Friday, February 25, 2011

2010 Online Treats That We'd Prefer To Forget!

BEFORE YOU READ - WE RECOMMEND YOU DO A FREE SCAN OF YOUR COMPUTER FOR ANY VIRUSES WITH PARETOLOGIC'S AWARD WINNING ANTI-SPYWARE SOLUTION. TRY HERE.

With 2010 finally behind us, and an unknown number of cyberattacks likely to come in the new year, I thought I’d run down a brief list of the malicious campaigns criminals pulled off last year that I’d really dread to see anyone repeat. Now that they’re in the past, they should stay there.

Operation Aurora: Google’s accusation (with Adobe, Juniper Networks, Rackspace, Yahoo! and Symantec) that China hacked its servers, allegedly stealing private emails stored on the company’s servers. The big surprise wasn’t that it was happening, but that companies were publicly talking about it.

Abused ccTLDs: 2010 saw lots more malicious content originating from previously un-abused country code top-level domains, which are assigned to national authorities, such as the .in (India) and .cc (Cocos (Keeling) Islands) top-level domains. The Cocos Islands’ .cc domain deserves particular note because the more than 2200 malicious domains (discovered during 2010) hosted under this ccTLD outnumber the approximately 600 human inhabitants of the tiny archipelago by nearly 4-to-1.

Koobface: “the little social network worm that could” employed new URL obfuscation techniques, introduced its own keylogger, and focused efforts on a smaller number of social media sites, while Facebook got more proactive at shutting down the worm’s operations quickly. Maybe this year they’ll disappear altogether.

Malware attached to spam email: It’s been years since anyone tried emailing executables, but the people behind Trojan-Downloader-Tacticlol (aka Sasfis or Oficla) figured out how to bypass some protection methods: Embed your malware in a .zip archive.

Rogue antivirus: Rogues continue to plague users. Rogue AV is a big moneymaker for malware distributors, so it should come as no surprise that said distributors seem to have been investing in social engineering techniques, making their rogues much harder for a casual observer to identify, let alone get rid of.

PDF vulnerabilities: 2010 was the year of the Exploit-PDF — malicious Adobe Reader files are now woven into the blanket of threats facing PC users. Please update your copy of Adobe Reader today. And while you’re at it, don’t get suckered into buying a fake Adobe Reader that costs real money.

Stuxnet: So, this one really was uber-1337, if reports are to be believed. Not much to say other than wow. Complex, sophisticated, super-targeted, and definitely bad for the build-a-neutron-bomb-in-your-basement crowd.

Blackhat SEO : Attacks on Google Image Search results led some users into Rogue Antivirus infections. In the past, only the BHSEO we had seen was of regular text search results. As fast as Google closes the loopholes that permit black hat SEO to succeed, these malicious search engine manipulators find new ones to abuse.

Malware mimicry: In the past year, we’ve seen several large infection campaigns waged, using programs pretending to be Windows Update, Firefox update, Adobe updater, Flash updates, or some other legitimate auto-update app. When all other social engineering schemes fail, why not simply tell the user to download an update to their vulnerable program and watch them infect themselves that way?

Malware modifying Firefox to make password stealing more effective is relatively rare, but potentially very dangerous. Malware authors have been experimenting with modifying Firefox files all year, but Firefox 4, when it is finally released, will offer features that may render malware creators’ efforts in this regard worthless.

source: http://blog.webroot.com/2011/01/01/10-threats-from-2010-wed-prefer-remain-history/

Tips to Avoid Tax Season Scams 2011

NOTE: Repost from Webroot

Protect your computer using Paretologic's Anti-Spyware Product. Free Test Click Here.

"As tax season rolls around again in the US and UK, it seems like a good time to revisit the perils taxpayers face seemingly every year at around this time.

Phishing attacks against taxpayers are already in full swing — not that they haven’t been going continuously since last year. But this is high season for scams involving Web pages that look like the IRS or HMRC’s own Web site.

Scam messages typically contain dire warnings or outrageously large promises for a refund. The messages often are presented as if they originate from a tax authority, but contain links leading to phishing Web pages, or malicious attached files.

These scam pages typically appear to look exactly like a page on the real IRS or HMRC Web site. If you receive such a message, don’t reply to the sender, don’t email any sensitive information, and don’t follow any link in the message.

