Social networking is a popular online activity. Millions of people have social profiles on sites such as Facebook and Twitter. Due to their popularity these sites they are prime targets for cyber crime attacks. Internet security threats via social networks are on the up, so it is essential you are aware of the risks. 

Twitter and Facebook are very appealing to hackers as they are very easy to reach millions of computer users very quickly. Internet scams and spam messages are sent from supposed “friends”, which instantly give a false element of trust. When browsing your favourite social network typical behaviour involves clicking shared links which if caught of guard could harm your computer. 

As well as social networks being used to spread links which direct you to sites with malicious code and fake antivirus software, your data can be harvested to be used for fraudulent activity. As these attacks are becoming increasingly common luckily a lot of social network users are becoming wise to suspicious activity. 

The reason for the growth in social networking internet security attacks is due to the continued improvement in spam email filters, coupled with the fact computer users are becoming more email security conscious. People realise when they have received a scam email as the same old tricks have been used by Internet criminals for years now. 

Social networking remains a relatively new phenomenon. Many young people use them who do not have internet security high up on their agenda. Sometimes scam messages will come from friends’ accounts which have been hacked so it can be difficult to spot harmful content.

According to the National Fraud Authority in the UK threats to internet security threats from malware and spyware via social networking has increased 90% since 2009, whilst spamming has doubled over the last couple of years.

To protect you and your computer whilst using social networks, be wary of any links to stories or videos that sound too unbelievable. Also be aware of people who want to connect with you who you don’t know.

Guest Article by Louise Goldstein

One of the antivirus companies operating in the crowded internet security market, GFI software, has put together the top ten hit parade of malware nasties for September.

Employing many of the best antivirus strategies, GFI produces a monthly report of the most active and virulent malware.

And the company has warned this month that the activity of botnet operators is increasing. Botnets are network of zombie computers which unbeknown to their owners and operators, act as vast spam mailers, which are the usual way that malicious code is delivered to individual computers.

GFI has found that there is a persistence of Trojan attacks and scareware.

The top ten of these attacks during September showed a pattern of aggressive and persistent attacks via Trojan horse programmes:

1. Trojan.Win32.Generic!BT 23.54%
2. Trojan-Spy.Win32.Zbot.gen 4.27%
3. Trojan.Win32.Generic!SB.0 4.06%
4. Trojan.Win32.Generic.pak!cobra 3.04%
5. INF.Autorun (v) 2.3%
6. Worm.Win32.Downad.Gen (v) 1.44%
7. Trojan.HTML.FakeAlert.e (v) 1.09%
8. PlaySushi 1.08%
9. FraudTool.Win32.FakeAV.gen!droppedData (v) 0.91%
10. Trojan.Win32.Malware.a 0.83%

The biggest culprit was Trojan.Win32.Generic!BT and includes more than 120,000 malicious application traces.

In second place is also a generic trojan which has many versions and centres on password-stealing techniques. Also a password-stealing trojan is number three, Trojan.Win32.Generic!SB.0, which are designed to install keyloggers which monitor and record key strokes, so that hackers can figure out password and username details.

Manager of the malware processing team at GFI Labs, Francis Montesino said:
“These detections are evidence of the activities of botnet operators. They use their networks to pump out the spam that’s intended to infect machines.”

Research Centre Manager at GFI, Tom Kelchner said:
“Trojan.HTML.FakeAlert.e (v), which is in the number seven spot, is a detection for malicious Web pages that display false warnings to scare victims into downloading malware – commonly referred to as rogue security products or scareware. We’re seeing a steady flow of new rogues too – one or two per week. Judging by our ThreatNet reports, VIPRE installations are stopping a lot of the rogue downloaders.”

GFI will continue to watch out for threats under its best antivirus ambitions.

Guest Article by Neil Camp 

When it comes to internet security software concerns, the cyber criminals show tremendous imagination and the latest wheeze is fake contact requests purportedly from the business social media website LinkedIn.

This latest round of fake messages is worrying many in the internet security software industry. And this latest scam has been highlighted by security company Retarus GmbH, who consider it a major threat to people’s computers.

The contact requests are in the form of emails which have been mocked-up to look like they originate from the LinkedIn website. Computer users receive the email and are lured into infecting their machines with all manner of malware.

Retarus has noticed that the fake emails have been on the increase since 27 September. A computer user gets the email and thinking it’s from the legitimate website, clicks on the embedded link and is directed towards an intermediate website, not the LinkedIn site, which in all takes around four seconds. They are then directed towards the Google home page.

In the key four second wait, the user’s computer is impregnated with the infamous spyware Zeus which is covertly installed into the web browser. The Trojan Zeus has been linked with a number of raids on personal banking data and millions have already been stolen from people’s bank accounts using this form of virus.

