Ransomware Attacks Small Businesses

The rate of malware (ransomware) attacks on small businesses climbs at an alarming rate. The security firm McAfee warns that soon, attacks that come through social platforms will be “ubiquitous.” Small businesses are typically not able to subsidize the internal security placements to fend off these attacks, which mostly come from abroad.

6DRansomware blocks your access to data, and the DoS (denial of service) attack threatens to crash your website unless you pay an extortion fee. It’s more organized, it’s more efficient, it’s more automated, it’s more stealthy.

While some businesses give in to DoS extortion demands, others won’t have it. Attacks usually start with relatively small demands, such as $300, to see who’s game. The demands will get pumped up into the thousands quickly once a businessperson pays the initial demand: Pay once, and it’s never over.

If you get a DoS, roll with it; have the extortionist think you need time to prepare payment. Then collect all relevant e-mails and other information for your defense—but not for the police (who lack tech savvy) or the FBI (unless the loss exceeds $5,000), but for your website hosting provider.

The hosting company can collect traffic logs and often can activate DoS defenses or link you to a provider of advanced DoS resolution.

A virus, however, is a different story. Once the virus gets in there and attacks your information, it’s pretty much game over.

Bottom line: Don’t pay the ransom unless you want escalating demands or the strong possibility the extortionist won’t unlock your data after taking your money. A DoS attack will render your site down for days and can permanently lose data and upset visitors.

To avoid a DoS, go anti: virus, spyware, phishing, and use a firewall and run backups. Train your employees well. You have to be conscious of where you’re going and what you’re clicking on.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Malware at all time High

Malware is everywhere and isn’t about to disappear. The latest PandaLabs report says that last year alone, of all the malware that ever existed, cyber crooks created and distributed 20 percent of that. Malware comes in the form of Trojans, worms, viruses, adware/spyware and miscellaneous, with Trojans leading the pack.

6DRansomware seems to be gunning for the top spot, though, with a recent resurgence.

What about 2014? The 2013 Annual Security Report anticipates that the Internet of Things and Android devices will head the headlines (Android continues to be a favorite target of cyber criminals).

PandaLabs foresees that Android will get socked by hundreds of thousands of new malware strains. In 2013, criminals unleashed over two million new malware threats for Android.

Another area of attack is social media, and in 2013, even large companies, movie stars and politicians were affected.

The Trojan is a true warrior, in that it’s responsible for three-quarters of attacks, says PandaLabs. There was a huge leap in the number of circulating viruses as well, and is attributed to basically two virus families: Xpiro and Sality, says Luis Corrons, the technical director for PandaLabs.

Sality has been around for quite some time, but Xpiro is the new virus on the block, and can infiltrate “executable files on 32-bit and 64-bit systems,” says Corrons.

We’re in the midst of the malware plague; never mind the Bubonic plague. The whole planet is under attack, but some countries more so than others. China is the most infected, along with Turkey and Ecuador: 54.03, 42.15 and 40.35 percent of compromised personal computers, respectively.

Of the 10 least harmed countries, nine are in Europe; the other is Japan. For Sweden, Norway and Finland, the percentage of infected personal computers is 20.28 percent, 21.13 percent and 21.22 percent, respectively.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Ransomware demands Dollars for Data

“Ransomware” is what holds data hostage by invading one’s computer when the user clicks on a malicious link in an e-mail or downloads an infected attachment. Visiting a fraudulent web site can also trigger an attack.

CRYRansomware then goes to work at putting your files on lockdown so you can’t access them—but the hacker sure can. The crook will then have full access to your computer and all of your private information stored in it.

Ransomware in some cases masquerades as “Anti-Adware” or “Browser Security” claiming that the security product license has expired. Ransomware on Windows shows as a full-screen “error alert” like message. Though ransomware is uncommon, it’s a rising star in the world of malware.

How can you protect your computer from an infection?

  • Ensure your computer is running the most up-to-date version of your chosen operating system.
  • Use updated antivirus software.
  • Never click links in e-mails. Always go to the source or use your password manager.
  • Never go to unfamiliar web sites, as they can initiate the virus cascade.

Keep in mind that although malware and ransomware usually affect PCs running on Windows, malware can be created for any operating system and for mobiles. In fact, Android malware has been picking up steam. But Mac users should not breathe easy; they too, should be on the alert, says the McAfee Threat Report.

The best way to implement protection of your computer and devices is to install a comprehensive measure of security—in addition to sticking to that never-repeated-too-often rule of never click a link in an e-mail.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Organized Web Mobsters Getting Jobs Inside Corps

In 2009, there were a reported 140 million records compromised, compared to 360 million in 2008. In 2010 there have been almost 13 million records stolen. But don’t have a party just yet. Criminals are fine-tuning their craft and getting better. The industry just isn’t making it as easy. 97% of those records were stolen using malware – malicious software designed to attack the target’s existing systems and software in place.

A reported 50% of the malware was installed remotely. Almost 20% came from visiting infected websites and almost 10% was installed when employees clicked infected links that conned or “socially engineered” them.

A recent Verizon report stated, “Over the last two years, custom-created code was more prevalent and far more damaging than lesser forms of customization, the attackers seem to be improving in all areas: getting it on the system, making it do what they want, remaining undetected, continually adapting and evolving, and scoring big for all the above.”

This may be also attributed to an inside job. A rogue employee on the inside always has the advantage of knowing exactly how to remain undetected.

