We are seeing an issue on our side about retrieving messages from the archive. 

I’ll keep you posted on this as I find out more details

Here’s our update:

Spam Soap has confirmed a problem with the Message Archiving service affecting all users such that access to archived messages via the Spam Soap Console results in the following error: "Connection to Message Archiving server failed."

Engineers are currently working to on a resolution. There are no lost messages, and there is no impact to message ingest.

Updates will be posted at www.spamsoap.com/support as they become available. We apologize for the disruption of service and the impact it may have on you.

 Spam Soap Representative

Virus Warning!

We have become aware that there is a fraudulent email being sent that claims to be from the US Postal Service or the US Post Office.  Email subject heading include "USPS Shipment Status ID#######" or "USPS Delivery Problems NR#######".  The reader is directed to click on a link or open an attachment.  This link or email attachment contains a virus and we recommend you delete the email immediately.  We advise you open emails from trusted senders only since these viruses are not restricted to this current fake Postal Sender.  If you are waiting for something from the post office, please call them first or email customerservice@ups.com. 

Links:                                                                                                                                                                                                                                                                                            Bryley’s Secure Network reduces the risk of you Company ever seeing these types of suspicious emails           

Suspicious IRS Emails

The IRS receives thousands of reports from taxpayers who receive suspicious emails, phone calls, faxes or notices claiming to be from the IRS.  The goal of these devices is to trick you into revealing personal and financial information and use several tactics such as claiming a greater tax refund, the use of IRS logos, and even have emails with a .gov address.  These communications appear to be legitimate, but these scammers are out to steal your identity and assets. 

Here are five things the IRS wants you to know about phishing scams:

1.       The IRS doesn’t ask for detailed personal and financial information like PIN numbers, passwords or similar secret access information for credit card, bank or other financial accounts.

2.       The IRS does not initiate taxpayer communications through e-mail and won’t send a message about your tax account. If you receive an e-mail from someone claiming to be the IRS or directing you to an IRS site:

• Do not reply to the message.

• Do not open any attachments. Attachments may contain malicious code that will infect your computer.

• Do not click on any links. If you clicked on links in a suspicious e-mail or phishing website and entered confidential information, visit the IRS website and enter the search term 'identity theft' for more information and resources to help. 

3.       The address of the official IRS website is http://www.irs.gov. Do not be confused or misled by sites claiming to be the IRS but ending in .com, .net, .org or other designations instead of .gov. If you discover a website that claims to be the IRS but you suspect it is bogus, do not provide any personal information on the suspicious site and report it to the IRS.

4.       If you receive a phone call, fax or letter in the mail from an individual claiming to be from the IRS but you suspect they are not an IRS employee, contact the IRS at 1-800-829-1040 to determine if the IRS has a legitimate need to contact you. Report any bogus correspondence.

5.       You can help shut down these schemes and prevent others from being victimized. Details on how to report specific types of scams and what to do if you’ve been victimized are available at http://www.irs.gov, keyword “phishing.”

 Links:

Bryley’s Secure Network reduces the risk of you Company ever seeing these types of suspicious emails

Tips for Creating a Strong Password

Passwords provide the first line of defense against unauthorized access to your computer. The stronger your password, the more protected your computer will be from hackers and malicious software. You should make sure you have strong passwords for all accounts on your computer.  If you're using a corporate network, your network administrator might require you to use a strong password.  For tips on how to create a strong password... http://windows.microsoft.com/en-US/windows-vista/Tips-for-creating-a-strong-password    

Scareware\scare-wear\, noun; application created by cybercriminals to look like antivirus software. Scareware attacks in three ways: 1) professional looking websites that seemingly sell antivirus software 2) pop ups to install software on infected sites 3) fake search results with videos that look like virus scans.  

Don’t

1.       Download unfamiliar software online

2.       Give your credit card information to unknown companies

3.       Shop for antivirus software online without first consulting a managed service provider

Do  

1.       Install a firewall

2.       Keep your security software up-to-date

And now you’re informed in100 words!

