Full article here: Click – USA Today

Summary:

• 55% of businesses reported experiencing fraud in the last 12 months, with 58% enabled by online banking activities.
• 80% of banks failed to catch fraud before funds were transferred out of their institution.
• In 87% of fraud attacks, the bank was unable to fully recover assets.
• 57% of the respondents that experienced a fraud attack were not fully compensated by their banks.
• 26% were not compensated for any part of their losses.
• 40% of defrauded businesses moved their banking activities elsewhere.
• 24% of businesses claim that their banks do not provide a policy explaining the bank’s responsibilities to secure and protect their companies’ accounts from fraud.
• 39% are unsure if such a policy exists.

"The data is clear – financial institutions’ are failing to protect small and medium business assets," says Terry Austin, CEO, Guardian Analytics. "This is crushing to the SMBs, which are at the heart of our economic recovery."

** Please make sure your small business is protected. Many small businesses are in the position where the CEO or General Manager is also the IT professional and with that comes the lack of time to accomplish all the security items needed in today’s society. Please take the time to make sure you are protected online **

Comments(0)

Kim Komando hosts the nation’s largest talk radio show about computers and the Internet. To get the podcast or find the station nearest you, visit www.komando.com/listen. To subscribe to Kim’s free e-mail newsletters, sign up at www.komando.com/newsletters. Contact her at gnstech@gannett.com.

http://www.usatoday.com/tech/columnist/kimkomando/2010-01-28-online-crooks_N.htm?csp=usat.me

Criminals are getting smarter and smarter. So, these days, it isn’t enough to just run security software on your computer. You need to keep up with the criminals’ latest tricks. Here are six threats to your security and tips for protecting yourself.

Flash drives

Flash or thumb drives provide an easy way to infect machines with malware. It’s no surprise that criminals are using them, particularly to target companies.

TECH TIPS: Ask Kim

Criminals use a flash drive with a company’s logo. They load it with malware and drop it in the company’s parking lot. An unsuspecting employee picks up the drive and connects it to his or her computer. What happens next is the scary part. Criminals gain access to the company’s network — and trade secrets.

Never use a flash drive that you find. If you find one at your company, alert the IT department. It can find the rightful owner or destroy the drive.

Facebook ‘friends’

Everyone seems to be on Facebook. It can be exciting to find new Facebook contacts. But pay close attention to who you grant access to your profile.

If you use your account for business, it can be a gold mine for competitors. You may unknowingly post information about projects that would benefit competitors. Even your contact list says a lot. It can give hints about an upcoming merger or partnership. It can also give criminals inroads at other companies.

That’s not the only danger. Information you post can be used for targeted phishing attacks. A criminal can post a link to a malicious site. It could be a phishing site or a site that installs malware.

Limit what others see and be careful about your posts. You may also prevent others from posting to your wall. Above all, be vigilant.

(Read the article)

Comments(0)

BBC Reprint: 08:12 GMT, Friday, 15 January 2010

Original Article: http://news.bbc.co.uk/2/hi/technology/8459898.stm

Many diallers lurk on sites hawking pornography

As mobile phones get more sophisticated, hi-tech criminals are dusting off some old tricks.

Security companies have noticed a rise in trojans known as diallers that used to be popular during the days of dial-up net access.

On a smartphone the diallers are being used to call premium rate lines leaving victims with a big bill.

Experts say the diallers are proving popular as a quick way for criminals to cash in.

Diallers were widely used during the days of dial-up net access when most people connected via modem.

Many diallers lurked on porn sites and, once they snared a victim, disconnected their modem and then placed a long distance call. Many victims were left with huge phone bills.

The economics of international calls meant that some of the cash spent on the call would be shared with the criminals. Some diallers were very sneaky in that they muted the speaker on a modem so victims could not spot when the overseas call was being placed.

Now, the security wing of software firm CA has said it is seeing a rise in diallers for smartphones. This time, instead of calling international numbers, the diallers call premium rate lines and land victims with the bill.

Writing on the CA security blog, Akhil Menon said it was seeing a “an increasing trend of trojan diallers”. Mr Menon profiled one such virus, called Swapi.B, which sends premium SMS messages.

“The messages sent out are in the typical format to invoke premium services and land the mobile user with heavy mobile bills without the user’s knowledge and consent,” wrote Mr Menon.

Many diallers, including Swapi.B, are contracted from porn sites which disguise themselves as software, video clips or helper programs.

Mikko Hypponen, head of research at F-Secure which makes security software for mobiles, said it had seen a “handful” of diallers in recent months.

They were popular, he said, because they get round one of the big problems facing anyone wanting to make money out of Windows viruses.

“PC malware can’t just directly steal money from your machine; it has to jump through hoops like keylogging your credit card number or sending spam,” he said.

“However, mobile malware can just instantly steal from you by making premium-rate calls or messages,” said Mr Hypponen.

Some creators of diallers were also working to ensure that it was hard to shut down the premium rate service they had set up to cash in.

Mr Hypponen said some diallers sent messages or rang many different numbers, including legitimate ones.

“The trojan can place calls to, say, 100 different premium-rate numbers, only one of which is his own number,” said Mr Hypponen.

“How would you fight this? Shut down all the numbers, including the innocent ones?”

