Friday, February 19, 2010

Looking for a job? Don't work for a Botnet Herder! Criminals are posting help wanted ads online.

HOW TO AVOID THE BOTNET HERDERS
Would you know if your child was a botnet herder?

There’s a new game in town offering jobs to anyone with a home office and a computer.   Be careful what you or your kids accept when applying for jobs online.  You or your kids may be accepting a job working for a Cybercriminal outfit.

Cybercriminals are posting help wanted ads on the internet and they are hiring people to help them infect computers across the Carolinas and even across the globe.

The going rate?  $180 for every 1,000 PCs infected.

Link to TV segment:  http://www.wbtv.com/Global/story.asp?S=11980960

YOU NEED TO PROTECT YOURSELF AND YOUR KIDS FROM THIS SCAM:
Some of the ads are obvious and you know you are infecting computers.  Some, are not so obvious and may sound more like you are working for a marketing company.  Kids looking to earn money over spring break and summer months could fall into a trap and they may not realize they are doing something wrong.

HOW TO SPOT THE ADS:
In the more obvious ads, Cybercriminals are hiring individuals willing to infect people’s computers with malicious software. In the less obvious, the ads may look like you are doing marketing and you just need to get the message out through emails and web pages.

The job duties may include:
  Send spam or socially engineered emails
  Include a link to malicious software
  Job performance is determined by how many PCs they can infect.
  PCs in the UK and the US are considered the target group.
  They will even pay your wages to you via services such as PayPal and Western Union.
  Once the PC is infected, the cybercriminals can come in after that and do what they want.

They may provide you with:
-A kit or directs you to places where you can buy a kit to create your web page or emails.
-Instructions on how to hide their software behind the link.

HOW TO AVOID THE SCAM
One way to avoid this scam is to check in with your Better Business Bureau.
Remind your kids not to apply for jobs online without discussing it with you first.
Follow the rule:  If it sounds to good to be true, it probably is.

WORD FOR THE WEEK
Botnet Herder
A botnet herder is a person that has installed software on thousands of machines and has them in their control.  They may use the herd of machines, which they call zombies, for attacks on other machines.  Like to create mail sent to people in your address book that looks like it is from you, or to steal your information.  Botnet herders will also rent out their herd to cybercriminals to use.


SIGNS THAT YOUR PC MAY BE UNDER THE CONTROL OF A BOTNET HERDER
  Computer programs taking longer than usual to load
  Computer locks up or reboots itself
  Odd error messages
  Peripheral devices such as printers and scanners are not recognized
  Lots of internal noise such as disk writing or beeping or clicking
  Computer seems to be running tasks even when you have no programs open
  Files corrupted or missing
  Friends call or email to tell you they are getting a lot of strange email traffic from your account
  Your antivirus software runs too quickly or not at all

WHAT TO DO IF YOUR COMPUTER HAS THESE SYMPTOMS
If your computer has any of these symptoms, run your Antivirus software.  If it continues, contact your antivirus software provider and the company that services your machine for professional assistance.

HOW TO SPOT THESE JOB SITES:
Where are some of these criminal jobsites?  Many of them change their names to avoid detection.  The key is to check site history on your computer and look up any companies your kids may be visiting online.

The more obvious sites describe “Pay Per Install” as part of their payment model on their website.

Two of the more recent sites that you want to check for and block are:
Pay-Per-Install.org
earning4u.com. (formerly known as InstallsCash)

WHAT TO DO IF YOU SPOT ONE OF THESE COMPANIES:
If you think you have received an email solicitation, you can report it to at least two places:
The Federal Trade Commission at spam@uce.gov.
The FBI’s Internet Crime Center at www.ic3.gov.

If you believe you or your kid was duped and that you might be working for a Botnet herder, please contact your Local Law Enforcement immediately and send information to the FBI Internet Crime Center listed above.

Gangs Are Targeting Your Kids Via the Internet - Quick Quiz to test your Cyber Banging Saavy

Word for the Week:  Cyber Banging
Also called Net Banging - This refers to the internet recruiting process that gangs use to target kids.  Gangs typically target high school and middle school kids but there are cases where kids as young as 8 have been recruited.

1.6 Million, that’s the number of employees, across the globe that support Walmart.

1 Million and growing, that’s the number of gang members in the United States.

Are your kids looking at gang propaganda online?  Chances are you would not know, a recent study says that 62% of kids lie to their parents about what they do online.

As a parent, you protect your kids by teaching them safety rules, checking on their friends, and keeping tabs on their activities.  Gangs know this to so they have a new recruiting tool to get around you and directly to your kids – the internet.

