If the smartphones of ESET bloggers are any indication, scams executed via SMS text, known as smishing or SMS phishing, are on the rise. I don't do a lot of texting, which makes a smish easy to spot on my phone, but I just read an amazing statistic from a Pew report: Users 18 to 24 years send or receive an average of 109.5 SMS texts sent per day. With this flurry of micro-sized messages, it’s easy to understand why users might not check closely before clicking on a convincing-sounding link on a text that looks like it might have come from a friend or legitimate company. When you do, your troubles may just be beginning.

Sending messages designed to trick the recipients into clicking on a deceptive link was once reserved for fake but real-looking scam emails trying to fool users into visiting malicious sites on their PC, but scammers have realized there are (on average) far fewer protections on smartphones, and no small number of potential victims.

It had to happen, just a few years back you only used your mobile phone to make calls, but now it’s become much more. For everything from surfing the web, to sending emails, viewing videos and listening to music, your mobile device is more like a computer that just happens to make phone calls. It also happens to contain a lot of your personal information, making it readily available.

If a scammer can trick you into visiting a malicious site that attempts to get you to install malicious snooping or premium-rate SMS apps which may be wrapped around legit apps, that may just be the beginning of trouble. Many users wouldn’t notice an app silently sending premium-rate SMS texts to some far-flung country, until they got the bill. But things can get dicey when you try to convince your cell provider to reverse the charges. And the app you downloaded may look and function the same as the legitimate app by the same name, so you’d be none-the-wiser, at least at first.

In our example above you can see the domain name looks legit, until you realize that the end of the URL belongs to a website very different from Wal-Mart. But if you’re in a hurry would you spot this?

Of course, one thing we should note in this example: it’s extremely unlikely that Wal-Mart has suddenly decided to dole out $1000 gift cards to a lucky few. This one even creates a fake sense of urgency by claiming you’d better act before the remaining 161 are claimed. Sound fishy (pun intended), but hey, these things propagate because similar SMSishing campaigns worked, and the numbers seem to be growing. With falling rates for sending SMS texts these days, and an increasing number of target smartphones, there is an attractive and target-rich environment for cyber-scammers.

Defending Against Smish

So what can you do to protect yourself? The first thing I suggest is restricting your mobile app downloading to the official marketplace for your device, not some third party website. The official marketplace portals, such as Google play for Android, increasingly have scanners in place to detect and remove malicious or scam apps, giving you a margin of safety.

Also, in the same way it’s not a good idea to just click on email links without thinking, you should think twice about clicking on SMS text links before you do. It’s easy enough to open a link in your mobile browser and navigate directly to the website in question – without following the link.

You might also want to lock down your device using its security setttings or even install security software that can spot scams before you fall for them. If you beef up your security on the device, it will help reduce the access potential scammers have to your personal information, and make you a tougher target to exploit – via SMSishing or any of a variety of other scams that are targeting mobile devices.

FYI: ESET Mobile Security for Android is now available through the Google play store.

View original post here:
SMSmishing (SMS Text Phishing) – how to spot and avoid scams

See the original post:
Spam in April 2012: Junk Mail Gathers Pace in the US

See original here:
Maxthon 3.3.8.2000

Visit link:
Kaspersky Lab and InfoWatch Become Independent from Each Other

Excerpt from:
Kaspersky Lab Officially Opens its South East Europe Office

Back in 2008, EICAR rejected a paper proposed by Andrew Lee and myself discussing the state of anti-malware testing and how it might be improved, on the grounds that it was “advertising” the fledgling AMTSO (Anti-Malware Testing Standards Organization) initiative. You can decide for yourselves whether that criticism was justified: the same paper was accepted later in the year by Virus Bulletin and is available as “Who will test the testers?” from the ESET conference papers resource page.

I mention

Follow this link:
Kaspersky Lab Congratulates Scuderia Ferrari on Success at the Spanish Grand Prix

Here are two staggering Facebook privacy statistics: Nearly 13 million US Facebook users have never set, or don’t know about, Facebook’s privacy tools, and only 37 percent have used Facebook's privacy tools to customize how much information is shared with third parties. That's according to a Consumer Reports survey released earlier this month. Given that there are now over 900 million Facebook users, more than the population of most countries, and given the broad sharing that is Facebook's default privacy setting, those stats strongly suggest a lot of people have some online privacy catching up to do.

A few months ago we highlighted Facebook security settings and how to enable various protections. In this post, we delve more into granular control of your data privacy. By ratcheting down your privacy settings, you can have more control over who can get to your data, helping to keep your social networking experience positive, and potentially preventing problems before they occur.

Protect Yourself

When you log into your account, you can view or modify your privacy settings on a pulldown menu under “Home” on the top right of the page. Here’s what mine looks like:

When you get to the Privacy landing page, you might notice your default settings are set to “Public”, here we update them.

Notice this is targeted at your default sharing options, you can also change them for specific items on the site by using the inline audience selector, but here it’s a good idea to select “Custom” and specify what fits your needs, here’s what’s shown by default:

That’s a little too public for many, so I make the default visibility to “Only Me”, keeping in mind that you can use the inline audience selector to widen the audience of particular data you want to share, but if you don’t, the default will be to keep it more private.

Notice you can also explicitly list people or lists you DON’T want to share things with, a sort of data sharing blacklist, which you may find useful if you opt to share with others but want to restrict certain aspects more granularly. If you select this option you are also presented with a note saying:

That means if you tag someone in a photo, for example, they will be able to view the photo, even though you don’t explicitly opt to share it.

Now let’s look at ways other people can access your profile information. We start by selecting the “Edit Settings” link back on the Privacy Settings page:

The default settings show “Everyone”, shown below:

These default settings are a little too permissive for my tastes, so I ratchet them down like this:

This setting keeps my profile a little more private. Back at the Privacy home page, let’s take a look at “Profile and Tagging” to control how information gets tagged and shared:

Here we can ratchet down who can post to your wall, who can see posts tagged in your profile, and so on. Below is the default:

I would prefer to restrict more content to friends only, so I change it to reflect that preference:

Also, you might want to control who can tag you in their content by enabling “Review posts friends tag you in before they appear on your profile” if you choose to restrict that.

Next we restrict past post visibility, which is a good idea if you’ve had a lot of posts in the past, and you’d prefer more granular control over how that information is shared:

When you edit this section, you are presented with a screen warning you about restricting past posts, warning that since it’s a global change, you may also choose to just restrict specific posts, rather than across your whole profile. Continue past this warning by selecting “Limit Old Posts.” You will be asked to confirm this choice, warning that this change may not be easy to undo.

Next we take a look at “Blocked People and Apps”, a sort of blacklist for specific functionality:

Click on “Manage Blocking” link, which opens the following dialog box:

This functionality can come in handy if you have been getting unwelcome interactions from someone on your friend list. Also, note that once you add a user to your Restricted List, they aren’t notified of the change, which is handy for dealing with potentially pestering friends wanting to know why you’ve changed your settings.

Summary

These are some of the basic protections that will help control the data sprawl of your private information. Of course, Facebook updates its security and privacy settings on fairly regular intervals, so we will provide updates from time-to-time. In combination with our earlier security post, this privacy primer should go a long way toward keeping your social networking safer and prevent problems with your personal data spreading further than you planned or expected. If you find this post helpful, or have any Facebook privacy tips you'd like to share, please let us know in the Comments below.

Read this article:
Millions have not reviewed Facebook privacy settings: Here’s how

Go here to read the rest:
Spam in Q1 2012: A Marathon of Holidays