Archive for the ‘Malware’ Category

Protect your Facebook

Wednesday, June 22nd, 2011

I’ve seen many friends on Facebook posting supposed links to crazy videos or “rare” items in Facebook games which just aren’t what they say they are. I’ve been bitten myself, but it’s usually curiosity of the “how does this scam work” variety more than “I want to look at this crazy video.”

Most of the time, when you click on the link, it takes you to some web site with what looks like a video player on it. When you click on the player, you’re “invited” to take a survey or something so you’ll get access to the video. I’ve never gone through the survey process myself so I don’t know how it plays out from there, but I have had posts from my Facebook account just from clicking on the supposed video player. You can see it doesn’t take much to get hit by one of these.

What can you do?

The first place I go to satisfy my curiosity is the Bypass Fan Pages site. You can search for the video or list or whatever there to see what the content really is. I’ve yet to see what which held up to the extreme of the headline. I’ve also seen many with a review indicating no actual content after you complete the task.

Another thing you can do is to install MyPageKeeper on your Facebook profile. This was developed by a team of students at the University of California at Riverside. An article about the app is here. I’ve installed it on my profile so I can see how well it works. I could use some additional feedback from my readers as well.

CNet has another article here on Facebook malware here.

While we’re on the subject of Facebook, please like my Facebook page here.

What security software should I use?

Sunday, June 19th, 2011

I’m often asked what security software to use. I normally have a stock answer of a free software title such as Microsoft Security Essentials. Some time ago I bookmarked a site which had a review of security software. I looked at it today when I was cleaning out my bookmarks. performs regular testing of security software to determine how well it defends against malware. It’s testing firewall effectiveness and behavior analysis of the security software. I found the results to be very interesting. In particular, most of the common commercial titles (McAfee, Norton, Panda, etc.) get very poor ratings. Unfortunately, Security Essentials is not listed. I assume this is because it uses the built-in Windows firewall and does not appear to have any behavior sensing abilities.

Normally, I don’t recommend using a software firewall. It’s not because I don’t believe they do any good. It’s because they talk too much (the built-in Windows firewall talks to you rarely). A good firewall is going to ask you if a program is okay to access the internet (for the most part). Unfortunately, most of them do a very poor job of explaining to an expert such as myself what is being blocked so that I can make a decision on whether to continue blocking the program. If it’s hard for me, imagine a less adept user?

I was pleased to see that a free solution was number one on the list.  I’ll be giving the Comodo Internet Security a test drive really soon so I can see for myself how well it works.

Are you protecting your Mac, yet?

Wednesday, June 15th, 2011

I’ve spoken previously about the Mac OS being less secure than it has been advertised (and evangelized). Now, it seems, the bad guys are getting more aggressive. This article talks about a feature in Mac OS X 10.6 (Snow Leopard) which is basically a built-in malware protection. Within a short time, malware authors had already found a way around the protection.

While I still believe that the Mac OS is a smaller target, that doesn’t mean it’s invincible or invisible to attack. Get yourself some protection. Sophos offers a free antivirus for the Mac. It works on any Mac running OS X 10.4 (Tiger) or newer on either Intel or PowerPC platform. I’ve been using it and it was worked well for me. I suggest you do the same. If you have a preferred antivirus software other than this, feel free to use it. I just like to recommend good, free software for any purpose.

Smartphone malware

Tuesday, June 14th, 2011

With the proliferation of smartphones generated in part because they do so much and they are become less expensive to buy and own, the idea of security is becoming more important. The Android platform, for instance, has had some relatively high-profile malware distributed on it. The malware will surreptitiously send texts and calls to premium services costing the owner of the phone money (and racking up a chunk of change for the malware author).

This article at InfoWorld talks about a couple of different malware examples. One of these was even present in software available at the Android Marketplace. I tried to find recent articles on iPhone malware but I didn’t see much. This article specifically mentions “jailbreaking” as making your iPhone more vulnerable to malware. This makes sense as doing so allows you to install software from sources other than the iPhone App Store. It also allows you access to your phone that Apple didn’t intend you to have. This article from a year ago talks about a researcher who created a proof-of-concept app to gather information from your phone. He said that it would be possible to create an app that would look like something you wanted but have this secret ability running in the background. Given how Apple has to filter thousands of app submissions each week to its store, it’s conceivable that malware could get through.

The takeaway from this is to be careful. Anti-malware software is available for your phone like it is for your computer. Only download software from trusted sites and be sure to read reviews before installing (I know I’ve not installed many software titles just because the reviews said they sucked or didn’t act as advertised). Be extra careful if you choose to “jailbreak” your iPhone or gain root access to your Android phone. If you allow your children to play with your phone, be sure to approve any app they wish to install prior to its installation.

I’ve not discussed the current mobile offering from Microsoft. Regardless of its merits, the iPhone and Android represent the lion’s share of smartphones today.

It’s time to protect your Mac

Saturday, February 19th, 2011

For quite some time I’ve been recommending the Macintosh for general usefulness and how it tends to have a much reduced problem with viruses and other forms of malware.  Now, however, it appears that the bad software is getting more common and they are targeting the Mac more often.

While I believe the Mac can be made much more secure than a PC more easily (and with fewer inconveniences to the user as a result), my opinion has always been that the primary security feature of the Mac is that there are fewer of them and most of the bad software targets Windows.  There have been some examples recently of malware targeting not only the Mac, but Linux as well.

Sophos has an article which details the history of malware on the Macintosh.  It’s not pretty to think how sophisticated the bad guys are getting with how they are able to target the Mac and other platforms with the same malware.  The attack vector is usually the same for all in that it tells you that you need to install some software to see a video.  The malware determines which operating system you are using and tells you to download the file which works on your computer.

I’ve recommended free antivirus software for Windows for many years.  My current favorite is Microsoft Security Essentials.  Other free antivirus is available from Avast, AVG, and Avira.  There’s also the open source ClamWin, but I don’t recommend it for most people.  Until recently, the only free option on the Mac was the open source ClamXav.  Again, I wouldn’t recommend it for most people.  Back in November, Sophos introduced a free commercial-grade antivirus for the Mac.  Like the free Windows options, it’s only available for home users for free.

Sophos is a bigger name in Europe than it is in the US.  They’ve been doing antivirus solutions for many years and I trust their product.  I’ll be putting it on my Macs at home and I recommend that you do the same with yours.