Link to WBTV segment:  Gangs Targeting Your Kids Via The Internet
One example of how glorified gang life is can be seen on YouTube.com.  Lil Slim’s “Getting $” music video, which glorifies gang activities, has over 30,000 views.

Think you know how Gangs target their new recruits?
Test your knowledge with this quick quiz:
1) Q:  What are the colors worn by the MS-13 gang?
A:  Blue and White

2) Q:  Gang Identifiers Include which of the following:
a) Wearing a specific color or colors regularly
b) 5-Pointed Star
c) Star of David
d) Playboy bunny
e) None of the Above
f) All of the above

A:  All of the above

3) True or False:  If you see someone wearing Charlotte Hornets gear they might be a member of a gang.

True.  Don’t jump to conclusions that everyone that wears Charlotte Hornets gear is a gang member but this logo is popular with the Spanish Cobras and the 4 Corner Hustlers.

4) True or False:  If you see a cap that looks like a NY Yankee’s cap but the tail of the Y is off so it looks like VN instead of NY, that’s just a kid having fun.

Most likely False.  This is what the LA gang called Van Nuys is doing to mark their members.  You can see this NY Yankee-like symbol touted on Facebook and YouTube.  You may seen this worn by a gang member or a wannabe.

5) True or False:  Your kid would not go to gang music sites to download songs.

Could be True or False.  You should check.  Kids are downloading gang songs from places such as 818 Gangland Musik Page for free.


GANGS HAVE NEW RECRUITING TOOLS:
The Bait:  Social networking via the internet is the new recruiting tool for MS-13 and other gangs and they ARE targeting your kids.

The Hook:  Young people that are surfing online may come across pictures, music, or videos about gangs.  Of course kids are curious so they click and see something that glorifies gang life…That’s when a gang member may strike up a chat with them online and try to lure them into their club.

GANG STATISTICS:
Think this is an overplayed issue?  Here are some startling statistics from a recent survey:
70% of gang members say it is easier to make friends online
89% of kids say they are the major user of technology at their house
41% of kids say they do not share with their parents what they are doing on the internet

HOW TO PROTECT YOUR CHILD:
TALK:  Talk with your child about the places they visit while online.  Look at some of the gang propaganda together and talk about why it is false or glorified.
TEACH:  Keep your home PC in a central location so you can keep an eye on what they search.  Teach your kids that where they go online is just as important as the rules you have for them offline.
TELL:  Be familiar with what your local gangs wear, such as certain colors, jewelry, or logos, to show they are a member.  Tell your kids not to dress like gang wannabes so they will not be targeted while at school or play.

WARNING SIGNS:
APPEARANCE:  Your kid’s clothing preferences change dramatically.  Your kid suddenly insists on wearing a specific color or a logo.  A new tattoo, permanent or henna.  Unexplained injuries.  Begins using gang slang.
SOCIAL:  Starts withdrawing from school, family, and possibly even their friends.  Talks about gang life in an idolized way.
INTERESTS:  Gang music or gang insignias on their phones and music lists.  Likes to watch gang related movies.



RESOURCES:
FBI Gang Threat Site:  http://www.fbi.gov/page2/feb09/ngta_020609.html

Department of Justice – Community Services:  www.cops.usdoj.gov

Violence Prevention Institute:  http://www.violencepreventioninstitute.org/youngpeople.html

National Youth Gang Prevention Center:  http://ojjdp.ncjrs.gov/pubs/gun_violence/sect08-f.html

NC Gang Awareness:
http://www.ncgangcops.org/NCGangAwareness.pdf

Parents Universal Resource Experts (PURE™):
http://www.helpyourteens.com/index.php

Parent Advocate Sue Scheff on Avoiding the Gangs:
http://www.suescheff.info/

Organization focused on consumer safety, security, and privacy:
http://ilookbothways.com/

Dr. Michele Borba, Child Expert Talks About Kids and Conflict:
http://www.micheleborba.com/blog/

Mary Kay Hoal, Internet Safety Expert, Offers Advice About Social Networks and Gang Exposure:
http://internet-safety.yoursphere.com/tips/can-social-networking-expose-your-children-to-gangs

Social Networks and Your Kids – The Risks from SchooGo:
http://www.schoogo.com/blog/it-safe-9-10-11-year-olds-be-social-networking-websites

Friday, February 12, 2010

Keeping You Safe! Great people to follow on Twitter


@HeyKim
@AndyWillingHam
@Pranheim
@BurgessCT
@MaryKayHoal
@Co2HOG
@LindaCriddle
@WiredMoms
@CrispThinking
@MarjieKnudsen
@RobertSiciliano
@Schoogo
@MomsMaterial
@SueScheff
@GoogleBombBook
@Security_FAQs
@MBenLakhoua
@Suzidk
@PandaLabs
@Intel_Chris
@RebeccaNewton
@e_Mint
@Cvallejo64
@Bugspy
@DigitalSteward
@D_Rittenhouse
@WebEyesOpen
@McAfeeAvertLabs

Friday, February 5, 2010

Warning about an email that may be in your inbox - WBTV 3 News, Weather, Sports, and Traffic for Charlotte, NC-

WBTV and Charlotte Better Business Bureau received a scam email this week.
Luckily, they did not click the link!

