When it comes to internet security software concerns, the cyber criminals show tremendous imagination and the latest wheeze is fake contact requests purportedly from the business social media website LinkedIn.

This latest round of fake messages is worrying many in the internet security software industry. And this latest scam has been highlighted by security company Retarus GmbH, who consider it a major threat to people’s computers.

The contact requests are in the form of emails which have been mocked-up to look like they originate from the LinkedIn website. Computer users receive the email and are lured into infecting their machines with all manner of malware.

Retarus has noticed that the fake emails have been on the increase since 27 September. A computer user gets the email and thinking it’s from the legitimate website, clicks on the embedded link and is directed towards an intermediate website, not the LinkedIn site, which in all takes around four seconds. They are then directed towards the Google home page.

In the key four second wait, the user’s computer is impregnated with the infamous spyware Zeus which is covertly installed into the web browser. The Trojan Zeus has been linked with a number of raids on personal banking data and millions have already been stolen from people’s bank accounts using this form of virus.

Martin Hager, the managing director of Retarus, said:
“Social media spam is particularly dangerous because the contents seem well-intended, and the original e-mails are so perfectly imitated, that lay persons are unable to identify them as fakes. Mail users who have defined social media platforms as safe senders, via white-list entries in their spam filters, are especially affected.”

Retarus and others operating in the internet security software sector are recommending extreme caution with such emails, advising people not to respond to such requests, especially if they originate from unknown senders, and if they receive these types of emails, they should delete them immediately. One of the main ways to avoid being lured into traps like these is to only enter websites such as LinkedIn through the main page and never via embedded links.

Guest Article by Neil Camp 

Experts in the antivirus security industry believe the Stuxnet worm (what’s known in the industry as a botnet) must have been coded in collaboration with a nation.

Stuxnet is a sophisticated malware code and antivirus security experts believe whoever wrote the original code must have had support from a national government agency.

Stuxnet is a worm which seeks out complex computer systems which act as networks within certain industries. Such is it’s complex nature and sophistication, it’s very unlikely that one person, sat in their bedroom, could create such a Malware weapon. Most believe that it would have had to have had the support of a government to firstly develop it and then direct it towards the computer network being targeted.

Nor does the code have a ‘signature’ of an original coder; a dead give- away and an indication of where the code might have been conceived. This lack of clues also suggests that it is a ‘corporate’ effort.

Stuxnet has already launched an attack on the Bushehr nuclear power station and some antivirus security observers point to the obvious likely candidate.

All the major antivirus security firms have been monitoring the progress of the Stuxnet botnet and believe it to be one of the most refined forms of malware ever released.

In industry parlance a botnet is a network of zombie computers which do the bidding of the hacker. Individual pieces of malware code attack both networks and stand-alone machines, eventually creating a string of computers that are there to be manipulated by the cyber criminal.

One of the commonest uses of botnets is to create huge mailers for spam emails, often without the knowledge of the computer owner, or user.

But this malware attack, if indeed perpetrated by a government, raises all sorts of tricky moral dilemmas for the antivirus security industry. Much is made of China’s alledged attempts to use viruses to hack into Western computers. If an ‘ally’ of many western governments is starting to use the same tactic, then a number of people will find themselves answering some difficult questions.

Guest Article by Neil Camp 

Hot on the heals of the $7 billion deal which saw Intel snap up McAfee, and rumours in the antivirus software market that Microsoft is casting an eye over Symantec, Hewlett Packard has acquired ArcSight, a software security company.

Computer group Hewlett Packard is paying $1.5 billion for ArcSight, a major force in the antivirus software sector.

And Hewlett Packard is said to be continuing its aggressive growth strategy despite the loss of the man said to be the inspiration behind it, former chief executive Mark Hurd.

The full reasons behind the departure of Mr Hurd are still unclear, but allegedly involve allegations of sexual harassment brought by a female contractor to Hewlett Packard.

And the former boss of Hewlett Packard continues to be in the headlines, following news that he is being sued by his former employees who fear that he will divulge intellectual property secrets to his new company. Mr Hurd is now co-President of Oracle and apparently, say many observers, having the last laugh.

ArcSight develops software that is used by commercial entities to monitor their flow of data and help combat threats from fraudsters and cyber criminals.

