• Consumer Awareness: "The Dark Side of Social Networking"
• Scams and Hoaxes  
• Microsoft and Apple Security Updates
• Security Newsbytes

Consumer Awareness: "The Dark Side of Social Networking"

• Think about how a social networking site works before deciding to join it. Some will allow only a defined community of users to access posted content; others allow anyone and everyone to view postings. Don’t join any social network that asks you to share your address book or contacts.

• Always think before you click. Be wary of visiting the blog or webpage of other members because that other “member” may be a scammer, whose blog or webpage has been rigged to deliver a drive-by download of malware to your computer. If you think you have clicked on the wrong thing, contact your local computer support staff, your Internet Service Provider, or a computer consultant knowledgeable about security.

• Don't click on shortened (or "condensed") URL's, like those created by TinyURL and Bit.ly. There's no telling where these links lead to, and that makes it easy to funnel you to malicious websites. Watch out for "misspelled" links, like www.yuotube.com. Could be a typo or a trick.

• Keep control over the information you post. Consider restricting access to your page or postings to a select group of people, like friends, members of your team, your community groups, or your family.

• Keep your information to yourself. Don’t post your full name, or any personal information about yourself or about anyone else. Be cautious about posting information that could be used to identify you or locate you offline, such as where you work or work-out.

• Make sure your screen name doesn’t say too much about you. Don’t use your name, your age, or your hometown. Even if you think your screen name makes you anonymous, it doesn’t take a genius to combine clues and figure out who you are and where you can be found.

• Post only information that you are comfortable with others seeing — and knowing — about you. Many people will see your page or postings, including the people who will be interviewing you for a job five years from now.

• Remember that once you post information online, you can’t take it back. Even if you delete the information from a site, older versions are stored on other people’s computers and may be archived for years by Web search services.

• Think hard before posting your photo. It can be altered and broadcast in ways you may not be happy about. If you do post one, ask yourself whether it’s one you’d include in your professional resume. Posting pictures of children invites exploitation and could expose them to real-world danger.

• Flirting with strangers online could have serious consequences. Some people lie about who they are; you never really know whom you’re dealing with.

• Be wary if a new online friend wants to meet you in person. Do some research about them. If you decide to meet them, be smart about it: meet in a public place, during the day, accompanied by friends you trust.

• Trust your gut if you have suspicions. If you feel threatened by someone or uncomfortable because of something online, report it to the police and to the operators of the social networking site. You could end up preventing someone else from becoming a victim.

More information:

• Federal Trade Commission
• PC Magazine
• Nielsen
• Tech News World

Scams and Hoaxes

New Phishing Attacks against Facebook Users
Cybercriminals have again launched attacks against Facebook to attract account holders to fake websites by sending phishing emails so they can capture usernames and passwords. The new attacks include sending a message to the victim’s Facebook inbox and an email notification entitled “Hello” or “Hi” to the Facebook user’s “real world” email address. The phishing emails, designed to appear to come from friends of the targeted Facebook account holders, contain text and a URL prompting them to visit a fake Facebook page where the phishers steal their login credentials.  More information

Friend Stranded in Foreign Country Scam Emails
You receive an email from a friend or colleague claiming that he or she is stranded in a foreign country and desperately needs your help to get home. The email originates from the friend's real email account and may even include the same email signature that your friend usually uses when emailing you. The emails can be a clever scheme by Internet criminals designed to trick people into sending them money. Be wary of any email that you receive that asks you to wire money, even if the message appears to come from a friend.  More information

Enter your PIN In Reverse to Call Police?
This spam email claims that if criminals force you to withdraw money from an ATM, entering your PIN in reverse will automatically alert police. The technology that makes this possible exists, but banks have not implemented it. If you are ever forced to withdraw money from an ATM against your will, co-operate fully and let law-enforcement pursue the matter. There is little chance the reverse-PIN technology will be installed.  More information

