Friday, August 31, 2012

Buy of the Week: Targus 10.2" Sport Netbook Case for $18!

This offer expired on 9/7/12. Check top banner ad for active deals.

Targus 10.2" Netbook CaseThe Targus Sport Netbook Case is designed to protect netbooks with up to 10.2" screens. The clamshell design enables using the netbook while it is securely stowed inside of the case.

Built for travel, this case features a rugged exterior, padded removable shoulder strap and comfortable carry handle. The case also provides additional storage compartments to hold a power adapter or other accessories.

Until September 7th, 2012, you can order a new Targus Sport Netbook Case from Hyphenet for only $18, plus shipping!

Specifications for Targus 10.2" Sport Netbook Case









































Product TypeNotebook carrying case
ColorGray, black
Product MaterialPolyester
Dimensions (WxDxH)12.2 in x 3.5 in x 9.5 in
Weight24 oz
Notebook Compatibility10.2"
FeaturesPadded shoulder strap
Carrying StrapShoulder carrying strap
Manufacturer WarrantyLimited lifetime warranty

Don't miss out on this Buy of the Week! Call (619) 325-0990 to order your Targus 10.2" Sport Netbook Case today!


Buy of the Week offer valid through September 7th, 2012.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.
This offer expired on 9/7/12. Check top banner ad for active deals.

Thursday, August 30, 2012

Time to Update: Oracle Releases Java 7 Update 7 to Address 0-Day Flaws

Java

Update: Security Explorations claims that vulnerabilities exist in the new patch, Oracle confirms their findings... again.

-------

Talk about a quick turnaround!

Oracle has just released Java 7 Update 7, which according to the release notes (and related Oracle Security Alert for CVE-2012-4681) addresses the 0-day vulnerabilities that are actively being exploited by cybercriminals to infect computers with malware.

Due to the severity of the vulnerabilities and reported exploitation of them in the wild, Oracle strongly recommends that users apply the updates ASAP.

Java 7 Update 7 can be downloaded directly from the official Java website: java.com.

Update now!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

McAfee Warns of Bot Malware Spreading via Facebook Chat, Skype, GTalk, Pidgin & Other IM Services

Malware Chat AttackMcAfee is urging users to exercise caution when following links shared via chat as a crafty piece of malware is using a variety of instant messaging services to lasso as many systems as possible into its army of zombie computers.

The list of chat clients being exploited by this malware includes Facebook Chat, Skype, GTalk, Pidgin, MSN Messenger, Yahoo! Instant Messenger, and even ICQ.

The attack starts off with the user being presented with a chat window from an unknown contact containing a link to an “interesting” video, which is a common tactic used in Facebook scams.

Should the user make the mistake of following the link, the malware will be downloaded and installed on their machine [presumably via drive-by-download].  The malware is usually delivered in a file named Picturexx.JPG_www.facebook.com.

Once the malware has successfully infected a machine, it makes itself feel at home by:

  • Bypassing the firewall directly with netsh using the command line “netsh firewall allowed program” and/or modifying the firewall policy & making a registry modification to add itself as an allowed program

  • Editing the Windows registry to ensure it runs whenever the system is turned on or restarted

  • Checking for anti-malware programs such as Microsoft Security Essentials, Kaspersky Antivirus, ESET Smart Security (or NOD32 Antirvirus), Avira Antivirus, and Windows Defender so it can disable them

  • Changing the start page for Internet Explorer and modifying the preference files for Google Chrome and Mozilla Firefox


As if that weren’t bad enough, the bot malware receives commands from a remote attacker and begins pumping out malicious chat messages to others in order to collect more victims.

There is a light at the end of the tunnel, though. McAfee says that removing this malware from your system is relatively easy.

“We kill the running instances of this process using Process Explorer or Task Manager.” Niranjan Jayanand explained in a McAfee blog post on Wednesday, “The start-up entry made by the malware must be cleared as well to avoid its reloading after rebooting.”

To avoid having their computer recruited by the botnet malware, McAfee advises users to avoid clicking links from unknown sources and keeping their anti-malware/antivirus software up-to-date.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

Wednesday, August 29, 2012

There's More Than One Java 0-Day Being Exploited; Where's Oracle?!

The Dangers of Java 7Update: Oracle has released an emergency patch to fix the 0-day vulnerabilities currently being exploited.

-- End Update --

As the minutes tick away, more information about the new Java 0-day vulnerability (CVE-2012-4681) we blogged about a few days ago has surfaced, and it’s not pretty. At all.

More Than One Java Bug Putting Users at Risk


Researchers have discovered that the exploit code that’s been used in targeted attacks wasn’t leveraging just one Java 0-day vulnerability, but two.

