Spyware

Unfortunately, the bad guys seem to try and use anything that is current in an effort to take advantage of the situation and unsuspecting people, many of which may have their guard down because of the circumstances. The tragedy in Haiti is the latest way for the bad guys to attack.

The FBI released the following warning this week after the earthquake (LINK: http://www.fbi.gov/cyberinvest/escams.htm (http://www NULL.fbi NULL.gov/cyberinvest/escams NULL.htm))

HAITIAN EARTHQUAKE RELIEF FRAUD ALERT

01/13/10—The FBI today reminds Internet users who receive appeals to donate money in the aftermath of Tuesday’s earthquake in Haiti to apply a critical eye and do their due diligence before responding to those requests. Past tragedies and natural disasters have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause.

Therefore, before making a donation of any kind, consumers should adhere to certain guidelines, to include the following:

• Do not respond to any unsolicited (spam) incoming e-mails, including clicking links contained within those messages.
• Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites.
• Verify the legitimacy of nonprofit organizations by utilizing various Internet-based resources that may assist in confirming the group’s existence and its nonprofit status rather than following a purported link to the site.
• Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders.
• Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes.
• Do not give your personal or financial information to anyone who solicits contributions: Providing such information may compromise your identity and make you vulnerable to identity theft.

MSNBC has released a list of charitable organizations that are active in Haiti, to help you know that your donation is going to the right place.  The list can be found at http://www.msnbc.msn.com/id/34835478 (http://www NULL.msnbc NULL.msn NULL.com/id/34835478)

——————– o ——————–

In addition to the the financial scams, there are now also web scams which will cause your pc to get infected with Rogueware (Things like fake anti-virus messages), while visiting sites that appear to be legit Haiti Support or Information sites.

In the latest attempt to use a news making event, into a way to spread Rogueware, those running what are called SEO (SEO = Search Engine Optimization) are targeting keywords related to the earthquake in Haiti. Running searches on terms such as ‘Haiti’, ‘RT (re-Tweet)’, ‘Wyclef Jean’ and his charity, ‘Port-au-Prince’, Haiti donations, just to name a few are bringing up sites on major search engines pointing users to what they believe to be legitimate news and images related to the tragedy. When in fact, these sites, because the criminals were able to manipulate results of the search engines, are showing fake sites mixed in with real sites.

(http://www NULL.rj-diamond NULL.com/alex/wp-content/uploads/2010/01/haiti_20fraud_201_thumb NULL.jpg)

(Picture from http://sunbeltblog.blogspot.com/2010/01/dangerous-web-search-haiti-earthquake.html (http://sunbeltblog NULL.blogspot NULL.com/2010/01/dangerous-web-search-haiti-earthquake NULL.html))

If you encounter one of these fake site, 1st thing that you should NOT DO is click on any pop up or link that says you need to install something to see the site.  1st thing you SHOULD DO is attempt to close your browser by selecting either the X on the top right or by selecting CNTR-ALT-DEL on your keyboard, going into Task Manager, highlighting your browser, and selecting END TASK (Never attempt to use any of the actual “Close” or “exit” buttons that will appear with the pop up as most of the time the “yes” and “no” button will both do the same thing which is install the Rogue program on your machine).

In addition, as soon as you reopen your browser (after closing it for the pop up), you want to make sure that you go in and clear your Temporary Internet Files and your Internet Cookies (In Internet Explorer its Tools –> Internet Options –> then under browsing history –> delete and then delete all.  In Firefox its Tools –> options –> privacy –> clear your recent history / clear your recent cookies).  That is in addition to making sure that your Anti-Virus software is up to date, that your Updates for your operating system (Windows, MAC, Linux) are up to date.

(Soapbox**) I continue to point out the need to update, and yet I still regularly get called out to clear infected machines, that are missing updates (Had a Windows PC last week on XP service pack 1 and Norton AV 2004 with updates from September 2005). Not that I don’t want to work, and get paid, but if you really want to make sure you don’t suffer thru the down time and expense of waiting for a tech like myself, UPDATE UPDATE UPDATE.  Will updates protect you 100%, no, unfortunately in the age of the internet, new and more innovative ways to beat a system come up 100’s of times every day, seven days a week.  However, keep in mind, when you leave your house, you lock your door.  Why?  Will locking your door, protect your house from being robbed?  You hope so, and 99% of the time it will.  So updating your system is like locking your door, if you don’t lock your door you will eventually get robed. (End Soapbox)

**Lastly – To the people of Haiti and those readers of TGM with family and friends in Haiti. You have our thoughts, during this difficult time.**