November is here, and with it, the holiday shopping season sets into full swing with the start of the annual hunt to find just the right gifts for friends and family. Many of us will avoid the crowds by shopping from the privacy of our own PCs. While computer security may be far from the minds of busy shoppers, the bustle of the holiday shopping craze is all the more reason to stay secure and stay protected; more web commerce means more web scams. If you plan to kick off your online shopping this month, make sure to have up-to-date security software on your PC and to surf safely!

In this month's LN, find out how Lavasoft is working to keep you protected with updates to Ad-Aware, and how you can help yourself by learning to outsmart rogue security software. See what's happening in the industry with a look at the take down of a million dollar spyware op, and our monthly roundup of security news.

Want to comment on an article you see in LN, or have an idea for a story you'd like us to cover? Write to editor@lavasoft.com.

Bringing You a Better Ad-Aware
Lavasoft is working to update and adapt our software to address the needs of our worldwide consumers.

 Read more

Bypassing Bogus Security Software
How can you tell what's real and what's not when it comes to security software? Get practical tips from Lavasoft for faking out the fakes.

 Read more

FTC Brings Down Spyware Op
A scam that infected more than 15 million computers with spyware has ended with a U.S. federal government settlement that signifies a win for end users.

 Read more

Frequently Asked Questions About 'Storm Worm'
Network World
We've all heard of this infamous web nasty, but is Storm really a worm or something entirely different? Read Network World's Storm worm FAQ to find out.

 Read more

Security Shorts
Lavasoft News has compiled a list of "security shorts" - summaries of other online security stories making news around the world this past month.

 Read more

New Targets in Detection (October 2007)
Protect your privacy with a complete list of new targets for October 2007.

 Read more

Lavasoft Blog
If you want to go behind the walls of Lavasoft, hear what we are up to, what we are thinking and what is happening in the industry, the Lavasoft Company Blog is the place to go for regular, up-to-date information. Don’t miss our newly added weekly comic strip about everyday life at Lavasoft!

 Read more

Join the Lavasoft Team!
For years, computer users have consistently turned to Lavasoft to provide them with anti-spyware protection and security. Now, with nearly 300 million downloads of Ad-Aware, people throughout the world depend on us to ensure that their privacy is secure. Take a look at open positions at Lavasoft today.

 Read more

Home  

Bringing You a Better Ad-Aware

At Lavasoft, we are committed to addressing your need for user-friendly security software to protect your privacy and security. You asked for it …you got it! Recent Ad-Aware 2007 software updates have delivered:

• Optimized CPU usage
• Ad-Watch improvements
• Vista (32-bit) compatibility

How do you get these updates? One of the new features in Ad-Aware 2007, Web Update, allows us to automatically upload the new functions and features that we have used to improve the 2007 version. That’s right - each time you update, you are downloading more power and better functionality.

Take a more detailed look, below, at these improvements. You can expect continued enhancements and updates to Ad-Aware, as we address both new threats and the concerns of our worldwide consumers.

Optimized CPU Usage
Lavasoft developers have been working hard to address user concerns with a variety of behind-the-scenes developments to the Ad-Aware 2007 program. One of these developments means that Ad-Aware users will benefit from resource-friendly optimizations to their software.

To stay a step ahead of ever-changing security threats, the Ad-Aware 2007 engine was built as a service (a Windows application that is launched at system start-up and then runs in the background). However, many of our users viewed the service component as a cumbersome aspect of the new software. In direct response to your wants, in one of the most recent software updates, we have slimmed down the memory usage of the service component, vastly reducing the consumption.

Ad-Watch Improvements
Improvements have also been made to Ad-Watch, the real-time monitor in Ad-Aware 2007 Plus and Pro that intercepts malicious applications before they have a chance to install on your PC. Recent updates have brought you a more resource-friendly real-time monitor. Ad-Watch, and the various modules it includes, now performs more efficiently by using less processing power and memory.

Vista (32-bit) Compatible
The Vista-compatible version (32-bit) of Ad-Aware 2007 is available to our new and existing customers. So if you have made the switch to Windows Vista, Ad-Aware 2007 is able to protect you from the latest security threats.

Home  

Bypassing Bogus Security Software

While surfing the web, a pop-up appears, warning you that your computer is infected, and demanding that you clean up your PC. Supposedly, all you must do to fix the problem is buy a certain security program.

Sound familiar? You may have been one of the many that have downloaded an anti-spyware or anti-virus program, only to find out later that you have been duped. As malware writers inundate the web with rogue programs, this kind of trickery is becoming more and more common.

Today, there are many genuine anti-spyware and anti-virus programs to choose from, but users must be cautious to avoid the ‘rogue’ programs that exploit and prey on the insecurities and lack of education among computer users.

Rogue security software comes in different varieties. Some products defined as “rogue” simply fail to provide the reliable protection that a consumer paid for. Others are far more sinister, masquerading as legitimate security software, and using deceptive tactics to con users into buying their products. The application may mimic trusted products like Ad-Aware, scare the user with false scan results, or even infect the user’s computer with spyware and adware.

As cyber scammers make money from unsuspecting PC users, they continue to sell their bogus applications. There has been a sharp rise in the number of malware infections caused by rogue security software. Industry experts have reported a five-fold year-on-year increase in the use of these programs.

