Wednesday, April 27, 2011

Experts: Don’t fall into phishing net scam

Thursday April 28, 2011
KUALA LUMPUR: Avoid being impulsive and practise safe online habits when you are on the Internet, says security expert and Anti-Phishing Working Group (APWG) secretary-general Peter Cassidy.

Big increase in cyber crimes

Thursday April 28, 2011
KUALA LUMPUR: There has been an increase in cyber crimes in Malaysia over the last two years, more than 3,500 of them reported in the first three months of this year.

CyberSecurity Malaysia chief operating officer Zahri Yunos said some 8,000 cases were reported last year and attributed this to the growth in Internet usage and broadband penetration that now stood at 55%.

Drastic rise in cyber crimes

Published: Wednesday April 27, 2011 MYT 5:48:00 PM


KUALA LUMPUR: Cyber crimes have drastically increased over the last two years, with more than 3,500 incidents reported in the first quarter of this year, almost the same figure for the entire 2009.

CyberSecurity Malaysia chief operating officer Zahri Yunos said some 8,000 cases were reported for last year and attributed the increase to higher Internet usage and broadband penetration, which currently stood at 55%.

"The cases have increased exponentially. In the first quarter of this year, our Cyber999 security incident help centre has handled 3,563 cases, of which 36% or 1,273 are related to online fraud, including phishing and identity theft.

"This is more than the total incidents for 2009. Phishing sites targetting local banks have also increased with 400 sites detected for the first quarter of this year compared to 900 last year.

"While the numbers are worrying, we are also happy to see that members of the public are notifying us when they come across such fraudulent websites or email," he said at the opening of the Anti-Phishing Working Group's fifth annual international Counter-eCrime Operations Summit here Wednesday.

CyberSecurity Wednesday launched a security browser plug-in called 'Don't Phish Me', which automatically detects fake local banking sites phishing for usernames and passwords in order to illegally withdraw money.

Source :

Wednesday, April 13, 2011

MyCERT Alerts Internet Users on Online Employment Scams

Recently, MyCERT alerted Internet users on job scam e-mails in circulation.


PRLog (Press Release) – Apr 08, 2011 – Recently, Malaysia Computer Emergency Response Team (MyCERT) alerted Internet users on job scam e-mails in circulation. The e-mails purportedly appear to come from two reputed Malaysian Oil and Gas companies – Petronas and SapuraCrest. The targeted individuals are offered attractive positions in the oil companies. The scam e-mails inform users that they are selected for the said position after thorough verification of their resumes. Alternatively the e-mails seek resumes of Internet users. They entice users by stating that their appointment to the said position would be solely based on the information provided by them in their resume and there would be no further physical, online or telephonic interview. MyCERT has also released three sample fake online job scam letters. One of the fraudulent job offer letter also mentions remuneration details and joining date. The e-mails suggest the targeted users to contact a particular executive of the Human Resource department of the company and also provide telephone numbers and e-mail address of the said person. The e-mail address is spoofed to make it appear as coming from a legitimate company.

Scammers extract contact details of individuals from online job sites. They then design well-crafted e-mails to target large number of individuals. Some scam e-mails may also seek payments from the user. Internet users, who fall prey to the scam, divulge more valuable personal and financial information to the scammers.

MyCERT has cautioned users against responding to scam e-mails. Individuals, who have been defrauded by scammers, must lodge complaint with the counter crime agencies. Users must satisfy themselves of the authenticity of the e-mails from unknown parties. In case of suspicion, individuals may directly communicate with the legitimate company on the contact details provided on website. Users must desist from divulging any personal and financial information in response to the scam e-mails. Internet users can identify the scam e-mails by checking for grammatical mistakes, poor language, spelling errors or prefixes and suffixes in the company name and identical, but incorrect domain name of the company in e-mail addresses.

Online job sites must also verify the authenticity of the recruiters before listing them on their sites. They must have mechanism in place for facilitating job seekers to complain or report fraudulent job offers. Reported fake offers must be investigated and reported to the concerned counter crime agencies. Hiring professionals qualified in IT masters degree would help in timely detection and mitigation of threats.

Organizations, which have been misrepresented by the fraudsters for making fake employment offers must constantly evaluate the security threats in the IT environment. They must lodge complaint with the counter crime agencies. They must have proper policies in place to identify and alert users on fraudulent activities conducted by impersonating and misrepresenting the company. Online technology degree and e-learning programs may help IT professionals in updating their technical skills and know-how.

Growing instances of cybercrime have led to creation of special task force and cybercrime cells by counter crime agencies. There is increased demand for professionals qualified in IT courses such as online computer degree, computer forensics, security audit and penetration testing.