According to Microsoft, cybercriminals are now turning to phone calls as a new method of attack.  They call victims pretending to be computer security personnel from legitimate companies (including Microsoft), warn you of a security threat that could potentially be on your computer and then ask if you want a free security scan.  If you say yes, they direct you to a website that allows them to remotely access your PC.  Again, this is a scam!  If you receive a call of this nature do not give the caller any valuable information or access to your PC!

People who have previously fallen for this scam have either had their computer tainted and their valuable information stolen - usernames, passwords and/or financial information - or have given away their credit card details as they were under the impression that they were paying for a legitimate service.       

To comprehend the ubiquity of this new method of attack, Microsoft polled 7,000 PC users from North America and the U.K (the two locales currently exposed to the scam).  15 percent of those polled had received such a phone call and of that subset 22 percent fell for the scam.  79 percent of the time, the scam resulted in financial loss. Among those victims that incurred a monetary loss, 17 percent had money taken from their financial accounts, 19 percent had their passwords stolen, 17 percent were the victims of identity fraud and over 50 percent suffered from subsequent pricey computer problems. The amount of money stolen per victim spanned from $82 to $1,560 while the amount of money it took to fix each damaged PC ranged from $1,730 to $4,800.    

Although this phone scam has only been traced to the United States, Canada, England and Ireland, it was affecting Australians back in 2010 and has the likelihood of expanding its reach in 2011.

How do you protect yourself? Use common sense, and when in doubt follow this advice:

1.      Exercise caution and maintain suspicion when you receive an unsolicited calls for anything but especially for a security problem

2.      Never give any of your personal information – full name, date of birth, credit card number, social security number, bank account information – to an unsolicited caller

3.      Never go to a website or install software when an unsolicited caller tells you to

4.      If you happen to receive such a call, take down the caller’s information so as to pass it on to the police

5.      Keep all of your software updated, especially all security software

6.      Maximize password strength and mandate frequent changes

If you have any questions, concerns or problems regarding phone scams please contact Bryley today at 978.562.6077 or email Sales@Bryley.com.

Online security is not a new issue in 2011. Last year businesses witnessed an incredible rise in malware attacks and phishing scams. Although security firms work tirelessly to undermine online criminals, hackers too work around the clock to introduce novel and variant schemes that security tools are not yet equipped to prevent. And so as businesses benefit from the greatest antivirus products to date, they still face constantly updated methods of attack as well as new threats to their personal information.

That is why it is absolutely necessary to utilize common sense and constant vigilance when working online in 2011, but in order to do so you will need to be supplied with helpful information on what you should be looking out for. Below is a comprehensive list of the greatest online threats in 2011 coupled with advice on how to protect your crucial business data as we now realize that security products won’t always be enough.   

Threat # 1: Web apps

In 2010 businesses the world over turned to two new technological advances: smartphones and cloud computing. As mobile phones and cloud computing optimize employee productivity it is no surprise that these two business technologies are on the rise. It is also no surprise that as a result web applications are a new target for cybercriminals. According to a recent study conducted by the Pew Internet and American Life Project, 85% of US adults own a mobile device.  According to that same study on March 1, 2011 it was found that more than 50 apps on Google’s Android Market had been compromised by the Trojan virus DroidDream. When you run DroidDream believing it to be a web app for your smartphone, the Trojan automatically assumes total administrator access over your device and proceeds to download more malicious content as well as steal your personal information.   

How do you protect yourself? Proactively protecting yourself from malware-infected web apps isn’t exactly easy. Although Google caught onto DroidDream, wiped the malicious false apps from their Market, and remotely removed the apps from client devices, new ones will continue to crop up and will typically only spotted in hindsight.  If you wish to incorporate smartphones, cloud computing and web apps into your business plan, be sure to implement common sense protection procedures. Enforce password policies for maximum password protection, device locking, remote wiping, and hardware and data encryption.

