easy? Think again

Security and Cyber crime No Comments »

Internet, the place where u can find almost everything. Many people try to find things they want on internet, such as lyric, movies, music and more. However internet is also a place with many malware and scam.

Search result with scam site

Search result with scam site

Malicious people set up scam site with content most people looking for, such as latest music and lyric. Then unsuspecting user go into the scam site, the scam site asking them to install something into their computer in order to access the content. Once the user install the software and BANG! Malware installed!

It's that easy to watch a new movie online?? Think again

It's that easy to watch a new movie online?? Think again

So how do you avoid this? use a link scanner such as McAfee site adviser to check whether the site is clean before visit. Do not simply install plug-in from unknown sites.

That’s all for today,  keep safe.

Tagged with:
Oct 21

AVG9. The popular free anti virus new release.

Security and Cyber crime No Comments »

AVG Free anti virus, the free version of anti virus software installed on most PC, offer decent protection and easy to use interface since version 8.5. What I like about AVG is the interface is straightforward and clean, updates are fast too. I have experience working with several anti virus software and some of them have problem which is very difficult to update, Some got ridiculously designed interface (AWWWHHHHHH!!!!! THIS MAKE ME PULL MY HAIR ALOT!!!). However my experience with AVG (since version 8.5) most of the time are decent and easy.

AVG 9, the new version of the free anti virus, is said to have faster performance. It also feature scan optimizer which skip verified legitimate application which save time while scanning.

AVG 9 Interface

AVG 9 Interface

Virus detected

Virus detected

Downloading installer

Downloading installer

AVG 9 FREE can be download at http://www.avg.com/my-ms/download-file-stb-afg

Tagged with:
Oct 15

Phishing – fake web site to capture your password

Security and Cyber crime 2 Comments »

Recently I have received some email that “from maybank”  I can tell it’s a fake for sure because I never have any account on maybank. Phishing, a technique to cheat and capture unsuspecting user password, it can be facebook, email, game and even bank account. check out this phishing email I have received

phish

Phishing email trying to direct to fake site

How do phishing work?

Phishing is a technique which mimic a web site such as internet banking, web mail login site, game login site and more, making the fake site look just like the site it mimic. Unsuspecting user directed to those site will just key in their login info and password to login. Once they key in their login info, the username and password will then captured, then the malicious site owner will have access to the user account. Phishing also involve sending emails telling the user their action is required such as your account is blocked, login required and more.Although the link (blue text with line) looks like a link to the right site, it’s actually linked to the phishing site. Even the email seems like originated from the right site, but email address can be spoofed (imitate).

Fake link that link to phishing site

Fake link that link to phishing site

How do I avoid phishing?

Most modern browser already have anti phishing function. Some search engine also have phishing filtering feature, these feature prevent you enter into a phishing site by warning you before you enter those sites. Most web mail will have security feature such as anti virus, anti spam which filter out junk mail and phishing mail. To prevent clicking on a fake link, always go to the site by typing the url of the site into the address bar.  Install anti virus/security suite on your computer to prevent malware redirect you to phishing site. For safety always change your password at least every 3 months.

I think I got logged to those site before, what should I do?

Change your password immediately, if it’s a online banking account tell the bank you think your account has been compromised.

Oct 07

Wireless Network Security – What You Need To Know

Networking, Security and Cyber crime No Comments »

Wireless network (wi-fi, wlan or 802.11) is getting more popular, unfold your laptop search for wlan in a residential area you can find few of them. But how much do you know about wireless network? Improper configuration of wireless network can cause your computers within network open to malicious attack, and even cause legal issue. This article provide you general information about wireless network security.

What’s wrong with unsecured network? is it dangerous?

Leaving your wireless network unsecured means any wlan device can connect to your network freely. Any device that are connected to your network are able to access all computer in your network, if you share any files and folder they will able to access too. Most of the time people will just connect to your network and use your internet access. But people with malicious intent can infiltrate into your network. They can steal your data, install virus or spyware into your computer, sabotage your access point and worst of all commit cyber crime through your internet access. Also beware of unsecured wireless network you can find, because computers connect to an unsecured wireless network communicate with wireless access point in CLEAR TEXT. People with network sniffer are able to look through what are you sending and receiving, including passwords.

It’s it safe to use public hotspot / wi-fi?

