In3Go.com Blog

Hackers exploit people fears of diseases and spread spam emails that encourage recipients to visit a fake website that allegedly offers vaccinations to protect them against the virus that causes swine flu.

This spam email appears to be from the U.S centers for disease control. The email directs the recipients to a fake website that looks like an official website, which requests users to fill out a vaccination form. This malicious site immediately downloads malware to the users’ PCs. This malware allow the hackers to take control over the users’ PCs and use them to commit identity theft, turn the users’ PCs into spam servers, attack other PCs and much more.

Hackers usually use topics that are at the top of the news in order to scam innocent users.
Be cautious, don’t open or download attachments or click links from an unknown sender.

Many companies already released their Internet security suits for 2010. For example, Panda Internet Security 2010, CA Internet Security Suite Plus 2010, Norton Internet Security Suite 2010, ZoneAlarm Extreme Security 2010, K7 Total Security 10.0, F-Secure Internet Security Suite 2010 and more. After comparing a bunch of them, I chose three that seem to provide the best solution to home users that wish to protect themselves against Internet threats.

Kaspersky Internet Security 2010

Kaspersky Internet Security 2010 suite provides home users everything they need in order to protect themselves online. It is not changed much from the last version; it is not bad since it is still a great product that provides many features.

It includes all of the features of Kaspersky Anti-Virus 2010, an effective firewall, a “safe run” sandbox environment that allows the user to surf safely without worrying about browsers’ vulnerabilities, spam filtering, anti-spyware feature, anti-phishing feature, privacy protection and parental controls.

It is easy to install, the anti-virus features are impressive and effective, the same goes for the firewall. All the rest are fine, but not brilliant. The parental controls are OK, but not impressive. The privacy protection, anti-malware, anti-phishing and anti-spam features could be more effective. In addition, it seems like it slows performance.

Current price – $59.95 – 1 year – 1 license.

ZoneAlarm Extreme Security 2010

ZoneAlarm was originally free firewall software that was developed by Zone Labs, which was acquired in March 2004 by Check Point. The newest release is ZoneAlarm Extreme Security 2010.

ZoneAlarm Extreme Security 2010 combines the company’s full-scale security suite with the virtualization-based protection of ZoneAlarm ForceField.

ZoneAlarm Extreme Security 2010 has impressive features, including full-disk encryption, two-way firewall, advanced download protection, anti-spam feature, anti-phishing protection, credit monitoring and identity theft recovery with daily credit report monitoring, parental controls, virtual browsing that allows users to surf with full protection against malicious software, secure online backup, PC tune-up that cleans and organizes your PC for better performance and private browsing.

It is a great product that provides good and effective protection against different types of Internet threats and cyber criminals, but it does have a few flaws, which are not critical, but worth mentioning. The first disadvantage is its installation, it is far from being friendly. A second flaw is that the product seems to occasionally slow performance. A third flaw I have noticed is that the anti-malware feature is not so efficient.

Current Price – $49.95 -1 year – 3 licenses.

Norton Internet Security 2010

Symantec new release, Norton Internet security 2010, is currently the best Internet security suite I have tested. This new release offers improved security features, good performance and easy installation.

It includes an effective anti-virus, a good malware-removal feature, a great firewall, the most effective anti-spam component I have encountered, anti-phishing feature, anti-spyware feature, identity protection and complete parental control feature (=OnlineFamily.Norton), which is web based so it can work from any computer that has Internet connection.

In all important factors: anti-virus, privacy protection – anti-phishing, firewall, anti-spyware, anti-spam, parental control and performance it got a high score in my book.

Current price – $69.99 – 1 year – 3 licenses.

Bottom line

All three products are great products that will effectively protect home users and their PCs from Internet threats and web criminals.
My favorite is Norton Internet security 2010, which in my opinion, is more effective, efficient and easy to use than the others.
A good deal could be ZoneAlarm Extreme Security 2010, which currently provides an excellent protection for the lowest price.
Kaspersky Internet Security 2010 is left behind in comparison to these two, although it is also an excellent product.