Also, be sure to read reputable reviews on apps before purchasing them and only download apps that come from known and vouched for sources. You can even purchase antivirus web apps for your mobile device. Another security precaution would be to read an app’s permissions screen carefully before downloading which discuss the information the app will be allowed to access on your device and uncheck any undesirable permissions to information.      

Threat # 2: Social networking scams

Just as the use of web apps and related attacks are on the rise, social networking is also a growing trend among businesses. According to research conducted by BitDefender last November, 20% of all Facebook users are currently susceptible to malware attacks, the most common of which are phishing scams. A phishing scam is any attempt to fool a user into visiting a malicious site parading as a trusted social network site, typically Facebook. This sort of attack will more often than not come from a trusted Facebook Friend (a Friend who has already been compromised by the scam) in the form of a malicious link that can infect your PC and steal your personal data including your Facebook login information (thus increasing the reach of the scam as the hackers will now utilize your Friend list to further spread the malicious content). 

Another social networking scam is the use of false, malicious applications on sites such as Facebook. Just like the phishing scams, these apps will also steal your personal information from your social networking sites. While it does not seem like these sites contain critical personal information such as social security or bank account numbers, they do often contain your date of birth, location of birth, cellular phone number and email address – all of which can be gathered to build a profile that could result in identity theft.   

How do you protect yourself? First, know what suspicious behavior to look out for. Hazardous apps, for example, typically wish to post on our wall and access your Friend lists. You should ask yourself why an app would desire these permissions. Usually it is for malicious purposes. If you have already downloaded a hazardous app do not worry: very often saving your information is as simple as revoking the app in your security permissions and changing your account password. Also be wary of any invitations to view photos or videos on social networking sites. If that sort of activity does not seem to fit the sender’s online behavioral patterns you should probably not click on the link.

Also, be cautious of any link a site is trying to prompt you to follow to information concerning other social network scams - such as recent Twitter scams that you have never heard of prior to the link invitation. Hackers are beginning to use scare tactics to get you to click on links to purported security information or program downloads that are in fact malware. This leads us into Threat # 3.      

Threat # 3: False antivirus downloads

According to a report conducted in 2010 by Sophos, there have been over 850,000 instances of antivirus scams in the past year. This sort of attack is also known as scareware, as the malware utilizes relevant scare tactics concerning the recent distress over the prevalence of malware and convinces victims to download free antivirus software.  Sometimes the scam stops there, with the victim downloading malware onto their personal computer.  Other times the scam continues with the malware claiming that your computer is threatened by a virus and in order to save your device you must download a full version of the program, thus giving away your credit card information and identity to a cyber criminal.  

How do you protect yourself? You must utilize a current and reputable antivirus program such as those offered by McAfee to protect yourself from fake antivirus downloads. And be sure to never download an antivirus program online from a pop-up window or from a third-party site!

Threat # 4: PDF email attachments

Malicious email attachments are the oldest of online attacks and they are still prevalent in 2011, with PDF documents generating the greatest amount of occurrences, according to a 2010 report from Symantec. This is due to the fact that PDFs are the easiest way in which a hacker can create seemingly legitimate, concealed malicious content. According to MessageLabs, 65% of all email-based malware attacks utilized PDF attachments and the projection for 2011 is that this number will climb to 76%.

How do you protect yourself?  Obviously you want to incorporate an antivirus and spam filtering device into your security plan. Also, use common sense. Never open email attachments that you were not expecting or that you do not know the author of and keep your PDF reader up-to-date (Adobe for example regularly releases security updates). Also note that the new Adobe Reader X has an updated security architecture that will better protect you from PDF attachment attacks.

Threat # 5: War games 

According to Perimeter E-Security, war games are on the rise in 2011: everything from state-sponsored malware attacks, industrial espionage, and hactivism.

How do you protect yourself? Monitor your network traffic for suspicious activity and regularly review employee data access policies; these security measures will help you to protect yourself from both external as well as internal security threats.   