Connecting to public hotspot/wi-fi also connect your computer to other computer within that network. Therefore all your shared files may visible to them. Windows Vista have network profile feature that let you choose network profile every time you connect to a new network. Choose PUBLIC when you connect to public hotspot. Also enable Windows update to patch up security hole to prevent attacks from same network.

How to secure my wireless network? What is WEP and WPA?

To secure your wireless network, you will need to configure your wireless router/access point. To configure your

Security settings

Security settings

network, you open your internet browser and type in the IP address of your wireless router/access point, you can find the IP through the manual or on the device (does not apply if you changed your device’s IP), another way is open your network connection status and look for the gateway IP. The gateway IP is your router IP (Does not apply to access point). Then you will need to enter your device user and password. (Default password can be found in user manual or online).

After type in the correct IP and account information, you will then enter the device configuration web page. Find the wireless section, then security section to configure wireless security settings.

WEP (Wired Equivalent Privacy) is the most basic wireless network security protocol. Supported by most devices, but it’s consider insecure for today, because there’s a known way to crack and obtain the password easily.

WPA (Wi- Fi Protected  Access) and WPA2, is wi-fi standard to improve over WEP. WPA is more secure than WEP, and it’s considered enough security for most scenario.WPA2 is the follow on security method to WPA for wireless networks that provides stronger data protection and network access control. It provides enterprise and consumer Wi-Fi users with a high level of assurance that only authorized users can access their wireless networks. Based on the IEEE 802.11i standard, WPA2 provides government grade security by implementing the National Institute of Standards and Technology (NIST) FIPS 140-2 compliant AES encryption algorithm and 802.1x-based authentication. This is the BEST security protocol, but some device doesn’t support WPA2 or even WPA. (Hand held game console and old laptop)

So what should I do with the wireless security settings? Which one I should choose?

Choose the security mode to highest your device support, If all your wlan device support WPA2 then select WPA2, Otherwise choose lower security protocol that your device support. Choose shared key and type in your pass phrase. Save your settings. After that when u try to connect to your wireless network, it will prompt you for the pass phrase. Type in your pass phrase you have entered in your router/access point and you will be able to log on your network.

I still dont’t get it, this is too difficult

Consult your device manual, I recommend Linksys and D-Link product because they are easy to setup. If you need assistance or any questions send me a comment.

Oct 02

Symantec Launches Norton 2010 Products, Introducing New Detection Technologies in the Fight against Cyber Crime

Security and Cyber crime No Comments »

Today’s cyber threat are getting more sophisticate and more dangerous, avoiding malware is getting more difficult. Cyber criminal often design malicious sites or social engineering method to trick user install their virus into their computer, not to mention many security holes in many software. In fact, Symantec blocked an average of more than 245 million attempted malicious code attacks across the globe each month during 2008. Phony emails, fake web sites and online ads trick innocent victims into divulging personal data like social security and credit card numbers. Making internet banking and online shopping are risky things to do.

To secure your computer. You will need good security solution software to guard your computer. Symantec (Nasdaq: SYMC), the maker of  Norton security software is bringing to market a completely unique approach to online security with Norton 2010.

Norton from Symantec

Norton from Symantec

New Reputation-Based Technology – Codenamed: Quorum

Norton Internet Security 2010 and Norton AntiVirus 2010 leverage a new model of security, codenamed Quorum, to attain unmatched detection of new malware and advance far beyond traditional signature and behavior-based detection. Specifically, Quorum takes the greatest weapon cyber criminals have in their arsenal – their ability to generate unique pieces of malware at an alarming rate – and turns that very weapon against them.

Today, cyber criminals are furiously writing and then rewriting new and unique pieces of malware, hoping to stay under the radar of threat signatures for as long as possible. With Quorum, the very uniqueness of a file and its attributes is what helps us identify it as new malware. More than three years in the making, Quorum tracks files and applications and dozens of their attributes such as their age, download source, digital signature, and prevalence. These attributes are then combined using complex algorithms to determine a reputation. As a file is distributed across the Internet and these attributes change, Quorum updates the reputation of the file. This reputation is especially important when a file is new, likely to be a threat, and traditional defenses are not likely to detect it.

Independent 3rd party test lab, AV-Test.org declared the Norton 2010 beta produced “an excellent result” in their recent testing of traditional detection methods such as heuristics and signatures as well as dynamic detection against tougher zero-day threats, which typically escape detection by traditional methods.