Another related trick that online surfers need to be on the lookout for is rogue websites – sites that are intended to look legitimate in order to spread online scams. In mid October, researchers at McAfee broke the news of a fake Microsoft “anti-spyware center” website, promoting a rogue anti-spyware program called AntiSpyStorm. Along with that, there are also dozens of rogue websites that are popping up with pirated software, bundling it together and selling it as legitimate.

How can you keep from downloading bogus security software? Below are practical tips from Lavasoft to make sure you rely on products with proven track records and reliability.

• Do not fall for scare tactics. Never pay for a program that installed itself to your computer. This is a hallmark of rogue software.
• Access experts at the Lavasoft Support Forum or other security forums and ask about the software you are considering.
• Read the software reviews at reputable sites like Download.com.
• Ask knowledgeable friends and family members about quality software they use.
• Do not blindly trust individual sites offering anti-spyware. Refer to reputable lists of trustworthy anti-spyware programs, like the one on SpywareWarrior.com.
• Practice online skepticism. Be aware that rogue security software does exist on the web, and be vigilant about avoiding it.

Home  

FTC Brings Down Spyware Op

The United States federal government sent a clear message to spyware makers and purveyors this past month: you will be held liable for installing software through misleading End User License Agreements (EULAs) or without obtaining user consent.

ERG Ventures, LLC settled Federal Trade Commission (FTC) charges that a scam which infected more than 15 million computers with destructive, intrusive spyware violated federal law, according to an October FTC press release.

The Nevada, U.S. based company, along with its affiliates, will give up $330,000 U.S. in ill-gotten gains; that number will increase to nearly $3.6 million U.S (the total revenue from the scam) if the court finds that the defendants have misrepresented their financial status. The settlement also bars the company from installing software onto consumers’ PCs without disclosing its function and obtaining explicit consent, as well as from installing software that interferes with computer use.

The case first came onto the FTC’s radar last autumn, when Media Motor, the software the company allegedly bundled with freeware, was originally brought under investigation. In November 2006, ERG Ventures was charged with tricking computer users into downloading Media Motor with free software, like screensavers and videos.

The Media Motor program, according to the Commission’s report, was found to change users’ home pages, track Internet activity, alter browser settings, display pop-ups and pornographic advertising, and even disable anti-spyware and anti-virus software.

Along with this, ERG Ventures was charged with using a deceptive EULA in its Media Motor software, giving users the option to stop the installation of the software, but installing the malware regardless of whether or not the consumer rejected or accepted the terms.

While the halt of the Media Motor spyware scam is a definitive win for end users, there has been past debate in the anti-spyware community of whether or not current penalties are enough to deter cyber-criminals.

According to spyware researcher Ben Edelman, the FTC’s efforts in investigating Media Motor is commendable, but the settlement’s payment seems inadequate considering the additional profits gained from the spyware scam.

“Media Motor took in $3.5 million and will forfeit just $330,000. That sets remarkable incentives: on net, Media Motor made money from its malicious enterprise. A larger forfeiture would far better deter future similar schemes,” Edelman told Lavasoft News.

Home  

Security Shorts

Spammers Sentenced to Five Years in Prison
In the first successful criminal prosecution under the United States’ CAN-SPAM (Controlling the Assault of Non-Solicited Pornography and Marketing) Act, two American men were sentenced to prison after being convicted on charges of fraud, conspiracy, money laundering, and obscenity. The two were also ordered to give up more than $1.1 million U.S. in illegal profits gained through their spamming operation.

Read More

Russian Firm Viewed as Online Crime Hub
The Russian Business Network, an Internet business based in St. Petersburg, is said to be responsible for hosting websites that carry out a major part of the world’s cyber-crime, according to industry experts. Reports say that the company sells website hosting to groups propagating online crime, with links to child pornography, piracy, spamming, and cyber scams. Groups operating through the company’s computers are believed to be behind around half of last year’s phishing incidents.

Read More

Severity of Security Breaches on the Rise
According to a study by the Computing Technology Industry Association, while the quantity of security breaches may be down, the average severity has doubled. The study also revealed that IT professionals are increasing their spending on security technology, training and certification, as threats become more sophisticated. The top security concern reported by IT professionals is spyware, closely followed by the need for more awareness by computer users.

Read More

International Scam Crackdown Nets $2 Billion U.S.
More than $2.1 billion U.S. has been seized in fake checks, along with 77 arrests made worldwide, following a concentrated effort aimed at uncovering financial scams this year. Often perpetuated by West African organized crime groups, the scams involved spamming out e-mails duping recipients into depositing fake checks in order to claim a “processing fee.”  According to authorities, arrests were made in the Netherlands, Nigeria, Canada, and the U.S.

Read More

Arrest Made in Two Alleged DDoS Attacks
Gregory King of California, U.S. has been arrested for allegedly using a botnet to launch distributed denial-of-service (DDoS) attacks against Killanet, a gaming and graphic design forum, and CastleCops, a site dedicated to online security. If convicted of all four counts of electronic transmission of codes to cause damage to protected computers, King faces a maximum of 40 years in prison as well as a fine of $1 million U.S.

Read More

Spam Levels Soar in Asia
Research shows that all countries in the Asia Pacific region, except for Australia and New Zealand, produce more spam than the current global average. While the global average is 61 percent, almost 90 percent of all e-mail sent from Asian countries is spam, according to data from Symantec. The escalation is attributed to rapid broadband growth in the area combined with lack of basic online security precautions, resulting in many PCs being vulnerable to malware.

Read More

Home