Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Tuesday, May 18, 2010

Security Software Doesn’t Fix Human Nature

If you’re interested in PC Security, you’ll want to check a look at research recently compiled by the folks at PC Pitstop. Even I was surprised at how much people mistakenly rely on their security software. The research shows that even with some of the most popular and/or highest quality protection computers are still at risk.

http://techtalk.pcpitstop.com/2010/05/13/the-state-of-pc-security/

It’s not uncommon for a system to be infected and users won’t even know it. Even more common is folks have no clue how an infiltration could have possibility happened. Nine times out ten it will result from a social engineered attack on our human nature. No matter how often people claim they don’t download strange software, they will. They just won’t immediately know it’s a bad file to download or bad link to click on.

Historic Social Engineered Infiltrations

In the early days, the bad guys used simple methods which aren’t much different than the creative attacks used today. Imagine you're a secretary at a company and you get a phone call like…

“This is Mr. Hunt from IBM. It seems someone did something wrong on your computer which have been damaged your accounts payable system. Could you please give me your user name and password so I can correct this error.? We don’t have to report any mistakes to your boss”.

You can bet this kind of breach wasn’t rare and still happens today with a different script. One well known hacker tells the story how he’d just leave a copy of infected floppy disks labeled “Salary Figures” laying around inside a company.

More Recent Infiltrations

Some of you may remember a spyware attack that was spread via an Email claiming to have naked photos of Tennis star Anna Kournikova. Some of you may feel users deserved to get infected falling for this one but it makes for a good example of taking advantage of human nature to spread badware. I’m sure most of you are careful when receiving a greeting card from friends or family. If you’re like me, you’ll contact the person and thank them but let them know you don’t read anything suspicious especially if it’s a online greeting card. Even if a message comes directly from a friend there’s no way to know if that friend hasn’t had their Email or Facebook account compromised. Social engineered attacks have fooled plenty of intelligent people.

Latest Infiltrations

Social engineered attacks are getting really good. Ironically, some of the trickiest scheme are given away by poor grammar and bad spelling. Today I received noticed that UPS was trying to deliver an important package but it was signed by DHL Customer Support. Many of the schemes use scare tactics to throw someone off track. Would your family and friends fall for any of the following?

“You have won a new laptop via Amazon’s best customer contest". Click here to download acceptance form.”

“Thank you for the purchase of your new Dell computer. Your PayPal account will be billed $929.95. Click here to cancel this order”.

“There is an Amber Alert for your local area Click here for more information. You can verify this is true on Snopes.com by clicking here”.

Yes, people are falling for these tricks and others. There may be one coming that will fool you so always be skeptical. If you think your family and friends need help maybe you should encourage them to read BitsFromBill.com.

Please feel free to leave a comment with a tricky scheme that didn’t fool you, or even one that did. Our best defense is for all of us to share this information.

Share on Facebook


4 Comments:

Anonymous spg SCOTT said...

"Please feel free to leave a comment with a tricky scheme that didn’t fool you, or even one that did."

One I have seen recently is supposedly from HSBC, it says that I need to verify some account details, and gives what looks to be a genuine link. It actually goes elsewhere...

Then they sent another, asking pretty much the same, warning me about themselves...the irony...

11:31 AM  
Anonymous Jim Rennie said...

A few months ago, I received a notice from the FBI telling me that I would shortly receive a message from Nigeria informing me of a sum of money due me. They had checked it out and it was valid. The FBI insignia was authentic, but the signature was from someone in the Fedril Buro of Investigation

5:44 PM  
Anonymous Anonymous said...

a new phish discussion on Calendar of Updates. it targets via a brwoser tab & scripting.

http://www.calendarofupdates.com/updates/index.php?showtopic=30992&pid=105058&st=0&#entry105058

3:16 PM  
Anonymous Anonymous said...

this is important information about a very new phish & so being able to read the article is also important

"the attack is as elegant as it is simple: A user has multiple tabs open, and surfs to a site that uses special javacript code to silently alter the contents of a tabbed page along with the information displayed on the tab itself, so that when the user switches back to that tab it appears to be the login page for a site the user normally visits."

the above COA link is cut off - it resolves to the COA forums home page. I searched on the site & found the actual webpage. After the ?, insert into the address
showtopic=30992

or from the COA homepage, find it by clicking one subtopic after the other
* Calendar Of Updates
* > Security Alerts and Technology News
* > Security News and Alerts
* > Security News
& the thread itself is
"Devious New Phishing Tactic Targets Tabs"

10:38 AM  

Post a Comment

<< Home