TechByter Worldwide

If you enjoy today's article, please share it!

Program Date: 7 Apr 2013

Fraud and Security Hazards are Everywhere

The Licking County Computer Society recently asked me to visit the organization to talk about ubiquitous Internet fraudsters. The danger is real and it's becoming worse. The easiest way to avoid trouble is to assume that anything you see on the Internet is fraudulent until you can prove it to be legitimate.

Click any of the smaller images for a full-size view.

Click for a larger view.Threats are everywhere and we're seeing more of them every day. They come by e-mail, we encounter fraudulent websites, the various social media are rife with frauds, they arrive by phone, and some frauds even come by mail.

Click for a larger view.We’re cautious in dealing with people we meet on the street so why be any less cautious with e-mail? Or the Web? Or social media?

Words to live by: “If it sounds too good to be true, it probably is.”

Bill Gates isn't going to send you $1000 for forwarding an e-mail. You didn't win millions in a lottery you didn't enter. Somebody didn't die in one of Africa's poorest countries and leave you a fortune. Honda does not give cars away. Blackberry will not send you a free cell phone.

Click for a larger view.Old-time journalists have a rule: No matter what anyone tells you or who that person is, make sure you validate it.

Some journalists state it this way: "You mother says that she loves you. OK. Fine. But check it out!"

On the Internet, one rule will serve you well: Trust nothing.

Who, What, When, and Where ...

Click for a larger view.This may be a surprise: Most malicious websites are hosted in the United States even though many of the malware operators are in the old Soviet block. Russia and China are close behind when it comes to hosting.

Click for a larger view.Russia wins when it comes to infected computers but the US isn’t far behind. After that, the closest competitor is Germany. Poland’s infection rate is less than half that of the US. Canada’s infection rate is a sixth of that in the US. Are Canadians that much smarter than we are?

Click for a larger view.There are lots of virus “families” and this slide shows the top 10. Although viruses are given funny names, the names are much less amusing if your computer is infected.

Click for a larger view.Botnets consist of armies of infected computers that are controlled remotely. These 10 botnets account for 64 million infected computers! Computers are recruited into botnets via infected e-mail messages or e-mail messages that use social engineering to convince the recipient to visit a website that will install malware.

Click for a larger view.If you have a Mac, wipe that smug grin off your face. Macs are vulnerable. Not as vulnerable as Windows computers, but Macs can be infected and this is going to get worse.

E-mail: The Gaping Security Hole

Click for a larger view.The single most common vector for malware continues to be e-mail, in part because it's so common and seems so innocuous.

Here's a message that purports to be from payroll processor ADP. My computer's antivivus program caught this one and I don't have anyone on an ADP payroll. Also note that the copyright date is 2007.

But what if my AV application hadn’t caught it and what if I worked for a company that uses ADP for its payroll?

Click for a larger view.This is a phishing message and it would take a real knucklehead to fall for it. It seems that my appeal has been rejected (but I didn’t file an appeal). There was no attachment, although the message indicated one was there.

The image was hard to read so I've highlighted some of the text.

So the goal is to get me to call. They also want me to believe that the IRS uses area code 900 numbers ($3.59 per minute) And that they're open for business only Friday through Wednesday from 3:00am to 8:59am “your local time”.

Click for a larger view.A message that claims to be from UPS says that your package is being held as a post office, or you're told that important scanned documents await your review or that your airline tickets are ready.

Or maybe you're advised that there's an automated clearing house problem with your bank's wire transfer, an unexpected charge on your credit card, or that someone has filed a complaint against you with the Better Business Bureau.

So you click the link and you're asked to wait for the page to load. And wait. And wait.

Meantime, the rogue site is attempting to download and install malware on your computer.

Click for a larger view.These days even my wife spams me. Except she doesn't.

She doesn’t send 1-word messages. Her name is on the message in the "from" section but the message came from a hijacked account at consultant.com.

The site that the link refers to would attempt to install malware.

Click for a larger view.How many times each week do you receive messages that say you must "validate" something — your user name or password or account number. If your anti-spam software is sufficiently vigilant, maybe you don't see a lot of these. I check the trash bin occasionally to see what's there.

The one basic rule is that you should never be asked to give someone information they should already have (your e-mail address, for example) and no legitimate service will ever ask you to provide your password.