“The first bug was used to get a reference to sun.awt.SunToolkit class that is restricted to applets while the second bug invokes the getField public static method on SunToolkit using reflection with a trusted immediate caller bypassing a security check,” Esteban Guillardoy of Immunity Inc. explained in a Tuesday blog entry.

What Does Oracle Have to Say About All This?


So far, Oracle has not commented on the 0-day vulnerability reports currently circulating.

As if their silence wasn’t bad enough, Computer World reports that Oracle has known about the 0-day vulnerabilities for months.

Adam Gowdiak, founder and CEO of Security Explorations, stated that Oracle was notified about the two security holes – along with 12 other flaws – on April 2nd. The company continued to send Java 7 vulnerabilities to Oracle until a total of 29 bugs were reported.

There hasn’t been any explanation as to why Oracle has been dragging its feet to close the security holes, but a status report Security Explorations received on August 23rd from Oracle stated they were planning on fixing the two vulnerabilities currently being used in attacks in their October Critical Patch Update (CPU), along with 17 other Java 7 flaws that Security Explorations had previously submitted.

Java 0-day Exploit Code Added to BlackHole Exploit Kit


A visit to nearly any internet security website will land you face to face with the same advice:
If you don’t need Java on your PC, uninstall it immediately. If you do need it, at least disable the Java plug-ins on your web browser to minimize the chances of a malware infection.

That advice stems from the fact that the 0-day Java exploit code has been added to the widely-used BlackHole exploit kit.

"So far we have observed over a dozen domains actively attacking systems with this exploit, and the count is increasing rapidly." Atif Mushtaq from FireEye warned in a blog post on Tuesday, "After seeing the reliability of this attack, I have no doubt in my mind that within hours the casualties will be in the thousands."

That sounds about right. The exploit code isn't reserved just for targeted attacks anymore. All it takes is a visit to a compromised site housing the BlackHole exploit pack.

Again, this Java exploit code does not discriminate against browsers or operating systems – researchers were able to successfully execute attacks against IE, Firefox, Opera, Safari, and Chrome on systems running Windows, OS X, and Ubuntu Linux.

It all depends what cybercriminals have configured the attack to drop on a victim’s machine: Windows-specific malware, or malware targeting a different OS.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

Tuesday, August 28, 2012

Phony 'Your Friend Added a New Photo of You' Facebook Notifications Spread Malware

FacebookBe careful when rummaging through your Facebook email notifications, folks.

Cybercriminals are spamming out phony Facebook notification emails claiming that a friend has added a new photo of you in their photo album knowing that there’s a pretty good chance users will jump at the opportunity to view what types of photographic evidence their friends have of their everyday shenanigans.

At first glance, the emails look authentic; however I have yet to come across a legitimate Facebook email that comes with an attachment in tow:
Subject: Your friend added a new photo with you to the album

Greetings,

One of Your Friends added a new photo with you to the album.

You are receiving this email because you’ve been listed as a close friend.

[View photo with you in the attachment]

Facebook, Inc. Attention: Department 415 P.O. Box 10005 Palo Alto, CA 94303

According to Sophos, the zip archive attached to the email (which is named New_Photo_With_You_on_Facebook_PHOTOID[random].zip) contains malware identified as Troj/Agent-XNN. Total shocker, right?

Truth be told, cybercriminals often use fake Facebook notification emails to spread malware. It was only a few weeks ago that Sophos warned of cybercrooks using fake Facebook photo tagging notifications with malicious links to spread malware, and before that the more standard “missed activity” notification emails were used.

What to Do with Fake Facebook Emails


Did you get a Facebook notification email that you suspect is a fake?

  • Do not click on any embedded links.

  • Do not download or open any attached files.

  • Report the email to Facebook.

  • Delete the email immediately.


Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

Spam Offers 'Benefits of a BlackBerry ID' with a Side Order of Malware

BlackBerrySecurity researchers are warning the public about an ongoing malware campaign targeting BlackBerry customers.

The attack starts off with a spam message posing as a notice from RIM that a new BlackBerry ID has been created. The email is said to be an exact copy of a legitimate email sent from Research in Motion (makers of BlackBerry) - complete with a spoofed email header to make it appear as if it were sent from a blackberry.com email address.

BlackBerry Spam



From: donotreply@blackberry.com
Subject: Your BlackBerry ID has been created

Your BlackBerry ID has been created

Hello,

You’ve created a BlackBerry ID!

To enjoy the full benefits of your BlackBerry ID, please follow the instructions in the attached file.

