World of Warcraft Phishing sites

On March 10, 2010, In Uncategorised, By Spudz

While playing World of Warcraft Online yesterday (a great way to relax) I was whispered by a BOT to visit this site:

wow-new-mounts.net

(Visiting this site can lead to malware being installed on your system)

Instantly knowing that this is a phish attempt, I took action to get this recorded to help stop others falling into the trap and get this fake site blacklisted.

I posted news of this on the WOT forum, where details of other similar phish sites were then identified as listed below:

warcraft-new-mounts.net
warcraft-newmounts.net
warcraft-new-mounts.com
ns1.warcraft-new-mounts.com
root.ns1.warcraft-new-mounts.com
warcraft-newmounts.com
wow-newmoumts.net
ns1.wow-newmoumts.net
root.ns1.wow-newmoumts.net

(Visiting these site can lead to malware being installed on your system)

Being an old hand in this game. I am aware that these particular sites try to sell you rare mounts by inputting a code online,  from a gamecard,  which gives you a rare mount. These codes can often be very expensive depending on the rarity of the mounts concerned often retailing at over $500 each. Victims of this phish and similar ones have posted their anger in various forums (including the official WOW forum) over the last couple of years alerting others of the fake as the card codes they received were inactive.  Many players are oblivious to the fact that often dealing with these phish sites ends up in your game account being hacked too.

World of Warcraft Online has tried to alert their players of the dangers of these sites and will probably keep doing so for months/years to come as there is always a mug who gets suckered into this scam regardless of the warnings. WOW will never contact you in-game posting unofficial site links or asking for any personal account details or passwords.

Tagged with:
 
0 Comments
Leave A Response

Microsoft Patch Tuesday – 9th March 2010

On March 10, 2010, In News, Security, Software Security News, By Spudz

Only a small patch this month (so far)  fixing 2 important security issues with:

MS10-016: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)

MS10-017: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)

Tagged with:
 
0 Comments
Leave A Response

Issviews Website multi-lingual

On March 6, 2010, In IssViews Info, News, By Spudz

To aid people who’s native language is not English, I have added multi-lingual support to the Iss Views Website. This will allow them to read the contend and interact with the site without a lot easier, which will also help in the site becoming more popular outside of English speaking countries. So far the site can be displayed in 52 different languages :D

It may not be perfect but it does the job. Let me know if you have any problems with this feature.

Tagged with:
 
0 Comments
Leave A Response

Beware of PC SpeedScan Pro as advertised by FinallyFast.com on TV Adverts.

On March 2, 2010, In Malware News, News, Security, By Spudz

Whilst doing my daily rounds today, I came across a very interesting post regarding FinallyFast.com on the WOT Forums (FinallyFast.com scorecard) which is advertising PC SpeedScan Pro on TV networks. You may have already seen them and considered making this purchase to further secure your computer. Please do not buy this as it is currently being categorised as a scam.

Here is why:

PC SpeedScan Pro scans your PC and alerts you of errors on your system which affects performance. Once it has finished it then provides a report where you then have to pay money to fix the errors. Right clicking the SpeedScan system tray icon opens another window where hidden within small text is an option called ‘Alert Settings’ which most people would never check. Once opened you will see that this program defaults to run on windows start up and show error warnings.

As if this is not enough, how about suddenly being confronted with 457 Severe errors at the end of the scan! Would you think this normal? Yes, many PCs have some errors BUT 457 would surely cause a great deal of system instability if not leave you with a dead system!

So, for those unfortunate to be using this software, you will not only be bemused with these results but will have to pay this company to remove them, if they really exists!

And for this amazing price of $29.95 saving $10.oo dollars!  Too cheap in which to miss out on but not too expensive as to deter customers! So, where is the problem you say, seems ok to me, well, a test was conducted on this software using a clean system and trusted tools (CCleaner and Auslogics) in which to determine what problems were already on the machine. PC Speedscan appeared to find things that were not previously detected!

Those of you with come computer savvy will undoubtedly be thinking “I smell a rat here” and quite rightly so. What this software is showing is clear signs of rogue scareware. (Rogue Scareware is designed to frighten many computers users into purchasing a product by bombarding them with fake or unrealistic levels of errors and infections which often do not cease even after payment).

Another disturbing part is that this company uses the Microsoft Partner logo! Unofficial or not, it is a good means in which to grab unsuspecting buyers. Perhaps someone at Microsoft will look into this further. I will drop them a DM through Twitter on the issue later.

What can you do:

  • Well apart from avoiding being scammed, you should alert your friends to this software.
  • Record details of the time, date, station and channel that you saw this advert then write a complaint to your advertising standards authority and the station who broadcast it.
  • Get your friends to use the WOT Safe Browsing toolbar. This will help them to avoid malicious sites and becoming a victim of crime.
  • if you already have it on your system or that of a friends, uninstall it quickly and seek the help of a good free malware removal service.
  • Use Hosts files on your PC to avoid malware sites.

My thanks to WOT (Web of Trust Community) and BobJam of www.TechJaws.com for alerting me to this threat, which I used as reference material with permission.