If the message is legitimate, it will address you by name and not by e-mail address or with the term “e-mail user”. And even then, it's reckless to click any link in a message.

Click for a larger view.A really laughable example of a phishing scam is one that claimed to be about my Intuit payroll.

It would take a real fool to fall for this: I don't have any payroll files, much less any that are managed by Intuit. Maybe you do have payroll files. Maybe they're even managed by Intuit. So look at the rest of the message. It came not from Intuit but from “FilesTube.com”. The subject is an ungrammatical “Payroll Account Holded by Intuit”.

Within the message, I'm told that the "finances would be gone away" and that the "amount to be seceded" is 4231 USD. Additionally, the "Paychecks would be procrastinated", so obviously this has been written by someone with a barely tenuous grip on the English language.

All the URLs go to the same poisoned link.


Click for a larger view.Pump and dump schemes are still big money-makers. Somebody buys a bunch of “penny stock” shares and then sends spams that encourage people to buy. The stock price rises and the fraudsters sell.

Those who followed the advice and bought the stock now have worthless shares while the fraudsters have your money.

This is not what I would consider to be a good deal.

And look at the small type! They even warn you that you will lose your entire investment!


Click for a larger view.PayPal frauds have been around for years but people still fall for them. PayPal messages will always come from PayPal (not LakeLandPlumbers.com) and will be sent to the address you use with PayPal. (The address shown is not the address I use with PayPal.)

PayPal messages will always address you by name, not just “Hello” or “Dear PayPal User”.

If you hover your mouse cursor over a real PayPal message, the link will be PayPal and not a site in Russia.

Click for a larger view.How many "girls" in Russia want to be my friend? Lots, apparently. And Lera wants to show me her photos. Wow! Am I excited or what.

Or what.

The message says it's from "Lera" but the from name is from “Darrell Jorgenson” and his address is “boyd@kitron.com”.

Lera (or Darrel or Boyd) wants me to visit her (or his) website, www.rugirlsx.ru, but I can see an infection in my computer’s future if I do that so I just deleted the message.


Click for a larger view.But it's not just e-mail messages that bring fraudsters to your doorstep, or mine. You may receive phone calls “from” Microsoft. The caller, usually with a strong Southeast Asian accent, will tell you that your computer is infected and that to solve the problem you must follow a link they provide. Usually it's a link that will allow them to take control of your computer.

The truth is that Microsoft would have no way to know if your computer is infected and Microsoft never places calls such as this.

The alternative method is a call that claims to be from your Internet service provider. On rare occasions, ISPs do make such calls. If you receive one, ask for the caller’s name and then call back but don’t use any number that person provides!

Click for a larger view.I was robbed in (fill in the name of the foreign city here)! Have you received one of these messages that asks for a few hundred (or a few thousand) dollars to take care of hotel expenses and get to the airport? You'll get your money back as soon as the poor traveler gets home, of course.

There are lots of danger signs. Maybe you receive a message from Alexandria, Egypt, from a person who wouldn't ordinarily have the means to finance a 60-mile from from Columbus to Zanesville. The phony message won't call you by name. Many of these will be from someone who is, at best, a casual acquaintance—not someone who's likely to request a loan of hundreds or thousands of dollars.

Other clues you may spot: The writer doesn't speak English very well and and written words sound nothing at all like your friend.


Click for a larger view.Or maybe you've received an official-looking e-mail from someone who says that it's time to "renew" your domain's hosting (or advertising, or registration, or search-engine optimization.)

The vast majority of these are frauds and they're easy because so few people understand how these things work. Domain information is public so anyone can send an automated message that addresses you by name and mentions your domain.

Here's one for a domain (1) that I administer (2) but note that the message is “Not an invoice”; instead it is just a “courtesy”. In fact, this is probably not illegal. The company will provide a "service"—probably submitting the domain name to a bunch of useless search engines.

Legal? Yes. Unethical? Also, yes.

Click for a larger view.Facebook is a hotbed of fraud, too. Here's a message that claims to be from Facebook to remind me of messages that I might have missed.

The problems include the fact that it was:

  1. Sent from Hotmail.
  2. Sent to an address I don't use for Facebook.
  3. References someone I don't know.
  4. Links to an address in Russia.

Hey! Except for those 4 "minor" clues, it appears to be entirely legitimate!