BlackBerry ID is your universal BlackBerry key. Here is what it offers:

  • One sign in for all BlackBerry applications, services, and websites.

  • Automatic transfer of some email accounts and services when you switch smartphones.

  • Full access to all features in BlackBerry App World storefront.

  • Protection of financial transactions using BlackBerry services.


You can learn more about BlackBerry ID by visiting https://blackberryid.blackberry.com/

The BlackBerry Team

This email has been automatically generated. Please do not reply to this email.

If you have not previously indicated that you wish to receive emails from Research in Motion Limited and/or its affiliated companies regarding exclusive offers and updates about BlackBerry products and services and you would like to do so, please click here.

Research in Motion Limited, 295 Phillip St., Waterloo, Ontario, Canada N2L 3W8

Attached to the email is a malicious file, “BlackBerry_ID19176974_Instructions.zip” (the string in the file name may vary), which houses malware that Microsoft detects as Worm:Win32/Gamarue.I.

Websense researchers warn that running the attachment drops other executable files and modifies the system registry to automatically start these malware programs when the system starts.

What to Do if You Receive BlackBerry Spam


If you receive a copy of this email, it’s recommended that you:

  • Do NOT click on any links or download any attached files. (There’s no indication that the links are malicious, but that can change at any time.)

  • Report the email to SpamCop.

  • Delete the email immediately.


Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

Monday, August 27, 2012

New Java 0-Day Exploit Doesn't Discriminate Against Browser or Operating System

Zero-day Java Exploit

Update: Oracle has released an emergency patch to fix the 0-day vulnerabilities currently being exploited.

-- End Update --

If you don’t need Java on your computer, disable it or remove it. Now.

Once again, security researchers are sounding the alarm about a zero-day vulnerability in Java that is actively being exploited in the wild via targeted attacks.

The security hole is said to be present in Java 7 (updates 0-6), but older versions of Java appear to be unaffected.

Of course, the real danger in this vulnerability is that the exploit code works against almost any browser and operating system that has Java installed. Researchers warn that the exploit code works against Internet Explorer, Firefox, Safari, and Opera running on Windows (7, Vista & XP), Ubuntu Linux and OS X (including Lion & Mountain Lion).

Initial reports suggested that the attack didn’t work against Google Chrome; however Rapid7 stated that they were able to successfully execute the attack in Google Chrome running on Windows XP. Write-ups of these tests can be seen here:

According to Brian Krebs of KrebsonSecurity.com, this zero-day exploit will soon be rolled into the widely-used BlackHole exploit kit as early as today. Let’s hope that isn’t the case, otherwise this exploit won't be reserved just for targeted attacks.

Given that Oracle just released their quarterly update for Java SE 6 & 7 on August 14th, the next update is not scheduled until this October. That leaves plenty of time for cybercriminals to launch a host of malware attack campaigns (unless Oracle issues an emergency fix), so it’s a good idea to disable Java browser plug-ins or uninstall it from your system until a patch is released.

Check if You Have Java Installed & React Accordingly


If you’re not entirely sure whether or not you have Java installed, you can always check your Programs in your computer’s Control Panel or head over to java.com and click the ‘Do I have Java?’ link.

If you have Java installed and do NOT need it, it is recommended that you remove it from your computer.

If you have Java installed and you DO need it, it is recommended that you dedicate a single browser to visiting Java-based websites and disable the Java plug-ins in all other browsers.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

Friday, August 24, 2012

Buy of the Week: Android 4.0 Mini PC for $70!

Android 4.0 Mini PCA computer on a stick, OEM Systems Co.'s Android 4.0 Mini PC is the smallest computer ever sold to consumers. This Mini PC allows you to run Google's full Ice Cream Sandwich operating system on any screen you attach it to, making it an inexpensive second computer for the kids or a super-portable PC that fits in even the smallest pocket.

Until August 31st, 2012, you can order a new Android 4.0 Mini PC from Hyphenet for only $70, plus shipping!

Specifications for Android 4.0 Mini PC









































ProcessorAllwinner A10 1.5GHZ Cortex-A8 high speed
RAM1 GB DDR3
Storage Drive 4 GB
WiFi802.11b/g/n
Operating SystemAndroid 4.0 (ICS)
PortsMini-HDMI;
USB;
miniUSB
Card ReadersmicroSD
Dimensions3 x 1 x .4 inches
Weight1 oz

Don't miss out on this Buy of the Week! Call (619) 325-0990 to order your Android 4.0 Mini PC today!


Buy of the Week offer valid through August 31st, 2012.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.

Wednesday, August 22, 2012

Cybercriminals Pushing Fake Flash Player for Android

Android FlashAre you looking to download Flash Player for Android? Click carefully or else you may wind up downloading malware instead.

