The recent fever over the FIFA World Cup made unsuspecting victims an easy target for malware makers, spammes, and scammers using the sport as a means to spread nefarious software or lure users into money-making scams.

It seems the entire world was in the grip of the 2010 FIFA World Cup fever as several countries vied for football supremacy in South Africa. Unfortunately, malware makers, spammers, and scammers capitalized on the fever as well, using references to the event as a means to spread nefarious software or lure unsuspecting users into money-making scams.

Some of the threats included 419-style scams, lures selling fake tickets, even fake products and business opportunities related to the World Cup. One particular ploy involved a couple of websites selling a bogus filter to cancel out the sound of noisy “Vuvuzela” trumpets in TV broadcasts. Scammers had even used legitimate websites to sell them—such as eBay and other auction sites.

Several spammers used sophisticated techniques to confuse SPAM filters by using tools to automatically scrape the text from hundreds of websites (including news sites) and using them to spray random bits of this text into their messages. Another new development that was seen were targeted attacks on top executives of international manufacturing companies and government agencies.

With the 2010 World Cup behind us, what does this mean to us now? Everyone should always be on guard against websites, links, or messages that seem too good to be true (because most likely they are), but understanding that scammers and spammers especially thrive during popular events helps everyone to be on extra high alert.

Do you use the the Energizer DUO USB battery charger? If so, you’ll be interested to know that the United States Computer Emergency Response Team (US-CERT) has warned that software included in this charger contains a software “backdoor” or Trojan that allows hackers to remotely access vulnerable systems.

In its advisory, the US-CERT warned that the installer for the Energizer DUO software places files in your system that allow an attacker to potentially remotely control your system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with your logged-on privileges and starts every time you start your computer. Furthermore, the Trojan operates whether the charging device it works with is connected or not.

Energizer has acknowledged the issue in a statement released at its website. The company said it has discontinued sale of this product and has removed the site to download the software. In addition, Energizer is directing consumers to uninstall or otherwise remove the software from your computers.

This incident illustrates the fact that these days threats to your computer and/or network can come from anywhere–including something as seemingly innocuous as your USB battery charger. As always, we advise our clients to be constantly vigilant against such threats. If you don’t have the time or resources to do this yourself (and most don’t!), perhaps it’s time to consider our Managed Security services. Give us a call – we’ll be glad to help.

Related articles:

• Energizer Announces Duo Charger and USB Charger Software Problem (marketwatch.com)
• Sony Music CDs surreptitiously install DRM Trojan horses on PCs (zdnet.com)
• Malware hitches a ride on digital devices (securityfocus.com)

Users beware of ransomware: malicious software that extorts money from users in exchange for freeing the user’s computer or data. One particularly nasty version was recently discovered by researchers at CA which came bundled with a software download called uFast Download Manager. The malware blocks Internet access for users until they pay the publisher a fee via SMS. Users who download the software are immediately infected, seeing a message posted in Russian demanding a ransom under the guise of activating the uFast Download Manager application. To keep your computer environment safe, always be wary of downloading suspicious free software on the Internet. If you need help or are unsure, please contact us first so we can help!

In a previous post, we pointed out how just browsing the web these days can possibly infect your PC with malware. To show how dangerous surfing can become, Symantec recently released their list of the “Dirtiest Websites of Summer” – the top 100 infected sites on the Internet based on number of threats detected by their software as of August 2009. The list identifies websites that could compromise security with risks including phishing, malicious downloads, browser exploits, and links to unsafe external sites.

Some interesting findings from the study:

• The average number of threats per site on the Dirtiest Websites list is roughly 18,000, compared to 23 threats per site for most sites
• 40 of the Top 100 Dirtiest Sites have more than 20,000 threats per site
• 48% of the Top 100 Dirtiest Web sites feature adult content
• 3/4 of the Top 100 Dirtiest Web sites have distributed malware for more than 6 months
• Viruses are the most common threat represented on the Dirtiest Websites list, followed by security risks and browser exploits

You can read more about this research at Symantec’s website. If you suspect your PCs are at risk, or if you want to ensure your website doesn’t get hijacked by cybercriminals, contact us. We can help.