Comments(0)

I can’t believe how many people still fall for scams. I continue to hear calls of people buying a “TV”, “VCR”, or “laptop computer” from some guy in a parking lot only to find out when they get home that the “actual sealed box” contains bricks. Or the people who send thousands of dollars of “good faith” money to someone in Nigeria who says they inherited millions of dollars and promises people part of the fortune to help them get the money to the U.S. Or the common Pigeon Drop Scam.

In the pigeon drop scam, swindlers work in pairs or teams. One befriends an unsuspecting consumer, the "pigeon”, (usually an elderly person) while the other approaches them with money or valuables he claims to have just found. After some rehearsed conversation, the con artists agree to split the money three ways with you and arrange to meet at a lawyer’s office or somewhere else of their choosing. But can they trust you, they ask. To get your share, you’ll need to put up some "good faith" money, which they will return to you after the goods are divided. To prove yourself trustworthy, you turn over a large sum of money to them and later go to meet them at the designated spot. Soon after arriving, you realize the pair is long gone — and so is your money.

Unbelievably, a lot of people still fall for this scam frequently. The list goes on and on. People’s greed often makes them let their guard down or not follow their “gut” instincts. I just finished an investigation that EVERYONE needs to know about. It’s a scam that is claiming victims every day across the country. Here’s how it works:

“Buyers” are searching Craigslists ads all over the United States and responding to the ads telling people that they want their item (laptops, cameras, jewelry etc). The “buyer” tells the person that they will pay via PayPal, the online money transfer and banking site owned by eBay. The “buyer” tells the person that they will add an additional $80 or $100 to ship the item overnight.

The “buyer” often states that they are out of the country and request the item be shipped to a U.S. address. The “buyer” then sends the person a very realistic looking but fake PayPal notice stating that the buyer is a confirmed buyer with a verified address. The fake PayPal notice states that the money has been deducted from the buyers account and is being “held” until shipping confirmation is verified at which time the money will be credited to the persons account.

The scam I investigated was using an address in the city where I work. Unsuspecting victims shipped laptops, cameras, jewelry and all kinds of items to the requested address where a middleman resold the items and sent the “buyer” the proceeds after keeping a cut for himself. The money is usually sent out of the country, in my case, Nigeria. The sellers of the property never receive payment because the e-mail notice was a fake notice from PayPal.

I recovered 4 laptops, several expensive cameras and diamond rings at the residence. There were several empty boxes where the items had already been sold. All of the victims stated that the PayPal e-mail they received stating that the money would be deposited in their accounts after the item was shipped looked very official and real. I posed as the middleman and began corresponding with the “buyer” online who was telling me what items were being sent overnight; there was expensive jewelry, game consoles, more laptops etc. It was an unbelievable amount of merchandise that people were unsuspectingly shipping without any knowledge it was a scam.

I use PayPal myself, it is a fast, secure and protected way of making purchases or receiving money. But please be aware, there are scams using fake PayPal e-mails like the incident above. PayPal DOES NOT hold money until shipping is confirmed. Sometimes a transfer may show as pending but all purchases, transfers and pending transactions will show up on your PayPal account statement. If someone tells you they sent you money via PayPal, log on to your account to verify the funds were sent. You are protected by PayPal this way. Everyone that fell for the scam did not check their PayPal accounts until it was too late. PayPal could not help them because the transactions never went through PayPal, they were all fraudulent fake e-mails.

I see several “phishing” e-mails that try to claim victims. Scammers send out very realistic e-mails with logos from Bank of America, Wells Fargo, Bank of the West etc stating “your account was possibly compromised and your account has been temporary frozen to avoid fraudulent transactions. Please click on the link below to verify your information so we can unlock your account. We are sorry of any inconvenience this may cause you”.

These notices are VERY real looking because they have cut and pasted actual bank logos and wording from real banking websites. If you click on the link it requests your personal information including your PIN to “verify” your account. Your account is then quickly drained of all your money and you won’t realize it until you start getting overdraft notices or bounced checks.

NEVER NEVER NEVER give anyone personal information such as social security numbers, bank account information and PINS, or other personal information unless you know who you are talking to. Request a call back number and call it, call your bank to verify suspicious e-mails. Most sites are secure and trusted so beware of scams or e-mails using the same realistic looking logos asking for your personal information.

All banks and most web-sites have a security department. If you have any doubts, call your bank or send an e-mail to the security department of your bank to see if the e-mail is actually from them. Sites such as PayPal and most banks request that you forward the entire suspicious e-mail to them and they will let you know if it was a scam.

Certain things should raise red flags such as someone offering to pay an unusually large amount of money to ship an item overnight, saying they are out of the Country and asking to ship to a different address, e-mails stating the money will be held until the item is shipped, people selling electronics cheap in a parking lot, promises of large sums of money if you send good faith money, all red flags pointing to a scam.

These scams have been around a long time so none of this is new information for crooks. We are just trying to make innocent people AWARE of these scams and help them avoid becoming a victim of crime.

And follow the old rule; “if it seems too good to be true, then it probably isn’t true”…… Or else you might end up with a box of rocks instead of a TV…….

Mark
© Coptalk.info

Comments(2)