Contact Press

Tel: 505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

# # #

iClass is EC- Council's online training delivery platform. Students can attend live, or recorded training sessions for courses such as Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA) or Computer Hacking Forensic Investigator (CHFI).

Source & Credit :

Wednesday, April 6, 2011

Five tips for removing viruses and spyware from client machines

By Erik Eckel

July 9, 2010, 8:12 AM P

Takeaway: IT consultants must regularly remove stubborn, regenerative, and corrupting spyware and viruses from client machines. These pointers will help you return systems to stable operation.

It’s inevitable that clients will infect workstations, PCs, and laptops with spyware and viruses. Regardless of preventive steps, from gateway protection to automated scans to written Internet use policies, malware threats sneak through even layered defenses. What makes the situation worse is that many clients aren’t willing to invest in standalone anti-spyware software, even though they understand the need for minimal antivirus protection.

Some IT professionals advocate simply wiping systems and reinstalling Windows, while others suggest that’s akin to giving up and letting the bad guys win. The truth lies somewhere in between. After making an image copy of the drive (it’s always best to have a fallback option when battling malicious infections), here are the measures I find most effective.

Note: These tips are based on an entry in our IT Consultant blog; they’re also available as a PDF download.

1: Isolate the drive

Many rootkit and Trojan threats are masters of disguise that hide from the operating system as soon as or before Windows starts. I find that even the best antivirus and antispyware tools — including AVG Anti-Virus Professional, Malwarebytes Anti-Malware, and SuperAntiSpyware — sometimes struggle to remove such entrenched infections.

You need systems dedicated to removal. Pull the hard disk from the offending system, slave it to the dedicated test machine, and run multiple virus and spyware scans against the entire slaved drive.

2: Remove temporary files

While the drive is still slaved, browse to all users’ temporary files. These are typically found within the C:\Documents and Settings\Username\Local Settings\Temp directory within Windows XP or the C:\Users\Username\App Data\Local\Temp folder within Windows Vista.

Delete everything within the temporary folders. Many threats hide there seeking to regenerate upon system startup. With the drive still slaved, it’s much easier to eliminate these offending files.

3: Return the drive and repeat those scans

Once you run a complete antivirus scan and execute two full antispyware scans using two current, recently updated and different anti-spyware applications (removing all found infections), return the hard disk to the system. Then, run the same scans again.

Despite the scans and previous sanitization, you may be surprised at the number of remaining active infections the anti-malware applications subsequently find and remove. Only by performing these additional native scans can you be sure you’ve done what you can to locate and remove known threats.

4: Test the system

When you finish the previous three steps, it’s tempting to think a system is good to go. Don’t make that mistake. Boot it up, open the Web browser, and immediately delete all offline files and cookies. Next, go to the Internet Explorer Connection settings (Tools | Internet Options and select the Connections tab within Internet Explorer) to confirm that a malicious program didn’t change a system’s default proxy or LAN connection settings. Correct any issues you find and ensure settings match those required on your network or the client’s network.

Then, visit 12 to 15 random sites. Look for any anomalies, including the obvious popup windows, redirected Web searches, hijacked home pages, and similar frustrations. Don’t consider the machine cleaned until you can open Google, Yahoo, and other search engines and complete searches on a string of a half-dozen terms. Be sure to test the system’s ability to reach popular anti-malware Web sites, such as AVG, Symantec, and Malwarebytes.

5: Dig deeper on remaining infections

If any infection remnants persist, such as redirected searches or blocked access to specific Web sites, try determining the filename for the active process causing the trouble. Trend Micro’s HijackThis, Microsoft’s Process Explorer, and Windows’ native Microsoft System Configuration Utility (Start | Run and type msconfig) are excellent utilities for helping locate offending processes. If necessary, search the registry for an offending executable and remove all incidents. Then, reboot the system and try again.

If a system still proves corrupt or unusable, it’s time to begin thinking about a reinstall. If an infection persists after all these steps, you’re likely in a losing battle.

Other strategies

Some IT consultants swear by fancier tricks than what I’ve outlined above. I’ve investigatedKNOPPIX as one alternative. And I’ve had a few occasions in the field where I’ve slaved infected Windows drives to my Macintosh laptop to delete particularly obstinate files in the absence of a boot disk. Other technicians recommend leveraging such tools as Reimage, although I’ve experienced difficulty getting the utility to even recognize common NICs, without which the automated repair tool can’t work.

What methods do you recommend for removing viruses and spyware from clients’ machines? Post your suggestions in the discussion below.