Hewlett Packard is offering $53.50 per share for the Californian based ArcSight, a 24% premium on the company’s share price just prior to the announcement of the deal.

Hewlett Packard has also just completed another major deal, having won a war with rival Dell to acquire the data storage company 3P for $2.1 billion last month.

Investment analysts mostly dispute claims that the next major bid in the antivirus software market will be Seattle giant Microsoft making a land grab with a bid for Symantec, developers of the Norton range of products. But with McAfee losing its independence and ArcSight accepting the Hewlett approach, it’s likely that more deals will certainly follow.

Guest Article by Neil Camp

Beware of a new fake internet security download.

Microsoft has issued warnings about a new type of browser-based attack which effectively offers a fake internet security download.

The attack is based on a software programme mimicking pages created by browsers including Internet Explorer, Firefox and Chrome. It basically tricks people seeing the programme to install fake anti-virus software.

It’s one of the oldest tricks in the cyber criminals book of dirty tricks, but time and time again it is very effective in catching people unawares.

When a person stumbles upon a website which is running malicious code (whether knowingly, or unknowingly), they suddenly find themselves looking at a genuine pop-up box, generated from the web browser, which informs them that either their web defences are down, or that their security software has expired, or that their security programme is for some reason inadequate, or out-of-date.

The messages can be subtle in their differences, but all basically create the illusion of a need to be concerned and take action. And that action is to download a piece of security software which will correct the problem (in effect a fake antivirus software programme which is actually malware).

The con works by panicking people into a knee-jerk reaction. It’s what known in the sales trade as a call-to-action. And given that most people are nervous when it comes to dangerous sites and warning messages, it’s understandable that a lot of people are fooled and actually download more malware (dangerous code).

What’s worse, this new download is situated on a site (once the pop-up has been clicked), which looks like a web page from the Microsoft Security Essentials website. This cheekily even redirects them to a fake copy of the Microsoft Malware Protection Centre. Such are the skills of the cyber criminals, that it takes a while for most people to spot the genuine one from the fake.

Once downloaded, this latest piece of fake software – which is labelled Win7 AV – gets the user to ‘scan’ their system which, surprise surprise, identifies a number of viruses and various other malware nasties.

The programme then reveals its true intent. In order to remove the viruses that have been identified (which actually don’t exist at all), the innocent computer user is asked to pay money. Overall, the trick is easy money for doing nothing. What’s worse, the user now has a compromised computer, as the malware software that has been nefariously embedded can be activated to perform other illegal actions.

So, experts are warning to watch out for any fake internet security download that users come across. The safest thing to do is download nothing from any site that you do not trust, or can verify their genuine credentials.

Guest Article by Neil Camp

Attempts at maintaining software internet security took a further blow when news of a Firefox 4 crack which spreads Trojans started doing the rounds.

Software internet security is precarious at the best of times, so news of ‘free’ versions of the Firefox 4 browser have been greeted with a groan all around. ‘Cracked’ versions of the software are in fact being used to spread malicious malware, and tricks unknowing users into downloading a free crack of Firefox 4 browser.

Upon download, users are suddenly infected with trojans and their computer often becomes riddled with these dangerous pieces of malware. Unfortunately, this is another case of the word ‘free’ being used to lure internet users into using websites and downloading things that should not be touched with a barge pole.

It is not unusual for cracked versions of well known software to contain malware such as trojans; this unpleasant discovery is often a side-effect to downloading such versions.

If the use of the word ‘free’ that may have intrigued you into visiting sites that offered this cracked version of Firefox 4 browser, then this is when the trap seems to get quite bizarre. Mozilla, on their main website, are already providing free downloads of the beta of Firefox 4. This new version of the browser is not only free of trojans that these cracked versions are often infested with, but it also free to download from a reputable website. This makes downloading the virus ridden version entirely pointless.

The exact danger of these versions have been highlighted by researchers at Sunbelt, who tested these dodgy Firefox 4 downloads and found that (at least) five different pieces of malware could be in the download. This is guaranteed to be unhealthy for a user’s computer, and all for a download that is freely available from its true creator’s source.
Maintaining software internet security starts with providing your computer with antivirus programs, but it also seems that not falling into traps of ‘free’ downloads of cracked versions of software is up there with some of the top ways to keep your computer clean and healthy.

Guest Article by Neil Camp