 


Click for a larger view.But even people I know send fraudulent links to me. Or so it seems

Yes, I know the sender, but …

  1. That’s not her e-mail address.
  2. The subject line is my name
  3. The named person is an editor and would not write this badly.
  4. The message is in ALL CAPS.

Really, these frauds aren't that hard to spot.

Click for a larger view.But they come by phone, too. I have a Skype account and, because I use it for business, I need to allow calls from anyone. If you use Skype only for personal calls, you should change several default settings:

By default, all of these settings are dangerously open.

Click for a larger view.Even the US Postal Service delivers frauds. Here's a letter than offers me a free Android tablet. All I need to do is fill out a survey form and the tablet is mine to keep, even if I don't fill out the survey!

“If it sounds too good to be true, it probably is.”

As it turns out, the message was from somebody who wanted to sell me an interest in a time-share property and it's a company that has a long and storied history of complaints with the Better Business Bureau and other anti-fraud agencies.

Click for a larger view.It doesn't matter how you're contacted—by e-mail, phone, mail, or in person. Lots of people simply want to separate you from your money, lose you, and keep the money.

Before you respond to anything, keep the old journalist's rule in mind and
TRUST NOTHING!

Convincing Older Programs to Work on Windows 7 or Later

A message from Mickey described a problem trying to run an old program on a new Windows 7 computer: "I have an OLD CD called PrintMaster Gold Version 3. Remember I did say 'OLD'. Well it ran fine up thru Windows XP Pro which is the last version I used it on until the new computer came along. I tried going to Microsoft and downloading something that might have made Windows 7 compatible with Windows XP, but that did not work. I really have gotten so used to this CD with the options it offers, I really hate to change. Is there anything in your bag that might get this CD to work on Windows 7?" This is not an uncommon problem.

Old. Yes, I think that applies considering that Amazon is selling "Printmaster Gold Version 18 [OLD VERSION]" for $9 instead of the $20 list price. So version 3 has been around for a few years.

Here's probably more information than you need (or want) and, unfortunately, less.

Brøderbund has been around since 1980 and it was purchased by The Learning Company in 1998. Some of the company's software titles, PrintMaster for example, and Mavis Beacon, are still published under the name Broderbund instead of Brøderbund.

In researching this, I found several references to PrintMaster version 4 and the problems people were having when they tried to run it under Vista, so that doesn't seem to be very promising.

Windows 7 (and Vista) do have some options for running older software, though. This functionality is built in and doesn't require buying anything or downloading anything. But it's also not a sure bet.

Microsoft provides instructions and a short video that describes the process of using older applications with newer operating systems.

The Microsoft page also includes this statement: "If changing the settings doesn't fix the problem, go to the program manufacturer's website to see if there is an update for the program."

It's possible that this old program simply will not work with a modern operating system. I was able to run Wordperfect 5.1 for DOS for many years after some computer pundits deemed it impossible, but I was never able to get it to work with Windows 7. It's possible that I might have found a way but Wordperfect 5.1 didn't have printer drivers for any printers more recent than those manufactured in the 1980s. Even if you're able to install the old Printmaster program, it might not be able to print.

So I would encourage you to take a look at the Microsoft video that explains how to use the Windows 7 troubleshooter. If that fails, the only workable solution might be to acquire a later version of the application.

Short Circuits

Apple Apologizes to China. How about US?

In defiance of Chinese law, Apple offers a 1-year warranty on its devices. China says warranties must cover a minimum of 2 years. Consumers in China were also annoyed by being forced to pay $90 to replace a faulty back cover on their Iphones. The fuss began in mid March on what's called International Consumers Day and ended this past Monday when Apple CEO Tim Cook apologized and promised Apple would do better.

On March 15, the state-run China Central Television network carried a report that detailed how companies mistreat those who buy their products. It's an annual event on Chinese TV but this time Apple was among the targets.

Cook admitted that Apple had been "arrogant" in dealing with customers, something that it's difficult to imagine Steve Jobs ever doing.

Xinhua, China's official news agency, said the company's response should have come earlier but suggested that it wasn't too late for Apple to repair relationships with its customers.

China is important to Apple's plans as a growing Chinese middle class purchases Apple's computers and phones. There have even been persistent rumors that Apple is trying to develop lower-cost devices that would be sold in developing countries.

So if Apple must offer 2-year warranties in China, how about offering 2-year warranties in the United States and elsewhere in the world.

