Take Time To Understand Free Tools Before You Use Them

Free tools and technologies can deliver real value, Yet they also can present risks!

URL shortening services, for example, are fantastic, especially for those of us who love to share our knowledge and findings inside social networks. Yet they can very easily, and often do, hide a nefarious attack.

Another Free Tool to Use with Caution

Be sure to check the security of shortened URLs before clicking them. One service you may consider is urlxray.com.

Cyber Threats: Trends in Phishing and Spear Phishing

Phishing is a global problem for businesses as well as individuals, targeting 37.3 billion people globally in the past year

Most of us have wisened up to basic scams and know better than to accept a Nigerian prince's offer of money, or a miraculous win on a Spanish lottery that you can't quite remember entering. But cyber criminals are raising their game and have evolved their tactics to target the more cyber-aware for greater returns.

Sophisticated 'spear phishing' attacks can be hard to spot by the experts; even the largest of organisations is not immune. What chance does this provide the average company or employee, let alone those who use computers infrequently?

Spear phishing is not random – cyber criminals identify employees within a target organisation and use social engineering tactics to construct a legitimate looking email. The FBI have warned business to be more aware of spear phishing tactics, as hackers target employees with administrative rights or access to critical systems.

91% of APTs (advanced persistent threats) start with phishing attacks and success could give cyber criminals the 'keys' to bypass security and initiate further attacks. Clicking a link doesn't mean that you are immediately compromised; phishing is part of a larger attack.

Hackers need to expose a system vulnerability and be able to install software quickly and quietly. However, cyber criminals use advanced tactics to disguise malicious attachments and sites to trick users into further action.

This infographic by Via Resource highlights trends and targets in phishing attacks.

Google E-mail Hacked by China?

China denies any role in an alleged hack

Google on June 1 alleged that Chinese hackers attacked the Gmail accounts of several hundred U.S. officials, including military personnel, in an effort to obtain passwords and monitor the accounts.

Google says it detected and stopped the phishing campaign, which aimed to take users' passwords and monitor their e-mail activity. The White House's National Security Council is looking into Google's allegations and says it's working with the FBI to investigate the situation.

Google, meanwhile, offers these tips to its customers:

• Enable two-step user verification.
• Use a strong password for Google that you do not use on any other site.
• Enter your password only into a proper sign-in prompt on a https://www.google.com domain.
• Check your Gmail settings for suspicious forwarding addresses or delegated accounts.
• Watch for the red warnings about suspicious account activity that may appear on top of your Gmail inbox.
• Review the security features offered by the Chrome browser.

Please refer here for further details.

IBM report: computer hackers getting smarter

X-Force 2010 Trend and Risk Report from IBM

There is good news and bad news in this year’s X-Force 2010 Trend and Risk Report from IBM. The good news is that it seems that spam and phishing attacks are leveling off. Also, mobile devices have not been compromised in any big way, yet. The bad news is that IT security threats are getting increasingly sophisticated and targeted.

Based on intelligence gathered through research of public vulnerability disclosures, and the monitoring and analysis of more than 150,000 security events per second during every day of 2010, the observations from the IBM X-Force Research team finds that more than 8,000 new IT security vulnerabilities were documented, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.

There seems to be a declining interest in spamming

IBM reports the historically high growth in spam volume leveled off by the end of 2010. This indicates that spammers may be seeing less value from increasing the volume of spam, and instead are focused on making sure it is bypassing filters. Spam volumes peaked, and then leveled off — In 2010, spam volumes increased dramatically, reaching their highest levels in history. However, the growth in volume leveled off by the end of the year. In fact, by year’s end, spammers seemed to go on vacation, with a 70 percent decline in traffic volumes occurring just before Christmas and returning early in the new year.