Tagged with:
 
0 Comments
Leave A Response

Sunbelt Software VIPRE 4.0 Free giveaway on Twitter today

On March 2, 2010, In Security, Software Security News, By Spudz

VIPRE 4.0 Launches Tomorrow (March 2, 2010)! Make sure you post the VIPRE 4 launch announcement to get a free!!! license.  Learn more here

Yep you read this right, a free licence for Vipre 4.0 is being offtered. All you have to do to get this is:

1.  Be a Twitter user
2. Follow Sunbelt Software on Twitter
3. Post the below announcement on your Twitter page the day VIPRE Antivirus Premium is released to the public, Tuesday March 2, 2010
4. Email your Twitter username after you post the announcement and we will email you your free VIPRE Premium subscription (please allow 24 hours for VIPRE Premium licenses to be distributed via email). Send emails to: twitter@sunbeltsoftware.com

Posted on Sunbelt Blog and follow Sunbelt on Twitter

Tagged with:
 
0 Comments
Leave A Response

What does Internet and computer safety mean to you?

On February 25, 2010, In Security, By Spudz

In various security blog news recently, well for a while, there has been topics concerning many Internet users being unaware of the threats on the internet, how to secure and maintain their PCs/networks plus conduct safe surfing or know what this means and how to achieve it. Such topic content includes:

1. Weak passwords and the same passwords being used for every site.

2. Security software issues:

  • Is up-to-date security software installed?
  • Is this software updated regularly with latest patches.
  • Are regular scans conducted on their PC or simply expect the software to do it all?
  • Would they know a rogue product from the real thing?
  • Is it often disabled when doing certain tasks (game playing for one)
  • Is this left for someone else to do

3. Emails accounts:

  • How many get spam and actually open them or even reply to them.
  • Do people know what spam and phishing mail is plus how to deal with it.
  • How many use the same e-mail passwords with other site logins.
  • Do you click links in emials regardless of the threat.
  • How many people disable HMTL and read mail in plain text.
  • How many regularly forward incoming messages that request you send them to ALL your friends.

4. Are you cautions of incoming friend requests on IMs

5. Do you use file sharing services.

6. Is your Router security configured or open to all.

7. Are you cautions about your personal info or give details to everyone.

I could include a lot more detail but this is just a brief pointer rather than a full blown book as the object here is to get people thinking and being open with what measures they personally take whether they are old hands or newcomers. How many actually take an interest in these things to remain safe or simply feel “It wont happen to me” or “Who cares, I have nothing they want”, etc. How many people keep up-to date with malware trends and other threats which could affect you? Do you really care about your safety and that of others?

Tagged with:
 
0 Comments
Leave A Response

Increased Spambot and hack activity observed

On February 24, 2010, In IssViews Info, Malware News, News, Security, Software Security News, Spam, By Spudz

Yesterday was quite eventful where the site was flavour of the day for spambots and aggressive robots.  It first started with the robot from Cyberdefender  Alchemy Communications (208.118.60.157) flooding the forums with requests and account activations for a period of 4 hours from 10pm Monday night to 2am Tuesday afternoon and for a further hour about 2pm Tuesday afternoon. This was quickly nipped in the bud.

Next thing, we were then subjected to a far higher degree than we currently receive of persistant spambot attempts, from MRSPUTNIK and FunWebProducts, to register and activate accounts on the forum. This went on for the remainder of the day and eventually stopped at 11pm Tuesday night.

As if this was not enough, Several attempts were then made to infect malicious links into the pages on the website and forums using RFI/Path hacks.

I am pleased to say that there was no damage done as all attempts were futile thanks to the excellent protection offered by ZB Block. Cyberdefender  Alchemy Communications IP ranges are now denied any further access and have now been added to ZB Block signatures for all users of this site protection software.

The hack attempts, complete with a log of their IP and code injection have been passed to hpHosts for the inclusion on the database.

Lets see what today brings ;)

Tagged with:
 
0 Comments
Leave A Response

Issviews Website changes.

On February 23, 2010, In IssViews Info, News, By Spudz
Have added some more to the website:

Commercial products
Changed the layout
Added ESET Nod32 Antivirus to the list.

Free Software
Changed the layout
Added Avira Free Antivirus to the list.
Removed Comodo from the list.

Useful Utilities
Added FileHippo Update Checker to the list
Added screenshot to Secunia PSI and further info.
Added more details for other utilities mentioned there.

Previous ammendments I may have forgot to mention are:

Useful Utilities
Added Hostsxpert and HostMan to the list.

All Pages
Added ‘Giveaway of the day’ in the side bar. Check this regular as you do get some great freebies such as Online Armour ++ which I got not long back,   fully regiestered for the year too :D
Added WOT (Web of Trust) indicator. (Shows Issviews trust status).
Added ZB Block protection icon info.

Tagged with:
 
0 Comments
Leave A Response

Security updates available today for Adobe Reader and Acrobat

On February 17, 2010, In News, Security, By Spudz

Security updates available for Adobe Reader and Acrobat from Abode. These will address 2 critical vulnerabilities:

(CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests.

(CVE-2010-0188) has been identified that could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Abode Security Bulletin 16 Feb 2010 refers.

Tagged with:
 
0 Comments
Leave A Response

IssViews server downtime.

On February 12, 2010, In IssViews Info, By Spudz

My apologies to anyone who faced problems accessing the site. This was due to the host detecting a faulty hard drive and had to replace  it.  This took approximately 30 minutes to an hour. The site is now back to normal :D

Tagged with:
 
0 Comments
Leave A Response
« Previous Entries
Go To Top »