Category Archives: Security

Keeping users safe online.

Beware Pop-up Survey Scams

Pop-up ads are generally merely annoying, but some can actually pose a threat. Of course, it’s the worst that try the hardest to make themselves look legitimate and helpful. You might find yourself faced with one that purports to be a survey of Internet services. And it looks quite official, even down to the legalese text on the bottom, and offers valuable gifts for a few minutes of your time. And above all, it looks totally innocuous, with easy, objective, multiple-choice questions. What could be the harm in that? Plenty, though you might not realize it for awhile. Filling in the form can leave your computer infected, maybe just with more annoying adware, or something more serious. But any adware is a breach in your privacy defenses, and other nasties you may run into while browsing can make the gap worse. Now, this “survey” may be for a site you visit, or even your ISP,  which is why we’re issuing this warning. We’re seeing more reports of our members being asked to rate Southwest Cyberport. Some customers, wishing to give SWCP a good word or help us improve, have gone ahead and filled out the form, to their regret. The only party that got a favor from it were the scammers. The best response is the same for all pop-ups: ignore it, close the window without clicking anything. If you think you might have been infected see here for steps … Continue reading

Posted in Security, Warnings | Tagged , , , , , | Leave a comment

Superfish Troubles Continue

The March 2015 Portal just came out. It’s all about Superfish, adware preinstalled on certain Lenovo laptops, supposedly to enhance user choices and options while shopping. But the software breaks the basic protections embedded in TLS and the digital certificate system that are vital to online commerce. Superfish, to paraphrase our Vice President Jamii Corley, is like a salesman so pushy that he breaks all the locks on your house in his eagerness to enter and leaves them broken so that anybody else, salesman or impersonator, can get in. Another way of looking at it is that Superfish forged the seals on the documents that make sure the party you’re talking to is the one intended, rendering the whole system worthless. Either way, it smells. It’s such a dangerous threat that the Department of Homeland Security has recommended it be removed ASAP. However, it turns out it’s not that easy. Lenovo claims to have stopped installing it on their computers, but some are still being shipped. And while Lenovo has published removal instructions, it turns out that their method leaves the application and libraries intact. Fortunately, there are other options.  First of all, there’s a simple online test to see if your brand-new laptop is affected. And here’s Lenovo’s list of models that “may be” infected. It may prove safer, if more complicated, to remove it by hand. Some commercial software antivirus programs offer removal tools available for those less technically oriented. … Continue reading

Posted in News, Security, Warnings | Tagged , , , , , | Leave a comment

Recent Exploits Bode Ill for the Future

Every week new intrusive exploits by hackers are found across the Internet. Some unsuspecting new institutional victim is revealed to have been penetrated. Lately most have involved major commercial corporations which had personal data stolen, like the recent assault on health insurance provider Anthem. Three exploits that were announced last week took hacking to a new level. Each is breathtaking in scope, immensely sophisticated, and have apparently been around for quite a while before they were discovered. Each one by itself would merit alarm and concern by all thoughtful users, but taken together they signal scary times ahead for the Internet. One was an attack on the banking industry. Found by Moscow-based Kaspersky Labs, this is said to be the biggest and most sophisticated bank heist ever; over $1 billion dollars were taken from over 100 banks in 30 countries. The banks were scattered from Russia to the US, Germany, China, and Ukraine. And the means of attack varied from creating money out of thin air to reprogramming ATMs to spew forth cash – one doing so in Kiev before a gang-employed mule could pick it up was what apparently brought the heist to the attention of the authorities. The hackers apparently wormed their way in through a phishing attack that lured bank executives to booby-trapped webpages where they were infected. Once the hackers were inside the system, they watched the banks’ activities carefully, and mimicked them to remain undetected. … Continue reading

Posted in News, Security, Warnings | Tagged , , , , , , , , , , , | Leave a comment