There were significantly fewer mass phishing attacks relative to previous years, but there has been a rise in more targeted attack techniques

Although phishing attacks still occurred, the peak volume of phishing emails in 2010 was less than a quarter of the peak volumes in the previous two years. This may indicate a shift toward other, more profitable, attack methodologies such as botnets and ATM skimming. Despite this decline, “spear phishing,” a more targeted attack technique, grew in importance in 2010, as meticulously crafted emails with malicious attachments or links became one of the hallmarks of sophisticated attacks launched against enterprise networks. 2010 saw some of the most high profile, targeted attacks that the industry has ever witnessed. For example, the Stuxnet worm demonstrated that the risk of attacks against highly specialized industrial control systems is not just theoretical.

These types of attacks are indicative of the high level of organization and funding behind computer espionage and sabotage that continues to threaten a widening variety of public and private networks.

Trojan botnet activity increased during 2010

This growth is significant because despite increasing coordinated efforts to shut down botnet activity, this threat appeared to be gaining momentum. However, IBM X-Force’s data did illustrate the dramatic impact of a successful effort in early 2010 to shutdown the Waledac botnet, which resulted in an instantaneous drop off in observed command and control traffic. On the other hand, the Zeus botnet continued to evolve and constituted a significant portion of the botnet activity detected by IBM X-Force in 2010. Due to its extreme popularity with attackers, there are hundreds, or even thousands, of separate Zeus botnets active at any given time. The Zeus botnet malware is commonly used by attackers to steal banking information from infected computers.

Smartphones are still safe, but for how long?

In 2010, IBM X-Force documented increases in the volume of vulnerabilities disclosed in mobile devices as well as the disclosure of exploits that target them. The desire to “jailbreak” or “root” mobile devices has motivated the distribution of mature exploit code that has been reused in malicious attacks. However, overall, IBM X-Force concludes, attacks against the latest generation of mobile devices were not yet widely prevalent in 2010. Still, growing end user adoption of smartphones and other mobile devices is making plenty of more work for IT security departments, who are struggling to bring these devices safely into corporate networks. According to the report, best practices for mobile security are evolving with enhanced password management and data encryption capabilities.

Market will drive more cloud security

The IBM report also tackled the security issues posed by cloud computing for the first time. The report highlighted a shift in perception about cloud security, still considered an inhibitor to adoption. Cloud providers must earn their customers’ trust by “providing an infrastructure that is secure by design with purpose-built security capabilities that meet the needs of the specific applications moving into the cloud. As more sensitive workloads move into the cloud, the security capabilities will become more sophisticated.”

Over time, the report says, the market will drive the cloud to provide access to security capabilities and expertise that is more cost effective than in-house implementations. This may turn questions about cloud security on their head by making an interest in better security a driver for cloud adoption, rather than an inhibitor.

Protect Yourself from Migration Fraud

Online help for immigrants

IMMIGRANTS planning a move to Australia have been warned of scams that leave them broke and without a visa. Immigration Minister Chris Bowen has launched a new online tool to help keep potential immigrants on the right path.

"It is vital that people are aware of fraudsters' tricks before handing over money for immigration assistance which is never provided," quote from his statement.

The Protect Yourself from Migration Fraud information kit includes victims' stories, tips for staying safe online, help with identifying non-genuine websites and fake emails and links to other resources. Mr Bowen said the most widespread scam involved online registration and the provision of a credit card number.

Google Instant may end-up infecting your machine

Malicious Search Suggestions with Google Instant

Google launched its streaming search engine yesterday called Google Instant, which provides people with instant, real-time search results, and also opens the doors to search engine optimisation (SEO) poisoning and other problems.

The problem comes from hackers who create malware or fake antivirus programs and then manage to poison Google's search results in order to get their software high on the list. This is often called blackhat SEO, as it will use traditional SEO tactics but for malicious reasons.All search engines, but Google in particular, are at risk of blackhat SEO and that is not a new problem.

However, because Google Instant literally searches for everything as you type, you could be forced into a situation where you are unwittingly searching for rogueware. “As a test, I thought I'd search for 'antivirus' and see what suggestions came up. Lo and behold, Antivir Solution Pro, a well-known rogueware infection was amongst the suggested search terms,” said Sean-Paul Correll, threat researcher at Pandalabs and founder of the Malware Database.

