For example, placing an infected USB stick into the computer on Windows 7 will, by default, ask you what you want to do.  Being a smart person, you know to avoid the “autorun” option, and instead opt for “open folder” choice, to see what sort of files are on it. That act alone will trigger the worm. Same thing with “My computer” and then double-clicking the USB stick, or navigating to any folder with the infection in it.

According to an article from Microsoft:

What is unique about Stuxnet is that it utilizes a new method of propagation. Specifically, it takes advantage of specially-crafted shortcut files (also known as .lnk files) placed on USB drives to automatically execute malware as soon as the .lnk file is read by the operating system. In other words, simply browsing to the removable media drive using an application that displays shortcut icons (like Windows Explorer) runs the malware without any additional user interaction.

The scary part is that it targets industrial control systems. According to a recent article in Security Technology News:

Stuxnet is a virus that has been designed to specifically attack software programs running Supervisory Control and Data Acquisition (SCADA) systems, which monitor automated industrial control systems such as chemical factories, power generators and food processing plants.

The threat carried by Stuxnet worm is that once it infects a computer, it begins to communicate with a remote server that will be able to take control of the computer.

Finally, here’s a link to an article on the ESET blog with further details, and you can get a list of numerous ESET articles on Stuxnet by clicking here.

Another common type of e-mail fraud is called “phishing”. Basically, they pretend to be someone else, in an attempt to get you to reveal personal information, just as login and password, or your social security number. (Or both.) Many of these can be rather sophisticated, mimicking the real website down to the slightest detail.

Some, on the other hand, are so poorly done, you have to wonder why they bother. The reason is simple… because people fall for it. When you send out a million phishing e-mails, it only takes a very small fraction to fall for it to make it worth their effort.

Here is a recent example of a “so poorly done, it’s gotta be obvious that it’s a fake” phishing e-mails:

Subject:  Business Online Banking Account Alert!

—–

You must submit verification documents to continue using your account without interruption. To view the details of this request and submit the required information, click on the following link (or copy & paste it into your web browser):

http://[elided]/Upload_documents_blank.exe

We thank you for your assistance in this matter.

So, let’s take the 30-second “what red flags does this raise” tour:

• There’s no mention of what “online banking account” it’s supposedly referring to.
• There’s no mention of what bank it’s supposedly from.
• There’s no mention of any details of whom it’s supposed to be written to. (Anything from my bank has my name, or the name on the account, in the e-mail. Anything from my credit card company includes the name on the card, and the last 4 digits of the account.)
• The link is not to any bank’s website.
• The link is to download a Windows executable. No legitimate financial institution will include an executable file. (And if you ever get such an attachment from your financial institution without asking for it, complain to them… Loudly, and in no uncertain terms.)

So, once again… Why do they “waste their time” on such “obvious” fake e-mails? Because someone, somewhere, will fall for it.

In this particular instance, the website owner apparently found and deleted the executable which was somehow put on their website, so I can’t tell you what “bad things” would have happened if you did fall for the scam. But, you can be sure that it probably asked you for some personal information, which it would have sent on to “the bad guys”. And, while it was at it, it probably would have installed some nasty bit of malware at the same time.

I just got another “you won the lottery” spam e-mails.  This one was supposedly from “MICROSOFT CORPORATIONS”(sic), and contained the following message:

You have been awarded the sum of £1,625,000.00GBP in the MICROSOFT EMAIL PROMOTI
ON AWARD 2010.Cont Mr Mark Anderson with your names,address,phone and Country to
[elided]@w.cn.cn or call +4470-[elided] for moreinformation on t
his award.

With the exception of removing the username part of the e-mail address, and the rest of the phone number, that is the exact contents of the e-mail, spelling and line breaks as-is.

With so many obvious “this isn’t real” warning signs, I find it hard to imagine that people still fall for this. Yet they do.

• The “from” with “MICROSOFT CORPORATIONS”(sic).
• The e-mail address this was supposedly “from” is an Italian domain, ending in “.it”.
• I am in the United States, yet the supposed award is in British Pounds.
• I never entered a “MICROSOFT EMAIL PROMOTION AWARD” promotion.
• The e-mail address I am supposed to reply to isn’t the “from” address.  (It should at least be the same domain name.)
• The e-mail address I am supposed to reply to is a Chinese domain (ending in “.cn”).
• The phone number starts with +”4470″.  This is a UK prefix that can forward anywhere in the world.  See here for more information.
• The numerous spelling errors, typos, improper word breaks, and so on.

And that’s just a quick 30-second look.

The easiest way to know this is fake is this…  If you didn’t enter your e-mail address into some online promotion, it’s not real!

Three men have been indicted in what the FBI described as an international cybercrime operation that sold $100 million in rogue antivirus software to victims in more than 60 countries.

Can you imagine the number of victims, and the number of infected systems, from $100 million in sales?

Remember, if you get a popup from a program you don’t remember installing, with a link to buy a program to clean the infection, it’s probably a scam.  Don’t click on the link!

She went up against two high-brown belts (the highest belt before black), and beat the first one.  And, while she defended herself quite well against the second, getting out of several near-submissions, it wasn’t enough to win.

She’s looking forward to December’s tournament.

http://www.ChallengeOfChampions.com

Well, you’d be wrong.

According to a recent Wired.com article:

LifeLock CEO Todd Davis, whose number is displayed in the company’s ubiquitous advertisements, has by now learned that lesson. He’s been a victim of identity theft at least 13 times, according to the Phoenix New Times.

The article also goes on to point out:

The company was fined $12 million in March by the Federal Trade Commission for deceptive advertising.

Lifelock promised in ads that its $10 monthly service would protect consumers from identity theft. The company also offered a $1 million guarantee to compensate customers for losses incurred if they became a victim after signing up for the service. The FTC called the claims bogus and accused LifeLock of operating a scam.

So, what does this mean to you?  Pretty much what we’ve been saying all along about identity theft, spyware, viruses, and so on…  Educate yourself.  Do your homework.  If a service comes with a “$1 million guarantee”, read the fine print.

If the company can’t even protect it’s own CEO’s identity, what does that say about the service you would be getting?

Even IBM can make mistakes.

At the recent Australian Computer Emergency Response Team (AusCERT) 2010 conference, IBM handed out USB thumb drives with a keylogger virus attached to the setup program.

Now, probably all the major anti-virus/anti-malware programs out there have known about this particular infection for years, so you would probably be “safe” in the sense that your up-to-date anti-virus program would warn you about the infection, but it just points out further the need to keep your programs up to date.

There are numerous articles on the ‘net with further details.  You can read SC Magazine’s article, ESET’s article, or search Google News for other links.

You will also have to re-register to post comments.

Well, as we like to say, “you’ll do it better the second time around”.  :-)