According to researchers at GFI Labs, websites pushing malware posing as Adobe Flash Player for Android have been popping up everywhere as cybercriminals attempt to capitalize on Adobe’s decision to halt development on the mobile version of Flash Player and Google’s subsequent decision to pull the plug-in from the Play store.

A large number of the malicious sites are in Russian and they all offer the same variant of the OpFake Trojan. However, GFI Labs did find an English site hosting a fake Flash Player file called adobeflashinstaller.apk, which is bundled with adware from mobile ad network AirPush.

Once the phony app is installed, the adware is activated and users are presented with a screen that allows them to download additional apps bundled with it. From there, the app loads a Home page with what appears to be instructions on how to get the fake Flash Player, but are actually instructions on how to root your phone! (Rooting your phone is not necessary to install the legitimate Flash Player.)

After that is all said and done, the bogus app connects to a forum post on XDA-Developers to download a hacked version of the actual Flash Player app. Although the hacked version may not be malicious in itself, it still poses as a threat as it is not supported by Adobe and future updates of the app may grant or install new permissions unbeknownst to the end-user.

In addition to offering plenty of other junk apps and tricking users into rooting their phone, the adware strives to be a nuisance by:

  • Changing the user’s home page

  • Dropping shortcut files that lead to advertisements on the device and replace them if they are deleted by the user.

  • Sending pop-up ads to the phones notification bar every 15 minutes.

  • Sending all contacts stored in the device’s phonebook to advertisers.

  • Starting automatically whenever the device is turned on OR restarted. The only way to stop it is to hit the ‘Force Stop’ option in the Settings panel.


GFI Labs detects the OpFake variant as Trojan.AndroidOS.Generic.A and the adware bundled with it as Adware.AndroidOS.AirPush.A.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

Monday, August 20, 2012

Citadel Trojan Going After Airport Employee VPN Login Information

Trojan Targets AirportTrusteer researchers recently discovered a sophisticated attack involving the Citadel Trojan that’s targeting the VPN of an undisclosed major international airport.

Typically cybercriminals use the Citadel Trojan to execute online banking and financial fraud, but according to researchers at Trusteer the malware is being used to steal the VPN login credentials of airport employees to access internal airport applications.

In order to steal the desired information, the Citadel Trojan uses a combination of form grabbing and screen capture technologies in a multi-phase attack:

  1. Form grabbing is used to steal the username and password entered into the login screen.

  2. The one-time passcode generated by a strong authenticated product is obtained via desktop screenshots.


“This is a clever use of form grabbing and screen grabbing techniques by attackers.” Trusteer’s Amit Klein wrote, “It also demonstrates how enterprises that rely on strong authentication approaches are still at risk from targeted attacks if they lack cybercrime prevention security on endpoint devices. “

Trusteer notified airport officials following the discovery of the attack, and remote employee access to the VPN site was immediately disabled as a precaution. Relevant government agencies  and the vendor of the authentication product used by the airport have also been notified.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

Friday, August 17, 2012

IRS Phishing Emails Link to Malicious Websites, Spread Cridex Worm

IRS logoAny type of correspondence from the IRS tends to grab our attention. You know it, I know it, and judging by spam recently intercepted by researchers, cybercriminals know it too.

In their latest attempt to spread malware, spammers have started firing out bogus IRS notification emails stating that a recent tax payment was rejected, but the reason why won’t be revealed unless you click the link to view a Microsoft Word Document.

Here’s the email:
From: Internal Revenue Service (alerts[at]irs.gov)
Subject: Rejected Federal Tax transfer

Internal Revenue Service
United States Department of the Treasury

Your Tax payment (ID: [RANDOM NUMBER]), recently from your bank account was returned by the The Electronic Federal Tax Payment System.

Rejected Tax transaction

Tax Transaction ID: [RANDOM NUMBER]
Reason of rejection: See details in the report below
Federal Tax Transaction Report tax_report_[RANDOM NUMBER].doc (Microsoft Word Document)

Internal Revenue Service, Metro Plex 1, 8401 Corporate Drive, Suite 300, Landover, MD 20785

Spoiler: there’s no Word document.

In fact, when you click the link, you will be taken to a malicious site housing the Black Hole exploit kit, which will attempt to exploit vulnerabilities in Adobe Reader/Acrobat and Microsoft Windows Help and Support Center to drop malware identified by Microsoft as Worm:Win32/Cridex.E on the victim’s machine.

The attack is carried out silently in the background as the user is presented with a plain looking ‘Page Loading…’ page. Here's to hoping that users who click the link have antivirus capable of detecting the threat installed on their PC.