For those who are not familiar with the rogueware, they may consider it legitimate, download and install it, resulting in their computer being infected. The fact that the rogueware was second on the list of suggested terms makes this a worrying possibility, as it amounts to Google's search engine recommending malware. It is also interesting to note that the fourth suggested search term is for the removal of that same rogueware.

IBM X-Force Mid-Year Trend and Risk Report

2010 Mid-year highlights

The IBM X-Force 2010 Mid-Year Trend and Risk Report reveals several key trends that demonstrate how, in the first half of 2010, attackers seeking to steal money or personal data increasingly targeted their victims via the Internet. The IBM X-Force Trend and Risk Report is produced twice per year: once at mid-year and once at year-end. This report provides statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, web-based threats, and general cyber criminal activity.

Summary

Attackers are increasingly using covert techniques like Javascript obfuscation and other covert techniques which continue to frustrate IT security professionals. Obfuscation is a technique used by software developers and attackers alike to hide or mask the code used to develop their applications.

Reported vulnerabilities are at an all time high, up 36%. 2010 has seen a significant increase in volume of security vulnerability disclosures, due both to significant increases in public exploit releases and to positive efforts by several large software companies to identify and mitigate security vulnerabilities.

PDF attacks continue to increase as attackers trick users in new ways. To understand why PDFs are targeted, consider that endpoints are typically the weakest link in an enterprise organization. Attackers understand this fact well. For example, although sensitive data may not be present on a particular endpoint, that endpoint may have access to others that do. Or, that endpoint can be used as a practical bounce point to launch attacks on other computers.

The Zeus botnet toolkit continues to wreak havoc on organizations. Early 2010 saw the release of an updated version of the Zeus botnet kit, dubbed Zeus 2.0. Major new features included in this version provide updated functionality to attackers.

Vulnerabilities and exploitation highlights

=> Advanced persistent threat—What concerns X-Force most about these sophisticated attackers is their ability to successfully penetrate well defended networks in spite of significant advances in network security technology and practices. In particular, we are concerned about increasingly obfuscated exploits and covert malware command-and-control channels that fly under the radar of modern security systems.

=> Obfuscation, obfuscation, obfuscation—Attackers continue to find new ways to disguise their malicious traffic via JavaScript and PDF obfuscation. Obfuscation is a technique used by software developers and attackers alike to hide or mask the code used to develop their applications. Things would be easier if network security products could simply block any JavaScript that was obfuscated,but unfortunately, obfuscation techniques are used by many legitimate websites in an attempt to prevent unsophisticated Web developers from stealing their code. These legitimate websites act as cover for the malicious ones, turning the attacks into needles in a haystack.

=> PDF attacks continue to increase as attackers trick users in new ways. To understand why PDFs are targeted, consider that endpoints are typically the weakest link in an enterprise organization. Attackers understand this fact well. For example, although sensitive data may not be present on a particular endpoint, that endpoint may have access to others that do. Or, that endpoint can be used as a practical bounce point to launch attacks on other computers.

=> Reported vulnerabilities are at an all time high—2010 has seen a significant increase in the volume of security vulnerability disclosures, due both to significant increases in public exploit releases and to positive efforts by several large software companies to identify and mitigate security vulnerabilities.

=> Web application vulnerabilities have inched up to the 55 percent mark, accounting for fully half of all vulnerability disclosures in the first part of 2010.

=> Exploit Effort versus Potential Reward—What are attackers really going after? With the number of vulnerability announcements rising and vendors scrambling to provide patches and protection to problem areas, how can enterprises best prioritize the efforts of IT administrators to provide adequate coverage? The Exploit Effort versus Potential Reward Matrix provides a simple model for thinking about vulnerability triage from the perspective of attackers.

Please refer here to download or view the report.

'Free' iPad scam fooling Facebook friends

It's also happening on Twitter

Apple's popularity with the iPod and iPhone attracted a slew of scammers, and now the latest con involves a free iPad offer from a Facebook friend.

