HMRC Gateway Email Malware Spam bombards users

UK email users are being bombarded with malware scams that claim to be from the HMRC Gateway program regarding self-assessment taxes.

The tax deadline day in the UK is the last day of January, meaning many of those who do their own taxes have been filing, submitting and paying their tax returns over the last few days.

And malware scammers have been exploiting this by mass email malware attacks that appear to have been sent from HMRC  (HM Revenue and Customs) or “Gateway UK “.

 

Scam emails assert to be from the UK's HMRC

 

The emails claim that the supplied email attachment contains a copy of the submitted tax return and implores the reader to open it to sort out errors or problems before the deadline expires.

However the email attachment – as typical with these types of scams – contains a ZIP folder harbouring a malicious .exe application file.

If the email user opens the ZIP folder and executes the .exe file within, they are infecting their computer with malware.

If there are problems with your tax return, UK readers are advised to visit the http://www.hmrc.gov.uk site directly to sort out any problems, and NEVER open up attachments from suspicious emails like this.

If you need a copy of your tax return, this can be requested via postal mail or downloaded from the aforementioned website in PDF format.

Malware attack appears to come from Funeral Homes

With malware scams attempting to exploit almost every type of tragedy such as 9/11 and the conflicts in Syria, you may think the level of a scammer’s depravity could not get any lower.

 

However the criminals who produce malware are pushing the boundaries of immorality once again via an email attack that used the social engineering modus-operandi of tricking a recipient into thinking a friend has passed away.

 

The scam email disguises itself as communication from a funeral home, and requests the recipient click a link to an external website and download a file in order to obtain the details on the time and location of the funeral.

 

An example E-mail scam purporting to be from a Eubank Funeral Home

 

 

Recipients, obviously in an attempt to acquire the identity of their recently passed friend as well as the details of the funeral, click the link which leads to a malware infection if the recipient downloads and executes the application file.

 

Remember, there is no moral bar too low for a scammer who will trick a victim into downloading and installing malware onto their computer through any means necessary.

 

Always be suspicious of unsolicited emails, especially emails with links to external sites or attachments.

 

If you downloaded suspicious files onto your computer, remember to always run a full antivirus scan from your reputable security software. If you’re looking to upgrade or change your security software click here for our recommendations.

"Parcel Undelivered" Email spam targets Mac OS X users

One of the advantages that Mac users usually boast about is that the operating system – from a security perspective – is safer than its Windows counterpart.

Mac computers are not immune to malware

After all, it has a secure infrastructure and the majority of threats you face online are designed to work only on the Windows based operating systems.

For the most part, those Mac users are right, but it is important not to get complacent and assume that the Apple operating systems are immune, because they’re not.

This was highlighted by The Naked Security blog from Sophos this week who spotted an email scam doing the rounds that targeted Mac users.

The scam was wholly unoriginal in its design in fact. The email was the classic “parcel undelivered” scam that told the email recipient that they missed a parcel delivery and that they needed to visit a website (or open an attachment) in order to retrieve the parcel. We mentioned the scam in our blog post earlier outlining some common email malware attacks.

Upon visiting the website linked to from the email, the webpage was able to launch a malware attack for those using the Safari web browser, which downloaded an application to the user’s computer disguised as a harmless PDF file. Opening the PDF would execute the malware.

 

Don’t get lulled into a false sense of security if you’re using a Mac. You still need to be cautious and you still need to use antivirus protection.

If you’re looking for good security protection, we generally recommend BitDefender antivirus for Macs if you want to install reputable third party software.

Companies House email malware spam

UK email users should be on the lookout for bogus emails that appear to have been sent from Companies House.

Be on the watch out for emails carrying suspicious attachments

The UK registrar for limited companies deals with listing registered companies in the UK as well as listing public financial statements. However scammers are using their name in a spate of emails that attempt to lure email users into opening dangerous email attachments.

The frequency of these emails is becoming higher as the UK tax deadline is approaching.

 

Often these emails will claim that a complaint was submitted to Companies House and that the recipient must open the attachment to obtain further details.

But instead of details of a non-existant complaint, the recipient is exposed to lurking malware hiding in a .ZIP compressed folder. The malware is a .exe application.

Never open suspicious attachments on emails that you did not expect, even if they do appear to be legitimate. And NEVER run .exe attachments which are capable of installing malware into a computer as soon as they are opened!

If you have opened a suspicious attachment, you will need to run your antivirus security software straight away. If you do not have up-to-date security software or are looking to upgrade, check our recommendations here.

Adsense Watchdog and VampireStat - spam traffic

If you’ve noticed you’re getting lots of odd traffic from websites such as adsensewatchdog.com, vampirestat.com or 7secretsearch.com then you’re not alone.

And if like most you visited those sites to see what was going on and found nothing other than spammy ads, then you’re probably even more confused.

These are spam websites that send fake traffic to websites across the globe in order to lure traffic to their spam websites, knowing that website owners will visit the sites in order to track down just where the traffic is coming from.

The fake traffic is in the form of automated programs, similar to the robotic crawlers used by search engines such as Google to index webpages. This means the traffic you get from these sites are not real people, and thus is practically useless traffic.

But people visiting these sites may very well click on the spammy adverts that the websites display, which make money for website owners. More nefarious websites can even attempt to install malware onto a visitor’s computer.

So the best advice is to avoid visiting these sites all together. They are not affiliated with any big companies, and search engines generally ignore these sites altogether.

Stay safe out there!

Reminder: Microsoft support for Windows XP will soon stop!

A friendly reminder to all those using Windows XP is that official support for the ageing operating system will stop after April 8^th 2014.

The warning comes after an update from Microsoft telling its users that despite software support ceasing on this date, it will now continue to provide support for the inbuilt XP security antivirus tools until July 2015, despite the deadline date for that originally being this April as well.

The decision purportedly comes in light of a substantial amount of desktop computers still running Windows XP.

But it is important that XP users realise that despite this extended antivirus support, they are still at risk from a variety of scams that will try and take advantage of the operating system.

 

 

Windows XP Support will stop in April 2014

 

Amongst the support that will stop in April is security patches. Security patches are released to "stitch up" security vulnerabilities or exploits found in the software itself – in this case the operating system XP itself. Without such patches being released, XP users are still at risk from these potential vulnerabilities, and the antivirus software may not be sufficient to protect the user.

So whilst the XP security software will be updated to allow it to detect recent malware threats all the way into 2015, for many users it may not be enough, especially considering that security patches released to cover exploits for Windows Vista, 7 & 8 could be reversed engineering by scammers who could use that exploit against the unprotected XP, providing the exploit is present in XP too.

One of the fundamental ways of keeping protected from threats like exploits and malware is to keep all the software you use up-to-date. Since this will soon be impossible to do with Windows XP, the only advice is to upgrade your operating system and give XP the boot!

For most people this will mean going to the computer shop and purchasing a new computer which will likely come shipped with the latest version of Windows, but you can also buy upgrade CDs for Windows that will upgrade your operating system on your existing computer.

Helpful Tip: If your hardware can’t support more recent versions of Windows, remember there are plenty of operating systems out there that are lightweight that require lower hardware specifications, such as various adaptations of Linux!

3 Tricks To Keep Your Facebook Account Safe

Facebook security is important, so here are 3 effective tricks to keep your Facebook account safe that you may not know about.

 

 

1. Give Facebook your cell/mobile number.

Okay, we know what you’re thinking – why on earth would I want to give Facebook my phone number? Half of what we write about seems to be damning Facebook for being so privacy-backward as well as warning our readers to limit the amount of information you share on social media as much as possible.

But fair credit to Facebook, their login-approval system is an effective security step that is a must-have for anyone serious about keeping their Facebook account safe. Login approval requires you to enter a code into Facebook every time you login from an unrecognised device.

Yes, this means every time you use a friends computer or a public computer, for example, you’ll need to wait for the SMS to arrive (don’t worry, it’s instant) and enter it into Facebook.

Of course this means a scammer who has tricked you into giving away your password (possibly through a malware or phishing attack) does not have access to your account without the code sent to your phone.

So take that scammer, 1-0 to the good guys.

Remember to make sure your phone number is set to Only Me in your About section to stop anyone seeing it. Giving Facebook your number also means you have an extra method to recover your account in case it gets compromised.

 

2. Avoid Public Computers (or use on-screen keyboards)

Using public computers in libraries and Internet cafes has become less common these days, simply because everyone and his dog owns either a notebook computer or tablet or even an Internet smartphone, capable of accessing cyberspace when on-the-go…

But it’s still worth mentioning that public computers are a no-no when logging into personal accounts like Facebook simply because you have no idea what malware may be lurking in the background from a previous user.

Most commonly, if a computer in a public space is infected, it will be with a keylogger that records all keystrokes, including passwords, and transmits them to a scammer.

If you must log-in to your Facebook account or any other account on a shared/public computer, use an on-screen keyboard (recent versions of Windows have one pre-installed, just search for Keyboard) so you can type in your login information without pressing anything on the keyboard – this makes keyloggers ineffective – so happy days!

3. Oath to Self – "I will always check the URL before entering my password"

And finally, make it your golden rule of thumb, an unbreakable oath to yourself, that every time you are presented with the Facebook login page, or any other page asking for your Facebook details, that you first check the URL web address of the Webpage to ensure it belongs to FACEBOOK.com !

Phishing attacks that create spoof websites are still amongst the most popular scams online, and are frustratingly so very easy to spot!

 

 

 

(And P.S. always remember to have good security software installed at all times to help keep your passwords out of hands of scammers. Click here for our recommendations on Internet security software. )

 

And as usual, keep safe out there!

5 ways an email malware scam will try and fool you

Those pesky scammers are always trying to fool email users into opening dangerous websites or malicious attachments.

We take a quick look at 5 social engineering tricks scammers popularly use so you can be on the watch out!

1. The Failed Delivery Scam

No one wants to miss a postal delivery, and from time to time nearly all of us will be expecting an important letter or parcel to turn up at our doorstep, especially towards the holidays.

This is why the failed delivery trick proves to successful. The scammer sends out an email that informs the reader that a delivery courier tried and failed to deliver a parcel to your address, and you need to either visit a website or download the attached paperwork to retrieve your parcel.

However the website or attachment is malicious, and is likely to install malware onto the victims computer.

 

2. Is that a picture of you?

If you get an email claiming to show a picture of you, it’s human nature to want to see it!

And therein lies the simple yet effective hook of this variant – the attached file isn’t a photo of you at all – It’s malware!

 

3. Your Bank wants a word

There are plenty of companies, businesses and organisations always wanting to grab our attention, but one that usually doesn’t have to try too hard is our bank. After all, they are the safe-keepers of all our hard earned cash!

And it is for that reason that scammers are likely going to send you emails purporting to be from your bank, often telling tales of security upgrades, problems, concerns and instructions. That is guaranteed to get anyone’s attention.

The emails will often advise people to visit spoof websites or open dangerous attachments to resolve whatever fake issue the scammer has invented, and this invariably leads to malware installations (or worse, identity theft!)

 

4. You’ve got voicemail!

Why you would get your voicemail sent over to your email, we don’t know! But this popular trick involves an email claiming that a voicemail left for you is attached to the email, and you need to open it to hear the recording.

But there is no voicemail there. Only lurking malware.

5. Tax return issues

No one wants to get fined when returning their taxes, be it in the UK, US or wherever. Which is why emails purporting problems with a tax return are likely to get more attention than any other email.

As you could probably guess, the reader is instructed to open an attachment to resolve the tax return problem. Alas a malware infection.

Very popular during the run-up to the tax deadline, which at the time this article is written is only a couple of weeks away for the UK (online copies) and a few months away for the US.

 

 

Remember these are only a few of many, many different stories and tricks scammers will use to get you to visit malicious websites or open dangerous attachments, So remember, as always, be careful out there.

 

 

 

Giant snake swallows a zookeeper? More Facebook spam.

Suspicious links showing a giant snake next to a man are popping up on Facebook. The link claims to show footage of a zookeeper being swallowed by the snake.

Those familiar with this type of scam will be able to instantly dismiss this as nothing more than your typical Facebook con, which it is.

Like many other scams that spread on Facebook, upon clicking the link users are first requested to share the video to their Facebook newsfeed first.

[SHOCKING VIDEO] A Giant Snake Swallows Up A Zookeeper !!!
 

After that users are told they must download a video player to watch the video. And just like previous, very similar scams, the video player is actually nothing more than malware.

Scammers often use the ploy of video players, updates or plugins to fool users into downloading malware, and it is a ploy that can often be very successful, thus its popularity.

As always, we advise our readers to be extremely sceptical of links on Facebook claiming to show this kind of dramatic footage, as well as websites asking you to download software to watch videos.

