Thursday, January 22, 2009

Increasing Web Threats

The threats on the web has been increased. The number of new malicious websites rose by 58 per cent in June to its highest level since April 2007. These threats can be controlled by using several security products like Haute Sauce which can be used with IE and Firefox. Haute Sauce is free for home user it is a beta version out for testing, and for business it'll charge according to the pages. 

"Web-based malware has become a dangerous tool in the arsenal of cyber-criminals," said Mark Sunner, chief security analyst at MessageLabs.

"The bad guys know that web-borne attacks are uncharted territory for many computer users and are taking advantage of this in addition to vulnerabilities and weak security in web applications."

Monday, October 6, 2008

Big Virus coming, Please read and forward - It's Marketing Spam


Hi All, I checked with Norton Anti-Virus, and they are gearing up for this virus! This is the worst virus announced by CNN. Get this E-mail message sent around to your contacts ASAP PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS! You should be alert during the next few days.

Do not open any message with an attachment entitled 'POSTCARD FROM HALLMARK,'regardless of who sent it to you. It is a virus which opens A POSTCARD IMAGE, which 'burns' the whole hard disc C of your computer. This virus will be received from someone who has your e-mail address in his/her contact list. This is the reason why you need to send this e-mail to all your contacts. It is better to receive this message 25 times than to receive the virus and open it.

If you receive a mail called' POSTCARD,' even though sent to you by a friend, do not open it! Shut down your computer immediately. It has been classified by Microsoft as the most destructive virus ever. This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept.


Above alert has been verified at snopes.com. Here is the link to verify.

This is the mail sent to all the peoples by mail and this is sent by


Your Ad Here

Friday, September 26, 2008

Beware of The Chat Girl

Hi friends have you heard of the chat girl? If your answer is NO then she will be doing her work now. But I will tell you who is this "chat girl"
She is a girl who chats online with men's of age around 25-35. She first chats with the people who are using public chat rooms, then she talks about her problems.
Then she does a little erotic chat. The target( man whith whom she is chatting) gets excited and trapped

Then She tells the man to meet her Like a date or a one night stand as the man will like.
So the target goes to meet her, they meet in a room then they had some food after which the target starts to feel uneasy and finally he gets unconscious.

Then She takes all the money and Credit Cards and Mobile of the Target. The man comes to conscious after 7-8 hours then he is not able to trace her, All of his valuables are gone.
Then man returns home but the chat girl starts to find a new target!!


Wednesday, September 17, 2008

Recommendations for SNSs Users

1 Encourage awareness-raising and educational campaigns: as well as face-to-face awareness-raising campaigns on the sensible usage of SNSs, SNSs themselves should, where possible, use contextual information to educate people in real-time. Additional awareness-raising campaigns should also be directed at software developers to encourage securityconscious development practices and corporate policy.

2 Review and reinterpret the regulatory framework: SNSs present several scenarios which were not foreseen when current legislation (especially data protection law) was created. The regulatory framework governing SNSs should be reviewed and, where necessary, revised.

3 Increase transparency of data handling practices: a review of the practices of SNS providers in Europe with respect to existing data protection law is recommended.

4 Discourage the banning of SNSs in schools: SNSs should be used in a controlled and open way with co-ordinated campaigns to educate children, teachers and parents.

5 Promote stronger authentication and access-control where appropriate: stronger authentication should be used in certain SNS environments. Additional authentication factors that could be used range from basic e-mail verification through Captchas and recommendation-only networks to physical devices such as mobile phones and identity card readers.

6 Implement countermeasures against corporate espionage: various steps are recommended for the prevention of social engineering attacks on enterprises.

7 Maximise possibilities for abuse reporting and detection: SNSs should make it as easy as possible to report abuse and concerns. Report abuse buttons should be as ubiquitous as the contact us option on classic websites.

8 Set appropriate defaults: default settings should be made as safe as possible, and accompanied by userfriendly guidelines.

9 Providers should offer convenient means to delete data completely: simple tools should be provided for removing accounts completely, as well as allowing users to edit their own posts on other people's public notes or comments areas.

10 Encourage the use of reputation techniques: reputation mechanisms can act as a positive motivator towards good online behaviour.

11 Build in automated filters: a legislative review into SNS filtering should be undertaken, with a view to SNS providers building filters into their sites.

12 Require consent from data subjects to include profile tags in images: SNS operators should give users privacy tools to control the tagging of images depicting them.

13 Restrict spidering and bulk downloads: SNS operators should restrict spidering and bulk downloads (except for academic research purposes).

14 Pay attention to search results: data should either be anonymised, not displayed, or the user should be clearly informed that they will appear in search results and given the choice to opt out.

15 SNS spam: similar techniques to those used for e-mail anti-spam reputation systems should also be developed to eliminate spam comments and traffic.

16 SNS Phishing: the best practices for combating phishing on SNSs, which are promoted by the APWG, should be adopted.

17 Promote and research image-anonymisation techniques and best practices.

18 Promote portable Social Networks: the economic and social implications of portable social networks should be addressed.

19 On research into emerging trends in SNS: looking to the future, the group has identified some trends emerging in SNSs that have important security implications. More research should be carried out in the areas of mobile SNS, convergence with virtual worlds, misuse by criminal groups and 3D representation and online presence.