The scammers claim it's a special promotion, but once you sign up for the 'free' offer, consumers are usually asked to participate in an online quiz and provide their cell phone number so the results can be sent to your phone.

Instead, the scammers use your cell number to sign you up for a premium cell phone service, which can cost as much as $10 a week until you unsubscribe. Facebook is taking steps to block the hackers, but new iPad scams keep popping up. It's also happening on Twitter. Experts say you should never provide a cell phone number, because scammers can sign you up for services you don't want.

SEO Poisoning Attack

A Look Inside How It Works

One of the biggest risks that users run across during their everyday Internet browsing at the moment is from what security researchers call search engine optimization poisoning or SEO poisoning. Criminal hackers are taking advantage of our blind trust in popular search engines such as Google and Bing to trick us into clicking into malicious links.

The bad guys use blackhat SEO techniques to boost the page rankings of their bogus sites. As these higher ranked sites start breaking into the top ten and top 20 results of a popular search term, users are lured into trusting the links.

Capitalizing on anything from the Haiti earthquake to Mel Gibson’s rants to the World Cup, these hackers use the links to bait users and then reel them in with malicious downloads. They unwittingly click into a malicious link due to their trust in the search engine. Channel Insider examines just how SEO poisoning is carried out by these bad guys and how common it is to see malicious links within legitimate search results.

Step 1: Compromise legitimate web sites
These will be used to form the foundation of the attack.

Step 2: Create SEO-friendly fake pages related to popular search topics on compromised sites
In the past year hackers have taken advantage of user curiosity about the Olympics, the Haiti earthquake, Corey Haim's death, the World Cup and Mel Gibson's recent craziness to formulate their SEO poisoning attacks.

Step 3: Use Google Hot Trends to search for popular terms
Hackers leverage the hottest search terms and then stuff their fake pages with additional relevant key phrases that track well with the most common way users phrase their searches.

Step 4: Crosslink with other SEO poisoned pages to boost page rankings
Hackers work on scale, with a web of hundreds of crosslink pages to ensure that their malicious sites make it to the top of the page rankings for any given search term.

Step 5: Cloak malicious content from spiders and security researchers
The reason SEO poisoning attacks have been difficult to stymie is because the hackers are shielding their attacks from search engine detection and security do-gooders. Poisoned pages serve up an alternative non-malicious page with relevant keywords and links to other poisoned pages when crawlers view a page and direct traffic to non-malicious content when it doesn't come from a search engine.

Step 6: Deliver payload
If traffic does come from a website, hackers will serve up the bad content. Right now, researchers report that the bulk of SEO poisoning attacks are used to send users to a fake AV scan page to convince them to install bogus AV 'scareware.'

SEO Poisoning By The Numbers
Symantec found that on average 115 of the 300 most popular search terms contained at least 10% malicious links.

SEO Poisoning By The Numbers
Users have a 1 in 3 chance of coming across a malicious link via searches, according to Symantec.

SEO Poisoning By The Numbers
Typically, 15 links out of the first 70 results were malicious for search terms that were found to be poisoned, according to Symantec researchers.

Watch out latest scam trend using "StarCraft 2"

'StarCraft 2' Phishing Scams Deploying Via Email


At least one version of this scheme will open up with the line, "Hello, thank you for shopping at the Blizzard Store!" according to a post on Siliconera. The first prescribed step in the email asks the user to create a Battle.net account at a URL that doesn't belong to Blizzard.

Senders' email addresses can be faked, so just because your message claims to come from Blizzard doesn't always mean that it's the real deal. Free keys or keys that come bearing receipts for purchases you didn't make are also good indicators that your email is probably a phony.

Ultimately, it's never a bad idea to check out Blizzard's Battle.net security page to make sure you're taking the proper precautions, and if you think you may have already made a terrible mistake and left yourself vulnerable to hackers, Battle.net has a response team set up to aid you in dealing with that as well. Malware in "StarCraft 2" may only be a problem with illegally pirated copies, but emails phishing for passwords have been circulating, and Battle.net users should be on the lookout for fraudulent messages that come bearing fake product keys. The scam will insert a malicious URL in place of legit Battle.net login and proceed to request personal information, so be sure to vet any unsolicited email claiming to be from Blizzard before clicking through to any unsavory links.

