Continue reading »]]> 1. Hacking Accounts

Once hacked, an account can be commandeered and used as a platform to deliver spam, or — more commonly — sold. Clandestine hacker forums are crawling with ads offering Facebook account IDs and passwords in exchange for money. In the cyber world, information is a valuable thing.

2. Commandeering Accounts

A more direct form of identity theft, commandeering occurs when the criminal logs on to an existing user account using an illegally obtained ID and password. Once they are online, they have the victim’s entire friend list at their disposal and a trusted cyber-identity. The impostor can use this identity for a variety of confidence schemes, including the popular, London scam in which the fraudster claims to be stranded overseas and in need of money to make it home. The London scam has a far-higher success rate on Facebook — and specifically on commandeered accounts — because there is a baseline of trust between the users and those on their friends list.

3. Profile Cloning

Profile cloning is the act of using unprotected images and information to create a Facebook account with the same name and details of an existing user. The cloner will then send friend requests to all of the victim’s contacts. These contacts will likely accept the cloner as a friend since the request appears to be from someone they’re familiar with. Once accepted, the crook has access to the target’s personal information, which they can use to clone other profiles or to commit fraud. As Grayson Milbourne puts it, “Exploiting a person’s account and posturing as that person is just another clever mechanism to use to extract information.” Perhaps what’s scariest about this kind of crime is its simplicity. Hacking acumen is unnecessary to clone a profile; the criminal simply needs a registered account.

4. Cross-Platform Profile Cloning

Cross-platform profile cloning is when the cyber criminal obtains information and images from Facebook and uses them to create false profiles on another social-networking site, or vice versa. The principle is similar to profile cloning, but this kind of fraud can give Facebook users a false sense of security because their profile is often cloned to a social platform that they might not use. The result is that this kind of fraud may also take longer to notice and remedy.

5. Phishing

Phishing on Facebook involves a hacker posing as a respected individual or organization and asking for personal data, usually via a wall post or direct message. Once clicked, the link infects the users’ computers with malware or directs them to a website that offers a compelling reason to divulge sensitive information. A classic example would be a site that congratulates the victims for having won $1,000 and prompts them to fill out a form that asks for a credit card and Social Security number. Such information can be used to perpetrate monetary and identity fraud. Grayson Milbourne of Webroot, also explained that spearphishing is becoming increasingly common, a practice that uses the same basic idea but targets users through their individual interests.

6. Fake Facebook

A common form of phishing is the fake Facebook scam. The scammers direct users via some sort of clickable enticement, to a spurious Facebook log-in page designed to look like the real thing. When the victims enter their usernames and passwords, they are collected in a database, which the scammer often will sell. Once scammers have purchased a user’s information, they can take advantage of their assumed ide
ntity through apps like Facebook Marketplace and buy and sell a laundry list of goods and services. Posing as a reputable user lets the scammer capitalize on the trust that person has earned by selling fake goods and services or promoting brands they have been paid to advertise.

7. Affinity Fraud

In cases of affinity fraud, con artists assume the identity of individuals in order to earn the trust of those close to them. The criminal then exploits this trust by stealing money or information. Facebook facilitates this type of fraud because people on the site often end up having a number of “friends” they actually do not know personally and yet implicitly trust by dint of their Facebook connection. Criminals can infiltrate a person’s group of friends and then offer someone deals or investments that are part of a scheme. People can also assume an identity by infiltrating a person’s account and asking friends for money or sensitive information like a Social Security or credit card number.

8. Mining Unprotected Info

Few sites provide an easier source of basic personal information than Facebook. While it is possible to keep all personal information on Facebook private, users frequently reveal their emails, phone numbers, addresses, birth dates and other pieces of private data. As security experts and hackers know, this kind of information is often used as passwords or as answers to secret security questions. While the majority of unprotected information is mined for targeted advertising, it can be a means to more pernicious ends such as profile cloning and, ultimately, identity theft.

9. Spam

Not all spam — the mass sending of advertisements to users’ personal accounts — is against the law. However, the existence of Facebook and other social sites has allowed for a new kind of spam called clickjacking. The process of clickjacking, which is illegal, involves the hacking of a personal account using an advertisement for a viral video or article. Once the user clicks on this, the program sends an advertisement to the person’s friends through their account without their knowledge. This has become such an issue for the social media giant that earlier this year that the company has teamed up with the U.S. Attorney General to try to combat the issue.