Want to learn more?

If you would like to learn more about the recent trajectory of cybercrime, vouched for security products, and common- sense tips on how to protect your personal data in 2011, contact Bryley Systems today for a free business-technology consultation.  Call 978.562.6077 or email GLivingstone@Bryley.com to learn more.

References

PC World: www.pcworld.com

October is National Cybersecurity Awareness Month and to help you celebrate we have compiled a list of best practices for password strength optimization. Passwords are the primary tool for online authentication and as such they are targeted information for cybercriminals looking to gain access to your workstation and/or personal records. Proactive measures are vital to prevent online identity theft, network infiltration, system crashes and the spread of botnets.  By following the 7 best practices described below you will fortify yourself against such malicious cyber threats.

1.    Create a “strong” password

A strong password is one that cannot be easily identified by a cybercriminal. When creating your next password, be aware of the DOS and DO NOTS of password strength.

a)    DO NOT draw from the obvious

When selecting a password do not draw from obvious sources – your name, your child’s name, not even something as seemingly ambiguous as your favorite flavor of ice cream or a random word. With the advent of social media sites, today’s cybercriminal can easily aggregate personal information and crack obvious passwords. Even if you feel that your password is obscure and/or unconnected to yourself, if it is simply a word or phrase, dictionary attacks – programs that plug in every word from a database - can still compromise you.

b)    DO use a mixture of letters, numbers, and special characters

Make your password complex and you will make it secure. Random placements of letters, numbers, and symbols will make it very difficult for cybercriminals to hack into your accounts. If you are afraid of forgetting such a complex password, try thinking of a phrase and use the first letter of every word - adding in numbers and symbols for extra security.

c)    DO NOT use the same password

Using the same password for every login is a recipe for disaster. A cybercriminal now only needs to crack one password for unlimited access to all of your online accounts.

d)    DO use longer passwords

When it comes to password security, always remember: the longer the better. According to online security experts, a password 15 characters in length could take up to two trillion years to crack. However, length isn’t everything. You must be sure to still utilize a mixture of letters, numbers and special characters and not cut corners and use a long word or phrase; otherwise, the precaution will not be effective.

By creating long, complex and unique passwords for every one of your authentication accounts you will guarantee password strength.

2.    Change your password regularly

It is very important to create strong passwords, but even strong passwords can be discovered by expert cybercriminals – especially if they are given ample time for discovery. That is why it is essential for you to get into the practice of routine and mandatory password changes. A perfect time to schedule updates is with the change of seasons as they divide the business year into obvious and unforgettable quarters. And as it is now just fall it is the perfect time to begin this excellent practice. You can start by announcing a mandatory password change in the next few weeks and update your business calendar for three more alterations for the winter, spring, and summer.

3.    Keep written reminders secure     

Long, complex, constantly changed passwords are hard to remember. You may need to write them down as a practical safeguard. Just be sure to avoid the bad habit of keeping these reminders close to your computer – or even worse taped to your screen. If you need written reminders, keep them in a secure area away from your workspace such as at home or in the glove compartment of your car.

4.    Keep reset information up-to-date

There will be moments when you simply cannot remember a password and will need to request a reset. As a precaution you should always be certain that your online accounts have your relevant email address on file so that when reset information is sent, it is sent to you and not to an abandoned account that has the potential to be exploited. It would be best to get into the practice of checking reset information on the scheduled dates for password changes.

5.    Review your organization’s password policy  

Take the time during your quarterly password changes and reset information checks to review and/or update your organization’s password policy – the rules and procedures employees are required to adhere to in order to ensure password and network security. If your organization does not already have such a policy, be sure to create one this fall and distribute it to all employees that utilize workstations.

6.    Expunge temporary usernames and passwords

If you recently employed any temporary staff or summer help be sure that their usernames and passwords no longer access your system.   