See helpful tips on the website and video:

Warning about an email that may be in your inbox - WBTV 3 News, Weather, Sports, and Traffic for Charlotte, NC-

Cybercreeps Grab Your Stash, Hide the Cash, While Using Bogus Bank Statements




Cybercrooks have a new trick up their sleeve! 


Cybercriminals are rewriting your bank statement so it looks like small transfers have been taken out and your balance looks okay.


A Security firm called, Finjan, found that cybercriminals stole $440K from online banking customers in Germany last year.

To fake out the customer and the bank, the cybercreeps transacted small transfers.   They used money mules to help them move the money out.  (More on money mules in another post but they are usually good people doing "work at home" and have no idea that they are a pawn in this scheme).

To continue the fake out, these cybercreeps displayed altered statements showing only a small amount transferred. 

 “They successfully evaded the banks' anti-fraud systems," says Ben-Itzhak. "We dubbed it anti anti-fraud."


Tuesday, February 2, 2010

Haiti Provides a Stark Reminder to Families to Have a Disaster Plan

A disaster hits, the phones are dead, cellphones ring busy, internet is down.  How do you collect your loved ones?  How does everyone check in?  Do your kids know what to do?

This is a scary and awful scenario and hard to think about but Haiti reminds us that traditional ways to reach others may not be available.

Thankfully, people were able to send text messages and get to the internet to post messages online via Facebook, Twitter, or other social sites to let people know they were okay.

Link to WBTV 1.5 Minute Video:  WBTV Report on Preparing a Disaster Plan


EVERY FAMILY SHOULD HAVE A DISASTER PLAN
The tragedy in Haiti continues and as families desperately search for their loved ones, it is reminder to us that we need to create a family plan in the event of a disaster.

The survivors in Haiti found themselves without landline phone service and many had trouble getting cell phone coverage immediately after the quake.  For those that could get internet access, in the immediate aftermath of the Haiti quake, people were using Twitter to send messages such as their status, report damage, and to ask where others were.

A serious reminder that when disasters strike, it can knock out phones and other traditional means of getting in touch.

This reinforces the need to have alternate forms of communication planned out in advance so you and your loved ones can stay in touch.

4 TIPS TO CREATING YOUR FAMILY DISASTER PLAN
1. Create Your Own Virtual Checkpoints
2. Phone calls
3. Be Informed
4. Prepare, Plan & Practice

TIP 1:  CREATE A VIRTUAL CHECKPOINT

Facebook.com:  If you can get internet access, you can use Facebook to let your loved ones know that you are okay.  This was used by several people in Haiti to get the word out about those that were okay and those that were missing.

Google Latitude at http://www.google.com/latitude/.  If you are trapped or just want to report in, this allows you and your friends and family to track your actual location.

Ushahidi:  matches up maps with input from others.

Twitter:  If the internet is up, Twitter is a great way to track your loved ones, the scope of the disaster, and resources available to victims of a disaster.

Missing Persons Lists:  During the disaster, determine how to check thes status of and how to post information regarding missing loved ones.  During the Haiti crisis, Google, Facebook, the Red Cross, CNN, and the New York Times have lists

TIP 2:  PHONE CALLS
Establish virtual phone calls and accounts in advance and test them with your loved ones.  There are several options, a few that you can try include:
Skype.com
IChat.com
Aim.com
Consider having a bridge line set up to use in the case of an emergency.  There are many services, a few include:
FreeAudioConferencing.com
NoCostConference.com
FreeConference.com
Rondee.com.

TIP 3:  BE INFORMED
Subscribe to alert services.  Most well tell you via text messages or email about bad weather, local emergencies, road closings, and more.

For NC based alerts, go to:  http://www.ready.gov/america/local/nc.html

TIP 4:  PREPARE, PLAN & PRACTICE
1. PREPARE:  Have an out of town contact.  Sometimes local lines get jammed while long distance
        lines are open.