What to Do with IRS Spam


If you happen to receive the email above or another IRS phishing email:

  • Do NOT click on any embedded links or download any files attached to the email.

  • Do NOT respond to the email or provide any confidential information.

  • Report the email to the IRS by forwarding it to phishing@irs.gov.

  • Delete the email immediately.


[via Webroot][via Dynamoo]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

Buy of the Week: Intel Solid-State Drive 320 Series (80 GB) for $142!

This offer expired on 8/24/12, please check the top banner ad for our current deal.

Intel Solid-State Drive 320 SeriesThe next-generation Intel Solid-State Drive (Intel SSD) 320 Series offers better performance, built-in data protection features, larger capacities and more value for your money.

Created with 25-nanometer Intel NAND Flash Memory, the Intel SSD 320 Series accelerates PC responsiveness. With sequential read performance of up to 270 megabytes per second (MB/s), your PC will handle demanding applications and multitasking needs.

Great for consumers, corporate IT or PC enthusiasts, the Intel SSD 320 Series offers a substantial performance boost over conventional mechanical hard disk drives.

Until August 24th, 2012, you can order a new Intel Solid-State Drive 320 Series (80 GB) from Hyphenet for only $142, plus shipping!

Specifications for Intel Solid-State Drive 320 Series (80 GB)





















































TypeSolid State Drive - Internal
Capacity80 GB
NAND Flash Memory TypeMulti-level cell (MLC)
Form Factor2.5"
InterfaceSerial ATA-300
Internal Data Rate270 MBps (read) / 90 MBps (write)
4KB Random Read38000 IOPS
4KB Random Write10000 IOPS
FeaturesNative Command Queuing (NCQ),
S.M.A.R.T.
Dimensions 2.8 in x 3.9 in x 0.4 in
Weight3.1 oz
Microsoft CertificationCompatible with Windows 7

Don't miss out on this Buy of the Week! Call (619) 325-0990 to order your Intel Solid-State Drive 320 Series (80 GB) today!


Buy of the Week offer valid through August 24th, 2012.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.
This offer expired on 8/24/12, please check the top banner ad for our current deal.

Monday, August 13, 2012

Western Digital Caviar Green WD20EARX 2 TB Internal Hard Drive for $113

Western Digital Caviar Green WD20EARX Hard DriveWD Caviar Green drives make it possible for energy-conscious customers to build systems with higher capacities and the right balance of system performance, ensured reliability, and energy conservation.

Until August 17th, 2012, you can order a new Western Digital Caviar Green WD20EARX 2 TB Internal Hard Drive from Hyphenet for only $113, plus shipping!

Specifications for Western Digital Caviar Green WD20EARX













































TypeInternal Hard Drive
Capacity2 TB
Form Factor3.5" x 1/3H
InterfaceSerial ATA-600
Data Transfer Rate600 MBps
Buffer Size64 MB
FeaturesIntelliSeek,
IntelliPower,
NoTouch ramp load technology,
GreenPower technology,
Advanced Format technology,
S.M.A.R.T.
Dimensions4 in x 5.8 in x 1 in
Weight1.4 lbs
Manufacturer Warranty2 years warranty

Don't miss out on this Buy of the Week! Call (619) 325-0990 to order your Western Digital Caviar Green WD20EARX 2 TB Hard Drive today!


Buy of the Week offer valid through August 17th, 2012.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.

Friday, August 10, 2012

Nigerian Scam Swindles Victims by Offering Compensation for Being Scammed

Scam AlertSometimes you can’t help but to give scammers credit for being great storytellers.

Only a clever (and very greedy) cyberthief would think to send out a spam message offering money to compensate a scam victim JUST to lay the groundwork to scam them again.

Keep in mind that it’s highly unlikely for any money lost in a Nigerian scam to be recovered. So if you fall for one of many 419 scams floating around out there, it’s best that you consider your newfound knowledge and sense of internet security awareness as your “compensation.”

It will probably keep you from falling for Nigerian scam emails like the one below:
From: ECONOMICS AND FINANCIAL CRIMES COMMISSION (admin@efcc.nig.org)
Subject: PAYMENT OF COMPENSATION

The Economic and Financial Crimes Commission (EFCC)
15A Awolowo Road, Ikoyi, Lagos.
Nigeria
http://www.efccnigeria.org

Attention Victim,

The Federal Government of Nigeria through provisions in Section 419 of the Criminal Code came up with punitive measures to deter and punish offenders.The Advance Fee Fraud section deal mainly with cases of advance fee fraud(commonly called 419) such as obtaining by false pretense through different fraudulent schemes e.g. contract scam, credit card scam, inheritance scam, job scam, lottery scam, “wash wash” scam (money washing scam), marriage scam. Immigration scam, counterfeiting and religious scam. It also investigates cyber crime cases.

