CyberCrimes on Facebook

Now that Facebook is IPO, this wont stop the cyber crimes on the internet. Rather it has create a way for criminals on live on stakeholders by investing their tactics on social media users. Through various kinds of identity theft, linkjacking spammers send messages containing false ads or even viruses to the victims, pretending to be a Facebook friend. Hackers get malware on your machine and get tens if not hundreds of thousands of these machines under their control and then they rent them out to spammers and others to monetize the personal information they steal. These rented accounts can then be used to advertise products illicitly or to request money from unsuspecting friends.

Here are ways criminals use Facebook;

1). Commandeering Accounts: commandeering occurs when the criminal logs on to an existing user account using an illegally obtained ID and password. Once they are online, they have the victim’s entire friend list at their disposal and a trusted cyber-identity. The impostor can use this identity for a variety of confidence schemes, including the popular, London scam in which the fraudster claims to be stranded overseas and in need of money to make it home.

2). Profile Cloning: Profile cloning is the act of using unprotected images and information to create a Facebook account with the same name and details of an existing user. The cloner will then send friend requests to all of the victim’s contacts. These contacts will likely accept the cloner as a friend since the request appears to be from someone they’re familiar with. Once accepted, the crook has access to the target’s personal information, which they can use to clone other profiles or to commit fraud. Hacking acumen is unnecessary to clone a profile; the criminal simply needs a registered account.

3). Phishing: Phishing on Facebook involves a hacker posing as a respected individual or organization and asking for personal data, usually via a wall post or direct message. Once clicked, the link infects the users’ computers with malware or directs them to a website that offers a compelling reason to divulge sensitive information. A classic example would be a site that congratulates the victims for having won $1,000 and prompts them to fill out a form with certain information to be confidential. 

4). Fake Facebook: A common form of phishing is the fake Facebook scam. The scammers direct users via some sort of clickable enticement, to a spurious Facebook log-in page designed to look like the real thing. When the victims enter their usernames and passwords, they are collected in a database, which the scammer often will sell. Once scammers have purchased a user’s information, they can take advantage of their assumed identity through apps like Facebook Marketplace and buy and sell a laundry list of goods and services. Posing as a reputable user lets the scammer capitalize on the trust that person has earned by selling fake goods and services or promoting brands they have been paid to advertise. 

5). Mining Unprotected Info: Few sites provide an easier source of basic personal information than Facebook. While it is possible to keep all personal information on Facebook private, users frequently reveal their emails, phone numbers, addresses, birth dates and other pieces of private data. As security experts and hackers know, this kind of information is often used as passwords or as answers to secret security questions. While the majority of unprotected information is mined for targeted advertising, it can be a means to more pernicious ends such as profile cloning and, ultimately, identity theft.

6).Spam: Not all spam — the mass sending of advertisements to users’ personal accounts — is against the law. However, the existence of Facebook and other social sites has allowed for a new kind of spam called clickjacking. The process of clickjacking, which is illegal, involves the hacking of a personal account using an advertisement for a viral video or article. Once the user clicks on this, the program sends an advertisement to the person’s friends through their account without their knowledge. 

So in a nutshell, be wary before you click on any link, like a post or comment or fill in information from a link redirected from Facebook. Always think security not about yourself but those of your friends.

Network Vulnerabilities for Small Business

Most of the known network attacks are internally either deliberate or unintentional by the culprit. Most of the holes used by an attacker are security flaws we take for granted either as an end user or as an Administrator of a network. Large organisations prefer to outsource their network management or use other forms of network security like Novell, Solarwind or Active Directory. So what about small businesses who must think about cost before the implementation of a network security update or hiring an expert to manage their network. Here few security tips you can implement on your network on your network and at the user end.

1. Printer : if you are using a network printer , change the default IP and admin password of the printer after setup. If you are not using a network printer, probably a shared printer across the network, ensure that anyone that comes into your network cannot easily access your shared printer or folder. This can be done by assigning a network password before access to a shared network.

2.Shared Document: Access to the shared document must be through a network password as i said earlier, but you can also add the right to only view not edit to guest or other users except admin users.

3. Network Devices: This can be your Routers, Switches or Repeaters. Physical access to this devices must denied to anyone, except the administrator .All default password to this devices must be changed and remote access for configuration should be disabled. Ensure you use WPA2 as your wireless security because of its 128bits encryption. and if possible its adviced you make use of static IP address over DHCP .

