Dropbox Scam Emails

We're seeing a LOT of phishing emails pretending to be from Dropbox.

The general rule is this: The email heading begins: "(name) sent you an invitation"

The body of the email contains a link (to sign up to Dropbox, but as you would (hopefully) guess, it's a bogus link.

Please be aware.

Please do NOT click on links in emails.

Be safe......

home_logo_2x-vflh0bgUF.png
Posted on May 28, 2013 .

Twitter adds 2 factor authentication

This is a big deal. If you have a Twitter account, please do yourself a favour and follow the steps below to enable two factor authentication. It will give you a huge security boost.

  1. Visit your account settings page.
  2. Select “Require a verification code when I sign in.”
  3. Click on the link to “add a phone” and follow the prompts.
  4. After you enroll in login verification, you’ll be asked to enter a six-digit code that we send to your phone via SMS each time you sign in to twitter.com.

Check out the link on Twitter: https://blog.twitter.com/2013/getting-started-login-verification

Posted on May 22, 2013 .

New iCloud password flaw

It was recently announced that a vulnerability has been found that allows people to change a users iCloud login credentials.

It seems as if a hacker can gain access to your account using a combination of birth date, email address and a "modified url"

At time of writing, Apple has taken down it's iForgot link that allows you to answer security questions to reset your password.

Apple also just announce a two step authentication process for accessing your account which we would strongly urge you set up. It currently takes 3 days from setting up to implementation  to protect your account.

Here's the link from Apple that describes the process: Two Factor Authentication

Posted on March 23, 2013 .

The " Dear User..." Email

Just as a little simple reminder, if you ever receive an email from a courier company, a financial institution, PayPal, Bank, Tax refund, and it starts with the phrase "Dear User" or " Dear Account Holder" ALWAYS be suspicious.

These companies will ONLY ever use your full name, and thus anything else must not be trusted.

That's also not to say you should immediately trust an email from your bank that uses your full name. You should always be suspicious first, because in general, these people will not write to you via email very often, and certainly not for updating your account details by clicking a link.

If you believe the email to be real, the safest option is to go directly to their website by manually typing in their URL into your browser. That way you know for sure it's taking you to the website you expect to be going to.

As ever, be very wary about emails with links embedded that asked to be clicked on.

ALWAYS BE SUSPICIOUS OF EMAILS ARRIVING IN YOUR INBOX

Posted on March 18, 2013 .

'Likes', 'Forwards' and General Mis-Information

How often do you see something pop up in your Facebook stream asking you to hit like in 5 seconds to see what happens?

Most of the time I'm guessing.

There's also the posts asking you to forward to at least 10 people.

It's all nonsense. Please don't participate.

Often these posts are offensive, and generally just plain wrong. There's nothing that happens if you hit like within a specified time, except generating a post with vast numbers of coverage. It's the chain letter/email syndrome and benefits nobody, especially as most of the posts are totally incorrect in their assertions. 

So firstly, don't be a spammer poster, secondly, don't hit like, don't hit share and generally don't interact with this net garbage.

Please pass this on to all your spammy Facebook friends in the hope that this net clogging rubbish goes away....wishful thinking...

Posted on January 12, 2013 .

Discover Phishing Emails

Here's a new one on us. An email pretending to be from Discover.com

Nicely, (or stupidly) they've included a real link to Discover, if you were lucky enough to click that, but every other link re-directs you to a bogus website.

You can see from the tooltip below.

NEVER click links in emails especially from banking and financial institutions.

Be aware....

ScreenSnapz001.png
Posted on January 12, 2013 .

Twitter Hacked

It seems like there's been a number of Twitter accounts hacked in the last few days.

If you've received a password reset request from Twitter via email, we urge you to change your password immediately, BUT, as ever, go direct to the website through your browser, rather than clicking a link in an email....just in case.

It's also worth reminding you of the importance of not using the same password for Twitter as you do for your online banking or any other sensitive website.

As in this case, if your password is stolen, it can potentially be used wherever else you log in, if you use the same password.

Even if you haven't had a recent password reset request, it might just be worth thinking about changing yours anyway. Think of it as a bit of house-keeping.

Also consider adding something to your password that is particular to that site, that you can easily remember, and that will make it different to your other passwords.

Don't delay - do it today!

Posted on November 9, 2012 .

Chain Emails

There's been so many of these over the years.

The basic premise being that it's hilarious to forward the email to 7/10/15 of your friends to see what happens.

Guess what? Nothing happens EXCEPT, all of your emails are harvested and sent to spammers as live email addresses.

