Despite many internet shoppers getting the best internet security software they can afford, a new study from Norton – developer of one of the most extensively used range of antivirus solutions – concludes that consumers are not taking even the simplest measures to protect themselves against cybercrime, particularly on their mobile phone devices.

What’s more – in this age of the best internet security software being readily available – the study also shows that over 50% of people under 35 are updating their social networking status on a real-time basis, revealing their identity along with quite personal details.

Despite the wide-spread warnings that internet users are risking their online identity and personal details, the “Connected but Careless” study (conducted by Javelin Strategy & Research) suggested that security was particularly lapse in three key areas: mobile phone based transactions, online passwords, and location-based services.

This is particularly worrying, as the suggestion that internet users are dangerously unprepared for keeping their details safe comes at a busy time of the year. Between Thanksgiving and New Year’s, around 47% of those surveyed expect an increase in online purchases. This, combined with 18-34s indicating that their social network activity will increase during the holidays, is a worry for internet security experts.

Jean Chatzky, who helped Norton with the development and analysis of the study, “We’re seeing huge gains in people shopping and banking online, especially around the holidays. The survey shows that people are still unaware of how their online activity can pose a ‘real world’ threat to their finances. It’s like an invitation to cybercrooks.”

Compounding the problem is the new popularity of applications and technology that allow you to tell your social network where you are, through the use of your mobile phone device. The dangers of ‘geo-location’ for the user are widely unknown. 22 per cent admitted that they readily gave applications on their mobile phones permission to know their location. 56 per cent under the age of 35 admitted to updating their location via their social networking status. This means that criminals in the real-world, not just the cyber-world, are being given an opening to commit crimes against users.

On the subject of geo-location, Chatzky adds: “Giving away your location is a potential ‘gateway’ that people should be aware of and think about. The only people who need to know that you’re out-of-town, or not where you usually are, are your family, close friends and maybe a trusted neighbor. Technology is changing so fast, that many people may not even be aware of the various ways they’re opening themselves up to potential financial losses.”
This lack of knowledge reveals a more general trend, whereby those who use mobile phones as a means of accessing the internet are unaware that the same protection is needed as on their home or work laptops/computers. This only adds to the worries that despite the warnings, many users are still not keeping their personal details safe. To reverse this dangerous attitude, security companies such as Norton are hoping to encourage people to buy the best internet security software, and keep themselves safe over the holidays.

Guest Article by Neil Camp 

Computer users are rightly paranoid about getting the right antivirus software for their machine, but internet criminals come in many shapes and guises and the US authorities have just shut down a number of file-sharing websites.

Software antivirus applications get all the attention, but its also websites that sell counterfeit goods and pirated content that can cause a lot of trouble.

And now action has been taken by the US Immigration Customs Enforcement Agency (known as ICE) which has aggressively closed down 70 rogue websites.

A number of domains have been seized, including those selling fake designer clothing and those offering music downloads. Also seized was a domain which included a BitTorrent search engine.

The seized domains included: “Torrent-Finder.com; mydreamwatches.com; rapgodfathers.com; burberryoutletshop.com; and, Louis-vuitton-outlet-store.com.

Those searching for the seized domains were greeted with new landing home pages which declared that the Immigration Customs Enforcement Agency had done its worst and reminded readers that the should be aware that the website had broken US laws as regards the trafficking in counterfeit goods and copyright infringement.

The problem for the US authorities, that many of the affected websites just switched urls and continued trading.

By taking this action, the US authorities do not seize any content, or block the use of the IP address, but they do gain control of the domain name and in reality, load their own home page which disrupts the website. It is an effective strategy, although the site owners quickly get around the problem by shifting their content to a new url.

The UK is trying to get itself similar powers. The Serious and Organised Crime Agency looks across at its US cousins with envy and is asking Parliament for an ability to seize domains which it can prove are involved in some sort of criminal activity.

It’s good news for internet shoppers, although won’t prevent the millions of cons and tricks being currently played out on unsuspecting surfers. The best advice is still to operate a high quality antivirus software application and guard yourself at source.

Guest Article by Neil Camp 

Get Safe Online, a campaign group which promotes good anti-virus security practice, is warning computer users about cold calling techniques used by organised crime gangs.

Anti-virus security is back on the top of the agenda after it’s been revealed that gangs are becoming ever more sophisticated when it comes to persuading people to download malicious software and then steal personal information.

The gangs are said to have established sophisticated call centres, mainly in Eastern Europe and Asia, in which hundreds of people are employed to cold call contacts in various countries – the UK included – and persuade them that their computer is infected and that the only way to fix the problem, is by downloading particular software onto their computers.

Another way to persuade people is via screen pop-ups which flag a erroneous message which claims that the computer is infected and that the proffered download is the only way to the ‘clean’ the software.

Google confirmed some months ago that it was seeing a huge amount of fake anti-virus software being pedalled on the internet.