Social networking is driving hacker attack strategies

Study says that changes in online user's behaviour – driven largely by the rise of social networking – is pushing hackers to develop ever more sophisticated attack strategies

The report, from Blue Coat Systems, which tapped the data pool generated by its WebPulse security service, says that hackers are developing broader attack strategies, including complex blended threats, faster malware lifecycles and search engine manipulation.

According to to Blue Coat, malware is starting to be adapted by hackers in relatively rapid lifecycles – the average lifespan of a typical piece of malware dropped from seven hours in 2007 to just two in 2009, notes the report.

As a result of this faster malware lifecycle, the study says that defences that require patches and downloads are simply unable to keep pace.

Increased reliance on social networking for communication, says Blue Coat, means there is less reliance on web-based email, which dropped in popularity from fifth place in 2008 to ninth place in 2009.

And, the report adds, exploiting user trust drives most common threats. The two most common web-based threats in 2009 – the fake antivirus software and the fake video codec – both exploited user trust on the internet, search engines and social networks.

According to Blue Coat, these were not the 'drive-by' attacks of recent years, nor did they require a vulnerability to exploit other than human behaviour.

Download the report to read the detailed study and findings.

Don't download attachments even from trusted source unless you are really sure

Faux Facebook emails use password reset ploy

A widespread phishing campaign is making the rounds that claims to be from Facebook but is meant to infect victims' PCs.

The fraudulent emails arrive with a note stating that the recipient's Facebook password was changed and they can find the new one in an attached ZIP file.

The malicious attachment actually contains an assortment of malware, depending on the message, including trojans and rogue anti-virus programs. The scam is global in its reach and, as of Wednesday afternoon, the malware contained in the phishing run ranked as the sixth most prevalent global virus that McAfee was tracking. It is possible that machines compromised with the Cutwail or Rustock botnets are delivering the spam messages.

Facebook Security, in a status update on its profile page, told users that the social networking site never would send a new password as part of an attachment.

"There's another spoofed email going around that claims to be from Facebook and asks you to open an attachment to receive a new password," read the update. "This email is fake. Delete if from your inbox, and warn your friends."

Blocking the most common type of spam

To Beat Spam, Turn Its Own Weapons Against It

Researchers from the International Computer Science Institute and the University of California, San Diego have developed a method for blocking the most common type of spam. The researchers employed a trick that spammers use to defeat email filters. Each spam message is generated from a template that specifies the message content and a slight variation used to bypass the filter.

The researchers analyzed the messages to reveal the template that created them, and since the template describes all the emails a bot will send, possessing it might provide a method of blocking all spam from that bot. After testing, the team was able to block spam from a specific bot with 100 percent accuracy.

In addition, the new system did not produce a single false positive in more than a million messages, says team member Andreas Pitsillidis. This is an interesting approach which really differs by using the bots themselves as the oracles for producing the filters.

Refer here to read more details.

Ignore - Notification from MasterCard

SCAM ALERT - Mastercard international Mega Jackpot


I have received this email in my inbox, If you see similar email in your inbox, please ignore it and don't respond with any details.

All the emails are spoofed, if you see "Reply-to", you will notice tmoore58@hotmail.com, using common sense, Mastercard International will never send an email and will definitely not advise to reply to a hotmail email address. Secondly this email has been spoofed using info@mastercard.org email address, which is again not correct Mastercard International domain address.

It is safe to say that this is some what similar to Negerian SCAM we have seen in the past.


Please IGNORE such emails and ensure you don't respond with any sort of information.

Microsoft Team Traces Malicious Users

HostTracker could lead to better defenses against online attacks and spam campaigns

In a paper that will be presented at ACM SIGCOMM 2009, which takes place Aug. 17-21 in Barcelona, Spain, Microsoft researchers will demonstrate HostTracker, software that removes the anonymity from malicious Internet activity.