2. PLAN:
a. Text messages may work when cell phone coverage is spotty.  Come up with an easy to remember
        set of codes to use
b. Have a plan for whether you will stay in place or evacuate.
c. Make sure your plan includes what to do with your pets.
d. Ask about emergency plans at places where you family spends time:  work, school, and daycare.
e. Have on hand a basic emergency kit with key essentials for your family.
f. Pick places to convene:  near your home and away from your home and the disaster
g. Make digital copies via scanning or taking photos of key documents such as insurance, receipts,
        cars, house, house contents.  Upload digital files to a web page or download to thumbdrives and
        keep one in your safe deposit box and one with an out of town family contact.

3. PRACTICE:  Review and quiz your family members.  Do an emergency drill once a year.


Other resources:
Ready.gov:  This site has information regarding how to build you family disaster plan as well as checklists and other resources
American Red Cross:  Great ideas for preparing for natural and man-made disasters
FEMA:  Information regarding what the government will do in the event of an emergency.  Also lists other helpful resources.

Monday, February 1, 2010

If Facebook Founder, Zuckerburg says Privacy is no longer a social norm, then how Private Are Your Posts?


Are you one of the over 350 Million people that use Facebook to keep in touch with friends and family? 

According to Hitwise, Facebook briefly surpassed Google as the most visited site in the world during the Christmas season. 

The founder of Facebook said that privacy is no longer a social norm.

Facebook also recently changed how privacy settings work.  If you do not check these settings, you may be showing more about your personal life than you planned to.

Take this Quick Quiz:

Question 1:  True or False.  People who are not on your friend list on Facebook, can use a search engine and see your Facebook posts, including photos, even if they are not on your friend list on Facebook.

Answer:  True, anyone can see your Facebook posts, unless you change your privacy settings in Facebook – and - even then, some things are still not private.

Question 2:  True or False.  Even if my information is out there on the web, the chances of someone finding it are remote because only about 25% of people actually google search each other.

Answer:  False!  In a recent PEW study out of the 75% of all Americans that use the Internet, over 53% are Googling (or using a search engine) to look up each other! 

Test it For Yourself:
Go to your favorite search engine such as Yahoo.com, Google.com, or Bing.com and type in “Your Name, Facebook” and see what comes up as a test.  If your kids have profiles, check each one of theirs as well.


What You Need to Know Now:
Facebook recently changed their privacy settings making your profile more open unless you lock it down.

If you read their company information carefully, Facebook considers what you post to be available to the public unless you tell them otherwise.

Zuckerberg said that “if he had created Facebook today…he would have made user information public, not private, by default as it was for years until the company changed it” 

What Has Changed? 

No place to hide:  You can no longer hide your name, networks, friends list, and pages that you are a “fan” of from being posted on your Facebook wall.

Too much information:  Facebook has recently enhanced its site to allow search engines to search your Facebook pages.  You may feel your privacy has been invaded if a prospective employer types in your name and up comes the entry you posted about a party you recently attended, in costume, with a drink in hand.

Your Secret is Out:  You may join a group that helps others looking for job opportunities, purely for research purposes, and it will be broadcast on your wall for your spouse, and maybe even boss and co-workers, to see!


Test Your Profile Privacy:
Go to your favorite search engine such as Yahoo.com, Google.com, or Bing.com and type in “Your Name, Facebook” and see what comes up as a test.  If your kids have profiles, check each one of theirs as well.

You and Your Profile:  Protect, Polish and Private
Now is the perfect time to do a little housecleaning on your Facebook profile.
The rule of thumb to manage what people can see about you is the 3 Ps:  Protect, Polish and Private.


1.     Protect Your Friends:  Go to your settings where the Friends box is.  Make sure that “Show Friend List to Everyone” does not have a checkmark in it.
2.     Polish Your Profile:  Make sure that if your current or prospective boss sees your postings that you have put forward your best image
3.     Private:  You can make each post private to your list of friends by clicking on the lock icon next to your posts. 

Other Steps You May Want to Take:
·    Photo Albums:  Choose Settings and pick the settings you are most comfortable with.  The “EVERYONE” setting is the most open.
·    Friends:  Choose “What your friends can share about you” and look at the check boxes.  Most privacy advocates recommend that you uncheck all the boxes.
·    Public Search:  Go to “Public Search Results”.  Where it says “Allow”, make sure you do not have a checkmark in that box if you do not want every search engine to pick your posts
·    Your Kids’ Profiles:  Be careful when your children reveal information that can identify them, such as a school team name, what sport they play, where they work or go to school, or the name of the town they live in.

Link to WBTV show on Facebook's new settings: