BuyLow.com Computers And Internet - Internet Security, Computers, Mobile Devices, Networks
 

Tag Cloud

alert Apple attacks computer computers computer security cyber crime email Facebook Firefox fraud Google government hackers identity theft id theft infringement Internet Internet Explorer internet security Java Mac malware Microsoft mobile devices mobile phones networks patents phishing privacy Safari safety scams security servers spammers technology viruses web browser web browsers websites Windows Word worm www

Archives

  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009

    • Identifying Hoaxes and Urban Legends

    Chain letters are familiar to anyone with an email account, whether they are sent by strangers or well-intentioned friends or family members. Try to verify the information before following any instructions or passing the message along.

    Why are chain letters a problem?
    The most serious problem is from chain letters that mask viruses or other malicious activity. But even the ones that seem harmless may have negative repercussions if you forward them:
    •they consume bandwidth or space within the recipient’s inbox
    •you force people you know to waste time sifting through the messages and possibly taking time to verify the information
    •you are spreading hype and, often, unnecessary fear and paranoia
    What are some types of chain letters?
    There are two main types of chain letters:

    •Hoaxes – Hoaxes attempt to trick or defraud users. A hoax could be malicious, instructing users to delete a file necessary to the operating system by claiming it is a virus. It could also be a scam that convinces users to send money or personal information. Phishing attacks could fall into this category (see Avoiding Social Engineering and Phishing Attacks for more information).

    •Urban legends – Urban legends are designed to be redistributed and usually warn users of a threat or claim to be notifying them of important or urgent information. Another common form are the emails that promise users monetary rewards for forwarding the message or suggest that they are signing something that will be submitted to a particular group. Urban legends usually have no negative effect aside from wasted bandwidth and time.
    How can you tell if the email is a hoax or urban legend?
    Some messages are more suspicious than others, but be especially cautious if the message has any of the characteristics listed below. These characteristics are just guidelines—not every hoax or urban legend has these attributes, and some legitimate messages may have some of these characteristics:

    •it suggests tragic consequences for not performing some action
    •it promises money or gift certificates for performing some action
    •it offers instructions or attachments claiming to protect you from a virus that is undetected by anti-virus software
    •it claims it’s not a hoax
    •there are multiple spelling or grammatical errors, or the logic is contradictory
    •there is a statement urging you to forward the message
    •it has already been forwarded multiple times (evident from the trail of email headers in the body of the message)
    If you want to check the validity of an email, there are some websites that provide information about hoaxes and urban legends:

    •Urban Legends and Folklore – http://urbanlegends.about.com/
    •Urban Legends Reference Pages – http://www.snopes.com/
    •TruthOrFiction.com – http://www.truthorfiction.com/
    •Symantec Security Response Hoaxes – http://www.symantec.com/avcenter/hoax.html
    •McAfee Security Virus Hoaxes – http://vil.mcafee.com/hoax.asp

    Authors: Mindi McDowell, Allen Householder

    Leave a Comment - Here's your chance to speak.(eMail will not be published)

    Tags: , , , , ,
    Category: Uncategorized

    Home | Contact The Help Desk | Internet & Marketing Services

    RSS BugTraq

    • [security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands
      Posted by security-alert on Mar 09SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02033170 Version: 1 HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2010-03-08 Last Updated: 2010-03-08 Potential Sec […]
    • [SECURITY] [DSA 2008-1] New typo3-src packages fix several vulnerabilities
      Posted by Moritz Muehlenhoff on Mar 09------------------------------------------------------------------------ Debian Security Advisory DSA-2008-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff March 08, 2010 http://www.debian.org/security/faq ------------------------------------------------------------------------ Package : typo3- […]
    • IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability
      Posted by lament on Mar 09========================================= Yaniv Miron aka "Lament" Advisory March 7, 2010 IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability ========================================= ===================== I. BACKGROUND ===================== ENOVIA SmarTeam provides highly flexible product data management and mission […]
    • Re: Apple Airport Wireless Products: Promiscuous FTP PORT Allowed in FTP Proxy Provides Security Bypass
      Posted by Sabahattin Gucukoglu on Mar 09Do you have firmware information on which products it affects. Tested with firmware 7.5 on the latest-generation units. Should work just fine with 7.4.2, on the previous generation. These are the latest versions. I don't know about previous releases for Airport Express, Airport Extreme, or Time Capsule, and what r […]
    • SQL injection vulnerability in wILD CMS
      Posted by Maciej Gojny on Mar 09# Title: [SQL injection vulnerability in wILD CMS] # Date: [09.03.2010] # Author: [Ariko-Security] # Software Link: [http://www.wildcms.com/] # Version: [ALL] ============ { Ariko-Security - Advisory #4/3/2010 } ============= SQL injection vulnerability in wILD CMS Vendor's Description of Software: # http://www.wildcms.co […]