The researchers were able to identify the machines responsible for anonymous attacks, even when the host's IP address rapidly changed. The researchers say HostTracker could lead to better defenses against online attacks and spam campaigns. For example, security firms could create a clearer picture of which Internet hosts should be blocked from sending traffic to their clients, and cybercriminals would have a more difficult time disguising their activities as legitimate communications. The researchers analyzed a month's worth of data collected from a large email service provider to attempt to determine users responsible for sending spam. Tracking the origins of a message involved reconstructing relationships between account IDs and the hosts used to connect to the email service.

The researchers grouped all the IDs accessed from different hosts over a certain time period, and the HostTracker software searched through this data to resolve any conflicts. The researchers also developed a way to automatically blacklist traffic from an IP address if HostTracker determines that the host at that address has been compromised. HostTracker was able to block malicious traffic with an error rate of 5 percent, and using additional information to identify good-user behavior reduced the error rate to less than 1 percent.

Refer here to read more details.

Hotmail account is easy to claim, reset the password and effectively hijack the account?

Dormant Hotmail Accounts Easy Prey for Hackers

One of the most effective means of warding off spam messages and phishing scams is to create multiple, disposable e-mail addresses. Typically, one address should be for personal matters, such as correspondences between family and friends, and at least one should be used for paying bills, subscribing to online newsletters, registering for message board activities, and other such pursuits.

According to Download Squad, if one of those accounts is through Windows Live Hotmail, maintaining that address, and actively using it, is an absolute necessity. The Windows Live help files state that if the account remains inactive for over 270 days (or if it isn't used during the first 10 days following activation), then the account will become inactive and all information contained within the account's files will be deleted. If the account remains inactive for one year, then the address is reentered into circulation.

This means anyone can claim it, reset the password, and effectively hijack the account. By accomplishing this, the hackers can pose as the original account holder and request other password resets in order to gain access to any service (bank account, bill pay) that might have been previously subscribed to with the address.

Compromised e-mail accounts certainly aren't uncommon, even plaguing professional techies as scammers recently employed similar techniques to take over personal accounts of Twitter employees. For protection against such hostile e-mail takeovers, regularly check all accounts so that none of them become dormant, and definitely take measures to fortify account passwords so that Web deviants can't easily gain access to personal information.

Sophos slams US for again topping spam ranking

The US should clean up its own computers before looking to fight overseas hackers and spammers

One in six spam emails come from the US, according to a report from a security firm.
Sophos ranked the US as the top source of the unwanted messages around the world, sending 15.6 per cent of all spam globally for the second quarter of the year.

Sophos security researcher Graham Cluley called for the US to clean up its spam problem.
"Barack Obama's recent speech on cybersecurity emphasised the threat posed by overseas criminals and enemy states, but these figures prove that there is a significant problem in his own back yard,” he said in a statement.

Sophos also said that spammers are taking to social networking sites, such as Twitter, using URL shortening services such as TinyURL, bit.ly and others.

The 140 character limit on Twitter means many users turn to such services to shorten long URLs, but the shortened links obscure the actual target, letting spammers and malware writers send users to sites they might not otherwise visit.

“This is being exploited by hackers that will use the services to obscure links to offensive material or malicious websites, and then distribute the links in spam emails, as well as posting them on Twitter and other networks,” Sophos said.

The top 12 worst countries for spam distribution:

1. United States (15.6 per cent)

2. Brazil (11.1 per cent)

3. Turkey (5.2 per cent)

4. India (5.0 per cent)

5. South Korea (4.7 per cent)

6. Poland (4.2 per cent)

7. China (4.1 per cent)

8. Spain (3.4 per cent)

9. Russia (3.2 per cent)

10. Italy (2.8 per cent)

11. Argentina (2.5 per cent)

12. Vietnam (2.3 per cent)

Tagged.com stole the identities of more than 60 million

60 million users in social networking rip-off - Be Careful

New York's attorney general says that Tagged.com stole the identities of more than 60 million internet users worldwide - by sending emails that raided their private accounts. Andrew Cuomo, said he plans to sue the social networking website for deceptive marketing and invasion of privacy.

