For those that download internet security software to safeguard themselves against hackers and cyber criminals, it must come as something of a shock to discover that some of the dubious types out there in the ether are quite canny when it comes to the con.

To download internet security software is a great idea, but it won’t always protect against phishers who are becoming ever more adventurous in their ways to part people from their money.

On this occasion, they used the Welsh language to try and mask their methods of deception. An email was sent which claimed to be from the widow of the Kuwaiti ambassador to the Ivory coast. And it was written, of all languages, in Welsh.

But although the choice of language was different, the message had a familiar ring to it, claiming that the widow had a large amount of money which she needed help in transferring to charities around the world. It was a classic phishing email, but what marked this one out was two things: firstly, most such emails are almost always written in English and secondly, there is an increasing tendency to try and use other languages (almost in a way to cover up the bad English which alerts most people to spammers).

But although this trend to use languages other than English to write the email is increasing, it can of course backfire if no homework is done by the spammer themselves. Even those whose spam filters didn’t successfully catch the email, it would appear very odd that the wife of the Kuwaiti ambassador to the Ivory coast would either choose to use such a language to send her message, or have a good enough grasp of it to use it in the first place.

Such basic errors ring immediate alarm bells.

And Welsh is a minority language, even amongst the nation’s peoples itself. The Welsh Language Board reckons that even as far as back as 2001 (when the last census was taken), only just over 20% of Welsh citizens could speak their native tongue.

But computer users, and ones who do download internet security on a regular basis, should always remain on their guard despite the sometimes somewhat ludicrous attempts to trick them out of their money. And although to most people such clumsy attempts are obvious hoaxes, there may be one or two recipients of the phishing email which are taken. And it only takes a very small number of replies to give the spammers hope that it has been worth it.

Guest Article by Neil Camp 

Antivirus software is something that many online shoppers have come to depend upon, so it must come as a bit of shock for users of the Lush website to find their credit card details being attacked by a gang of determined cyber hackers.

Indeed few would doubt that anti virus is not a good idea, but it’s not just the individual computer user which has to be careful – companies and their websites need protection as well.

Lush is a cosmetics website and it would appear that it was penetrated over a four month period spanning October 2010 to January 2011. The site was brought down by the management on 21 January, 2011. It’s usual Home Page was replaced with one that mentioned the attack. It told users of the website that anyone who placed an order between the start of October (4th) and near the end of January (20th), should now contact their card’s issuing house to ensure that it had not been compromised.

A number of Lush customers have reported problems with their cards and say fraudulent transactions have happened since using the compromised website. The Lush Facebook page took the full vent of some customer attacks as they complained that the problem had not been spotted early enough, taking place as it did over four months, and that they were seeking compensation from the company. It was not only the fact the cards might have been used by someone else, but that just the mere threat of a fraudulent charge meant that cards had to be cancelled and renewed.

A security expert told the BBC:
“I was initially alerted to the attack by one of my own friends whose card, along with her husband’s, have subsequently been used to make fraudulent purchases totalling almost £6000 from well-known online retailers. The risk of these stolen card numbers being used by criminals has already moved from the theoretical to reality.

The Lush management said that more had been done to stop the problem than might at first be apparent to its customers. A director of the company, Hilary Jones, explained that they had first become aware of the issues on Christmas Day and the site was brought down promptly. Then management set about discovering the intentions of the hackers, whether to steal money, or just be awkward.

The first sign of trouble came when large numbers of small transactions began to appear. This is a way that hackers ‘test’ a credit card to see if it is ‘live’ and worth exploiting. What’s more, she emphasised that during the four month period the site was not penetrated all the time, but that was the time needed to safeguard their customers.

She said: “As an ethical company we could not keep that information to ourselves. We had to tell a huge raft of customers. We really want to make sure we cover all possibilities. We wanted to tell more customers than less.”

The Lush website has since been replaced by a new online shop and payments will only be accepted through PayPal, which just goes to show, that all companies must also make sure they have the best possible security software.

Guest Article by Neil Camp 

The mantra from the computer security industry has always been buy antivirus software, and these are wise words considering the number of concerted attacks on systems and websites.

One of the latest attacks, and one which enforces the buy antivirus software mantra, was directed at online gossip website Gawker Media. The hackers managed to get into Gawker servers, and the result was that 1.3 million user account passwords were compromised in the attack. The hackers then posted the file with all of the details onto a file-sharing site that has been associated with the infamous 4Chan.

To add insult to injury, the group ‘Gnosis’ released a file taken from Gawker on the file-sharing website Bittorent, and more passwords were put at risk.

With the passwords at their fingertips, spammers got into thousands of Twitter accounts and used the opportunity to advertise dieting pills. Although the motivation for the attacks has not yet been ascertained, it is not the first time that Gawker has suffered in this way.

In the past it has also been used to attain passwords, that are then used to hack into Twitter accounts and publish messages of support for the whistle-blowing website Wikileaks, most likely in response to Gawker’s publishing of blogs that are critical of Julian Assange, Wikileaks’ founder.
Graham Cluley, a consultant at security firm Sophos, highlights the dangers of a password being discovered: “Anybody that has had their Gawker account details published can expect to be targeted by other hackers. Every identity thief, hacker and spammer out there will be attracted to that password file.”
Rik Ferguson, a security research at Trend Micro, highlights a problem that has led to so many passwords being accessed so easily: “It’s all too common that people use the same password for multiple accounts.”