4. Laptop or Desktop: Most Operating System from Windows Vista upward has applications that has the ability to encrpt your Hard Disk i.e Bitlocker, Truecrypt. Ensure your browser is set not to store passwords and Block reported malicious website. The boot option should be set only to Hard Drive while all other boot options should be disabled and after this a bios password should be set.

5. USB Ports: This can help prevent users or outsiders from maliciously stealing data or to simply prevent users from using external storage due to the data theft issue. For instance to block new USB storage devices from installing, deny access of these two files to the desired users or groups by modifying their file permissions through groupedit, from the BIOS or using 3rd Party Softwares ie DeviceLock , USB PortLock

6. Softwares : A very good anti-virus should be used most especially an internet security ant-virus. Always allow Install Microsoft Updates to fix holes through its patches. There is one other thing if using a genuine Microsoft Operating System, install Microsoft Security Essentials

Preparing for the Internet Outage?

Are you prepared for the July 9, 2012 deadline that the FBI has set to shut down temporary “clean” servers.This is when hundreds of thousands of computers will be unable to access the Internet because of actions by the FBI.How prepared are you or your organization before the deadline approaches.

Last November, the FBI announced the successful shutdown of a major click-jacking fraud ring in a joint investigation with Estonian authorities and other organizations, including anti-malware company Trend Micro. Seven individuals, including six Estonians and one Russian, were charged with wire fraud and computer intrusion crimes. The investigation, dubbed, “Operation Ghost Click“, included the takedown of a botnet comprising nearly 4 million infected computers. Authorities raided datacenters located in New York and Chicago, removing nearly 100 servers. The computers that were members of that botnet were infected with the malware known as DNS Changer that has been in circulation since 2007. So is your PC a member of the botnet?

Affected users then would be directed to sites that served malware, spam or large advertisements when they tried to go to popular websites such as Amazon, iTunes and Netflix. Additionally, some variants of the malware blocked access to anti-malware and operating system update sites to prevent its removal.

So how do you check if you are infected? Below are steps to follow:

1. Manually check OS computers for infection; Click start , then click run but if you are using vista or windows 7( type run) then enter. Once is up type ipconfig/all, then check from the list display the DNS Server IP. Essentially, if your DNS servers IP listed include one or more of the addresses in the following list, your computer might have been infected:

    85.255.112.0 through 85.255.127.255
    67.210.0.0 through 67.210.15.255
    93.188.160.0 through 93.188.167.255
    77.67.83.0 through 77.67.83.255
    213.109.64.0 through 213.109.79.255
    64.28.176.0 through 64.28.191.255

Also note you need to check your router SOHO settings of DNS.

2. Going to the any of the following sites below.

a. http://www.dns-ok.us/ : This site will display an image with a red background if the machine or router is infected. On a clean machine, it will be a green background. There are other sites you can visit, depending on your language or locality.

Site                               Language                          

www.dns-ok.us             English                              

www.dns-ok.de            German                             

www.dns-ok.ca            English/French                   

dns-ok.gov.au               English                               

dns-changer.eu            German, Spanish, English 

3. The FBI also provides a form where you can enter the IP address of the DNS server configured on the machine:

Now that i may be infected what do i do next?

Below are some steps to follow:

a). The first thing you want to do is make a backup of all of your important files.  You might go to a computer store or shop online for a portable hard drive and copy all of your files onto that drive.

 b). Either you or a computer professional that you rely upon and trust should follow the “self help” malware clean up guides listed below.  The goal is to remove the malware and recover your PC from the control of the criminals that distributed it.  If you were already thinking of upgrading to a new computer, now may be a good time to make the switch. If not, then a full reinstall of the operating system will ensure a successful repair or using some removal tools available i.e:

i) Hitman Pro

ii). Kaspersky Lab TDSSKiller

iii). McAfee Stinger

iv).Microsoft Windows Defender Offline

v). Microsoft Safety Scanner

vi). Norton Power Eraser

vi). Trend Micro Housecall

vii). MacScan

viii). Avira

c).Once you have a clean PC, follow instructions for ensuring that your DNS settings are correct.  If you’re not using a new PC, you’ll want to check that your computer’s DNS settings are not still using the DNS Changer DNS servers.  We hope to have some of our own instructions soon. You also have the option to return to using your ISP-provided automatic settings by choosing the “automatically” option (Windows) or deleting any DNS servers listed (MacOS).
 

d).After you have fixed your computer, you will want to look at any home router you’re using and make sure they automatically use DNS settings provided by the ISP.  We’ll have a document for this soon.

Changing DNS is only one of the functions of the malware kits.  The malware could have been used for capturing keystrokes or acting as a proxy for traffic to sensitive sites like bank accounts or social media.  It would be a good idea to check your bank statements and credit reports as well as change passwords on any online accounts especially saved passwords from your applications or web browsers.
 

