The US-CERT (United States - Computer Emergency Readiness Team) has published a document on Denial of Service and Distributed Denial of Service (often abbrieviated DoS or DDoS) attacks which can be found at the following URL: http://www.us-cert.gov/cas/tips/ST04-015.html
The document is fairly easy reading and highly recommended for everyone from the novice to more technical computer users. It is important to be aware of these types of attacks and understand that it is not just large corporations that get attacked; it is also possible for a malicious user to go after an individual as well. Motivation behind these attacks can range from revenge to attempts for recognition among peers. Some are more militant and may go against critical government web sites, others could be an attempt to go after someone because of post they put in a forum, and some criminals may be bold enough to request a ransom to stop the attacks against a high profile company.
Read the article and the next time you can't access a web site you may begin to wonder if the site, or even you could be the recipient of a Denial of Service attack.
Wednesday, November 4, 2009
Tuesday, November 3, 2009
Internet Crime Complaint Center Intelligence Note: Fraudulent Automated Clearing House (ACH) Transfers Connected To Malware and Work-At-Home Scams
In the spirit of information sharing I am posting the following note. The original is posted at the Internet Crime Complaint Center at http://www.ic3.gov/media/2009/091103.aspx. See also the press release at the FBI website: http://www.fbi.gov/cyberinvest/escams.htm
Intelligence Note
Prepared by the Internet Crime Complaint Center (IC3)
November 3, 2009
Fraudulent Automated Clearing House (ACH) Transfers Connected To Malware And Work-At-Home Scams
Within the last several months, the FBI has seen a significant increase in fraud involving the exploitation of valid online banking credentials belonging to small and medium businesses, municipal governments, and school districts. In a typical scenario, the targeted entity receives a "spear phishing" email which either contains an infected attachment, or directs the recipient to an infected web site. Once the recipient opens the attachment or visits the web site, malware is installed on their computer. The malware contains a key logger which will harvest the recipients business or corporate bank account log-in information. Shortly thereafter, the perpetrator either creates another user account with the stolen log-in information, or directly initiates funds transfers by masquerading as the legitimate user. These transfers have occurred as both traditional wire transfers and as ACH transfers.
Further reporting has shown that the transfers are directed to the bank accounts of willing or unwitting individuals within the United States. Most of these individuals have been recruited via work-at-home advertisements, or have been contacted after placing resumes on well-known job search web sites. These persons are often hired to "process payments", or "transfer funds". They are told they will receive wire transfers into their bank accounts. Shortly after funds are received, they are directed to immediately forward most of the money overseas via wire transfer services such as Western Union and Moneygram.
Customers who use online banking services are advised to contact their financial institution to ensure they are employing all the appropriate security and fraud prevention services their institution offers.
The United States Computer Emergency Readiness Team (US-CERT) has made information on banking securely online available at
Protecting your computer against malicious software is an ongoing activity and, at minimum, all computer systems need to be regularly patched, have up to date anti-virus software, and a personal firewall installed. Further information is available at http://www.us-cert.gov/nav/nt01/.
If you have experienced unauthorized funds transfers from your bank accounts, or if you have been recruited via a work-at-home opportunity to receive transfers and forward money overseas, please notify the IC3 by filing a complaint at www.IC3.gov.
For a detailed analysis of this scam please visit http://www.ic3.gov/media/2009/091103-1.aspx.
Monday, November 2, 2009
The Calm before the Storm
Something is going to happen. That’s right, something is going to happen that is going to garner nationwide, if not worldwide interest, and when it does be very wary of where you get your information. We all will use those big name news sites to find out about the story, but then our curiosity will get us. Our thirst for ever more information; the details behind the event, the conspiracy theories, what really happened will drive us to open our browsers, turn to our favorite search engine and type in the event.
An earthquake, tsunami, or terrorist incident will cause us to query away. Perhaps our guard is somewhat lowered as we search for news of the event, or our need for more information steers us further and further into the deep-dark net. And in this net, there are those who seek to use your query, your desire for more information, to compromise your machine.
The “storm” is the use of Search Engine Optimization (SEO) and email to take you to sites that will attempt to compromise your computer and install malicious software on it. Search engine optimization is a way a marketer, through the use of a variety of techniques; attempt to get a site to rank higher in search results. When a significant event happens that has a national or international interest, nefarious people on the “net” will now use SEO to get their sites to rank higher in search engines with seemingly legitimate reports of what happened or perhaps high interest alternate theories. Once users are tricked to their sites, malicious software is installed.
Using email combined with high interest events or news topics has been a common means of driving traffic to malicious web sites; it is now common practice for these malicious sites to employ SEO to bring them victims as well. Be wary when searching for a topic of interest to avoid being a victim of these storms, and always use a combination of anti-virus software and a desktop firewall to help protect your machine.
An earthquake, tsunami, or terrorist incident will cause us to query away. Perhaps our guard is somewhat lowered as we search for news of the event, or our need for more information steers us further and further into the deep-dark net. And in this net, there are those who seek to use your query, your desire for more information, to compromise your machine.
The “storm” is the use of Search Engine Optimization (SEO) and email to take you to sites that will attempt to compromise your computer and install malicious software on it. Search engine optimization is a way a marketer, through the use of a variety of techniques; attempt to get a site to rank higher in search results. When a significant event happens that has a national or international interest, nefarious people on the “net” will now use SEO to get their sites to rank higher in search engines with seemingly legitimate reports of what happened or perhaps high interest alternate theories. Once users are tricked to their sites, malicious software is installed.
Using email combined with high interest events or news topics has been a common means of driving traffic to malicious web sites; it is now common practice for these malicious sites to employ SEO to bring them victims as well. Be wary when searching for a topic of interest to avoid being a victim of these storms, and always use a combination of anti-virus software and a desktop firewall to help protect your machine.
Subscribe to:
Posts (Atom)