"This company stole the address books and identities of millions of people," Cuomo said in a statement. "Consumers had their privacy invaded and were forced into the embarrassing position of having to apologise to all their email contacts for Tagged's unethical - and illegal - behaviour."

Started in 2004 by Harvard math students Greg Tseng and Johann Schleier-Smith, Tagged calls itself a "premier social-networking destination." The California-based company claims to be the third-largest social networking site after Facebook and MySpace, with 80 million registered users.

Tagged acquired most of the identities fraudulently, sending unsuspecting recipients emails that urged them to view private photos posted by friends.

The message read: "(name of friend) sent you photos on Tagged."

When recipients tried to access the photos, they would in effect become new members of the site - without ever seeing any photos. Tagged temporarily suspended its online campaign last month, in response to user complaints. Email and telephone messages to the company were not immediately returned. This very virulent form of spam is the online equivalent of breaking into a home, stealing address books, and sending phony mail to all of an individual's personal contacts,.

The system was set up so that a user was asked whether the sender of the photos was a friend, then suggesting that if the recipient didn't respond, the friend "may think you said no". Every person on a user's contact list received an email that again read, "(name of user) sent you photos on Tagged." The site then released a flood of offers for everything from sweepstakes to other services.

By the time a recipient realised there were no photos, it was too late.

Please be careful out there and ensure you don't register or click on any links sent to you by Tagged claiming to be sent by your friend.

Please refer here to read full details.

McAfee Looks at Spam's Damage to Environment

33 billion kilowatt-hours (kWh) is used to transmit, process and filter spam

The global annual energy used to transmit, process, and filter spam is 33 billion kilowatt-hours (kWh), which is equivalent to the electricity used in 2.4 million homes, concludes McAfee's "Carbon Footprint of Spam" study.

The study found that spam produces the same level of green house gas (GHG) emissions as 3.1 million passenger cars using 2 billion gallons of gasoline. The study found that an estimated 62 trillion spam emails were sent in 2008, and that most of the energy consumption related to spam, 80 percent, comes from end users deleting spam and searching for legitimate email. Spam filtering accounts for 16 percent of spam-related energy consumption.

"As the world faces the growing problem of climate change, this study highlights that spam has an immense financial, personal, and environmental impact on businesses and individuals," says McAfee's Jeff Green. "Stopping spam at its source, as well investing in state-of-the-art spam filtering technology, will save time and money, and will pay dividends to the planet by reducing carbon emissions as well."

The report says if state-of-the-art spam filters were used to protect every inbox, organizations and individuals could reduce spam's energy consumption by 75 percent. However, the researchers note that although spam filtering is helpful, fighting spam at its source is even better.

Refer here to read the original article.

Be careful of fake social networking websites

Malware Impersonates Classmates and Facebook Websites to Deliver Password Stealing Trojan

Websites designed to look like Classmates.com and Facebook are currently being used to distribute a password stealing Trojan. Some of you may remember the Spyforms Malware family from a previous incident involving Barack Obama spam campaigns. In this most recent incident, the malicious web links are still primarily distributed via spam e-mails. Once clicked, the victim is presented with a realistic looking Classmates or Facebook website.

The website contains a fake YouTube video, which prompts a dialog stating “Please Download correct Flash Movie Player! Installation: Double-click the downloaded installer. Follow the on-screen instructions!” and attempts to download a file named Adobemedia10.exe or Adobemedia11.exe.

Once installed, the Trojan intercepts network traffic in order to obtain ftp, icq, pop3, and imap passwords and then sends the data back to a server in a Hong Kong based ISP (HOSTFRESH). You may recall the last major Malware incident involving the Hong Kong based ISP, which was one of the providers involved in the malware distribution operation taking place inside of the Atrivo/Intercage network.