After proper investigations at Western Union Money Transfer and Money Gram office to know if you have truly sent money to fraudsters in Nigeria through Western Union Money Transfer or Money Gram, your name was found in Western Union Money Transfer database amongst those that have sent money through Western Union Money Transfer to Nigeria and this proves you right that you have truly been swindled by those unscrupulous persons by sending money to them through Western Union Money Transfer in the course of getting one fund or the other that is not real, right now we are working hand in hand with Western Union to track every fraudsters down, do not respond to their e-mails, letters and phone calls any longer, they are scams and you should be very careful to avoid being a victim to fraudsters any longer.

In this regard and in line with the meeting held in Geneva, Switzerland which mandated the Federal Republic of Nigeria through the Central Bank to compensate victims of scams defrauded by fraudsters in Nigeria, a sum of thirty thousand dollars ($30,000) has been deposited on your behalf at the Western Union office as compensation.

We have deposited your fund at Western Union Money Transfer agent location EMS Post office lagos, Nigeria. You are to contact the western union office with your details as directed, your fund has already been insured with your details to avoid misappropriation.

Contact the Western Union agent office through the email address stated below;

wuunionnig@aol.com

Yours sincerely,
Ibrahim Lamorde,
Chairman, Economic and Financial Crimes Commission (EFCC).

**************************************************************************************************

Please note that some fraudsters are claiming to be the Executive Chairman, Ibrahim Lamorde or staff of The Economic and Financial Crimes Commission have recently been sending phony e-mails/letters and also calling unsuspecting persons, with intent to defraud them. It is important to note that these fraudsters are criminals engaged in advance fee fraud. People throughout the world are falling victim to scams of various kinds. But remember - if it sounds too good to be true, it is probably a scam. In view of these, we unreservedly advice you to dissociate yourself from all correspondence and transactions entered into based on evidently fraudulent and fictitious claims.

**************************************************************************************************

What to Do If You Receive This Nigerian Scam Email


If you get your own copy of this email in your inbox, it’s recommended that you:

  • Do NOT reply to the email OR provide any personal or financial information.

  • Report the email to SpamCop.

  • Delete the email immediately.


Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

Wednesday, August 8, 2012

Spam Drags Olympic Gold Medalist Gabrielle Douglas’ Name in Dirt in Attempt to Spread Malware

Olympic Gold Medalist Gabrielle DouglasDon’t let your heart sink when an email drops in your inbox claiming that there’s a huge scandal surrounding Olympic Gold Medalist, Gabrielle Douglas – it’s all just a ploy to infect your PC with malware.

Barracuda Labs recently intercepted the following spam message, which demonstrates that cybercriminals never miss a beat and are currently trying to capitalize on the buzz surrounding the gymnast’s gold medal performance last week:
Subject: Huge scandal with the USA Women’s Gymnastics Team on the 2012 London Olympics

Recent Olympic gold medal winner, USA Women’s Gymnastics winner Gabrielle Douglas, faces a lifetime ban after reportedly testing positive to banned diuretic furosemide. With details of the case still emerging, British Olympics Committee has ordered a suspension of the athlete until final results arrive.

View the video on youtube now

Upon following the link, users will not be directed to YouTube.com, but a compromised third-party website dressed up to look like the popular video-sharing website.

Olympic Spam Links to Fake YouTube Site
Screenshot Credit: Barracuda Labs


In order to watch the [non-existent] video, users will be prompted to download a fake Flash Player update (adobe-flashplayer-update.exe), which is actually malware in hiding. Barracuda Labs identified the malware associated with this spam attack as a member of the Trojan.Clicker family.

This attack is only one of many ways cybercriminals have been looking to cash in on the Olympic games. In addition to pumping out malware-laced spam emails, cybercrooks have also taken to registering garbage Olympic domain names in order to generate revenue via advertisements and TV-to-PC scams.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

Shylock Trojan Swaps Bank's Number with Attacker's on Bank Websites

Bank IconWhoever is behind the Shylock Trojan is a big fan of chatting.

In February, Trusteer researchers discovered a configuration of the financial data stealing malware that used advanced web injection tactics to start live chat sessions between cybercriminals and their victims. This allowed fraudsters to obtain whatever information they wanted from targets in real-time.

Now Symantec researchers have stumbled upon a new variant of the Shylock Trojan that strives to spark up a conversation between victim and attacker by manipulating the bank’s contact information online, replacing the bank’s telephone number with the attacker’s.