Facebook was awarded $711M in damages against the convicted spammer Sanford Wallace.
Sanford Wallace was sued by Facebook in February along with Adam Arzoomanian and Scott Shaw for engaging in a phishing and spamming scam that compromised many Facebook accounts.
The spammers were accused of sending spam emails to Facebook members that linked to external websites that harvest their accounts details. They took control over these members’ Facebook accounts and used them to send spam emails and wall posts to their friends. These spam emails and wall posts either linked to external websites that harvest their Facebook account details or linked to commercial websites that paid spammers for referrals.
In addition to the judgement, the U.S. District Court for the Northern District of California has sent a request to the U.S. Attorney’s Office to prosecute Wallace for criminal contempt, so he may face jail time.
Facebook is not pursuing claims against Arzoomanian and Shaw.

Facebook is a popular social network service. The goal of social network services is to build online communities of Internet users who share interests, hobbies, or causes. Social network services have become significant tools used by Internet users all over the world.
Differently from communities in the real world, which usually provide safety and confidence to their members, online communities are not so safe due to the anonymity that exists in the cyber world.
One important aspect of online communication is the ability to choose how you want to present yourself in a specific situation. Online communication allows you to be open about who you are, be anonymous or make up a new persona. This aspect has a major affect on the authenticity of online communication and the safety of online communities. Cyber criminals exploit the fact that they can be anonymous on the Web to make a profit on the expense of unsuspecting Internet users.

Because of the popularity of social networks services and the significant amount of private information being exposed there they have become a major target for cyber criminals’ scams and frauds.

In order to fight cyber crime, Internet users must strive to secure their privacy.
It is important due to the fact that cyber criminals use each bite of information they can get on Internet users in order to help them in their scams. In social network services such as Facebook there is a lot of private information that cyber criminals can use. Many members of social network services expose private information on their profile under the assumption that they expose it only to a small group of selected friends. It is not always the case. As a safety measure it is best to set the social network service profile to be as private as it can be. Following are a few tips that can help you do that on Facebook.

Don’t let them find you

Facebook has a good rank in Google search engine. That means that anybody that conducts a simple search, which somehow connects with you, can find you. That means that you are also exposed to all kind of Web criminals.
So your first step should be removing your social network profile from public search listing.

• Click Settings and then click Privacy Settings.
• On the Privacy page click Search.
• In Privacy->Search page the default for Public Search Listing is to create a listing for your profile in search engines outside of Facebook. You should empty the following checkbox and click Save Changes.

Carefully manage your list of friends

Facebook makes it very easy to add friends to your network. Be careful of who you approve. There are web criminals who are counting on the fact that many Internet users approve friends to their social network without being sure if they know them or not.

In addition, because of the intuitive manner Facebook enables members to add friends, many Facebook users reach a point in time where their list of friends is so big they loose control over it. The best thing is to organize lists (a feature that exists on Facebook ) and manage your privacy settings by them. For Example, on the Settings->Privacy Setting -> Profile->Contact Information page you can choose specific lists of friends that can see your contact information by using the Customize option.
Also when sending messages you can choose to send only to specific lists and so on.

Manage your Privacy Settings

On the Privacy page you can control what information you share and with whom.
Facebook allows you to control every piece of your private information.
Click Settings and then click Privacy Settings.

Set up your Profile privacy settings

Click Profile.
On the Privacy->Profile page at the Basic tab you can control who gets to see your profile information by clicking on each dropdown and choosing the appropriate group. Never set it to Everyone.
Then click Save Changes.

On the Contact Information tab you can control who gets to see your contact information, such as email, mobile phone, address etc.
These are very personal details so it is recommended to set these dropdowns to Only Friends .
Actually the best thing is not to publish such personal details on your social network service.

Set up your Search privacy settings

On the Privacy-> Search page you can control who can search for you and how they can contact you.

On the Search Discovery dropdown you can control who can search for you on Facebook. It is recommended to limit this dropdown and not to leave it at Everyone.

On the Search Result Content tab you can control what people can see about you if you come up in their search results. It is recommended to limit the exposed information to minimum. Don’t give cyber criminals information they can use later on in order to scam you. Don’t expose your list of friends or pages you are a fan of.

The next tab is Public Search Listing – see the first topic.

After making changes press Save Changes.

Set up News feed and wall privacy settings

On the Privacy->News Feed and Wall page you can control what recent activity is visible on your profile and in your friends’ home page.

On the Actions within Facebook tab you can decide which activities you perform on Facebook will be written on your wall and on your friends’ Home Page.

On the Facebook Ads tab you can decide if to allow Facebook to present you as a fan of a page or social activity and to whom.