Related articles:

• Symantec lists “Dirtiest Web Sites”
• Virus Security By Leveraging Community And Clouds
• Smartphone users need more security

Organized criminals believed to be based in Eastern Europe are robbing small to midsized US businesses of millions of dollars via an elaborate scheme aided by malicious software. Recent reports reveal that over the past few months, several businesses have fallen victim to unauthorized fund transfers whereby hundreds of thousands of dollars from the businesses’ bank accounts have been transferred to accounts in Europe, and in some cases, to the accounts of willing or unwitting accomplices in the United States.

According to the reports the victims, usually the company CFO or owner, were sent malicious software as attachments to email, which when opened remained resident on the victims’ machines and stole the victims’ passwords to their online banking websites. The cybercriminals used this information to initiate transfers from their accounts of up to US $10,000 at a time to evade notice and detection from their bank’s anti-fraud or money laundering detection systems and protocols.

Your business might be at risk. Make sure you are protected from this type of fraud by securing your PC and network from malicious software. Do not open suspicious-looking attachments and make sure you have the necessary protection in place, such as firewalls, antivirus software, and other methods of protection. Need help? Contact us today.

Related articles:

• Comment: online banking? No thanks
• Know When Something is Being Installed on Your Machine
• Cybercrime victim? 3 telltale signs and what to do

From annoying to destructive, malware is a bane to any computer system and the person who uses it. The benevolent Wikipedia defines malware (short for malicious software) as: “software designed to infiltrate or damage a computer system without the owner’s informed consent.”

The good news though, is that there are simply ways to avoid getting infected by malware. Clearly having the right anti-virus and security installed and up to date is critical – that’s where we help. But it’s also important to know how you can make a difference.

Here are few simple tips to help you keep your system malware-free:

1. Never click indiscriminately
These days, there are ads and pop-ups, designed to induce a PC user to click on them. From sexy models to seemingly too-good-to-be-true offers and promotions, many web advertisers are counting on people’s curiosity and the impulse to click away. The thing is, many of these ads lead you to unsecure sites filled with malware.

2. Cancel Autorun.
When you plug in a portable hard disk or flash drive, you computer automatically opens a window with preset options to enable file viewing for that drive. Immediately opening a flash drive allows infections to access your system, so cancel the window and scan first before opening the drive or any file inside it.

3. Never open suspicious emails.
Unsolicited email is always best unopened and deleted immediately. If you don’t know who sent it, send it straight to the trash bin and delete it forever.

4. Only download if you must and only from trusted sites.
Installing peer to peer downloads may be a great source of free music, media and software. But it’s not only piracy and is probably prohibited by your company policy – it’s also a fertile breeding ground for files embedded with Trojans, worms, and other forms of malware. Download files only when necessary and only do so from legitimate and trusted sites.

You make the difference
Your behavior online plays a big factor in making your PC and your system malware free. Especially if you’re on a network, failing to exercise caution not only compromises your system, but everyone else who’s connected to the same network. A simple click on a wayward link or ad can cause your whole company to be bombarded by spam, so always be careful in what sites you go to and what files you open and download.

If you’d like us to come in and talk to your staff about this and other safe-computing habits just let us know.

While the internet is a vast resource for all sorts of information, data, and other useful thingamajigs, there are aspects of it that aren’t so desirable. Viruses, for instance. They wreak havoc in your system, destroying files, crashing the operating system – generally making life much more difficult. But if you thought that viruses were the only nasty thing out there that you need protection from, think again.

Adware (advertising software) and malware (malicious software) are types of harmful software called “spyware” that are not usually covered by anti-virus scans. While viruses affect your system directly, spyware runs in the background and transmits information about you through the ’net, which can be used a number of ways ranging from annoying to downright illegal.

These dangers are often unnoticed by users since they don’t directly affect the computer’s operation the way viruses do. What’s more, many people confuse them with viruses, but they’re very different and should be handled differently. Lots of spyware can also slow down your computer, so it’s important to have anti-spyware programs installed on your computer to keep it free from these harmful invaders.

There are many free spyware scanners and removers on the internet – simply download and install one, and then run it on a regular basis. Scanning for adware, spyware, and malware takes approximately the same time as doing a virus scan. Also, remember to update your scanners so that you have current definitions and less chance of overlooking new threats. Finally, we recommend that you refrain from visiting and downloading from unfamiliar websites since they could serve as hosts for both spyware and viruses.