7.    Invest in antimalware software

Complexity and frequent changes will prevent cybercriminals from discovering your passwords, but malware has the capacity to bypass authentications and infiltrate your system. And with a reported 1.3 million websites infected in Q2 2010, we strongly advise that you implement antimalware into your security plan.

Be sure to implement these password practices at your organization so as to optimize your cyber and system security.  

If you would like any additional information on antimalware software please contact Bryley today at 888.280.5799 or email Sales@Bryley.com.    

Cyber's the name of the game . . .

In recent years businesses the world over have experienced the definitive influx of cybercrime – everything from malicious network attacks to data theft.  Not only does the Internet provide a new backdrop for a new breed of criminal, but it also simplifies the process of these criminals finding one another and converging their interests and skills.  According to John Lynch, deputy chief for the Department of Justice Computer Crime and Intellectual Property Section, there is an ever growing online market for malicious specialties. Analogous to the way one could find a legitimate job on a site like Craigslist or LinkedIn, cybercriminals are founding their own social networking sites and getting connected with other likeminded individuals.  

And these new coalitions of cybercriminals have a lot to work with . . .

Last year, the IBM Internet Security System X-Force research and development team discovered a total of 7,247 Internet security vulnerabilities, that 88.4% of said vulnerabilities could be exploited remotely through a common web browser, and an even scarier 50.6% would grant a hacker the ability to gain control over the host. The most common vulnerability exploitations are spamming and phishing attacks, and according to IBM, U.S. businesses are the most targeted organizations of phishing emails, accounting for 71.4% of all cases.       

Fortunately, Internet security leaders have been investigating the malicious dealings of these new cybercriminals, and thanks to their diligent work we now know who they are, what they're after, how they operate, and how to best protect our networks from attack.       

Who they are 

As addressed in last month’s “Beware the Scareware,” cybercriminals are no longer thrill seeking  hackers but rather experts in their field. They are highly skilled developers and engineers meeting each other online in chat rooms devoted to cybercrime.

The cybercriminals of 2010 are now also “organized,” although IBM program manager Peter Allor would say that they are more like confederations of cybercriminals, moving around from project to project as opposed to permanently organized forces. These confederations have well rehearsed methods that tend to wreak less initial havoc than the work of an anarchist hacker. As they are professionals in their field, they understand the importance of anonymity, and their undetected entrance grants them additional time to cause far more long term damage to your system.

What makes it all the harder to detect these confederations is the fact that their servers and websites are all underground. Often the servers are in other countries where laws are more lax and the websites are protected via passwords or accessed through encrypted channels. What's more, cybercriminals use nicknames which allow them to maneuver online with anonymity, so when one of their sites are detected and shut down they can simply create a new one as their identities are never caught and reprimanded only their sites. According to Allor, a malicious site can move over 40 times in the course of six weeks.  

Even more confounding is the fact that these confederations continue to shift about; no group of cybercriminals ever seems to stay together for more than one project. Only a handful of constants sit at the top of each crime confederation; they recruit others, set up and control the malicious websites, and control or lease the botnets.  The rest of the players are small time mules, performing a lot of the dirty work of the masterminds for a small cut. Confederations are hard to shut down due to this structure.  With the masterminds on top recruiting mules to do the bulk of the dangerous work, mules are the ones typically getting busted. When mules are caught, they are completely cut loose from the confederation; the higher ups allow them to become scapegoats and the mules have no idea who the higher ups even are so they can't offer up names when caught.

What they're after

As with any other mode of organized crime, cybercriminals are after money. Below are 8 specifics cybercriminals are after for profit.  

1.       Authentication credentials - so as to access your system without malware

2.       Money laundering - from illegal and semi-legal activities such as drugs and prostitution

3.       Extortion schemes -  breaching the defenses of a particular site to then blackmail the proprietors with the threat of denial of service attacks

4.       Business information – to accumulate and sell online

5.       Personal information – anything from social security numbers to credit card information

6.       Bandwidth – tapping into your bandwidth for their own personal use, affecting your network’s performance

7.       Exploit codes, backdoor data, and other entry material – any way to hack into your network

8.       Selling their own tools to other would be cybercriminals   

Their strategy

The higher ups typically follow a 10 step plan that has been addressed by Tracy Mayor of Pragmatix.  