Set up Applications privacy settings

On Privacy->Applications page you can control what information is available to applications you use on Facebook.
There are a lot of cool and honest third party applications on Facebook, but there are also third party applications that turn out to be malware.
In order to work, third party applications need access to your profile, and sometimes to your friends’ profiles. If a friend of yours approves a third party application and allows it to access his/her profile information including friends’ information, you can be exposed without even knowing about it. So it is very important to limit the information that you allow to share with these applications.

On the Privacy->Applications->Settings tab you can choose if to share your information or not and what information you allow to share.

You can also go to the Applications page (click Applications on the foot bar) and control the privacy settings for each application separately.

Messages

Messages on Facebook can be innocent or can be spam or phishing messages. Be careful with messages from people you don’t know or with messages that appear suspicious. In any case never give up sensitive private information, such as passwords, bank account details, credit card details and so on in response to a message. It is probably a phishing scam.

Links

Be careful not to click on direct links send to you by people you don’t know in messages or wall posts. It could be a link to fake login website designed to steal private information or a link to a website containing malware.

Communities

You can join a community on Facebook and immediately gain a bunch of friends. Be aware that there are fraud communities, which designed to make a profit out of scams. Make sure that the community you join is a legitimate one.

Cyber security has become a significant topic. Nowadays, Internet users are much more aware of Internet threats than they were in the past. Internet users have become more Internet savvy and they know more on how to protect themselves against cyber criminals. As result, many Internet users are not falling anymore for cyber criminals’ common scams and frauds. Since there is a lot of money involved in Internet frauds and scams, cyber criminals are not giving up so easily. Cybersecurity professionals have notice a rise in sophisticated cyber attacks. Cyber criminals have come up with new sophisticated methods to make a profit.

I have a feeling that cyber crime is getting personal. Instead of investing in large scale frauds that are usually quite obvious, cyber criminals started to invest efforts in more sophisticated scams that target small groups of people.

In addition, cyber criminals started to abuse legitimate sources of information in order to gain a profit.

Following are a few examples:

• We can see more and more cases of legitimate sites that have been compromised by cyber criminals and got infected by malware. The unsuspecting Internet user will enter the legitimate site and may get infected by a trojan horse or some other type of malware.
• Most Internet users are not falling anymore for common phishing scams, such as, a fake email that appears to be from a bank or credit card company and is designed to steal the Internet user’s private information. As result, cyber criminals have come up with a new idea. It is called spear phishing. Instead of targeting a large group of people with emails that appear to be from a legitimate service provider, spear phishing scam targets a small group of people. This small group of people will get a fake email (that is designed to steal private or organizational information) that appears to be from someone they know, for example, a work colleague.
• Internet users may be tempted to install dishonest software when it comes in a disguise of legitimate software, sometimes, how ironic, it appears to be an anti-virus software that pretended to find computer viruses on the user’s PC.

In a nutshell, cyber crime is such a lucrative crime that cyber criminals invest many efforts in finding new methods that will enable them to make a profit on the expense of innocent Internet users. It seems that cyber crime has become more personal, targeting individuals instead of large groups of people. It also seems that the abuse of legitimate sources of information by cyber criminals has become a common act.

The only recommendation I can give is to install good and trusted security products that include – a firewall, an anti-virus software, an anti-spyware software and so on. Make sure that the products you install are provided by a legitimate and trusted company or organization.

For safety tips you can see – Simple rules for PC protection.

Currently, IE (=Internet Explorer) is the most popular Internet browser. As such, malicious hackers made it their number one target and set out to exploit its flaws. It also has the disadvantage of relying on ActiveX technology, which allows web sites to run executable programs on your PC via your browser. Although there is an improvement in security in IE7 and IE8 compared to older versions, this technology is still vulnerable.

In order to improve security you may choose to use a less popular browser such as,
Mozilla’s Firefox or Google Chrome.

Both Firefox and Chrome use a different technology from Internet explorer. They both built on open source code from other platforms. Chrome browser is based on the open-source Webkit engine, which is an open-source web browser layout engine developed by the WebKit Foundation. Firefox is based on the open source Gecko engine, which is a layout engine currently developed by Mozilla Corporation.

For now the most popular alternative to Internet explorer is Firefox. I have a lot of respect to Mozilla and the open source community, but when I have tried to use Firefox 3.5 I had a frustrating experience. It has kept crashing down on me, crashing my PC along with it.

