IT Security Blog » Instant Messaging

Telecommuting Woes???

Saran — Wed, 27 Jul 2011 08:23:45 +0000

Research has shown that a survey conducted within a large company shows that although telecommuting is very much productive for many firms it tends to be on the downside for those employees who do stay within the physical office itself. This can be in the areas of personal assistants/secretaries and other office workers who are left to run the office in the absence of their counterparts/coworkers. This leads to dissatisfaction in the workplace hence lowering productivity and encouraging home-bodies to engage in dangerous liaisons from within and outside of the office.

The hatred felt is seen in the rising occurrences of these same people becoming the entry point for attacks on corporate networks when they visit social sites to pass on the otherwise boring day. This is also counterproductive for their attention to work and the other nuances such as physical security and IT security is so much a threat that it is under study on how to improve the working conditions for these people. They are distracted and left to do almost anything they please which is where the security gap seems to be, using the corporate network to access social sites to which they are members of. Even the installation of hardware and software security measures cannot guarantee security coverage at all angles for the main security risk is still the human behind the keyboard who does the typing and not on the structure of the system itself. It might be helpful to get them out more often to allow their facilities more practice letting the steam and pressures/boredom to dissipate. Role rotation may be a key but is not always feasible for there are certain knowledge associated issues that have to be addressed to be able to do that. Training and re-training people allows them to sharpen skills and add new knowledge to their already bored lives.

Protect Yourself Against Malicious Calling Card Providers

dave — Wed, 16 Feb 2011 15:58:42 +0000

The business of calling cards has certainly been highly lucrative, judging by the number of companies opening up on the market by the month. Consumers seem to be enjoying the situation as well, as the benefits a good calling card holds for those who use it are certainly considerable, if the card is picked correctly. However, as a security-conscious consumer, you must always bear in mind the risks associated with using a phone card. Don’t let the attractive-looking benefits rob you blind even if you’re actively protecting your other weak spots.

For one thing, be extremely cautious with your personal information – something which should be of second nature to you if you’re a seasoned consumer already, but still, in some cases, it can be very difficult to distinguish between a legitimate business asking for your details and a phony one. Never go beyond the most basic details, and if you’re ever asked to divulge more than that, make sure you inquire why this is being done – it’s very important for you to be aware of the terms of that company’s business.

Something else to keep in mind when choosing your phone card is the payment method – it’s preferable to make your payments in cash whenever possible, as phone cards open up a whole new layer of vulnerability that thieves could exploit to get to you. It’s certainly not wise to pay with an online payment provider to companies that aren’t very well-known.

Careful of Unknown Links in Messaging

Saran — Tue, 06 Jul 2010 10:29:00 +0000

Trojans hacks and worms can easily enter a person’s computer by a mere click of a link. Instant messaging, the new trend in adhering towards faster and easier communication anywhere in the world has been enhanced thoroughly, going to the extent of allowing links to be followed, sometimes generated automatically from infected computers. Such are done even when offline messages are left, such as in Yahoo Messenger issues.

The best way to avoid such links is to refrain from clicking on links without prior notice from the actual user. While most people would rely heavily on the level of relationship that they would have with their online buddy, it is still best to double check and verify before proceeding on the site link.

Being infected is quite painful that it leads to even formatting the entire system. This holds true for people who are not aware or have the time to clean it manually and methodically. Hence, the best way is to be more cautious, especially when peculiar links are met.

Yahoo Messenger Acai Berry Virus

Saran — Sun, 24 May 2009 03:49:10 +0000

What in the world is an acai berry? If you are into fad diets, then you probably have heard of the acai berry. It is purported to be the next wonder drug, which is all natural by the way. It is supposed to make you lose weight like no other substance in existence. It is also supposed to make you feel better and younger because of its curative properties.

Anyhow, I have nothing against the acai berry fad per se. I mean, these fads come and do and it’s up to you if you want to try them or not. What is happening to me is another story, however. You see, I have somehow been victimized by the acai berry virus (or so I’d like to call it) on Yahoo messenger.

I didn’t have any inkling as to what was happening until I suddenly got this slew of offline messages last week. People on my contact list – even those with whom I had not spoken for months and months – suddenly started sending me offline messages. Their messages seemed to be in reply to something I had sent.