What to consider when buying a Laptop

1. CPU(Processor): This is very important when purchasing a PC, because the speed in which your processor calculates and process instruction given determines how quick its response time will be. It is usually in GHz, when buying so the higher the frequency(Hz) the better the performance. Examples;

Intel Processor

32 bit order of low to high: Celeron> Pentium M > Celeron M > Intel Core .> Dual Core

64 bit order of low to high: Xeon> Pentium Dual Core> Celeron M> Intel Pentium(Core i3,i5,i7)

AMD Processor

a. AMD sempron is a 32 bit processor, which has only one processor core. It supports the HyperTransport technology. .

b. AMD Athlon 64 x 2 dual core can be used to run 32 bit applications and 64 bit applications. It is equipped with two cores. One of the processing cores is located in the chip. It has a faster speed compare to AMD sempron. Because it offers faster speed, it can handle multiple open programs efficiently.

c. AMD opteron provides the capability to perform 32 bit computing and 64 bit computing. AMD Opteron is built based on the Direct Connect Architecture. AMD Opteron is originally designed to run 32 bit applications. It is used in 1 way – 8 ways server and workstations.

2.Sockets: Ensure your laptop has enough USB, firewire or other ports(parallel, serial, s-video) depending on your needs.

3. Screen-size: Depending on what you want to use it for, you can choose from a variety of screen size which is measured in inches (12", 15", 17", 21" ).

4. Hard Drive: If you are the type that deals with software and Data, then you need a huge storage space. For a standard user a 160GB HDD is ok or you could decide you want more.

5. RAM: The more the RAM, the better the PC can handle more task in conjunction with the processor. For someone who work on softwares which requires Graphics, will suggest you go for at least 4GB RAM on a windows 7. If you have a lesser RAM, and your PC requires more RAM to run an Application then it will start eating up into the HardDisk to form a Virtual Memory. This has its down size, because you will be over working the HDD. So its better you get another higher RAM.

6. Battery Life: If battery life is very important to you, then check if the manufacturer offers a long battery life.

7. Peripherals: Those the laptop has Bluetooth, wireless, webcam, Optical Drive etc.

Reset your BIOS Password

There are lots of tools to reset your BIOS password, but will recommend the following haven used it. They are as follows;

1. PC CMOS Cleaner:  a tool to recover, delete, decode and display the superior passwords stored in BIOS whatever the brand is. Most types of BIOS such as AWARD, AMI, Compaq, Phoenix, Samsung, IBM, Compaq, DTK, Thinkpad, Sony, Toshiba are supported. It’s an bootable CD that runs on x86 and x86_64 computers. It can display the superior passwords of the BIOS, remove BIOS password(will set the BIOS to default status, need reset date).

2. !Bios:  developed for a brute, blunt removal of passwords from BIOSes. !Bios can decrypt the passwords used in some most common BIOS (including various bioses/versions by IBM, American Megatrends Inc, Award and Phoenix). !Bios can do crude, brutal attacks which remove password from a lot of Bioses.

 NB: a very dangerous tool which can give unexpected and unwanted results.

3.CmosPassword:  Designed by CGsecurity, it decrypts password stored in cmos used to access BIOS SETUP. It works with the following BIOSes: ACER/IBM BIOS, AMI BIOS, AMI WinBIOS 2.5, Award 4.5x/4.6x/6.0, Compaq (1992), Compaq (New version), IBM (PS/2, Activa, Thinkpad), Packard Bell, Phoenix 1.00.09.AC0 (1994), a486 1.03, 1.04, 1.10 A03, 4.05 rev 1.02.943, 4.06 rev 1.13.1107, Phoenix 4 release 6 (User), Gateway Solo – Phoenix 4.0 release 6, Toshiba and Zenith AMI. With CmosPwd, you can also backup, restore and erase/kill cmos. You will have to logged in as administrator, run 

c:\cmos>ioperm -i

then run

c:\cmos>cmospwd_win.exe

4. Default Passwords:

AMI Backdoor or Default BIOS Passwords
A.M.I.
AAMMMIII
AMI
AMI SW
AMI?SW
AMI_SW
BIOS
CONDO
HEWITT RAND
LKWPETER
MI
Oder
PASSWORD

Phoenix Backdoor or Default BIOS Passwords
phoenix

  

Tango vacancies

Exciting vacancies for programmers, software designers etc

For the URL, click Tango  . 

Enjoy your stay on this site