June 3rd, 2014
About two months ago, the Heartbleed bug was the scourge of the internet. Since then, websites have scurried to update and patch the vulnerabilities that could potentially lead to the theft of their users’ data. As Jeremy Kirk of Computer World reports, the Heartbleed name is still being used to strike fear into users only now it’s in association with a phishing scam.
Security firm TrendMicro reports that spam emails are being distributed that promise a “Heartbleed removal tool”. Individuals who have some understanding of what Heartbleed is will understand that it isn’t a virus or malware that can simply be removed. But, others who are familiar with the name ‘Heratbleed’ but unfamiliar with any other details are being fooled.
The attachment to these emails, the supposed removal tool, is actually a keylogger, which is used to record the keystrokes of the user and sends them to the criminal who launched this attack.
Given the apparent misunderstanding of Heartbleed, this scam is already poorly constructed, but it falls apart even more when you consider the content of the email. While the body contains a warning about Heartbleed and urges users to run the attached removal tool, the subject line reads “Looking For Investment Opportunities from Syria”. A more spammy email subject has rarely been written and, of course, the subject and body don’t match.
These characteristics make this particular scam easy to spot for users and spam filters, but criminals trading on the Heartbleed name isn’t likely to stop anytime soon. Be wary of any email, even those purporting to be from legitimate companies, that advises you to protect yourself from Heartbleed. Don’t follow links in those emails and don’t download the attachments.
If your computer is infected by malware, Geek Rescue is here to help. Call us at 918-369-4335.
June 2nd, 2014
For businesses, creating a secure IT infrastructure is difficult even if you’re only working with a handful of desktop computers that all run the same operating system and applications. Complications come from adding new devices, especially when employees begin using their own personal devices on your network. In most cases, it’s not the devices themselves that cause problems, but rather the apps they’re running. At Beta News, Ian Barker explains how mobile apps threaten the security of your business.
Even for individual users, relatively secure smartphones are exploited through security vulnerabilities in mobile apps. These aren’t malicious apps, but rather legitimate apps that contain flaws and hold high risk permissions.
According to studies, the average smartphone contains about 200 apps. This includes apps that come pre-installed from the manufacturer or service provider and those that the user downloads themselves. Each app averages about 9 permissions, or abilities to access and use your phone’s data, which includes access to your social media profiles, location and more. Of these nine permissions, about five would be considered high risk on average for each app. This means if the app were exploited, a criminal could cause significant harm to your device, or to your finances and identity, through these high risk permissions.
For businesses, this introduces hundreds of potential vulnerabilities for each employee and multiple data leaks associated with each vulnerability. Mobile security specialist, Mojave, categorizes about half of the mobile apps they examine to be at least moderate risk, which means they have access to a large amount of valuable data and don’t have a large amount of security associated with them.
Keeping your business secure requires close attention to not only every device that connects to your network, but also every application that device is running. Without that, you risk an employee opening the door for an attack that compromises your company’s data, or your customer’s.
For help securing your business, or recovering from an attack, call Geek Rescue at 918-369-4335.