Shylock Trojan Injects Fake Numbers on Bank Website
Photo Credit: Symantec


The numbers used by the attackers are disposable numbers, which can be easily created online. Hopefully anyone that’s presented with an injected fake telephone number gets the same results as Symantec researchers when they attempted to call: The first fake number Symantec researchers dialed instructed them to call a second number, and that second number rang without answer.

Despite not being able to reach the attackers, Symantec believes that the fake phone numbers are used by the bad guys to collect sensitive login or financial details from their victims and/or attempt to keep them from notifying their bank of any account issues.

The Shylock Trojan is said to target U.K. online banking websites, although their detection heat map (shown below) shows that the malware is present in other parts of the world.

Shylock Trojan Infection Heat Map
Photo Credit: Symantec



Protecting Your PC from Shylock


To minimize the chances of a Shylock Trojan infection, users are advised to:

  • Keep their operating system and installed software (especially Adobe Flash, PDF Reader and Java) fully patched and up-to-date.

  • Run antivirus software and keep the virus definitions current.

  • Exercise caution when browsing the web (that means no falling for social media scams or fake Adobe Flash updates) and checking email (no downloading files attached to emails from unknown sources).


[via Symantec]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

Tuesday, August 7, 2012

Scammers Phish for Victims While Impersonating Elderly Couple Who Won Lottery

Allen & Violet Large Win LotteryA few years ago, elderly couple Allen & Violet Large won the lottery and collected a cool $11.2 million dollars.

Instead of keeping their winnings all to themselves, they donated it to family members, charity groups and nearby businesses in their area.

While most of us simply appreciate idea that these folks chose to make such a generous decision to share their wealth with those around them, cybercriminals have decided to use the story as a gateway to yet another scam.

The scam starts off with an email similar to the one I received below:
From: Programa Jornal da Cultura (jornaldacultura@tvcultura.com.br)
Subject: Dear Lucky Winner….

I and my wife violet voluntarily decided to donate the sum of $500,000.00 USD to you as part of charity project to improve the lot of 10 lucky individuals worldwide.You can also verify the link below

http://www.dailymail.co.uk/news/article-1326473/Canadian-couple-Allen-Violet-Large-away-entire-11-2m-lottery-win.html

Send Your
Name..
Telephone..
Age..
Country..

To our private email: allen.violet-large01@live.com and please do not reply to this jornaldacultura@tvcultura.com.br

Good luck,
Allen and Violet Large

[Update 10/31/12: It seems scammers have bumped up the offerings to $750,000.]

As you can see, the scammers decided to throw in a link to the legitimate article to help build credibility (assuming you don't read the date).

Of course, this email was not sent by Allen or Violet Large, but a scammer that’s looking to make a quick buck through an advanced fee scheme, collect confidential information to commit identity fraud, or maybe both.

Bottom line is, don’t reply to this email (or any others like it) and definitely do NOT provide your personal or financial information.

Photo Credit: Daily Mail Online

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

Monday, August 6, 2012

Spam and Scams Hide Behind Large Number of “Olympic” Domains

2012 OlympicsKeep your guard up when browsing the internet for anything related to the Olympics.

Researchers at cloud-based antivirus firm Zscaler took a peek at the domains containing the string “Olympics” that have been accessed by their customers and noticed an alarming trend: a whopping 80% of the sites they observed were nothing more than spam or scams!

On the upside, none of the garbage Olympic sites involved sophisticated exploits and fell under one of the following categories:

  • Typosquatting Sites

  • TV-on-PC Scams

  • “Made for Adsense” Sites


Olympic Domain Typosquatters


Usually typosquatters will attempt to take advantage of spelling mistakes made when a user types in a domain by setting up survey scams to either collect information needed to dabble in identity theft or earn a commission for every completed survey through some sort of affiliate program.

For the most part, the Olympic typosquatters keep their junk domains parked and covered in advertisements and links, but a survey scam was spotted on olympics2012videoclips[dot]vidrr.net.

Example domains (based off the official nbcolympics.com domain):

  • nbcolympic.com

  • nbcolympics.org

  • nbolympics.com

  • mbcolympics.com


“TV on PC” Scams


Some cybercrooks are hoping to make a buck from people who are interested in watching the Olympics online via fake cable/satellite TV on PC subscriptions.

Example domains:

  • watchsummerolympics.com

  • watch-olympics-online.info

  • olympicstv.trueonlinetv.com

  • watcholympicslivestreams.us

  • olympic2012.livetelecast.us


"Made for AdSense" Sites


The only real focus for these types of sites is to get as much traffic to earn the scammer via Google AdSense ads. Sample site seen below.