Web Sites Offer Bogus Swine Flu Products
The U.S. Food and Drug Administration (FDA) released another warning about bogus flu products that are targeting consumers via websites. The FDA has issued more than 50 warning letters to offending websites, and 66% of those have removed the offending claims or products. Examples include: a shampoo that claimed to protect against the swine flu virus, a dietary supplement that claimed to prevent infants and young children from contracting swine flu, a “new” supplement that claimed to cure swine flu infection in 4-8 hours, a spray that claimed to leave a layer of ionic silver on your hands that killed the virus, and several tests to detect the virus not approved by the FDA.  More information
[Editor’s Note (Wyman): Everyone can help stem the tide of email scams by reporting them to the Federal Trade Commission at http://www.ftc.gov/spam/.]



Microsoft and Apple Security Updates
Microsoft and Apple provide free security updates for their software products.
Windows: Microsoft issues patches for all Microsoft products on the second Tuesday of each month as well as out-of-cycle patches on any day of the month. The next scheduled release date is July 14th. This is a good occasion to check manually, a practice that you should follow once every two weeks, to make sure all of the updates have been installed.
More information

OS X: Updates are issued frequently, and their contents may differ depending on which processor is in your Mac (PPC or Intel).  More information

Security Newsbytes

Apple Releases Fix for Six-month-old Java Vulnerability in Leopard and Tiger

At long last, Apple has released a patch for a six-month-old critical vulnerability in Mac OS X that could allow attackers to install data-stealing malware on users' computers when they visit an infected website. The released patch fixes the Java flaw in Leopard as well as the updated version of Tiger.  More information; Apple

Twitter Message Could be a Cybercriminal at Work
Spain-based anti-virus maker Panda Software has been monitoring an onslaught of links with malicious software on Twitter that tag hot topics such as the Air France crash, the NBA finals, “American Idol” runner-up Adam Lambert, and the new iPhone 3GS. Cybercriminals have been targeting Twitter users by creating thousands of messages (tweets) with words involving trendy topics and embedded malicious URL’s.  More information

Microsoft’s MSRT Takes Aim at Phony Anti-Virus Program
Microsoft's Malicious Software Removal Tool (MSRT) has been updated to detect a generic type of fake antivirus program known as “Win32/InternetAntivirus.” The Microsoft Malware Protection Center gives Win32/InternetAntivirus an alert level of severe. The software is a rogue program that displays false and misleading alerts regarding malware, in order to convince users to purchase rogue security software. In addition, the rogue program runs a password stealer called “TrojanSpy:Win32/Chadem.”  More information

Phony Anti-Virus Program Takes Aim at Microsoft’s MSRT
Security researchers at Computer Associates are warning about a newly unleashed fake anti-virus program that pretends to be Microsoft’s MSRT (Malicious Software Removal Tool). A fake anti-virus planted on a user’s computer displays a message that says that Microsoft's MSRT has been installed and the user needs to click on the message so that the scanning process can start. Pressing the “Finish” button causes another window named “OEM Purchase Center” to appear that offers lifelong licenses at discounted prices for products like McAfee Total Protection 2009, Norton SystemWorks 2009, Norton Internet Security 2009, and Norton 360. The “licenses” are not genuine. When users try to cancel out of the window, another bogus warning will display insisting that they purchase a license in order to protect their computers.
More information

Malware Targets Macs and PC’s Alike
Security company Sophos has Internet users on the alert for booby-trapped websites. Sophos has identified two new malware attacks that target Mac OSX with the malware OSX/Jahlav-C and OSX/Tored-Fam. Mac users visiting a rigged site receive a pop-up message that indicates a “Video ActiveX Object” needs to be installed. Users who follow the instructions end up with an infected Mac. Windows users are equally vulnerable. The booby trap identifies visitors’ operating systems (whether the web browser is running on Mac OS X or Windows) and implants malware specifically designed for PC’s.
More information

Source material reproduced with permissions from
OUCH Monthly Newsletter
SANS Institute (http://www.sans.org)
Editorial Board: Bill Wyman, Alan Reichert, Walt Scrivens, Barbara Rietveld, Alan Paller