Martin Hager, the managing director of Retarus, said:
“Social media spam is particularly dangerous because the contents seem well-intended, and the original e-mails are so perfectly imitated, that lay persons are unable to identify them as fakes. Mail users who have defined social media platforms as safe senders, via white-list entries in their spam filters, are especially affected.”

Retarus and others operating in the internet security software sector are recommending extreme caution with such emails, advising people not to respond to such requests, especially if they originate from unknown senders, and if they receive these types of emails, they should delete them immediately. One of the main ways to avoid being lured into traps like these is to only enter websites such as LinkedIn through the main page and never via embedded links.

Guest Article by Neil Camp 

Those owning a sick computer should be banned from surfing says a senior researcher at Microsoft. But although the comment from Scott Charney was seen by many as a sensible addition to the debate about internet security, others were quick to wag an ironic figure at the Seattle based software giant whose own record is far from perfect as regards bug ridden code.

And the suggestion from Charney is that the internet security industry should take its lead from the public health sector which when it identifies a medical virus, it isolates all those connected with it until the problem is solved.

The biggest threat out there according to the experts are botnets. These are networks of computers which have been infected by cyber criminals and then made to do their bidding, including sending out millions of spam emails.

Mr Charney wrote in a blog recently:
“Just as when an individual who is not vaccinated puts others’ health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society.

“In the physical world, international, national, and local health organisations identify, track and control the spread of disease which can include, where necessary, quarantining people to avoid the infection of others.

“Simply put, we need to improve and maintain the health of consumer devices connected to the internet in order to avoid greater societal risk.”

Botnets can consist of a few hundred PCs, but also number thousands, or even millions. They operate as zombie machines without the knowledge of the user.

And Mr Charney goes on to say that although millions of firewalls and antivirus programmes are being sold and used, many consumer computers remain vulnerable to attacks from malware code. Which leads him to suggest that all computers should have a health certificate before they are allowed to connect to the internet.

He added:
“Although the conditions to be checked may change over time, current experience suggests that such health checks should ensure that software patches are applied, a firewall is installed and configured correctly, an antivirus program with current signatures is running, and the machine is not currently infected with known malware.”

With many countries starting to introduce versions of the health certificate idea, and with some ISPs spotting machines which appear to be sending out vast amounts of spam email and effectively cutting then off, it would appear that users are going to have to wake up to the prospect of more pro-active action against infected computers.

But a number of internet security experts find it somewhat ironic that a employee of Microsoft should be ‘lecturing’ others on the idea of infected computers. It’s well known fact that many cyber criminals are able to exploit applications such as Microsoft Windows because the original code is so bug-ridden. These bugs are effectively holes, or mistakes in the code which hackers can utilise to attack a computer. Even now Microsoft issues regular monthly updates which are in reality repair ‘patches’ to shore-up gaps in their software.

Some reckon that if software companies are going to accuse computer users of running ‘bad’ computers, then they should do more to make their code more robust and less likely to exploitation from criminals.

Guest Article by Neil Camp 

The latest anti virus review from the Symantec MessageLabs Intelligence unit, produced by the company which develops the Norton Antivirus software, warns that spammers are making greater use of shortened hyperlinks.

The anti virus review shows that over the last 12 months, the percentage of spam which contains shortened hyperlinks has dramatically increased from a one-day peak of 18% on 30 April, 2010, compared to just short of 10% in 2009.

And 18% equates to just over 23 billion emails. Another way to see it is that for some days in 2010, around 5% of all spam messages contained shortened hyperlinks.

Paul Wood, MessageLabs Intelligence Senior Analyst, at Symantec Hosted Services, the team behind Norton Antivirus, said:
“As far as spammers are concerned, any tactics that make it harder to block their spam emails are going to be exploited. When spammers include a shortened URL in spam messages, these shortened hyperlinks contain reputable and legitimate domains, making it harder for traditional anti-spam filters to identify the messages as spam based on the reputation of the domains found in the spam emails.
“While botnets are often the source of short URL spam, 28% of this type of spam originated from sources not linked to a known botnet such as unidentified spam-sending botnets or non-botnet sources such as webmail accounts created using CAPTCHA-breaking tools.”

The anti virus review also stated that spammers shortened hyperlink strategy is working. For every 74,000 spam emails which contained a shortened url link, one website visit was generated. Furthermore, the most often used shortened hyperlink contained within spam got more than 63,000 website visits.

The various Norton Antivirus Software packages are continually updated from information supplied by the Symantec MessageLabs Intelligence unit.

Guest Article by Neil Camp