In The News‎ > ‎

scams and attacks in the news

posted Oct 28, 2014, 7:25 PM by Craig Cox   [ updated Nov 6, 2014, 7:26 AM ]
Several new things have come in over the past several days:

The criminals behind Cryptolocker are using compromised ad servers to serve up their vicious little program from legitimate web sites.  The Register has a decent write-up about this, with links to the original (and highly technical) ProofPoint analysis.  The lesson here, unhappily, is don't click on web advertising.  It pains me to write that because a lot of good content is supported by ads, but the advertising clearinghouses have to keep their inputs clean.  Also, because we're talking about Cryptolocker (which encrypts your files and demands ransom to unlock them), I will also mention that you should keep good backups, and backup frequently.

I recently added fraud.org to my list of sites to monitor for news.  At this writing, the front page has a decent write-up about scammers taking advantage of the Ebola scare.  My guess is that when they do their next write-up, this one will move to the "news" tab, which contains many promising-looking headlines.

MX Labs has a blog entry about malicious software being delivered as a bogus Fedex order confirmation.  The usual advice applies here:  Don't click links that you weren't expecting.  Notice, also, that when Fedex does send you a tracking link, the link does not end in "exe" -- this is a big red flag.

These, of course, are just a sampling of the kinds of things constantly going on.  Please remember to think before you click!  Just a bit of skepticism, and a bit of time to let your common sense kick in, will do wonders to protect your devices, identity and money.