Quotes
“One in five people will become a victim of cyber crime,” said Rowan Trollope, senior vice president, Consumer Products and Marketing, Symantec. “We know that hackers don’t destroy computers, they destroy lives. The powerful new reputation-based security in Norton 2010 gives people the power to deny digital dangers wherever they are found online.”

“The expanding number and sophistication of security threats can no longer be contained through signature files and behavioral heuristics alone,” said Jon Oltsik, senior analyst at Enterprise Strategy Group. “Symantec’s reputation-based security technology for 2010 represents a new and important safeguard in a multi-layer antivirus defense. I believe it’s likely that the internet security industry will be building on technologies like Quorum for the next ten years.”

Fastest, Lightest
Following on the success of the Norton 2009 release, Symantec has made an ongoing commitment to delivering security products that are fast and light. The Norton 2010 products have maintained an eye on performance, in spite of adding significant new protection technology to the release. Independent 3rd party test lab, PassMark Software was commissioned to benchmark Symantec and top security software competitors’ performance impact on key metrics. Highlights from this report include:

  • Fast install — Norton Internet Security 2010 installs in about a minute
  • Least working memory usage — Norton Internet Security 2010 uses just over 10MB
  • Fastest scan — Norton Internet Security 2010 scans in only 61 seconds on a Hard Disk Drive and in only 31 seconds on an Solid State Drive.

Intuitive, Easy Everyday Experience

The Norton Insight family of technologies in the new 2010 products uses extensive online intelligence systems to proactively protect the PC and keep users informed of the security and performance impact of files and applications that they encounter in their everyday online experience.

  • Norton Download Insight – Uses extensive online intelligence systems leveraging reputation to proactively protect your PC. Analyzes and reports on the safety of new files and applications before users install and run them.
  • Norton System Insight – Provides features and easy-to-understand system information to help keep PCs performing at top speed. Automatic and on-demand application optimization rejuvenates application performance. Provides a view of recent events on the computer, providing the information required to research and analyze PC issues. Performance graphs help pinpoint what’s causing a computer to slow down.
  • Norton Threat Insight – Provides details on threats that have been detected on your PC – including useful information on where it came from (the URL) and when it was initially encountered.
  • Norton Insight Network – Leverages a cloud-based approach unique to Symantec. Based on the Quorum technology, it takes cloud-based security beyond traditional blacklists and whitelists. It uses a statistical analysis of file attributes based on billions of scans on millions of computers to identify the trust level of a file. This way Norton can identify files to be trustworthy or untrustworthy that would otherwise fall into the grey area of the unknown with only traditional security methods.

Additional key technologies:

  • SONAR 2 – Sophisticated second-generation behavioral security technology that detects entirely new threats based on their suspicious actions, without the need for traditional fingerprints. Leverages data from the reputation cloud, firewall, network communications (IPS), and file attributes such as location on the PC, origin information, etc., to decide when to detect a program as a threat.
  • New Antispam (Norton Internet Security only)Powerful Enterprise-grade spam blocking engine helps keep you clear of unwanted email and safe from email-based scams and infections. 20% more effective than the previous engine and requires no training.
  • Norton Safe Web (Norton Internet Security only) – Website rating service that annotates Google, Yahoo! and Live.com search results with site safety ratings to warn users about sites that may pose a danger to them.  It also includes ecommerce safety ratings to help users make safer online shopping decisions.
  • OnlineFamily.Norton (Norton Internet Security only) – Norton Internet Security 2010 users can opt to try a subscription to OnlineFamily.Norton, a new Web-based service that keeps parents in the loop on their kids online lives and fosters communication about what’s appropriate and inappropriate behavior on the Internet.

The suggested retail price for Norton Internet Security 2010 is US$69.99 for a three PC license, which includes a one-year service subscription to use the product and receive Symantec’s protection updates. The suggested retail price of Norton AntiVirus 2010 is US$39.99 which includes a one-year service subscription to use the product and receive Symantec’s protection updates. All Norton Internet Security and Norton AntiVirus users with a valid product subscription are eligible to receive the latest product updates via the subscription service model. For more information, visit the Norton Update center at http://updatecenter.norton.com.

For more information about Norton 2010 security suite, visit Norton 2010 Microsite


Tagged with:
preload preload preload