Tricks hackers' use you probably never heard about!

Looks like cybercriminals have turned social networking into a minefield of threats where one wrong move may have very serious consequences. Long gone are the days when you could avoid being scammed simply by using antivirus software. The more aware we are the harder bad guys are working on fooling us. And let me tell you, their techniques are getting more and more sophisticated! Have a look at some examples of the latest cyber criminals’ creations and how to avoid them.

1. Koobface (social networking worm). It gains access to Facebook profile pages and directs you to view a video that then encourages you to update your Flash player. Malicious files such as flash_update.exe and bloivar29.exe are being downloaded and installed which results in a range of visible problems, including modifications to your Facebook profile, with the immediate result being an error message to contact support. There is also the very real potential for your identity and finances to be compromised!

2. Picture files carrying malware are "planted" on social networking websites and instant messaging programs. Hackers try to convince you that your friend has sent you a message or IM to view pictures. Legitimate looking URL when clicked on sends you to an illegitimate website hosting malicious files and executables, which have been modified to appear to be genuine picture files (jpg, gif or bmp). When you download and open those "pictures"; the malware unknowingly runs on your computer. It allows hacker to take control over your operating system as well as the information in it and exposes you to identity fraud and financial loss!

3. UPS Delivery Threat, also known as Zbot. It delivers an illegitimate file when you are visiting a counterfeit UPS delivery site. Zbot has been known to distribute via email phishing and instant messenger. Upon informing you that you have missed a UPS delivery, the message urges you to view the invoice online, which in fact sends you to the counterfeit website which downloads a malicious program designed to bypass the firewall and then steal banking and personal information.

1. Be wary of unexpected IM messages and emails urging you to open or run an attachment or download

2. Run up-to-date anti-virus and anti-spyware software with behavioural protection – such as Spyware Doctor with AntiVirus. Keep it running in the background at all times.

3. Ensure you run Smart Updates and Microsoft updates regularly.

4. If you are asked to update to a new version of a flash player or any other program go to producers’ website and download the update directly from it.

5. Organisations usually contact you by phone or mail, so when you get an email call them back instead of clicking on any links or attachments.

6. Never let your guard down, it’s better to be too cautious then sorry.

~~~~~~~~~~~~~~~~~

Received from PC Tools. It's scary to know what's going on out there. Please, take care when you're on the 'Net.

Even if you're running the best anti-virus, malware, and spy ware programs please don't click on a hyperlink in email from someone you don't know. If you don't know them, delete it. Better to be safe than sorry.

I know a couple of people who don't accept email with attachments. Period. No matter who it's from, known or not known. A couple more don't accept email from people they don't know. They have their programs set up so that they have to approve the sender. It may take a day or two before the recipient reads the email or responds to you, even if you are legit. They are protecting their computer lives, which includes their identity, and their finances. Not a bad idea. I'm going to check into this for my own email. If a sender gets their feelings hurt over this, well, in my humble opinion, that's just too bad. They'll either get over it or you won't be getting the forwards they're sending to everybody in their address book. I can say that because I'm guilty of it myself (not getting my feelings hurt, sending on forwards).

Be very careful about clicking links in advertisements whether in your email or when you're surfing the 'Net. There are unscrupulous people out there who build sites to look exactly like legitimate sites just to get your information and if they are really lucky, your money. If you get an email from, say your bank saying you need to take care of something and to please click on the link they've so thoughtfully provided, don't. Use your bookmark or type in the URL for that business. A hyperlink in an email from your bank, mortgage company, credit card company and a whole host of others won't exist in a legitimate email. This is probably one of those fake sites. Maybe not, but it's better to be safe than sorry.

A few months ago, Pay Pal sent me an email saying I needed to change my password. I got very suspicious because that was the first time online business had required me to change my log-in information. Not the first time I had received similar requests - those were usually from companies I did not have business with and I knew it was a scam (and reported to the Feds, btw). I don't remember if there was a hyperlink attached, but I used my bookmark and tried to log in. I got a message saying I had to change my password. I was still concerned, so sent an email to Pay Pal support asking what the heck!?

Turned out, this was legit. So, I logged in and changed my password. I wasn't happy about it because I had recently changed it on my own, but apparently they had software that picked me and wasn't going to let me back in until I did what it wanted. The upshot is that I questioned it and found out this was a legit request. Nothing wrong with that. Ask questions. If a company gets it's nose out of joint because you asked if an email was legit, think twice about dealing with that business. Every online business understands that there are cybercrooks out there and should be willing to bend over backwards to assure you that their email was really sent from them. And if it's not, the should want to know about it. They want your business and they don't want to get a reputation of a business that doesn't care about the online welfare of their customers.

Just a few tips to keep you safe. Remember, it's better to be safe than sorry.