Olympics Website Made for AdSense Ads


Screenshot Credit: Zscaler
Nothing much to see here, move along...


Zscaler did come across some malware posing as software necessary to see the Olympic games, so be careful not to download any files from untrusted/unknown sources.

Fyi, consider “streamolympicsonline.com” one of those “untrusted sources.”

For more examples of garbage Olympic domains and screenshots check out the Zscaler blog.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+

Friday, August 3, 2012

Buy of the Week: 15" Dell Vostro 1540 Laptop for $449

This offer expired on 8/10/12. Please check banner at the top of this page for active deals.


Dell Vostro 1540 LaptopKeep business running smoothly with the sturdy, budget-friendly and reliable 15.6" Vostro 1540 laptop. It offers essential mobility, brisk processing power, and vital security and IT support options.

Until August 10th, 2012, you can order a new 15.6" Dell Vostro 1540 laptop from Hyphenet for only $449, plus shipping!

Specifications for 15.6" Dell Vostro 1540 laptop

























































Display15.6" LED backlight
1366 x 768 (HD)
ProcessorIntel Core i3 380M / 2.53 GHz
Storage320 GB HDD (5400 RPM)
RAM2 GB DDR3 SDRAM
GraphicsIntel HD Graphics
Optical DriveDVD-Writer DL
Networking802.11n,
Bluetooth 3.0 HS,
Gigabit Ethernet
CameraIntegrated webcam
SoundStereo speakers,
microphone
Connection / Expansion3 x USB 2.0
HDMI
VGA
LAN
Microphone input
Headphone output
Audio line-out
3-in-1 Memory Card Reader
Operating SystemWindows 7 Home Premium 64-bit
Battery6-cell lithium-ion
48 Wh capacity
Warranty1 Year Limited Dell Warranty (on-site)

Don't miss out on this Buy of the Week! Call (619) 325-0990 to order your 15.6" Dell Vostro 1540 laptop today!


Buy of the Week offer valid through August 10th, 2012.

Note: Shipping and taxes apply.

Looking for something else? Check out our monthly deals or contact us to get a quote on the product you're searching for.

This offer expired on 8/10/12. Please check banner at the top of this page for active deals.

Thursday, August 2, 2012

AICPA Spam Threatens to Revoke License, Launches Malware Attack

AICPACybercriminals are sending out hoards of bogus emails purporting to be from the American Institute of Certified Public Accountants in an attempt to trick certified public accountants into visiting a malicious site to plant malware on their machine.

The email, spotted by internet security researchers at both Webroot and Barracuda Labs, claims that the recipient has been busted for their involvement in income tax fraud and warns that failure to refute the allegations within the allotted timeframe will result in their license being revoked.

That’s a pretty good lie to feed to someone who you want to click before thinking. The legitimate looking HTML layout probably doesn’t help either.

Here’s a copy of the email (note that the wording and number of days given to respond may vary from email to email):

AICPA Spam Malware Attack
Image Credit: Barracuda Labs



Subject: Your accountant CPA license termination

You are receiving this message as a Certified Public Accountant and a member of AICPA.
Having trouble reading this email? View it in your browser.

Revocation of Public Account Status due to tax return fraud accusations

Dear accountant officer,

We have received a complaint about your alleged assistance in income tax return fraud for one of your employers. According to AICPA Bylaw Section 700 your Certified Public Accountant status can be revoked in case of the occurrence of submitting of a misguided or fraudulent tax return for your client or employer.

Please be informed of the complaint below and respond to it within 14 days. The failure to respond within this time-frame will result in cancellation of your Accountant license.

Complaint.doc

The American Institute of Certified Public Accountants.

Email: service@aicpa.org
Tel. 888.777.7077
Fax. 800.362.5066

To no surprise, the “Complaint.doc” link in the email leads to a compromised WordPress site that displays a segment of the same speech to the user while the malware attack is silently performed in the background.

Should the attack be successful – which it may very well be if you don’t keep Adobe Flash and/or PDF reader fully patched and run antivirus on your system – then Worm:Win32/Cridex.E will be installed on your PC to partake in evil activities like traffic monitoring, data harvesting, arbitrary file downloading and whatnot.

Any login information grabbed by Cridex will be uploaded to a remote sever controlled by the attackers, which the malware religiously connects to every 20 minutes.

What to Do If You Receive AICPA Spam


If you receive an email similar to the one outlined above, you are advised to:

  • Avoid clicking on any of the embedded links.

  • Delete the email immediately.


The AICPA is aware of this phishing scheme and they have been in touch with law enforcement.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+