As for the video of a snake attacking a zookeeper, it does not exist, because the image used in the scam has been "Photoshopped"!

“Media Player Classic” malware scams target Facebook users

Social media users should be on the lookout for links directing them to webpages asking you to download software called “Media Player Classic”.

A popular way of luring victims into installing malware is to trick them into thinking they are downloading software that will allow them to play videos. We discussed the trick in a blog post here, where the malware can be disguised as video plugins, updates or codecs.

 

A pop-up asking you to download what appears to be a harmless program.

And in this case the malware is called “Media Player Classic” by the scammers, who link to their download webpages through links that are auto-posted by compromised Facebook accounts. (not to be confused with a legitimate program at MPC-HC.org)

Victims who click the links they see on Facebook are told they need to download “Media Player Classic” in order to watch a video. Often they are also directed to spoof websites that look like the Facebook login information which steals their Facebook username and password, thus allowing their own account to spread the same scam.

The important rule of thumb is, as always, NEVER download anything onto your computer if you do not trust the source, and be especially aware of webpages that ask you to download any sort of software as a pre-requisite to watching a video.

Because in the famous words of Admiral Ackbar, it’s a trap.

If you think that you have downloaded harmful files to your computer, make sure you do a full antivirus scan straight away with your up-to-date security software. If you don’t have any or need to upgrade, you can check our recommendations here.

 

 

 

Beware of Fake Video-Plugin Malware Scams

One of the most common ways malware can infect your computer is through fake video updates.

This social engineering trick that scammers often use basically tricks users into downloading what they think is an update for a video player.

This type of malware scam is initiated by luring the victim to a website purporting to show a video. However in order to get the video to play the victim is told that they must install an update (often referred to as a plug-in or a codec) to get the video to work.

Clicking on links and installing untrusted software will lead to trouble.

We are seeing this type of trick employed prolifically throughout the last year or so, and this type of scam is often spread on sites like Facebook and Twitter, where posts are spread by users offering to show videos that can be reached by clicking the link in the post.

There are two things that you should absolutely NOT do when clicking links on social media (or email) and that is –

1. NEVER share or like a webpage on your social media accounts in order to watch a video or “progress to the next step”.

2. NEVER download any files to your computer.

3. NEVER complete questionnaires, surveys, rewards offers or anything similar.

For these are common red flags to your typical Internet scam.

If you have downloaded something to your computer that you shouldn’t have, you need to make sure you run a full scan of your up-to-date, reputable antivirus.

Don’t have one or need to upgrade? Good job we’re here looking out for you – you can click this link to check out our recommended solution, where we can also offer you a handy discounted price.

Top Rated Internet Security for 2014

Protecting your computer and your identity online is vital, but what software is best to use? We take a look at the top rated Internet security software for 2014 and make some quick recommendations.

Generally for our more experienced readers we recommend slumming it with your inbuilt operating system security and a decent free, lightweight antivirus program like the recent free copies of AVG or Avast, as well as the specialist Spybot S&D.

AVG, Avast and Spybot all come highly recommended for 2014

The reason for that is because premium security software is wasted on more experienced users, who may find the protection a little too hands-on and redundant. Windows 7 and 8 (especially 8) have some pretty good inbuilt defences, and whilst they’re by no means perfect, along with a good free antivirus they should be able to detect many types of common threats, on the off chance the experienced user does fall foul of an online trap.

These days even free antivirus are updated regularly, so keeping up-to-date with the most recent threats should be relatively timely.

Novice users and those less technically savvy however, should consider a more full security solution that delves deeper than the standard inbuilt or free protection that the above provides. A reputable full, premium security program provides much more protection than free antiviruses, and covers a wider range of scams. Premium protection will offer more features that will allow you to stay safe from a variety of Internet cons.

Additionally they will provide customer support and will keep you protected from the very latest types of infections, as well as provide information on emerging threats.

For 2014 we recommend BitDefenders latest version of Total Security with is an all-round, comprehensive solution aimed at keeping all types of Internet users fully protected when online.
Whilst no Internet security can keep anyone 100% safe, BitDefender Total Security does an exceptional job for those users who may be more prone to falling for Internet scams.  The antivirus is fantastic with very good detection rates and the firewall has been greatly improved, as well as the anti-spam filter and identity theft protection from spoof phishing websites that are so common on sites like Facebook.

However what makes BitDefender Total Security stand out is the extra features that this security solution provides that reflect growing trends on the Internet such as social media and online shopping.

For example, for social media users there is a real time link scanner that examines links posted on social media sites like Facebook and Twitter to check for potential problems. Cyber shoppers and online bankers can enjoy extra protection with BitDefender SafePay which is focused on keeping secure transactions safe by examining shopping websites for suspicious activity as well as offering an optional secure web browser for sensitive transactions that is practically impregnable against intruders and malware.

Other great features include a file shredder, two way firewall, a vulnerability scanner to check for
outdated software and an easy, intuitive user friendly interface that allows for easy configuration.

And perhaps the best aspect from a novice point of view is that all these features have an automated hassle-free setup so you won’t be bothered with constant, confusing questions – it just runs silently in the background. BitDefender Total Security is the software that we run on our own machines.

Ultimately, BitDefender Total Security is an exceptional all-round solution, and best of all we can offer a handy 20% discount off the retail price too. Just click the link below and enter NONSENSE as a discount code to claim it.

It's all part of the service :)
Stay safe out there.

Click here to get BitDefender Total Security and get 20% off!

"Great results in independent tests. Accurate spam and phishing protection. Tough, no-hassle firewall. Full-scale parental control" - PCMag

Cryptolocker Ransomware – FAQ

What are Cryptolocker and Ransomware?

 If you haven’t heard of Cryptolocker yet, you probably soon will. It’s a particularly dangerous strain of ransomware, but with a huge difference.

Ransomware is a type of malware that tries to get victims to pay to regain control of their computer and/or files. Once it infects a computer, ransomware tells the victim that they need to pay a ransom or face not be able to use their computer again.

However once a victim works out how to remove the ransomware, they were able to carry on as normal. Not with Cryptolocker, however.

Cryptolocker goes further by actually encrypting a user’s files, preventing them from accessing them. Then, just like all ransomware, it tells the user to pay up. However, even if the user works out how to remove Cryptolocker, the files it leaves behind are still inaccessible.

Cryptolocker is essentially ransomware, but it really does stop you from accessing your files. It’s ransomware, but without the bluff.

 Can you remove Cryptolocker?

Yes. Removing Cryptolocker is as simple as removing most types of known malware. All the top antivirus companies have released tools or updates that will ensure Cryptolocker gets removed – many of which have to be run in Windows Safe Mode. Just follow the online instructions provided by your antivirus vendor to remove the infection.

But know this – removing Cryptolocker does not give you access to files that is has encrypted.

Can you recover your files after Cryptolocker infects them?

Despite what many websites claim, there really is no way to recover your files after they have been encrypted, unless you chance it with the ransom money. And that is the honest truth.

The Cryptolocker screen.

 

Back during the times of the Second World War where cryptographers would intercept coded messages from the enemy, these codes could often be broken because encryption technology was not as advanced as it is now.

However, the problem now is that encryption codes have become so strong, they simply cannot be realistically broken. The ability to encrypt a file has progressed much faster than our ability to break the encryption code. Even a brute force attack (which means constantly guessing, basically) by a supercomputer would take too long to break a strong encryption code.

And Cryptolocker uses very strong codes, so no, there really is no way to get your files back without the decryption code, and that code can only be acquired by paying the piper. Well, criminal, in this case.

Preventing Cryptolocker

Cryptolocker infects computers the same way many types of malware infects computer – that is to say there is no special, unprecedented way it gets on your computer. Opening dangerous email attachments, downloading suspicious browser extensions or plugins, or visiting less reputable websites are all common ways to become infected with Cryptolocker. Cryptolocker also uses networks of pre-infected computers (known as botnets) to help spread.

Should I pay the ransom?

You’re dealing with criminals, meaning there is no guarantee that even if you do pay, you’ll get your files back. It’s not like there is a customer service desk to call if something goes wrong. We have received report that people do indeed get their files back after paying, and also reports of people who did not.

Ultimately it’s a risk, and it is also not our call to make.

The bottom line….

Cryptolocker is one of the most aggressive malware strains that we have seen in a number of years, and its success is most likely going to fuel similar attacks in the future and spawn new, more highly evolved strains.

Thus it has never been more important to both understand how to stay safe when using the Internet and to keep your computer adequately protected from cyber threats.

Did we miss a question? Let us know in the comments below or email us.