The pages promise to automatically transfer a tax refund to the recipient’s bank account, if you only would provide the scam artist with your complete banking, credit card, and personal details.

Most of these fake Web pages don’t have www.hmrc.gov.uk or www.irs.gov immediately after the http:// in the URL—though many may include (in the American example) www.irs.gov somewhere else in the URL, as shown above. Not sure if the site you’re looking at is real? Try typing the URL into the Address Bar yourself.

Government tax collection agencies don’t contact taxpayers by email to let them know they’ve received a refund, and they already know where to send the money if you’ve chosen to e-file and asked them to electronically deposit your refund. They certainly don’t need to know your debit card’s PIN code, just to pick one dangerous piece of information typically requested in a bogus “refund form.”

And if you haven’t yet filed your taxes, but receive a “refund notification” email from the IRS (if you’re in the States), or the HMRC (if you’re in the UK), it is most likely a scam.

We’ve also seen numerous spam emails over the past year that claim to originate with various tax authorities which contain dangerous file attachments. If you receive a message, purportedly from the IRS (or some other government agency), which has a file attached, don’t open the attachment. Over the past year, we’ve also seen numerous spam emails that claim to originate with various tax authorities which contain dangerous file attachments. If you receive a message, purportedly from the IRS (or any other government agency), which has a file attached, don’t open the attachment.

Always download the latest updates to Windows, as well as any non-Microsoft applications (such as Adobe Reader, Foxit Reader, or whatever application you use to read .PDF documents). These updates can help prevent infections that take advantage of security vulnerabilities in those products.

When it comes to preparing and collecting the information you need to file your taxes, you should always start the same way: Perform a full scan of the computer with an up-to-date antivirus program. Do this before you log into your bank account or any other Web site that may hold your private financial data, including your online tax filing service, if you use one.

Remember that Web browsers sometimes transmit information insecurely, and that a nefarious user can sniff that information if you use an open, unencrypted wireless Internet connection, whether you happen to be in public (such as in a coffee house), or in your living room. If you plan to file your taxes online, or work with any Web site that holds your sensitive financial information, don’t use an open wireless connection to do it.

Surfing the Web to find tax information is also risky, especially if you use search engines. Poisoned search results may inadvertently lead you to dangerous sites. Instead, go directly to www.irs.gov or www.hmrc.gov.uk to download your tax forms or retrieve information. For state taxes, go directly to your state’s Web site and search there. (Click here for a list of all US state Web sites).

I’d also recommend that you use a browser other than Internet Explorer to file taxes. If you use Firefox, consider installing the NoScript, AdBlock Plus, and the HTTPS Anywhere add-ons, which, in combination, capably prevent most Web-borne threats from causing infections, and protect your logins from sniffing.

Finally, when you’ve finished filing your taxes, collect your forms and tax return documents and burn them to a CD or DVD, which you file in a folder somewhere. Delete the tax record documents and returns from your computer’s hard drive (preferably using a utility that can perform a secure wipe of the data), and clear the browser’s cache using the browser’s own privacy settings. wordpress blog stats."

We recommend testing out Paretologic's award winning Xoft Spy (Antispyware) product.
Click here.
source: http://blog.webroot.com/2011/01/28/tips-to-avoid-tax-season-scams/#more-3840

Need Drivers For Windows 7 & XP

The one issue we find consumers running into is:
"Where do I find drivers for my Windows (7 Or XP) Operating System?"

This is a serious issue that I myself have run into multiple times.
I in fact have had to switch to a MAC because things are so bad, but because
I am a developer, I still work on PC machines.

I typically recommend Paretologic's Driver Detective Program.
Try it here.

Wednesday, February 23, 2011

Make my PC Fast!



One of the goals of Make My PC Fast is to supply consumers who are having
a hard time speeding up their computer with software solutions
that deal with their pain right away.

Currently we are a major advocate of Regcure.

REGCURE is a pretty industry known registry cleaning, pc speeding up software.
The creators of regcure are privacy and software security leaders: Paretologic.

We recommend you try a free scan of your computer (download here)and check to see what exactly is slowing down your computer.

Once you've tried it out, please drop us a line and provide
us with a review of the software!

Happy Cleaning!