An article about a rogue antispyware called VirusRemover has been written at F-Secure’s weblog.

The article includes a few images of the site, the EULA, and the software itself. The author of the article, Christine, notes that the site has many languages including de, dk, and fr. However, it uses a .com on their payment processing page. Christine writes that this is made as a comfort level for a user.

In the EULA, she found out that there are two paragraphs that does not make sense. When running the software, it will show a list of viruses although the files does not exit in a user’s computer.

Source: F-Secure

F-Secure published an article a few days ago about a Google AdWords phishing site.

It includes two screen shots of the site which are very similar. The second one points out two signs that it is a phishing site. One of them shows that the domain ends with .oeaai.cn instead of .com. The other one points out the question which asks the user whether he or she wants Chrome to save/remember their password.

The site tries to steal a user’s username, password, and credit card number.

Source: F-Secure

I was recently asked via email about how I handle stock as a self employed computer technician. You want be able to carry enough stock to be able to do your job, but you don’t want to be holding onto too much because their value can decline so quickly. Here’s what I do:
Read the rest of this entry »

A patched worm’s activity grew to significant levels over weekend according to Microsoft researchers. It can infect other computers that are connected in a network.

The worms deletes system restore points that were created by users on their computers and it also tries to contact sites such as Yahoo and MSN to obtain the current date. It also attempts to download other malicious files to a user’s computer.

Both businesses and individuals are affected by this worm according to the researchers.

The researchers said in a blog post that, “It is not that the malware authors care so much about the computer as they want to make sure that other malware will not take it over too.”

Source: Channel Web

As most computer technicians should know, computer security isnt just about having up to date antivirus and anti-malware software. It is also about having the users software up to date as well.

Windows Updates is obviously one of the most important ones but many technicians forget about third party software like Firefox, MSN Messenger, AIM, Yahoo etc.. and unfortunately there isnt really a good way to check the versions of third party software other than opening each one and viewing the about information. This is where SUMo comes in. SUMo (Software Updates Monitor) is a small, freeware application designed to scan a system for installed software, check its version and let you know whether there is an update for it. If there is, it shows you a handful of places where you can download the most recent version.
Read the rest of this entry »

A new version has been released for Safari. Apple notes that this version has stability improvements. The previous version, 3.2, was released less than two weeks ago on November 13.

It is available for both Mac and Windows XP or Vista operating systems.

Many people reported that the previous version was not tested thoroughly and the article at The Register notes that they do not know yet whether this new version has fixed some of the complaints from the previous version.

Source: The Register

Google has responded about the reports that there is a flaw in the Gmail system which let to a rash of domain hijacks.

“With help from affected users, we determined that the cause was a phishing scheme, a common method used by malicious actors to trick people into sharing their sensitive information. Attackers sent customized emails encouraging web domain owners to visit fraudulent websites such as “google-hosts.com” that they set up purely to harvest usernames and passwords,” said in a blog post by Google security researcher Chris Evans.

Source: The Register

Sophos posted about a UK government tax break spam a couple of days ago.

The spam includes a large paragraph and a link. The link directs the user to a webpage which is a survey to find out how much the user can get for their tax return. Vanja Svajer, the author of the blog entry notes that in question 1, where the question asks how old the user is, there is no option for people who are aged 31-35. He thinks that the survey is either to make the page more legitimate or it collects the answers for identity theft. He notes that this is made with 2 phishing kits.

Source: Sophos

F-Secure posted a blog entry about a fake antispyware called Search-and-Destroy.

The entry includes a lot of screen shots about the software and the site where users could download it. In their tests, they found out that it found 159 problems in their system. However, the software could not fix the problems in the trial version.

Under the “malicious threats” section, there were invalid shortcuts and the author of the entry acknowledges that it is correct but they are not threats that users should worry about.

Source: F-Secure

With some businesses seeing a slowdown (depending on the type of clients you have of course, many business actually get more busy), you need to start looking at ways to secure more steady sources of income and maintenance contracts are a great way to do it. In this article, we’ll show you how the Computer Business Kit can help you in unstable times.
Read the rest of this entry »