Close
Updated:

CLLB Information Security Newsletter. Volume 3 Number 9 September 2010.

Volume 3 Number 9 September 2010.

September 2010
Detecting and Avoiding Fake Anti-Virus Software

From the Desk of David Badertscher
Your Computer Is Infected with Malware!

You may be familiar with this or similar messages appearing on a website, urging you to take action purportedly designed to clean your allegedly infected computer. Unfortunately, these messages are often scams that attempt to install malicious software (malware) onto your computer. Such software is referred to as rogue (fake) anti-virus malware, and the incidents are increasing. Last year, the FBI reported an estimated loss to victims in excess of $150 million from this type of scam[1][1].

How can my system get infected?

These types of scams can be perpetrated in a number of ways, including via website pop-up messages, web banner advertisements, spam and posting on social networking sites. Scams are also appearing via the use of “tweeting.” The rogue software scam generally uses social engineering to make the user believe his or her machine is infected and that by taking action (clicking on the link provided) the machine will be cleaned. If you click on the malicious link, you may be downloading malware onto your machine. The names of the fake programs sound legitimate, and often, in a further attempt to make the malware appear legitimate, the programs may prompt you to pay for an annual subscription to the service.

Some varieties of rogue anti-virus programs will also get installed on your machine without any interaction by you: your machine could be compromised just by you visiting a website with a malicious ad or code and you wouldn’t know.

What is the impact from rogue anti-virus software?

Rogue anti-virus software might perform many activities, including installing files to monitor your computer use, steal credentials, install backdoor programs, and add your computer to a botnet. The installation of malware could result in a high-jacked browser (i.e., the browser navigates to sites you did not intend), the appearance of new or unexpected toolbars or icons and sluggish system performance. Additionally, another concern related to rogue anti-virus software is the false sense of security you may have, erroneously believing your machine is protected by anti-virus software when in fact it is not.

What can I do to protect my computer?

Applying computer security best practices will help protect your machine and minimize any potential impacts.

1. Don’t click on pop-up ads that advertise anti-virus or anti-spyware programs. If you are interested in a security product, don’t try to access it through a pop-up ad; contact the retailer directly through its homepage, retail outlet or other legitimate contact methods.

2. Don’t download software from unknown sources. Some free software applications may come bundled with other programs, including malware.

3. Use and regularly update firewalls, anti-virus, and anti-spyware programs. Keep these programs updated regularly. Use the auto-update feature if available.

4. Patch operating systems, browsers, and other software programs. Keep your system and programs updated and patched so that your computer will not be exposed to known vulnerabilities and attacks.

5. Regularly scan and clean your computer. Scan your computer with your anti-spyware once a week.

6. Back up your critical files. In the event that your machine becomes infected, having backups of your important files will facilitate recovery.

NOTE: Regarding the above recommendations, many organizations have formal processes that automatically update and patch appropriate software, scan computers and perform file back-ups. In these cases, no end user action is necessary.

For more information, please visit:

Partial Listing of Rogue Security Software: http://en.wikipedia.org/wiki/Rogue_software

Free Security Checks: www.staysafeonline.info/content/free-security-check-ups

Malware: www.onguardonline.gov/topics/malware.aspx

Spyware: www.onguardonline.gov/topics/spyware.aspx

For more monthly cyber security newsletter tips visit:
www.msisac.org/awareness/news/

The above information is from tips provided by the Multi-State Information and Analysis Center (MS-ISAC). To learn more about MS-ISAC go to http://www.msisac.org/ . This information is intended to increase the security awareness of an organization’s end users and to help them behave in a more secure manner within their work environment. While some of the tips may relate to maintaining a home computer, the increased awareness is intended to help improve the organization’s overall cyber security posture
MORE NEWS AND INFORMATION:

The Data Liberation Movement
By Rob May TechNewsWorld
09/17/10 5:00 AM PT

Despite the advanced portability of data, the world’s largest cloud computing vendors are fighting to lock their customers within their proprietary formats. But it does not need to be this way. Data liberation is a movement that is gaining momentum among enterprises and cloud vendors alike. These progressive businesses and consumers desire to control their data regardless of its location.

http://www.technewsworld.com/story/The-Data-Liberation-Movement-70844.html

Database Security Survey by Oracle: Budget is Top Concern of Administrators
By Brian Prince on 2010-09-16
Database administrators have a busy job keeping up with the mountains of data being created and managed by enterprises every day. Unfortunately, security can sometimes get the short end of the stick on the list of IT priorities. In its annual survey, the Independent Oracle Users Group discovered many of the issues that database professionals confronted in 2010 are virtually the same as the issues they tackled in 2009. The survey, conducted by Unisphere Research, polled 430 data managers and IT professionals in the user group. The report found a numbers of problems in how databases are managed, including a lack of monitoring, encryption and user management. These issues impacted database environments both big and small. However, the good news is that the percentage of respondents whose IT security spending went up was greater in 2010 than in past years. So just where should enterprises spend their security money when it comes to databases? The answer is that help is needed in several areas. Here, eWEEK takes a look at what those areas are and how IT managers can deal with these issues.

http://www.eweek.com/c/a/Database/Database-Security-Budget-Top-Admins-Concerns-Oracle-User-Survey-Says-786379/?kc=EWWHNEMNL09212010STR5

Defuse the Data Breach Time Bomb

By Linda McGlasson. Agency Insider Blog of Banking Information Security, September 20, 2010.

It’s the hidden data breach threat to which everyone has access, and it is probably very near your own office.
I’m talking about the ubiquitous printer, copier, and fax machine that everyone uses. It’s also a ticking time bomb. Last week, the Federal Deposit Insurance Corporation issued new guidance on stopping this risk in the FDIC Bulletin, Guidance on Mitigating Risk Posed by Information Storage on Photocopiers, Fax Machines and Pronters (FIL-56-2010), September 15, 2010.

http://blogs.bankinfosecurity.com/posts.php?postID=716&rf=2010-09-23-eb Article.

Contact Us