*************************************************************
OUCH: The Report On Identity Theft and Attacks On Computer Users
Volume 1, No. 12 December 01, 2004
*************************************************************
Major threat this month:
Don't Get Hooked By Phishing Scams During the Shopping Season
Experts are warning that online shoppers need to be extra watchful for
phishing scams this holiday season. Online shopping is expected to
surge 25 percent over last year and email phishing scams have rocketed
by a staggering 1,200 percent since last January.
Read the full story here:
http://www.internetweek.com/showArticle.jhtml?articleID=53701025
************************
Take Note: When you update your Windows computer, you usually must get
both the Windows updates and Microsoft Office updates. They are at
different sites, which are:
Office Update often requires the user to have their original media
CDs available to perform updates. Microsoft's explanation for this is
in the Office Update FAQ (frequently asked questions) at
http://office.microsoft.com/en-us/FX010402221033.aspx#6
Users taking advantage of Microsoft's automatic updating and patching
of Microsoft Windows may not be aware that Windows update does *not*
also automatically update Microsoft Office products. You have to do
it manually.
************************
What To Avoid This Month
- I. Email from people trying to get you to divulge private details.
- They are usually trying to steal your identity (and your money).
- II. Virus and Hoax Alerts
-
- III. Covert phishing scam lies in wait for its victims
- IV. Important Phishing Information
-
- V. Alleged Phisher Arrested in Boston
- VI. Many Users Replacing Internet Explorer
- VII. Alliance Formed to Fight ID Theft, Phishing Schemes
******************************
More Details About Things To Avoid
- I. Email from people trying to steal your identity (and your money)
- I.1 Sovereign Bank - 'Sovereign Bank Unauthorized Account Access':
- I.2 Paypal - 'Your Account Will Be Suspended'
- I.3 Citibank - 'Citibank Alerting Service'
- The Bait: It arrives in the form of an email that requests "...We
Were unable to process the recent transactions on your account.
To ensure that your account is not suspended, please update your
information by clicking here..."
- What it tries to make you do: Divulge your personal banking
information such as your debit card information, citibank.com
username/password
- Where you can see how it actually appears:
http://www.antiphishing.org/phishing_archive/11-10-04_Citibank/11-10-04_Citibank.html
- I.4 People's Bank - 'New Mail from People'
- I.5 Suntrust Bank - 'Internet Banking with Bill Pay Fees Waived'
- I.6 Citibank - 'Your online activity confirmation'
- I.7 eBay - 'Account Suspension Notice - Section 9'
- II. Virus/Hoax Alerts:
-
- II.1 Sophos: Training course emails are a scam
-
- II.2 W32.Sober.I@mm
-
- The Bait: An unexpected email that arrives in your mailbox with
various subject lines such as 'hi there', 'Registration
confirmation', etc.
- What it tries to make you do: Open the attached file, and
if you do, and follow the instructions, it infects your
machine with this virus.
- Where you can read more on this story:
http://www.symantec.com/avcenter/venc/data/w32.sober.i@mm.html
- II.3 SymbOS.Skulls
-
- II.4 The latest version of the Mydoom virus suggests to security
experts that a much-anticipated "zero day" attack may have already
arrived.
-
"Zero day" refers to an exploit, either a worm or a virus, that
arrives on the heels of, or even before, the public announcement
of a vulnerability in a computer system. This week's version of
Mydoom appeared only two days after a security flaw in Windows
Internet Explorer was made public by two hackers, according to
experts.
Where you can read more on this story:
http://enterprisesecurity.symantec.com/content.cfm?articleid=5054&PID=182998&EID=796
- II.5 W32/Mydoom.ah@MM
-
- The Bait: Receiving an unexpected email that states "Congratulations! PayPal
has successfully charged $175 to your credit card"
- What it tries to make you do: It tries to make you click on a link
provided within email.
- Where you can read more on this story:
http://vil.nai.com/vil/content/v_129631.htm
- III. Covert phishing scam lies in wait for its victims:
-
According to experts, this is a low risk for now, but this could be a
sign of worse things to come. Experts have detected a phishing
scam that will not require you to click on a link in the email
in order to gather your personal data while banking online.
It works by installing a diverter script on your browser so that
when you try to go to your bank's website, you are diverted to
the phisher's fake website which appears identical to your bank's.
Where you can read more on this story:
http://software.silicon.com/security/0,39024655,39125549,00.htm
- IV. Important Phishing Information:
- IV.1 What To Do If You've Given Out Your Personal Information
If you have been tricked by a phishing method into giving out your
personal financial information, do not wait for things to happen
or wait for the problem to resolve itself. Take immediate action
to protect your identity and your money.
Click on the following link for advice on what to do if you are in
this situation.
http://www.antiphishing.org/consumer_recs2.html
- IV.2 Identity Theft Help Sites
The following links are provided to assist you in case of Identity
Theft.
Canadians will find the following side especially valuable: http://www.psepc.gc.ca/publications/policing/phishing_e.asp
- IV.3 Things you should do to protect yourself:
Since most of the phishing emails come through spam, get
a spam filtering software program and install it on your computer.
If you suspect a phishing attempt, report it immediately to
your bank. Every bank web site has a link or a toll-free
number to report scams. Don't be embarrassed if you were
tricked into divulging account information. If you report
it immediately, your account will be protected until you
receive a new PIN.
Change your password and PINs regularly. Banks advise that
you use separate PINs and passwords for different accounts.
That way, if one gets compromised, your entire financial life
won't be revealed.
If you are a frequent user of eBay, download its Web
browser toolbar, a small program that runs with a
user's Web browser. It flashes red when the user visits
a possible spoof site. The toolbar uses a database of
spoof site URLs submitted by customers, and is updated
quite often.
Check your computer frequently for possible virus infection with
an anti-virus software program.
Regularly update your browser with patches.
And more ideas from InfoWorld
http://www.infoworld.com/article/04/11/01/HNonlineidtheft_1.html
- V. Boston police have arrested an alleged phishing scam artist. Andrew
-
Schwarmkoff has been arraigned on counts of fraud, larceny, identity
theft and receiving stolen goods. Schwarmkoff, who is alleged to
be a Russian mobster, was ordered held in lieu of US$100,000 bail.
Where you can read more on this story:
- VI. Many Users Replacing Internet Explorer
-
The Washington Post reports that after Microsoft cemented a monopoly
of the Web-browser market, it let Internet Explorer (IE) go stale,
parceling out ho-hum updates that neglected vulnerabilities routinely
exploited by hostile Web sites.
Then came FireFox, the latest in web browsers. Firefox blocks pop-up
ads automatically, does not use Active X (which has been known to
cause problems), and resists "phishing" scams, in which con artists
lure users into entering personal info on fake Web pages.
Where you can read more on this story:
http://www.washingtonpost.com/wp-dyn/articles/A47146-2004Nov13.html?sub=new
(This site requires registration)
Editor's Note (Paller): FireFox, like IE, has security vulnerabilities.
Another IE alternative is the Opera browser (www.opera.com) which will
probably be found to have security flaws, as well.
- VII. Alliance Formed to Fight ID Theft, Phishing Schemes
-
Five online security software and service providers have formed the
Anti-Fraud Alliance Group in order to help e-commerce and financial
services firms fight fraudulent online activities such as phishing
and identity theft.
Where you can read more on this story:
http://enterprisesecurity.symantec.com/content.cfm?articleid=5077&PID=182998&EID=799
|