It has been a while since my last TechNote, which might really mean good
news. If I haven't had to send out any security alerts, then that is a good
thing.
The only really pertinent alert in the last month is a security
vulnerability of "Adobe Flash Player" which is exploited when you visit a
malicious Flash (.swf) file. There is no patch for the player, so best
defence is really to avoid any suspect sites (which is always good advice).
Click For Full
Details here from Watchguard.
Phishing Season is open.
No, it isn't a spelling mistake. For those that don't know. Phishing is a
SPAM / Hacker technique used to lure unsuspecting internet users to fake
websites in order to gain passwords or credit card details. They create
very very good replicas of real websites like eBay, PayPal, banking, etc,
then send out SPAM emails trying to lure users to their site. Once the
unsuspecting user enters their details into the site they have them.
Most of the emails can be identified pretty quickly as being a "Phishing"
scam if you look closely but some are very well done. Always check the
links you are provided to make sure it is for the real company and not
something pretending to be the site. Check the "address" details and if you
are uncertain then don't use it. Any organisations like banks and PayPal
will never ask for your personal details or credit info via email.
For anyone using Internet Explorer 7 (IE7), which ships with XP and Vista,
it has an inbuilt "phishing filter" which will alert you if you visit a
known phishing website. You can see the options for it from the "Tools"
menu. Definitely worth having it turned on but it is not a failsafe as it
relies on the site being already identified before you visit and these can
popup pretty quickly!!
McAfee also offers a FREE tool called McAfee Siteadvisor
which you can download and install. It
provides a warning system for all sites of Internet related threats such as
Adware, Spam, Viruses as well as phishing sites. Essentially, it shows green
when the site is OK and red for potentially bad sites. You can also click
on the button to get a full breakdown on their analysis of the website. One
feature I like is the way it works with Google search. It adds a tick or
cross against each search result so you know which ones are potentially
harmful (or a waste of time) before you click. Click here
to check it out.
The other alternative is to get one of the commercially available email
checkers which will "clean" your email of SPAM, viruses, and phishing before
you see it. These are the best way to go if you have multiple user
environments as it takes most of the risk of accidental user error out of
the picture. Unfortunately, it is very easy to let one of these scams get
past you if you aren't concentrating.
Hope this helps to give everyone a better understanding of these threats so
that we can try to outsmart the hackers out there.
Hi Everyone,
It has been a while since my last TechNote, which might really mean good
news. If I haven't had to send out any security alerts, then that is a good
thing.
The only really pertinent alert in the last month is a security
vulnerability of "Adobe Flash Player" which is exploited when you visit a
malicious Flash (.swf) file. There is no patch for the player, so best
defence is really to avoid any suspect sites (which is always good advice).
Click For Full
Details here from Watchguard.
Phishing Season is open.
No, it isn't a spelling mistake. For those that don't know. Phishing is a
SPAM / Hacker technique used to lure unsuspecting internet users to fake
websites in order to gain passwords or credit card details. They create
very very good replicas of real websites like eBay, PayPal, banking, etc,
then send out SPAM emails trying to lure users to their site. Once the
unsuspecting user enters their details into the site they have them.
Most of the emails can be identified pretty quickly as being a "Phishing"
scam if you look closely but some are very well done. Always check the
links you are provided to make sure it is for the real company and not
something pretending to be the site. Check the "address" details and if you
are uncertain then don't use it. Any organisations like banks and PayPal
will never ask for your personal details or credit info via email.
Here is a site which expalins in more detail what to look for in phishing
emails: http://www.phishtank.com/what_is_phishing.php
Phishing protection
For anyone using Internet Explorer 7 (IE7), which ships with XP and Vista,
it has an inbuilt "phishing filter" which will alert you if you visit a
known phishing website. You can see the options for it from the "Tools"
menu. Definitely worth having it turned on but it is not a failsafe as it
relies on the site being already identified before you visit and these can
popup pretty quickly!!
McAfee also offers a FREE tool called McAfee Siteadvisor
which you can download and install. It
provides a warning system for all sites of Internet related threats such as
Adware, Spam, Viruses as well as phishing sites. Essentially, it shows green
when the site is OK and red for potentially bad sites. You can also click
on the button to get a full breakdown on their analysis of the website. One
feature I like is the way it works with Google search. It adds a tick or
cross against each search result so you know which ones are potentially
harmful (or a waste of time) before you click. Click here
to check it out.
The other alternative is to get one of the commercially available email
checkers which will "clean" your email of SPAM, viruses, and phishing before
you see it. These are the best way to go if you have multiple user
environments as it takes most of the risk of accidental user error out of
the picture. Unfortunately, it is very easy to let one of these scams get
past you if you aren't concentrating.
Hope this helps to give everyone a better understanding of these threats so
that we can try to outsmart the hackers out there.
Regards,
Aaron
For Official Aztech Networks Support - email to support@aztech.net.au
If you appreciated this help, please donate so we keep the tech info flowing!