Continue reading »]]> As of today A Geek To Go! L.L.C. is now A Geek To Go! Inc. We will always continue to serve our loyal customers, contractors and subcontractors as before, but the branding has changed slightly. Since our inception in 2006, every year we have proven our company standards as a major increase past the following year, and 2012 is no exception. Accelerated growth is happening as you read this and look for more definitive updates soon. Thank you for trusting in A Geek To Go! Inc. to provide all of your I.T. support needs.

Continue reading »]]> Pedophiles bent on hosting and spreading images of child pornography on the Web are using a new trick to make their offensive websites appear legitimate, depending on how they’re accessed.

The online criminals are able to rig their sites, which host images and videos of child sexual abuse, to load “legal adult content” when the URL of the page is typed directly into the browser bar, the Internet Watch Foundation (IWF) explained in its 2011 Annual Report published today (March 26).

But when the same website is accessed via a specific gateway site, or a “digital path,” the site, knowing where the redirect is coming from, is triggered to take its disguise off and display the child porn content.

“This is a legitimate Web development technique, commonly used, for example, on shopping websites which remember who you are when you return,” the IWF wrote. Online pedophiles take advantage of this tactic to disguise their sites and make it harder for authorities to track them down, or even identify them in the first place.

When someone reports finding illegal child abuse content to the IWF and the analyst types in the URL, he or she will see a legitimate adult porn site, with no indication of the content the site is truly hosting. The IWF reported that this porn website masking technique was used 579 times in 2011.

This obfuscation technique also puts companies at risk of entering into business agreements with what they believe to be Web properties hosting legal content.

Mark Harris, vice present of Global Engineering Operations at the security firm Sophos, backs the IWF’s work to battle “the inventiveness of child abusers.”

“We intercept new methods of distributing images of abuse all too often,” Harris wrote in a Sophos blog, “and we’re committed to reporting all instances to the authorities that identify perpetrators and rescue victims.”

Continue reading »]]> Wednesday morning we received an urgent call on the Geek To Go! hotline from Kay Harris, President of Myrtle Beach Golf Packages. It was the third and last call Ms. Harris would make, inquiring about mystery messages popping up on her computer. As a courtesy we logged into her computer and explained to her that it was only her same lousy security, McAfee asking her to renew her security subscription. We explained to her that this was the same security solution that had let infections pass through to her computer twice in the past year, resulting in expensive cleanups. When she was told that we could remotely manage her computer’s security for the next year for the same price as 2.5 hours of labor, she exclaimed “SIGN ME UP”! During that same short phone call, we completed the contract, printed copies and replaced her security with AVG Network Edition antivirus and antispyware. Now she can relax knowing that we will remotely manage the security and updates for the PC and she can call anytime with questions about things she doesn’t understand.

Continue reading »]]> Joan Rasch, owner of Sevya in Charleston, SC has grown exponentially since its inception eight years ago. Fair Trade suppliers of 100% silk scarves from India, Sevya called on A Geek To Go! to troubleshoot infections on one of their main computers, in this case, a Windows PC running Vista. A Geek To Go! was able to flush out the infection within a couple of hours. When asked by Rasch “What is the best security solution alternate to Norton?” we explained the importance and value of the Managed Services Program (M.S.P.) that A Geek To Go! has offered for the past four years. Instead of a standalone security package like Norton or McAfee, the Managed Services Program (M.S.P.) offers the user with a Network Edition of the award-winning Antivirus/Antispyware software AVG combined with unlimited email/phone/remote/on-site support for the life of the contract. AVG runs autonomously updating, blocking or quarantining infections and scanning on a regular basis. Additionally, A Geek To Go! logs in remotely at least once a week to check that Windows is updating properly, AVG is functioning as it should and also to run other infection removers in singular weekly scans.

Perfect for those who leave the complexity of I.T. security to the pros and allows the business owner to run their own show.

“We look forward to supporting Sevya’s Macs and Windows PCs in a secure environment” says Miles West, founder and principle of A Geek To Go!

Obviously, the M.S.P. IS the way to go!

Interested? Please check out MSP for more information.