As result of this experience I have decided to give Google Chrome a chance.
Google Company has stated in many occasions that Chrome browser has innovative security features.

When investigating these announcements I have noticed four major security features in Google chrome.

1. Safe browsing software (it is also being used by Firefox browser) – Safe browsing features protect users against phishing and malware attacks. It uses a blacklist approach that gets downloaded to the user’s PC on a regular basis. How does it work? Well Google is constantly crawling the web, finding new and changed websites. During this crawling if they encounter a suspicious site that seems to be a phishing site (designed to steal personal information of unsuspecting users), it is being added to a list of suspected phishing websites. If a site contains hints to potentially malicious activity, Google tracks this site for a while and if a clear evidence of malicious activity is discovered, such as, computer viruses being downloaded and installed, it is being added to a list of suspected malware-infected websites.
   If you use Chrome browser and you have safe browsing mode enable,
   then Google Chrome will contact servers at Google, approximately every half hour, to download updated lists of suspected phishing and malware websites. These lists are being stored on your PC so when you surf the Web each site you browse to is being checked against these black lists locally (This is designed to offer performance). If the requested site is in the black list a warning message will appear stating that the requested site is suspected to be a phishing site or a malicious site and the user can choose to go back to safety.
   This feature seems to help the fight against malware and phishing, but there is a disadvantage. A few bloggers have raise questions about privacy implications. Bloggers have notice that every few hours when an update of the black lists is being done, two parameters are being sent to Google servers – “machineid” and “userid” – both computed information based on machine/user information. This information is sent along with a bunch of other browser information to ask Google if they should download an update. This information can be used for tracking. Google is of course obligated to privacy agreement with Internet users stating it will not use any of the personal information being collected, but would this obligation stand against a court order? I really don’t know. In short, safe browsing seems like a great security feature fighting phishing and malware attacks, but users who are passionate regarding their privacy should think twice before using it.
2. A privacy mode (Incognito) – this feature manages privacy settings and designed to suit users who use public computers, or otherwise wish to keep their browsing habits confidential. When enabled (Click the wrench menu -> Select New incognito window menu item) Chrome browser will not remember visited pages, form and search bar entries, passwords, download List entries, cookies and cached files.
   You can still create bookmarks, and these will be retained when exiting incognito window.
   A similar feature exists also in Internet Explorer 8 browser and Firefox 3.5 browser. These features probably make live easier for Internet users who want to keep their surfing habits to themselves, but in the same way it helps the adults in the group it also may allow children to surf unsupervised. Internet savvy kids can easily hide their Internet activities from their parents. So it is very important for parents to understand that monitoring of their children Internet activities by viewing the browser history on the child’s PC might not work.
3. Clear Browsing Data – There is a feature in Google chrome which allow the user to clear browsing data, such as, browsing history, downloads history, cache, cookies, saved passwords and saved form data (Click the Wrench menu -> select Clear browsing data -> Select the checkboxes for the types of information you wish to remove). This feature allows you to keep your browsing habits to yourself even if you are not using the Incognito window. Parents should be aware that similar to the Incognito mode their kids can use this feature to delete their browsing history so parents should not rely on browsing history as something that can help them get involved in their children Internet activities.
4. Sandbox security mechanism – This feature, as I see it, is the most significant one. A sandbox is a security mechanism used to run an application in a restricted environment. Browsers are dealing with malicious attacks on a regular basis. The most popular vectors for browser attacks are HTML Rendering and JavaScript execution. The sandbox security mechanism is designed to protect the user’s PC and files against these kinds of malicious attacks. If there is an attack that exploits the browser vulnerabilities and an arbitrary code is being executed on the machine, it will be executed in an isolated environment and the user’s PC will not be harmed. This security mechanism will also prevent access to the user’s files. The sandbox mechanism itself is not a new security model; It uses the security features of Windows extensively. You should be aware that since the sandbox mechanism relies on Windows to achieve its security, it is impossible for it to protect against a flaw in the OS security model itself.