The download malicious software is cleverly designed to look like the anti-virus security applications developed by the top companies which produce anti-virus products.

The criminal gangs either use the information they harvest themselves, or sell it to other gangs via online market places.

The UK police take the problem seriously and plot the criminals activities via the Serious and Organised Crime Agency, which is known as Soca. The deputy director of Soca, Sharon Lemon, said:
“In recent cases, we have seen gangs employing 300 to 400 people to run their operations and using call centre-scale set ups to target victims en masse.

“They can also be paying out as much as $150,000 (£92,000) a month to individual webmasters who are unwittingly advertising their fake software – this level of investment from criminals indicates that the returns are much heftier than this.”

The Head of Get Safe Online, Tony Neate, said:
“This is big business, and it’s preying on people’s fears of the internet. The internet is a great place but when somebody phones you up and tells you have a virus on your machine, you will start to panic.”

Experts reckon that some criminal gangs who promote fake anti-virus software applications can generate sales of over four million pounds a year.

Guest Article by Neil Camp 

It’s likely that the Burmese military leaders might be in the market for some antivirus software in order to help fend off a massive net attack which came just before the election.

Although no matter how many antivirus reviews they read, it might be to no avail, as a massive and concerted computer attack knocked Burma off the internet which happened before its first election in over 20 years on 7 November.

Many countries have not recognised the elections as being open and honest, with many claiming that the military authorities will rig the election to get the results they want. Election observers and media from outside the country have not been allowed access.

Security software experts believe that the net attacks started on 25 October, but grew to a peak just before election. And they say it was a deliberate attempt to overwhelm the country and knock it from the internet.

Burmese officials admit that the attack is currently ongoing. Despite obvious signs to the contrary, the Burmese generals are promising that the elections will lead to future democratic rule.

Many not surprisingly dispute this claim, saying that the election is nothing more than a sham and is in fact an attempt to keep the military not only in power, but also to tighten their grip on absolute political control.

The party most likely to succeed in the elections, the National League for Democracy (NLD) was not allowed to participate. It’s leader Aung San Suu Kyi remains under house arrest. It was her party that won a landslide victory in 1990 –a result which was declared null and void by the military leaders.

The attack takes the form of a Distributed Denial of Service, which is known as a DDoS. It’s simple in nature and acts to flood a target with too much data, effectively making it give up after being over-loaded.

The power to launch such a DDoS is gathered together using botnets which are networks of compromised computers – some in the home, some in the office – that are machines which have been enslaved by a malicious virus and periodically exploited to attach others. Thus machines from around the world will have been used in the attack.

The problem for Burma is that its links to the internet via satellites and cables that support data at around a maximum transfer speed of around 45 megabits of data per second. When the attack was at its worst, the connections were being bombarded with around ten gigabits of data every second, bringing the system crashing down. Experts said that the attacks were extremely sophisticated and were coming from many different sources.

A spokesman for the Burmese Yatanarpon Teleport company had told the AFP News Agency, before the election:
"Our technicians have been trying to prevent cyber attacks from other countries. We still do not know whether access will be good on the election day.”

A good time to read our own antivirus reviews perhaps?

Guest Article by Neil Camp  

There must be serious doubts about the antivirus software in the Royal Navy after their website was breached by a Romanian hacker.

It’s being reported that the website was the target of a hacker known as TinKode. A Romanian, TinKode is thought to be behind a number of recent high profile hacks. Using sophisticated firewall antivirus software is one way webmasters try to keep out cyber criminals and hackers, but TinKode is thought to have launched his attack using what’s known as SQL injection, a common tactic used by many worldwide.

It involves an attack upon the site’s database. It basically compromises the database which supports the site by sending out malformed queries and looking at the responses generated by such actions.

The attack happened appropriately enough on Bonfire Night and the hacker posted the details of the information he managed to retrieve – via his Twitter stream – including the passwords and user names of the site’s administrators.

A spokesman for the Royal Navy told the BBC News website that the site had indeed been compromised, but said that “…there had been no malicious damage.” Furthermore, that the site was temporarily suspended and that a static image had been uploaded on the home page, stating:
“Unfortunately the Royal Navy website is undergoing essential maintenance. Please visit again soon.”

A spokesman for computer security company Sophos told the BBC New website that the affair was “…immensely embarrassing, particularly in the wake of the recent security review where hacking and cybercrime attacks were given the top priority.
Now we have the Royal Navy with egg on its face. He’s obviously more of a show-off type of hacker rather than malicious. But if he’d wanted to he could have inserted links which would have taken the website’s readers to malicious sites."

Experts reckon that TinKode has to date carried out over 50 defacements of various websites over the last 12 months. The targets have ranged from YouTube, to small businesses and adult websites.

The Ark Royal may be going to save some money on the defence budget, but some of the savings had better be spent on a decent firewall antivirus software.

Guest Article by Neil Camp