Brokerage Firm Spyware Scams
The warning issued earlier in the month by the U.S. Securities and Exchange Commission (SEC) that cyber criminals were hijacking online brokerage accounts using spyware on home and public computers has been validated in a big way. Third quarter fraud losses due to manipulated accounts were reported at $18 million for E*Trade Financial and $4 million for TD Ameritrade Holding. The SEC has been working to investigate hackers and educate online investors on this growing threat that has the potential to affect roughly 25 percent of U.S. retail stock trades through around 10 million online accounts.
The Year of the Bug
Only three-quarters of the way through 2006, it has already proven itself to be a record year for security bugs, with a projected total of 7,500, up from last year's 5,195. Researchers maintain that the rise is due to software becoming more complex, while skills and tools to detect flaws are improving. On the bright side, there are fewer security vulnerabilities classified as high risk this year.
McDonalds Japan was forced to recall spyware-infected MP3 players that were given to customers as part of a joint promo with Coca-Cola. The Trojan found on the free players was designed to transmit web passwords and other personal information to hackers, once the MP3 player was connected to a PC. McDonalds has apologized for the infection that may have affected up to 10,000 people, set up a helpline to sort out recall issues, and issued a statement explaining how to cleanse infected computers.
Microsoft's Customer Privacy Guidelines
Microsoft has released an internal document detailing how it protects customers' privacy, such as with their new phishing filter for Internet Explorer. The document also lays out recommendations for software developers as to how they can develop similar practices when building applications that deal with personal information. Microsoft has faced criticism in the past over a project that planned to store sensitive customer information and over an anti-piracy feature that had characteristics of spyware.
81% of home computers lack core protection (updated anti-virus software, a firewall and spyware protection).
38% of home computers lack any spyware protection software.
Source: National Cyber Security Alliance
Term of the Month
A Trojan, or Trojan horse, as it's usually known, is a malicious program disguised as, or embedded within, legitimate software. It is derived from the classical myth of the Trojan horse. Compared to other types of malware, like viruses or worms, Trojan horse programs cannot operate autonomously. Just as the Greeks needed the Trojans to bring the horse inside for their plan to work, Trojan horse programs depend on actions by the intended victims.
Like millions of others, you are likely being bombarded with e-mail spam. Before you report the abuse to someone's ISP or domain administration, know that the sender could actually be a victim. Worms can spoof the sender's name; sometimes even the headers can be forged. Read Mary Landesman's tips on how to look up an IP address here at about.com.
Re-Launch of Project Eco
Whether you consider the Greek or Roman origins, the word 'Eco' means the same thing...home. It is a term that denotes where we live and the environment that surrounds us. Lavasoft is proud to present Project Eco as a testament to our strong and unwavering commitment to protecting your environment. Read more here.