In China, as most places, events don't occur without a reason. So why did the government-run media attack Apple? Writing in the San Jose Mercury News, John Boudreau, offered some suggestions: "A range of theories have been offered to explain why Apple came under such sharp attack in China. Some analysts say it was a reaction to the company's decision to not allow the government to have strong oversight of its online Itunes and App stores. Others cite government concern about the dominance of Apple's and Google's operating systems in the country. Still others say it was a form of payback for the way Chinese telecom giant Huawei has struggled to get business in the United States amid congressional suspicions of possible close links to the Chinese military.

Adobe Offers Free Lightroom and Camera Raw Updates

Adobe has released Lightroom 4.4, which is free to any Lightroom 4.x user and there's a concurrent release of Camera Raw 7.4 for Photoshop users. The Adobe update service should offer automatic installation for Lightroom and Photoshop CS6, but files are available from the download section of adobe.com.

The updates provide bug fixes for problems that have been reported in previous releases. Among the more critical corrections reported by Adobe is an improved de-mosaic process for Fujifilm cameras with X-Trans sensors (Fujifilm X-Pro1 and X-E1, for example). In addition, these releases add raw file support for twenty-five cameras: 3 from Canon, 3 from Casio, 5 from Fujifilm, 3 from Hasselblad, 1 from Leica, 5 from Nikon, 1 from Olympus, 1 from Samsung, and 2 from Sony. See the full list below.

Adobe encourages feedback from users of its applications. With hundreds of models of digital cameras, it's impossible to test every possible combination of operating conditions so Adobe relies on users to report what software engineers call "edge conditions" that are related to the diverse hardware and software configurations that are in use. The company maintains a special feedback site: feedback.photoshop.com.

Lightroom and Camera Raw releases are always coordinated because Camera Raw technology that is introduced into Photoshop as a plug-in is part of the core functionality built in to Lightroom.

The Full List of Newly Supported Cameras

* denotes preliminary support

TechByter Twitters

"Maybe this social media thing isn't a passing fad." No, I didn't say that but you would be forgiven for believing that I did. In addition to the podcast and website, TechByter is becoming active on Facebook and Twitter.

In fact, there has been a TechByter account on Twitter for several years and I've had a personal Facebook account for a long time. There is now an official TechByter Facebook page and the Twitter account has been resurrected. I'm still working out how these will be used, but the plan is to replace the moribund TechByter/TODAY Wordpress presence.

I had expected to use TechByter/TODAY for "updates between the weekly updates" but that never quite worked out as expected. Because Wordpress allows long-form articles, I tended to write long-form articles even though my intent was to use it to let readers and listeners know when something important happened (new zero-day threats, for example) or to preview what I was working on for the upcoming program.

The combination of Twitter (extremely short-form comments) and Facebook (where brevity is encouraged but images are permitted) seems to be one that will play together with the existing website and podcast, both of which will continue unchanged.

Well, one change. Each page of the site now has Twitter and Facebook links so that you can find TechByter there.

Wi-Fi from Your Electric Utility?

An article in the San Jose Mercury News caught my eye this week: Silicon Valley Power is installing new "smart meters" in homes and businesses and, with them, free Wi-Fi. The day of ubiquitous Wi-Fi may finally be approaching.

Eric Kurhi's article notes that reception is best outside and near one of the power utility's transmitters (there are 600 of them in Santa Clara, a small town west of the San Jose Airport and east of Sunnyvale). That's OK, though. Outside is exactly where free Wi-Fi is needed. If you have Internet service at home (and who doesn't these days) you probably already have Wi-Fi throughout your house.

The article quotes the power company's Larry Owens, who says that Silicon Valley Power is the first utility in the nation to offer free Wi-Fi as part of the smart meter roll-out. The power company is owned by the city. Owens says the Wi-Fi service has been in operation for less than a week and already "we're seeing 3,000 users a day."

A private Wi-Fi operation was in financial trouble nearly a decade ago and the city bought the hardware with plans to serve both its own operations and the public. There are some cautions and warnings: The free system is open, meaning that it shouldn't be used for anything that should be secure (banking, for example) and it won't be anywhere near as fast as the Wi-Fi you probably have installed inside your home.

Read the full article on the Mercury News website or visit www.santaclarafreewifi.com if you'd like to learn more about how the system works.