The purpose of these chain emails is to bypass spam filters. They get sent out by your friends, therefore arrive in your inbox un-impeded.

Often they will contain hidden maliious code which harvests everybody's emails addresses and sends them to the spammers.

Do everybody a favour, and just delete these emails when they arrive, and reply to the sender with a polite comment about how bad they are.

Educate your friends!

Best of luck....

Posted on October 15, 2012 .

Google YouTube Email Scam

We've just received 2 seperate emails purporting to be from Google about YouTube

Don't click on any of the links, otherwise you'll be re-dirceted to a malicious site.

Here's a screen shot showing the real URL links (images were prevented from being downloaded for security)

 

Posted on October 12, 2012 .

YouTube Scam Emails

There's a large number of emails doing the rounds that appear to come from YouTube.

They appear to have been sent from service@youtube.com and tell you to click a link.

If you've been on this site at all, you'll no that you must never click links in emails, especially from service providers.

This is a bogus email so delete it.

Posted on May 24, 2012 .

Apple OS X Java Update

Apple have released an update that fixes the Flashback Trojan vulnerability:

Got to Software Updates and install it as soon as possible - 

This Java security update removes the most common variants of the Flashback malware.

This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.

This update is recommended for all Mac users with Java installed.

For details about this update see: http://support.apple.com/kb/HT5242

Posted on April 13, 2012 .

Microsoft Patch Tuesday

As announced, Microsoft have updated a number or Windows files. if you run a PC please ensure you run Windows Update to take advantage of these.

The following files have been patched

  • Patches are available for the following:
    • (MS12-023) Cumulative Security Update for Internet Explorer (2675157)
    • (MS12-024) Vulnerability in Windows Could Allow Remote Code Execution (2653956)
    • (MS12-025) Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2671605)
    • (MS11-026) Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
    • (MS12-027) Vulnerability in MSCOMCTL.OCX Could Allow Remote Code Execution (2664258)
    • (MS12-028) Vulnerability in Microsoft Office Could Allow for Remote Code Execution (2639185)
Posted on April 11, 2012 .

Mac OSX Java Malware: OSX/Flashfake.c

This Trojan is installed via exploitation of a flaw in Oracle Java (CVE-2012-0507). The Mac OS X - based malware masquerades as an Adobe Flash Player install.

Upon infection the malware will install fake/rogue security software, and allow for the downloading of additional malicious components, sensitive data extrusion, and other malicious control methods.

Infected hosts report back to an external server and can receive further instructions/payloads via that method (C&C / bot-based control). CVE-2012-0507 is an Oracle Java vulnerability, which was patched by Apple (as a 34rd party component) in April 2012.

Therefore....make sure your OSX software is up to date

 

Posted on April 7, 2012 .

Twitter Spam Alert

Don't click a link from a DM if it says the following:
"Hi this user is making very bad things about you...LINK"
Hopefully the bad English would alert you to suspicious content, but the link would probably take you to a website full of Malware and nastiness.
BE VERY CAREFUL ABOUT CLICKING LINKS, especially when received from somebody you know.

Posted on April 5, 2012 .

Happy Holidays

Just to wish you all a happy and secure break over the holidays.
It's early days for us here at SimpleNetSecurity.com and we only want to encourage online safety & security.
So please do what you can to spread the word and pass on our link to all your friends & family.
Please feel free to link to us if you have your own website, or 'Like' us on Facebook and let's all try to make the Internet a happier safer place.
All comments most welcome.
Many thanks

Posted on April 4, 2012 .

Microsoft Word Document Malware

Updating Word for Mac to the latests version protects you against this:

Exploit-OLE2.gen

MTIS12-053-A

THREAT IDENTIFIER(S)

Exploit-OLE2.gen;?Mac Control? RAT

THREAT TYPE

Malware

RISK ASSESSMENT

Medium/On-Watch

MAIN THREAT VECTORS

Web; E-Mail; WAN; LAN

USER INTERACTION REQUIRED

Yes

DESCRIPTION

The Exploit-OLE2.gen trojan disguises itself as a Word Document. Upon opening in a vulnerable Mac system, it executes a script that writes the malware itself and then a shell script that runs it. The malware takes advantage of a Java vulnerability patched by Microsoft in Bulletin MS09-027. In the variants observed, the malware is stored as binary files called "DockLight" or "launchd" while showing the user a text about Tibetan freedom and grievances. Both binaries can be easily found just by looking for them in the system.

IMPORTANCE

Medium. This threat has gained media attention

Posted on March 29, 2012 .