Internet security advisors and websites are therefore continuing to stress the importance of using varying and complex passwords. Users are encouraged to not be put off by having to remember difficult passwords; all passwords, Mr Ferguson claims, can be made simple to remember. This is particularly poignant advice, as in the latest attack on Gawker, the passwords that were used by spammers were the ones that were simple, and therefore easy to decrypt.

Harvesting passwords and allowing spammers into peoples’ accounts is a fluid and increasing activity, and although in this case it was only social network accounts that were affected, it could have been much more serious information that was accessed. For banking details and other personal information, more complicated and safer passwords are a necessity, stress industry officials. This, combined with the right kind of software, can help keep your most personal details secure. The mantra buy antivirus software has never been more relevant in today’s world of sophisticated hacking.

Guest Article by Neil Camp 

It’s being alleged that malware writers are alive and well in a number of antivirus security firms.

And much of these antivirus security allegations are centred on activities in China. The centre of many alleged fraud scandals, China has its fair share of cases involving malware writers using their talents to bring down competing antivirus software companies.

The latest outrage is focused around a former official at Beijing Municipal Public Security Bureau, who has been given a ‘suspended death sentence’ after being found guilty of corruption.

The long-running rivalry between Rising and Micropoint (Micropoint being founded by former employees of Rising) is at the centre of this conviction. Yu Bing, the security official, was partly convicted for mass embezzlement and corruption because of his alleged crimes against Micropoint. The government accused Yu Bing of denying Micropoint access to official testing, and of actions that led many Micropoint employees to be accused and convicted of creating malware to advance their position. Rising have been quick to distance themselves from the case.

The ‘Epoch Times’, a Chinese anti-establishment news source, threw the accusations at Rising, but do believe that Rising is one of many companies in the security industry that creates malware for their own benefits. They call it ‘an open secret’, and claim that the industry is rife with this sort of corruption and fraud.

Other antivirus and security companies across the world are, however, not so quick to believe the allegations. John Hawes, a Technical Consultant at Virus Bulletin: "It seems pretty unlikely that anyone working in a serious security firm would consider creating their own malware. This is an industry which relies heavily on trust and respect between competitors; there’s a very strong moral code which totally forbids anything like that. Many outside the industry seem to find it amusing to suggest such theories, but most researchers will have heard the same thing many, many times. Those in the know are well aware that creating new malware is not only unethical but pointless…’

This latest row over allegations of corruption in the industry are only one in a long, convoluted series of events and stories coming out of China. The author of the Fujacks virus (also known as the ‘panda-burning-Joss-sticks’ virus, due to the cartoon icon that appeared in the place of the file it had infected), Li Jun, is believed to have been hired by the Spanish firm Panda. The reports suggested that the convicted malware writer was hired by Panda to advance their own name at the detriment of their competitors, but it was quickly denied by Panda, who claim it was a misunderstanding arising from some Chinese software marketing.

With the allegations that malware writers are helping companies to beat their rivals, one can only hope that the effectiveness of these antivirus security firms are not impeded, and that they can continue to keep users’ computers safe from internet threats.

Guest Article by Neil Camp 

Whilst many computer users are rightly obsessed with protecting their systems with the best antivirus programmes they can find, the Virus Bulletin has reported that the latest monthly ‘Patch Tuesday’ from Microsoft contained a whopping 17 alerts.

And these 17 alerts covered 40 separate vulnerabilities which make it a hard job for anyone trying to maintain best antivirus status a tricky job. Only two of these were categorised as ‘critical’, but that does not mean that the others aren’t dangerous enough to wreak havoc in innocent users’ systems. The two critical alerts also included fixes and patches for the Internet Explorer browser; a standard in most rounds of security patches.

So, what is a patch exactly, and how does it benefit users? A security patch is released to fix problems with all aspects of a computer, such as programmes and browsers. It is a nifty piece of software that is a saviour for many users and their concurrent computer problems. These can range from vulnerabilities in a computer or programmes’ security, to improving the usability and effectiveness of a particular programme.

When it comes to even bigger problems, ‘patches’ are given a different name. Large fixes of big problems, or to solve difficult issues, are often called ‘service packs’ or ‘software updates’. This kind of terminology is commonly used by Microsoft and its various Windows services.

A ‘patch’ can, therefore, be a blessing to users as it solves many niggling issues as well as large and debilitating problems. The alerts are therefore an important part of a users responsibility to keep their computer safe and well. Microsoft urges users to apply the patches as soon as they can. It is particularly important in a year beset with problems; Symantec claims that this large batch of patches takes the total for the year over 100, the first time that this has ever happened.

Patches are therefore part of the important fight to keep computers healthy and effective for their users. This particularly large batch of patches highlights the need for up to date and consistent updating of products to provide the best antivirus care to computers.

Guest Article by Neil Camp