Continue reading »]]> Had the good fortune to meet Christian & Magdalene of CR-IT, the first internet / repair shop in Uvita, Costa Rica & the team has the monopoly on the area. They are very interested in partnering with A Geek To Go! for our Managed Services Program to bring online security remote management for this area. Our MSP program allows remotely managed security and support to any users anywhere in the world as long as they have an internet connection. Christian is from Austria with 5 years in Costa Rica and Magadalene is from San Isidro, Costa Rica. We look forward to forging a partnership soon!

Continue reading »]]>

A new and nasty banking Trojan is wreaking havoc on Windows systems by removing built-in security software and clearing a path for crooks to silently steal victims’ banking credentials.

The Trojan affects “ntldr,” the default boot loader on Windows machines, explained Kaspersky Lab expert Fabio Assolini. Identified as Trojan-Downloader.Win32.VB.aoff, the Trojan originated in Brazil, and spreads as a link attached to emails.

Once users click on the malicious link, the Trojan downloads two malicious files from Amazon’s Web Services cloud. These files, called “xp-msantivirus” and “xp-msclean,” worm their way onto the PC’s bootloader, a component that gets executed prior to the startup of the computer’s operating system. From there, the files embark on a catastrophic, and covert, campaign.

The malicious files’ intentions are in their names: advertised as msantivirus and msclean, they are made to looks like legitimate Microsoft anti-virus and computer cleanup tools, but in effect, they are exactly the opposite.

When these files attack the Microsoft ntldr bootloader, they replace it with a new, malicious one, a version of GRUB, an open-source bootloader, which they tailor to execute their commands. Without drawing attention to itself, the new bootloader boots the computer into Linux or Unix software that removes a common Brazilian bank-security plugin, while also getting rid of the system’s built-in Microsoft security software, opening it up to a slew of potential viruses and attacks.

This devious switch happens before the computer has even started up; and worse, it automatically erases itself and resets the original bootloader, so victims have no idea their security has been compromised. All they’re aware of during this whole bait-and-switch is that the startup is taking a little longer than usual, but the attack accounts for that with a phony message claiming to be from Microsoft that says it is actually “removing malicious files.”

The safest way to avoid falling victim to a dangerous attack like this is to run up-to-date and comprehensive anti-virus and anti-malware software on your computer, and to be skeptical about downloading any files attached to emails.

Continue reading »]]> If you received an email that appeared to be from Amazon and contained a holiday gift card someone had sent you, what would you do? There’s a very real possibility you’d take the bait and open the “gift,” which is the driving force behind a phishing campaign spotted by researchers at the security firm AppRiver.

In an email titled, “Your gift card order,” the message, full of spotty grammar, reads, “You have received a gift card in the amount of $250. An offer of the gift card is valid until December 7. Take a chance and use our gift card, and as a bonus we will deliver your order free of charge.” The reward is attached as a file labeled, simply enough, “Gift‑Card.zip.”

“Of course with all the online shopping, gift giving/receiving this time of year, there is an added aura of authenticity to these messages,” AppRiver’s Troy Gill wrote. “In fact, I ordered an Amazon gift card just yesterday.”

The gift card, which most likely comes as a total surprise, is of course the lure, and clicking the link to redeem it actually infects computers with a Trojan downloader capable of silently installing malware.

Another email scam, spotted by researchers at the security company Sophos, isn’t as enticing as a free gift card, but could have similarly devastating effects on an unsuspecting victim’ computer.

The malware campaign attempts to trick people into downloading what they think is an upgrade for Adobe Acrobat and Adobe X. The email subject is “Adobe Software Upgrade Notification,” and comes from the email address no-reply@adobe.com.

The attached .zip file hides a version of the Zeus Trojan, built to harvest a victim’s banking credentials.

This security lesson applies to any unsolicited messages you may receive, especially in the run-up to the holidays, when online crooks are pushing out batches of phishing emails in the hopes of snaring a fraction of the millions of people doing their shopping online. If you get an email offering something that sounds too good to be true, don’t open it. The same advice goes for any “critical” security update you didn’t ask for.

Continue reading »]]> By Ed Bott | November 4, 2011, 4:47am PDT ZD.net

Summary: Online con artists are targeting PC users worldwide in a brazen scam. It starts with a phone call from a “tech support specialist” who warns that your computer is infected with a virus. To fix things, all you have to do is give the caller remote access to your PC. Here’s what happens next.