In a nutshell, these four security features seem to be helpful and contributing to a safe Internet experience, but I am not seeing any innovative new security models here. Three of these features – Safe browsing software, privacy mode and Clear Browsing Data, already exist in IE8 and Firefox 3.5, and the sandbox security mechanism can be added to IE8 and Firefox by plugin/addon.
I think the greatest advantage of Google Chrome is that currently it is not targeted as much by malicious individuals, as IE and Firefox are. Additional advantage is in the usability factor which seems to be in my opinion better than IE or Firefox, but I think this issue is a matter of taste…
For now, if you are looking for a less targeted browser, Google chrome seems to be a good alternative.

Identity theft occurs when someone uses your private information like your name, Social Security number, or credit card number, without your permission to commit fraud or other crimes. The person whose identity is being used can suffer various consequences when he or she is held responsible for the perpetrator’s actions. When you use the Internet you can be exposed to individuals who try to gain access to your private information in order to steal your identity.

Identity theft continues to grow in the United States and the world as electronic personally identifiable information about all of us increases in volume.

If you suspect that you are a victim of identity theft or you want to know how to protect yourself, Itrc (= Identity Theft Resource Center) website can help you get the information you need.

Itrc (= Identity Theft Resource Center) is a nonprofit organization dedicated to the understanding and prevention of identity theft. The organization website is a great resource to help keep the public informed about Identity theft current developments and countermeasures.

1. NoScript – A popular Firefox addon. NoScript protect your PC by blocking executable content, such as, Java, Javascript, Flash or any other script that can potentially harm your PC. After you install it you should keep in mind that sometimes you will need to add sites to your “Trusted Sites” list. For example, YouTube videos will not run if you will not add this site to the “Trusted Sites” list.
2. WOT (=Web of Trust) – This Firefox addon is also very popular. This addon warns the user about risky websites that try to scam visitors, deliver malware or send spam.
   WOT uses safety ratings of 21 million websites. It combines evidence collected from multiple sources, like phishing and spam blacklists, with the ratings provided by WOT users.
   You can customize this addon to suit your needs. For example in order to protect your family you can set WOT to block unsuitable content for children.

Panda Security has released four new security products.

• Global Protection 2010
• Antivirus Pro 2010
• Internet Security 2010
• Antivirus for Netbooks

Panda security states that Antivirus for Netbooks was designed for small low-powered laptops. It offers firewall, anti-phishing, anti-spyware, anti-rootkit software and identity protect feature.

Product features:

• Anti-Virus
• Anti-Spyware
• Anti-Phishing
• Anti-Rootkit
• Firewall
• Identity Protect
• Technical support service and automatic upgrades

Antivirus Pro 2010 protects against computer viruses, spyware, phishing and identity theft.

Product features:

• Anti-Virus
• Anti-Spyware
• Anti-Phishing
• Anti-Rootkit
• Firewall
• Identity Protect
• Technical support service and automatic upgrades

Internet Security 2010 offers the same functions as AntiVirus Pro 2010 along with parental controls software, anti-spam, system recovery tools and 2GB of online backup space.

The additional features are:

• Anti-Spam
• Parental Control software
• Backup

Global Protection 2010 includes all of the same features with 5GB of online space and PC tune up.

The additional features are:

• Premium Backup
• PC Tune Up

All four products feature USB vaccine, software that scans any USB device attached to the computer for viruses, as well as, deactivating the autorun feature.

All four programs are available online from Panda Security at the following prices:

• Antivirus for Netbooks – 12 months for one laptop – US $39.95
• Antivirus Pro 2010 –
  • 12 months for one PC – US $39.95
  • 12 months for up to three PCs – US $49.95
• Internet Security 2010 –
  • 12 months for one PC – US $59.95
  • 12 months for up to three PCs – US $79.95
• Global Protection 2010 –
  • 12 months for one PC – US $69.95
  • 12 months for up to three PCs – US $89.95

All Internet browsers today have safe browsing features such as, pop-up blocking and phishing site protection. The new Google chrome browser also has security features that protect you when you surf the web. You can check out this YouTube video – Defenders in Tights. You can also check Google safe browsing documentation – Google Chrome safe browsing features.
Parents should be aware that Google chrome browser has privacy mode that you can initialize by opening the ‘Customize and control Google Chrome’ tab and choosing ‘New incognito window’. In this window history of your Internet activities will not be kept. This feature may allow children to surf unsupervised. Internet savvy kids can use this incognito window to hide from their parents their internet activities. Since IE8 and Firefox 3.5 have also privacy features parents may find it hard to supervise their children Internet activities by relying on the Internet history on the child’s PC.