Archive for the ‘Useful Inormation’ Category

In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that take advantage of the United States tax season. Due to the upcoming tax deadline, US-CERT reminds users to remain cautious when receiving unsolicited email that could be part of a potential phishing scam or malware campaign.

These phishing scams and malware campaigns may include, but are not limited to, the following:
* information that refers to a tax refund
* warnings about unreported or under-reported income
* offers to assist in filing for a refund
* details about fake e-file websites

These messages which may appear to be from the IRS, may ask users to submit personal information via email or may instruct the user to follow a link to a website that requests personal information or contains malicious code.

US-CERT encourages users and administrators to take the following measures to protect themselves from these types of phishing scams and malware campaigns:
* Do not follow unsolicited web links in email messages.
* Maintain up-to-date antivirus software.
* Refer to the IRS website related to phishing, email, and bogus
website scams for scam samples and reporting information.
* Refer to the Recognizing and Avoiding Email Scams (pdf) document
for more information on avoiding email scams.
* Refer to the Avoiding Social Engineering and Phishing Attacks
document for more information on social engineering attacks.
* Review the Wall Street Journal blog post “Cybercrooks Digging for
Tax Data” for additional suggestions for protecting against these
types of attacks.

Relevant Url(s):

Malicious code is not always hidden in web page scripts or unusual file
formats. Attackers may corrupt types of files that you would recognize and
typically consider safe, so you should take precautions when opening files
from other people.

What types of files can attackers corrupt?

An attacker may be able to insert malicious code into any file, including
common file types that you would normally consider safe. These files may
include documents created with word processing software, spreadsheets, or
image  files. After corrupting the file, an attacker may distribute it
through email or post it to a web site. Depending on the type of malicious
code, you may infect your computer by just opening the file.

When corrupting files, attackers often take advantage of vulnerabilities
that they discover in the software that is used to create or open the file.
These vulnerabilities may allow attackers to insert and execute malicious
scripts  or  code,  and  they  are  not always detected. Sometimes the
vulnerability involves a combination of certain files (such as a particular
piece of software running on a particular operating system) or only affects
certain versions of a software program.

What problems can malicious files cause?

There are various types of malicious code, including viruses, worms, and
Trojan horses (see Why is Cyber Security a Problem? for more information).
However, the range of consequences varies even within these categories. The
malicious code may be designed to perform one or more functions, including
* interfering with your computer’s ability to process information by
consuming  memory  or  bandwidth  (causing your computer to become
significantly slower or even “freeze”)
* installing, altering, or deleting files on your computer
* giving the attacker access to your computer
* using  your  computer to attack other computers (see Understanding
Denial-of-Service Attacks for more information)

How can you protect yourself?

* Use and maintain anti-virus software – Anti-virus software can often
recognize and protect your computer against most known viruses, so you
may be able to detect and remove the virus before it can do any damage
(see Understanding Anti-Virus Software for more information). Because
attackers are continually writing new viruses, it is important to keep
your definitions up to date.
* Use caution with email attachments – Do not open email attachments that
you were not expecting, especially if they are from people you do not
know. If you decide to open an email attachment, scan it for viruses
first (see Using Caution with Email Attachments for more information).
Not only is it possible for attackers to “spoof” the source of an email
message,  but your legitimate contacts may unknowingly send you an
infected  file.  If  your  email  program  automatically downloads
attachments, check your settings to see if you can disable this feature.
* Be wary of downloadable files on web sites – Avoid downloading files
from sites that you do not trust. If you are getting the files from a
supposedly  secure  site,  look  for  a  web site certificate (see
Understanding Web Site Certificates for more information). If you do
download a file from a web site, consider saving it to your computer and
manually scanning it for viruses before opening it.
* Keep software up to date – Install software patches so that attackers
cannot  take  advantage  of known problems or vulnerabilities (see
Understanding Patches for more information). Many operating systems
offer automatic updates. If this option is available, you should enable
* Take advantage of security settings – Check the security settings of
your  email  client  and your web browser (see Evaluating Your Web
Browser’s Security Settings for more information). Apply the highest
level of security available that still gives you the functionality you

Related information

* Securing Your Web Browser
* Recovering from Viruses, Worms, and Trojan Horses

Author: Mindi McDowell

There are some common myths that may influence your online security
practices. Knowing the truth will allow you to make better decisions about
how to protect yourself.

How are these myths established?

There is no one cause for these myths. They may have been formed because of
a lack of information, an assumption, knowledge of a specific case that was
then generalized, or some other source. As with any myth, they are passed
from one individual to another, usually because they seem legitimate enough
to be true.

Why is it important to know the truth?

While believing these myths may not present a direct threat, they may cause
you to be more lax about your security habits. If you are not diligent about
protecting yourself, you may be more likely to become a victim of an attack.

What are some common myths, and what is the truth behind them?

* Myth: Anti-virus software and firewalls are 100% effective.
Truth: Anti-virus software and firewalls are important elements to
protecting your information (see Understanding Anti-Virus Software and
Understanding Firewalls for more information). However, neither of these
elements are guaranteed to protect you from an attack. Combining these
technologies with good security habits is the best way to reduce your
* Myth: Once software is installed on your computer, you do not have to
worry about it anymore.
Truth: Vendors may release updated versions of software to address
problems or fix vulnerabilities (see Understanding Patches for more
information). You should install the updates as soon as possible; some
software even offers the option to obtain updates automatically. Making
sure that you have the latest virus definitions for your anti-virus
software is especially important.
* Myth: There is nothing important on your machine, so you do not need to
protect it.
Truth:  Your  opinion  about  what is important may differ from an
attacker’s opinion. If you have personal or financial data on your
computer, attackers may be able to collect it and use it for their own
financial gain. Even if you do not store that kind of information on
your computer, an attacker who can gain control of your computer may be
able  to use it in attacks against other people (see Understanding
Denial-of-Service Attacks and Understanding Hidden Threats: Rootkits and
Botnets for more information).
* Myth: Attackers only target people with money.
Truth: Anyone can become a victim of identity theft. Attackers look for
the biggest reward for the least amount of effort, so they typically
target databases that store information about many people. If your
information happens to be in the database, it could be collected and
used for malicious purposes. It is important to pay attention to your
credit information so that you can minimize any potential damage (see
Preventing and Responding to Identity Theft for more information).
* Myth: When computers slow down, it means that they are old and should be
Truth: It is possible that running newer or larger software programs on
an older computer could lead to slow performance, but you may just need
to replace or upgrade a particular component (memory, operating system,
CD or DVD drive, etc.). Another possibility is that there are other
processes or programs running in the background. If your computer has
suddenly become slower, it may be compromised by malware or spyware, or
you may be experiencing a denial-of-service attack (see Recognizing and
Avoiding Spyware and Understanding Denial-of-Service Attacks for more

Author: Mindi McDowell


You are currently browsing the archives for the Useful Inormation category.