Security – Page 20 – Paul's Tech Talk

Fake Emails about Windows Support spam!

PaulMarch 9, 2009

According to Trend Micro, Some malicious software is being sent to unsuspecting users about Windows SP1 andSP2 having a error that could damage software or even hardware. See Trends blog with the photos of the fake spam.

[ad#ad2-right]Although from time to time Microsoft does send out security information to Technet subscribers people have also used this in the past to get people to install Viruses and Malware, like this one that installs TSPY_BANKER.MCL. TSPY_BANKER.MCL monitors the affected user’s online transactions and steals banking related information

Microsoft sends e-mail messages to subscribers of our security communications when we release information about a security software update or security incident. Unfortunately, malicious individuals can and have sent fake security communications that appear to be from Microsoft.

[Via Microsoft]

So if you get an email from Microsoft you’ll probably want to delete it. Any Microsoft communications will be sent from the Update center. You should never install software that is from an untrusted website. If you are concerned you should check the web and find out what people are saying about the situation and see if it is a scam or true!! Remember only you can prevent a virus or Malware!

How do you like your Cricket USB Modem?

PaulMarch 7, 20093 Replies

Lately I talked about the A600 USB 3G modem and Now I want to hear from the Readers? You see I can’t do my best reviewing these with comments from the readers, that being you.

Click the picture to send me email, just remember to replace “AT” with “@”.

So I want to hear what you think about either the USB UM100 Modem or the A600 USB 3g Modem? Here a re a few things to answer when you write your email.

Something will go to the people who email me? I want to publish some of these comments on my blog for all to read. I want to hear if what I am publishing helps you? I will even give your credit as to who wrote it. If you have a site or something you want to promote by all means add that to your testimonial. Here’s the basic questions that should be talked about:

Which one did you buy? (Cricket USB A600 or Cricket USB UM100)

Did you Upgrade from the Cricket USB UM100 to the Cricket USB A600?

Are you using it for travel or Primary internet?

Is it for business or Pleasure?

Are you happy with your choice?

Do you recommend the Modem to friends and family?

Any Situation you can think of where this has been helpful?

I am going to be asking for comments from Cricket about this also and I will be publishing this later on this month but before I do that you will have your chance to tell the company what you think of their Broadband solution. Please keep these comments family friendly, if you cuss and I publish it, be advised I will edit the cussing to be family friendly.

When do you “Never Fold”

PaulMarch 5, 2009

So I got this email and wanted to show you just how try to get you to link to their site:

I got this email and wanted to talk about how people link to sites they shouldn’t. Although this a real site, I had my doubts from the get go. You see it talks about sending 21 visitors to my site. I got to the site Neverfold.net which after I looked and there I am but I wonder why? Because Poker and Calicanis have nothing in common with Poker or at least news and all that.

[ad#ad2-right]As you can see when you go to that site via the link he gives me, which by the way if you weren’t paying attention is a hidden link with Neverfold.net/?pg=YKchR. As you can see this is a way for him to know when you click it to put your name on the forum page. You can tell because Ref: YKchR is at the bottom of the email. This is most likely a generated email by a bot, I did even more research to find out more information. I found out that the so call 5k to 7k page views were bogus. I checked with Alexa, and I find out this:

In the last few days the of this site they have dropped from 2k per day to under 1k because of links dieing out. You see Google takes the page rank out when you don’t have any new people linking to you in 3 months. So I am guessing this has been going on for quite some time. So I had to make sure before I said anything, I did a Google search for my name in there forums and I came up with nothing. I am guessing there is a Nofollow links going on. So I thought I would also make sure to add the Nofollow link. I also know about Google Juice and how it works and know about the No follow. I have read how others are not quite sure what is going. Found this Gambling Forum where they were talking about this type of email and they weren’t to sure about this site. I love how people think you’ll link to them without doing some kind of investigation. I encourage all webmasters if you get an email like this you should do your own investigation and not expect the email to be truthful. Since this email isn’t being truthful to me, I feel no obligation to give it any more than it is due.

I hate Snopes Spam

PaulMarch 5, 2009

As you know Snopes is used to find out about urban Legend and Rumors:

I received a Virus alert from my RSS feed about Email virus warning. It even adds a Snope URL. The Author just copies and pasted the virus warning into the blog without even going to Snopes.
[ad#ad2-right]

According to Snopes and I’ll quote:
Although the Postcard virus is real, it isn’t a “BIG VIRUS COMING” (it’s already been around in multiple forms for a long time now), it will not “burn the whole hard disc” of your computer, CNN didn’t classify it as the “worst virus” ever, and it doesn’t arrive in messages bearing a subject line of ‘Invitation.’

[Via Snopes]

Now as you can tell the link described in the blog post was “http://www.snopes.com/computer/virus/postcard.asp”. If you went there, you’d have seen this as a not really true and some parts of this might be but that part about burning your Hard drive or even consider the Worst virus isn’t true.

Some things you need to consider before forwarding anything is:

Is it completely True?

Is it Legitimate? (True blown warning about something like a product recall or something important like that)

Does it Say to Forward? (if so it is probably not wise)

is it from a Friend (If so you might want to remind the friend nicely that it isn’t nice to send spam)

If you follow some of these suggestions you’ll be making the Internet a far better place for everyone. Remember if you don’t know, it’s time to learn. if you do know, it is time to teach. These are the fundamental aspects of using the internet the right way. Also if it is a fake virus warning you should tell them to get a Free Anti-virus and Firewall to better protect them. Also remind them that if they keep their system updated then they shouldn’t be too worried. Remember only you can prevent a Computer Virus and it’s up to you keep your system up to date.

Microsoft Releases the Patch Information for March

PaulMarch 4, 2009

Microsoft Has Released the Patch information For march and This is what is expected to be patch on March 11, 2009:

Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (Kb949029) — This security update resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (affected System : Microsoft Office)

[ad#ad2-right]

Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (Kb949031) — This security update resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. (affected System : Microsoft Office)

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (Kb949030) — This security update resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (affected System : Microsoft Office)

Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (Kb933103) — This critical update resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (affected System : Microsoft Office)

These Four are all Critical and should be applied the week of March 11, 2009. Their are Seven Patches coming out, but these are the main focus. According to Microsoft they have released MS08-014, MS08-015, MS08-016 and MS08-017 to better help you find out which ones are affected.

Now is the time to get AutoPatcher ready and make sure it is up to date on any patches that might of came out this month that you didn’t know about. Also consider downloading the new version of Anti-virus and Firewall software while you are it. In case you come accross a rogue virus and need to disinfect it!! Some of these patches for this month is due to the EXCEL vulnerability that is out right now and is in the wild, so that should be your top priority once Tuesday come around. Remember hackers will start exploiting these patches on Wensday and you will be racing against the clock. One last bit of information for the Mac Users you should also apply these patches they are vulnerable to according to Microsoft. I’ll update as more information becomes available!!