SOURCE :-Computer Weekly

Threats on Social Networking Sites (SNSs)

1 Digital dossier aggregation: profiles on online SNSs can be downloaded and stored by third parties, creating a digital dossier of personal data.

2 Secondary data collection: as well as data knowingly disclosed in a profile, SN members disclose personal information using the network itself: e.g. length of connections, other users' profiles visited and messages sent. SNSs provide a central repository accessible to a single provider. The high value of SNSs suggests that such data is being used to considerable financial gain.

3 Face recognition: user-provided digital images are a very popular part of profiles on SNSs. The photograph is, in effect, a binary identifier for the user, enabling linking across profiles, e.g. a fully identified Bebo profile and a pseudo-anonymous dating profile.

4 CBIR: Content-based Image Retrieval (CBIR) is an emerging technology which can match features, such as identifying aspects of a room (e.g. a painting) in very large databases, increasing the possibilities for locating users.

5 Linkability from image metadata: many SNSs now allow users to tag images with metadata, such as links to SNS profiles (even if they are not the owner/controller of that profile), or even e-mail addresses. This leads to greater possibilities for unwanted linkage to personal data.

6 Difficulty of complete account deletion: users wishing to delete accounts from SNSs find that it is almost impossible to remove secondary information linked to their profile such as public comments on other profiles.

7 SNS spam: unsolicited messages propagated using SNSs. This is a growing phenomenon with several SNS-specific features.

8 Cross site scripting (XSS), viruses and worms: SNSs are vulnerable to XSS attacks and threats due to widgets produced by weakly verified third parties.

9 SN aggregators: these SNS portals integrate several SNSs which multiply vulnerabilities by giving read/write access to several SNS accounts using a single weak authentication.

10 Spear phishing using SNSs and SN-specific phishing: highly targeted phishing attacks, facilitated by the self-created profiles easily accessible on SNSs. SNSs are also vulnerable to social engineering techniques which exploit low entry thresholds to trust networks and to scripting attacks which allow the automated injection of phishing links.

11 Infiltration of networks: some information is only available to a restricted group or network of friends, which should provide the first line of defence in protecting privacy on SNSs. However, since it is often easy to become someone's "friend" under false pretences, this mechanism is not effective. On many SNSs it is even possible to use scripts to invite friends.

12 Profile-squatting and reputation slander through ID theft: fake profiles are created in the name of well-known personalities or brands or within a particular network, such as a school class, in order to slander people or profit from their reputation.

13 Stalking: cyberstalking is threatening behaviour in which a perpetrator repeatedly contacts a victim by electronic means such as e-mail, Instant Messenger and messaging on SNSs. Statistics suggest that stalking using SNSs is increasing.

14 Bullying: SNSs can offer an array of tools which facilitate cyberbullying (ie. repeated and purposeful acts of harm such as harassment, humiliation and secret sharing).

15 Corporate espionage: social engineering attacks using SNSs are a growing and often underrated risk to corporate IT infrastructure.

Source :-computer weekly

Sunday, September 7, 2008

Orkut Threats

Malware authors have written a worm for Orkut, Google-owned networking site that's big in Brazil.

The Scrapkut worm uses active code injection to spread between victims and their friends on Orkut. The malicious code appears on a victim’s scrapbook, containing a link to a supposed YouTube video.

People who click on the link are redirected to an external site hosting malware that's disguised as a Flash upgrade. Users duped into installing the software get malicious Javascript code injected into their next active Orkut web session. This malicious scrapbook entry is then sent to all the victims' friends, recommencing the infection cycle.
Judging by the counter on a web page associated with the malware (not the most reliable of indicators) about 13,000 users are already infected by the Scrapkut worm, which isn't - for now - doing anything particularly nasty other than spreading.

By contrast an earlier worm that spread across the Orkut network last December infected an estimated 655,000 people. Google plugged the cross-site scripting (XSS) error that made the attack possible hours later, thwarting further propagation of that fast-spreading worm.

Saturday, September 6, 2008

Meebo Threats

Threats on the web are increasing day by day. We know about viruses, malware and spyware which are great threats to the users but somehow we can get safe from these threats to a great extent by using ANTISPYWARE and ANTIMALWARE. There are many ANTIVIRUS and ANTIMALWARE programs available for free which can protect us from these viruses and malwares. But some threats on the Internet are there which cannot be protected by these antivirus and antimalware programs. The main reason for this is that these threats are not a defined programs which can be detected by any antivirus software, these are real people who are doing many frauds and are a great threat to the users.
Meebo is an online messenger from which a person can log-in to his messenger on varoius networks like yahoo, msn, gtalk, jabber etc.

Some peoples who are doing these frauds are using meebo for there activities, they log-in to meebo with fake names and then searches for peoples who can trust them easily.
Then these persons asks all the information of there target in the process of chatting and then they sell this information to the marketing companies. These peoples also use this information in doing wrong things on the internet
Some of the persons among these are Hackers and they can gain illegal access to other person's webcam without knowing them.
So, We should be carefull about these persons.

  • CATIE476
  • TULIP89
  • TOPLESS999

These are some of the user names which are doing these scams and all. so these names should be avoided while chatting and making friends
These are not all the names there are many more. and we will update this section for more names.