Yesterday, an old friend sent me an SMS saying that I might have a virus. He said that I kept sending him messages on Yahoo Messenger about this acai berry thing. Obviously, it was not me.

I am pretty sure that I am not alone in this thing. I have scoured the web for similar reports and have found a lot of other people complaining of the same thing! The solution? I scanned my laptop for malware using Spybot last night. I am about to scan again using Avast. Then I am changing my passwords. Let’s see if I can get rid of this thing.

Any suggestions?

Be Careful of Hyperlinks in Messages

Saran — Tue, 30 Sep 2008 16:23:30 +0000

We all know that some people using the web for success are desperate and regardless if the message comes to you via email, comments or an instant message, do not click! It is easy to spot suspicious messages. For one, if there is no sane explanation on why you should check it out, refrain from doing so. The difference between clicking may make the difference as far as safety and security for your computer or workstation is concerned.

For most, this may seem redundant. Who in his right mind would click a link gone unsolicited? Well that is true but we forget to consider that not all people are aware of the benefits and dangers that await them on the web.

Just like in modern society, you can expect some tactics that can really deceive you. They are not obvious and in fact can come in any from. In fact, you can even get them from friends who may think that such links to site as harmless. Leading the pack for suspicious links would include:

1. Free software links
2. Files or Images
3. Money making scheme programs
4. Unsolicited Sign Ups

Of course, you would have to consider, to get people to click on links, it has to be entirely in their interest. For most, it is too tempting to resist. Especially if you have not encountered them or have been educated of these threats, chances are you may experience them first hand and may become a forgettable one for overlooking the value of security on the web.

Voicemail Spam on Your Mobile – Coming Soon

Saran — Tue, 10 Jun 2008 10:52:04 +0000

Came across the incident on InfoWorld and it seems quite interesting for it involves spam messages on your mobile. That might seem a long way from the world of IT but as more and more of us turn to the mobile workforce that may present a big problem that can rival spam in your email inbox. The incident has a user from a certain location who moves to a different location that didn’t have the best of service availability when it came to his mobile carrier. He was contacted by AT&T and was informed that due to some technical constraints that cannot guarantee their full range of services. So in the end he was forced to sign up with an alternate mobile provider (Sprint) from which he began receiving marketing mail and text messages that were on the same level as phishing scams out for your personal information.
Unsolicited marketing is banned (which led to the downfall of most off-site call centers) in the US and almost anywhere else if I got it right, so why does a leading provider allow such things to happen? Well, the marketing industry for one is one of the most aggressive when it comes to the utilization of new technologies to further their reach and mobile phones being almost part of everyday life (except for some far reaches of the Amazon or Africa) it is a ripe and well established area to focus on for marketing drives.
Communications is the key and mobile workforces being very dependent on it makes them prime targets as prey for such marketing drives. The poor fellow isn’t alone for millions of us do get unsolicited voice mail or text messages from time to time (some more than others) and there should be something done to correct such menacing and disrupting activities.

Source : InfoWorld

Unified Communications under Attack…. So Soon!

Saran — Tue, 13 May 2008 06:48:53 +0000

The move to shift from multi-level communications and incorporating Unified communications such as VoIP and other unified platforms has become the prime targets of hackers who are now turning to IM attacks as their targets. Offices have de-centralized communications and other systems combining them into one system that is capable of handling communications eliminating the need for maintaining several systems each with its specific function. IM or Internet Messaging is cheaper and allows office workers in the field to communicate cheaply with the office and VoIP allows them to communicate cheaply over vast distances.
Unified communications is the next step towards virtualization which is currently being developed and tested by various developers. IM is one of the most convenient means of communications which has the capability to receive mail from all over just as SMS or Text messaging has done in the Mobile Industry. Every user who uses the internet may have one or more IM accounts with the many free mail providers or through their company hosting service. Using the IM allows hackers to send malware, unload their payloads and go on to propagate through the networked system, which if looked at from a business perspective crippling one of the vital communications links. There are still mobile phones and other means communications but being ever present at every desktop, any unsuspecting user can download malware without proper intrusion prevention and detection systems in place. Mobile phones have also suffered attacks from malware that is designed to attack stripped down versions of popular Operating systems, the forays of hackers into unified communications may mean they are keeping pace with the development of new technologies as fast as businesses adopt them and accept them as just part of the game.