1.       The cybercriminal launches multiple, high-volume spam and phishing emails, directing recipients to phony websites

2.       The malicious site installs a downloader onto the user’s PC via browser vulnerabilities

3.       The downloader installs keystroke loggers, backdoor root kits, botnet agents, and other malicious software all designed to capture valuable personal data

4.       The malware installed on the user’s PC then turns the PC into a botnet or the cybercriminal uses a “work from home” spam scam to recruit mules.  

5.       The stolen data is used to access bank accounts and transfer funds into mule accounts

6.       Mules convert the remainder of funds into electronic checks

7.       The checks are deposited into overseas holding accounts

8.       The money is used to buy vast quantities of hard to trace easy to use gift cards

9.       A different set of mules purchase goods with the gift cards at one large retailer

10.   These goods are returned for cash at another branch  

How to protect yourself

The only way to go about protecting your network and valuable data is to adopt a holistic approach to security: harden your network, defend your perimeter from all possible external threats, layer your internal security, continue with your email and web content filtering, and adopt data encryption.

The best thing to do is to hire a professional managed service provider for their expert analysis of your specific needs and threats, their opinions and their products and services. Bryley Systems has been in the business for over 23 years. If you have any questions or concerns regarding cybercriminal confederations or the safety of your network please feel free to contact us today.

Want to learn more?

Contact Bryley today!

Call 888.280.5799

Email Sales@Bryley.com

Visit www.Bryley.com  

Resources

Pragmatix – www.pragmatix.com “Cyber: Criminals get organized” written by Tracy Mayor

IBM ISS X-Force Report, Executive Brief – www.iss.net/documents/whitepapers/X_Force_Exec_Brief.pdf

U.S. Department of Justice Computer Crime & Intellectual Property Section – www.cybercrime.gov

ChannelWeb came out with a list of the 10 most dangerous legitimate websites to date. As discussed in the previous articles of this month’s newsletter, legitimate sites are now the preferred targets of today’s hackers as they are far more lucrative than the commonly acknowledged dubious sites.

So, without further adieu, here are the 10 sites to be weary of:

1.       Facebook             

With almost 500 million users, Facebook is the ultimate target for cybercriminals. Ever since the Koobface of 2008 (an anagram for Facebook and a virus that is very much alive and thriving today), Facebook has experienced an escalation of attacks. Beware of fraudulent profiles and Facebook log-in pages as they are phishing Malware attacks.

2.       Twitter

Coming in behind Facebook in social networking popularity, Twitter is another favored target for hackers. The most common of Twitter attacks is an infected URL which will download Malware onto the unsuspecting user’s computer. And just like Facebook, Twitter has also been the victim of phishing attacks, prompting users to sign in on a counterfeit log-in page or to click a malicious link in a phony profile.  

3.       Google

As the most popular site on the Internet, Google is constantly under attack. The most popular of these assaults are search engine poisoning techniques to get malicious sites to appear at the top of the search rankings as traditionally users will trust and click on those sites listed first. Gmail is also a victim of phishing scams.

4.       URL Shortening Sites

Thanks to Twitter and its 140 character limit per Tweet URL shortening sites such as TinyURL and Bit.ly have been increasing in popularity, both with legitimate users and hackers. Not only are these sites being targeted by Malware attackers, but the shortened URLs are also a new vehicle for infection as well.

5.       YouTube

For a long time now hackers have been enticing users of YouTube to download malicious content. The most popular way to do this is to hijack an email or social networking account and to then send the infected video codec to all of the victim’s contacts, creating a sense of legitimacy.

Tune in next month for Part 2 of this list!