Tag Archives: panda security

Phishing Scams and your bank

phishing

“Your information security program is only as strong as your weakest link” said  Linda McGlasson of Bank Info Security.

“That weakest link is your customer or your employee sitting at a screen, deciding whether to click on that link that popped up in their instant messaging screen, or direct message box on Twitter, or visit that site that offers free ringtones (and malware as a bonus).“

Recently 10 US financial institutions in California, New York, Pennsylvania and Wisconsin receiving fraudulent text messages or automated phone calls.

On September 28, 2009, the 1st Federal Credit Union of central Pennsylvania reported that it received calls from customers about text messages claiming that their cards were blocked.

Similarly on October 2 phishers sent text messages to mobile phones in the Omaha area, claiming their bank card had been deactivated. Inclded were instructions to call an 877 number to reactivate it. At least one customer lost several hundred dollars.

“Once he changed his PIN, somebody went in and withdrew the money,” said Richard Patterson, president of Greater Omaha Federal Credit Union.

A very convincing automated phone call phishing scam directly named the Liberty Bank.

“Your card has been suspended because we believe it was accessed by a third party. Please press 1 now to be transferred to our security department” the recording, before liting an impressive array of details designed to sound official.

Customers who pressed “1” were asked to enter their credit/debit card number and personal identification number.

“There will be some losses,” Liberty Bank Vice President Jill Hitchman said. “Charges started showing up almost immediately after our customers gave away their card numbers.”

Of course, Liberty responsibly warns its customers to “never reply to email, pop-up messages or phone callers that ask for your personal or financial information. LIBERTY BANK WILL NEVER ask you to disclose your password or pin”.

Spam works because about one out of six respond to messages suspect are spam survey data by the Messaging Anti-Abuse Working Group, an anti-spam trade organization (MAAWG).

A record five million new malware threats were detected in third quarter of 2009 according to the Cloud Security firm, Panda Security. Trojans accounted for 71 percent of all new malware between July and September 2009s bots and other malware are morphing rapidly.

Globally 59% of computers are infected  states Panda.

Obviously we need to keep our viral security up to date. This is why Bank Info Security recommends regular, preferably quarterly, programs to remind their customers of secure banking practices.

The problem is that people are the weakest lin. Even normally cautious people may once in a while press a link they normally would ignore.

Since, most of us are not rocket scientists perhaps give oursleves a reality check. Perhaps we should put ourselves through a similar audit of our email and web habits.

People need to be trained to obtain a drivers license so perhaps we need to begin to train people in the rules of internet safety said Linda McGlasson.

She suggests the first very basic tips:

  • Keep your operating system up to date with the latest patches;
  • Update your anti-virus and anti-spyware regularly, if not daily;
  • Install a firewall on your PC;
  • Don’t click on links in emails that are from unknown origins (or known origins for that matter).
Advertisements

Malware Pandemic

A record five million new malware threats were detected in third quarter of 2009 according to the Cloud Security firm, Panda Security.
Trojans accounted for 71 percent of all new malware between July and September 2009. Adware (13 percent) and spyware (9 percent) have also all increased, while traditional viruses and worms have decreased to 2 percent of the total.

SAdly, thw weak lin is still the individual user who fails to apply basic net safety rules or applies commonsense when an impressive sounding phishing scam asks for bank details.

malware detected

PandaLabs has recorded five million new strains of malware. Most of these were banker Trojans, although adware and spyware have also increased.

“Spyware has increased for the first time this year, rising from 6.90% to 9.16%. Adware however has decreased slightly from 16.37% to 13.13%, yet it was still the second most detected malware category this year” according to the quarterly report.
“We currently receive approximately 50,000 new samples of malware every day, compared to 37,000 just a few months ago. There is no reason to believe that the situation will improve in the coming months,” explains Luis Corrons, Technical Director of PandaLabs.
There has been a marked increase in malware distributed through spam, social networks and search engine optimization techniques, which draw users to spoof Web pages where malware is downloaded. These exploit topical issues like swine flu, Independence Day, forest fires or Presidential speeches by Barack Obama.
“There is a false sense of security, as users perceive there to be no real danger at the moment. When their computers get infected, they rarely notice any symptoms” said According to Luis Corrons, Technical Director of PandaLabs, According to Panda’s U.S. computers are infected by the most dangerous malware strains: Trojans, followed by adware, worms and viruses.
The global infection rate on computers rose to 59% states Panda Security. Taiwan has the most infected PCs, with a 69.10 percent corruption, followed by Russia and China at 67.99 percent and 61.97 percent, respectively. U.S. ranks ninth with an infection ratio of 58.25. The country with the least infections is Norway at 39.60 percent.

“Spyware has increased for the first time this year, rising from 6.90% to 9.16%. Adware however has decreased slightly from 16.37% to 13.13%, yet it was still the second most detected malware category this year” according to the quarterly report.
“We currently receive approximately 50,000 new samples of malware every day, compared to 37,000 just a few months ago. There is no reason to believe that the situation will improve in the coming months,” explains Luis Corrons, Technical Director of PandaLabs.
There has been a marked increase in malware distributed through spam, social networks and search engine optimization techniques, which draw users to spoof Web pages where malware is downloaded. These exploit topical issues like swine flu, Independence Day, forest fires or Presidential speeches by Barack Obama.
“There is a false sense of security, as users perceive there to be no real danger at the moment. When their computers get infected, they rarely notice any symptoms” said According to Luis Corrons, Technical Director of PandaLabs, According to Panda’s U.S. computers are infected by the most dangerous malware strains: Trojans, followed by adware, worms and viruses.
“This is a clear sign that hackers are becoming more and more sophisticated,” said Corrons.
“Cybercriminals have found news ways to spread their creations, frequently exploiting the latest news stories to launch attacks through social networks, videos, and email. The huge amount of Trojans in circulation is due to the spectacular increase in the number of banker Trojans aimed at stealing user data.”
The global infection rate on computers rose to 59% states Panda Security.  Taiwan has the most infected PCs, with a 69.10 percent corruption, followed by Russia and China at 67.99 percent and 61.97 percent, respectively. U.S. ranks ninth with an infection ratio of 58.25. The country with the least infections is Norway at 39.60 percent.

infected PCs