Economics – the driving force of Mobile Spying Malware

Saran — Tue, 01 Apr 2008 17:11:04 +0000

Experts have said it again and again and history has shown us that money is the root of all evil and so it goes the same for the development and eventual spread of more sophisticated malware intended for the ever growing mobile computing environment. Current malware is simple yet experts are warning users and other experts alike that it would only be time before some hacker develops a more robust and discreet form of malware that would circumvent standard virus scanners. As we have seen and read in news articles, these viruses, Trojans and other forms of malware are evolving so fast that removal and detection experts are finding it very hard to get one step ahead of them. In the time it takes to read this post, about 35 or so new types of malware would have been released into the wild to infect any of the millions of unprotected systems over the internet. The problem has gone into the pandemic stage that no system is safe for long. The soonest a new and more robust intrusion prevention and security system is in place, several new vulnerabilities in the computer systems we use are found and immediately exploited by hackers and their minion.
Economics or the promise of earning a buck from such malware creation and spreading is the major motivation for hackers. Say you get into the cell phone of your favorite Celebrity and get hold of private pictures, or get hold of a confidential report which lists the amount of funds along with the corresponding account information and much more information that one can sell quite profitably over the internet.

Google’s Orkut Social Networking Site – Hit by Trojan

Saran — Thu, 28 Feb 2008 06:56:37 +0000

In the endless fight for IT security in the vulnerable internet, even Google’s Orkut has been hit by a self-propagating Trojan which is currently being studied for a possible cure to remove it from the wild. The Trojan works when the creators get information and send messages with links that prompts users to install a newer version of the flash player program. The user is greeted by a pop-up window that tells the user an installation of a newer version of software being used is in need of download and subsequent update. The program downloads a seemingly legal copy of the software installer which in turn begins to unload it’s payload of malicious code and propagates by sending more messages with the addresses that are tagged as friends in the victim user’s address book. So far, the pop-up message that promotes the spread of the Trojan is only in Portuguese which has been seen only in Brazil and with a few in India, but the security experts at Symantec are worried that an evolved version can unload more malicious code that can do more damage to the millions of users on the web, even cause another cascading slowing down of the internet as a whole if these Trojans begin to overload vital internet hubs forcing them to shut-down due to the infinite requests for direction which it would be unable to handle. Google has been warned by Symantec which has yet to release a reply to that warning. Symantec and many other industry leaders in the development of virus/,alware removal software have predicted the rise in attacks that would take effect this year as more and more people get onto the social network bandwagon making the world a smaller place but at the same time opening previously shut doors ripe for attack fromt the ever changing face of malware.

OS Updates, Patches and Service Packs – What they’re not telling you (Part 2)

Saran — Tue, 19 Feb 2008 04:46:46 +0000

Some of these updates and patches are well publicized and known to media and IT circles while others are not. The real truth, not all users want to know the details of the several updates and patches that are being installed as long as they get to use the internet and other software without issues. This is a dangerous tightrope to walk for like the Facebook incidents and MySpace problems, and yes even Google (with their customer purchase tracking system which they took out of service as people took notice and were pissed they were being monitored as to shopping habits etc).

Even the most popular web search engines have come under fire when people took notice of their tracking systems and how that information is used to target them for advertising campaigns. The web is a true and proven signal of unparalleled freedom for it allows you to get information all with the press of a few buttons. But the battle begins at your desktop or laptop where the OS resides and is installed on making it the root of all possible problems. Yes, Attacks do come from the net but they are targeted at your home or office desktops using them as propagation tools to spread them all over the globe. Privacy and the right to know is quite battered on these fronts with many problems being discovered at every turn. People love intrigue and they will continue to scrutinize and criticize the work of others may they be friends or foes. On goes the OS wars and we are on the sidelines waiting to suffer all the fallout of their drive to be the first to release the most innovative and feature loaded software (with bugs and system crashes all bundled and included in the box, well till they release the respective fixes and patches to remedy them).