The report further stated that organized crime rings may “recruit, or even place, insiders in a position to embezzle or skim monetary assets and data, usually in return for some cut of the score, the smaller end of these schemes often target cashiers at retail and hospitality establishments while the upper end are more prone to involve bank employees and the like.”

In the past three years that’s a total of 513 million records. On average, every citizen has had his or her data compromised almost twice. Where’s your Social Security number in that mix?

To ensure peace of mind, subscribe to an identity theft protection service, such as McAfee Identity Protection, which offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts. For additional tips, please visit http://www.counteridentitytheft.com

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss another data breach on Fox News. (Disclosures)

Twitter Phishing Leads to Identity Theft

Identity Theft Expert Robert Siciliano

Twitter phishing is a growing problem and is spreading through a virus. Twitter accounts that have been hacked are spreading a link with a request to click on and download a video.

Some Twitter phishing involves Twitter porn. Today Ena Fuentes, who’s definitely a hot little number, started following me on Twitter and wants me to check out her new pics. Problem is Ena is probably controlled by a dude from some little village in an oppressed country who’s using dumb human libido to snare his intended victims.

The Register reports users who follow these links are invited to submit their login credentials via a counterfeit Twitter login page (screenshot via Sophos here). In the process they surrender control of their micro-blogging account to hackers, who use the access to send out a fresh round of phishing lures.

In the past, compromised accounts have sent pictures and links to spoofed websites. The new attacks mimick email address book attacks when the compromised account sends direct messages to the users followers. Twitter only allows direct messages to those who are following you.

When clicking links and downloading whatever intended multi media file, the unsuspecting victim may end up with a virus that spreads a keylogger and/or harvests user login details. Criminals know many internet users have the same passwords for multiple accounts.

Shortened URLs that are necessary to keep tweets within the 140 character limit help mask these scams. As explained by NextAdvisor:

“Whenever a complete URL is too long or cumbersome, many users turn to URL shortening services like TinyURL. Unfortunately, a condensed URL that appears harmless can easily lead to a malware download or phishing site, rather than the destination you were expecting. What appears to be a link to a friend’s home video may actually be pointing you toward the Koobface virus. Hackers can target a single URL shortening service and intentionally misroute millions of users.”

How to protect yourself:

  1. Don’t just click on any link no matter where it’s coming from. Attackers understand a person is more likely to click a link from someone they know, like and trust. If someone direct messages you requesting you click something, their account may be in control of a criminal.
  2. Before you click on shortened URLs, find out where they lead by pasting them into a URL lengthening service like TinyURL Decoder or Untiny.
  3. Install McAfee anti-virus protection and keep it updated.
  4. Change up your passwords. Don’t use the same passwords for social media as you do for financial accounts.
  5. Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
  6. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk.

Robert Siciliano identity theft speaker discussing hacked accounts on Fox News

Big Time Identity Theft Hackers Indicted

Robert Siciliano Identity Theft Expert

ABC news and a bazillion other outlets report that a former informant for the Secret Service was one of three men charged with stealing credit and debit card information from 170 million accounts in the largest data breach in history. The former informant, Albert Gonzalez of Florida, A.K.A “Segvec”, “SoupNazi,” and “j4guar17,” whose motto was ”Get Rich or Die Tryin'” was alleged to have been the ringleader of the criminal hacking operation of a prolific network that spans over five years of serious criminal activity. Once a criminal, always a criminal.

Gonzalez and two other unidentified hackers believed to be from Russia have been charged with hacking into Heartland Payment Systems, 7-11 and Hannaford Brothers Company, Dave and Busters and TJX Corporation, which involved up to 45 million credit card numbers..

Gonzalez was originally arrested in 2003 by the U.S. Secret Service and began working with the agency as an informant. Federal investigators say they later learned that the hacker had been tipping off other hackers on how to evade detection of security and law enforcement worldwide.

Gonzalez provided “sniffer” software used to intercept the credit and debit card numbers for the Russian hackers. Sniffer software or “malware” malicious software, acts like a virus attaching itself to a network and often spreading. The software allows the criminal hacker backdoor access to all the data in the server and provides remote control functionality.

The NY Times reports according to the indictment, Gonzalez and his conspirators reviewed lists of Fortune 500 companies to decide which corporations to take aim at and visited their stores and used a technique called “wardriving” to monitor wireless networks. The online attacks took advantage of flaws in the SQL programming language, which is commonly used for databases.

Threat Level, by Wired magazine, reported that Gonzalez had lived a lavish lifestyle in Miami, once spending $75,000 on a birthday party for himself and complaining to friends that he had to manually count thousands of $20 bills when his counting machine broke.

Protect yourself;

1. You can’t prevent this type of credit card fraud from happening to you when the retailer isn’t protecting your data. Eventually credit card protection solutions will  be available. For now, protecting yourself from account takeover is relatively easy. Simply pay attention to your statements every month and refute unauthorized charges immediately. I check my charges online once every two weeks. If I’m traveling extensively, especially out of the country, I let the credit card company know ahead of time, so they won’t shut down my card while I’m on the road.

2. Prevent new account fraud.  Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

3. Invest in Intelius Identity Theft Protection and Prevention. While not all forms of identity theft can be prevented, you can effectively manage your personal identifying information by knowing what’s buzzing out there in regards to YOU.

Robert Siciliano Identity Theft Speaker discussing credit card data breaches and the sad state of cyber security on Fox News