Govt. of India took great initiative by facilitating
citizens with “National Cyber Crime Reporting Portal” (https://cybercrime.gov.in/) for reporting cyber
crime complaints online. This portal specifically focuses on cyber crimes
against women and children. Complaints are dealt by law enforcement agencies/
police based on the information provided in complaint.
Citizens/users may like to avail this service to register
your complaints if you are victim of cyber crime. Fore more details, follow: https://cybercrime.gov.in/
"If something sounds too good to be true… there’s probably a
scammer behind it."
As we all know that Microsoft has officially stop supporting its yet another favorite operating system, Windows 7 (SP1) 14th January 2019 onward.
So, question for all Windows 7 lovers, what to do next? What is your strategy to handle unsupported, unpatched operating system in future, strategy for migrating to Windows 10.
Today, I was reading and came
across some very useful posts regarding how to recover from a hack incident. It
is important, useful and applicable to all, know the aftermaths of being hacked/compromised/phished/malware
installed, irrespective whether you are an individual or an organization. Very truly
described by the authors Karl Thomas and Mat Honan that getting hacked/breached/compromised
is a horrible experience, being individual or as an organization we may lose
money, revenue, pride, dignity, faith, respect, personal data (pictures, email/chat
conversations, ) etc. etc. Their blog entries inspired me to write something,
useful may be not, but I wanted to write. Thankful to them :-) and my workplace :-)
Knowingly/unknowingly, many
people of us are a member of “being hacked” community at some point of time in our
life, it could be a prank by known or a serious breach by unknown. I know, it’s
not easy to believe, it’s stressful and confusing, hard to decide what to do
next, where to go, where to begin immediately after being hacked. We feel lost,
cheated and unable to decide, now what to do with this mess. Many times, we
never know when our account got hacked/compromised/phished.
It’s good to start following the incident
trails as soon as you sense it. Collect whatever you find, write, make a note
of everything you see and feel, related to this breach, either a person, event,
activity etc. There are few steps suggested:
Ask yourself,what could be the reason of this breach? Why were you
targeted? Here are some examples, attacker what to do something nasty, if he
compromises your:
Online bank
account credentials –Obviously monetary gain
Email
– Want to use your account for sending spam, harvest your email address book, staging
you for something, revenge, rivalry, benefiting himself on behalf of your,
impersonation, defaming you, hoax.
Social
networking account – Spreading a word on behalf of you to the masses, sending
spam, harvest your social networking address book, staging you for something,
revenge, rivalry, benefiting himself on behalf of your, impersonation, defaming
you, hoax.
Is your
system started behaving nasty –felt something like this:
oI opened an e-mail attachment and nothing
happened; now my machine is acting funny.
oMy antivirus software has stopped working and the
computer keeps shutting down!
oMy programs are not working properly, and they
all are very slow
oA bunch of files I have never seen before are all
over the My Document folder.
oA number of my files won’t open or have
disappeared!
oAll file suddenly looking weird, unable to open
any document, all encrypted, asking for money to decrypt them.
oTask manager, regedit, folder/file options not
opening, hidden files not visible, unable to change settings.
oAnd many more … … …
What you did?
oHave you opened any email pretending to be coming
from your Bank, Courier Company, Airlines etc. with any attachments like PDF,
XLS/XLSX, PPT/PPTX, DOC/DOCX, ZIP, RAR, 7ZIP, EXE, SCR, SWF etc.?
If yes, you have opened that email, downloaded this
file and executed, YOU ARE A VICTIM OF SOCIAL ENGINEERING ATTACK. Your system
is compromised or installed with Trojan/Backdoor/Keylogger or some kind of sophisticated
malware.
oGot any email from your bank stating the
detection of huge amount transaction and need you to confirm, you did it or
not, by clicking on to a link present in email body?
If yes, you believed in that text matter and clicked
on the URL/link, YOU ARE A VICTIM OF SOCIAL ENGINEERING ATTACK. Your system is
compromised or installed with Trojan/Backdoor/Keylogger or some kind of sophisticated
malware.
oIn this new digital age, you might get SMS, MMS,
or request to install new Banking APP. If you installed that banking app on
your smart phone other than genuine application stores (Google Play Store-Android,
iTunes-Apple, Microsoft Windows Store-Windows etc.), YOU ARE A VICTIM OF SOCIAL
ENGINEERING ATTACK. Your smartphone device/system is compromised or installed
with Trojan/Backdoor/Keylogger or malicious application or some kind of sophisticated
malware.
oAny new application appeared on your smartphone,
which you didn’t installed?
What you do?
oFollow the money/transactions, new shipments,
new orders, new payment methods added, new beneficiary added, new accounts
linked.
oCheck for last non-financial/financial
activities under your banking account. If you found anything fishy, go &
report to bank and also seek help from them or local law enforcement agency
i.e. cyber Cell, Police.
oCheck for any changes in your banking/social
networking/email account security. Is security question changed? Mobile/Phone number
changed? Transaction alert disabled or enabled on new Mobile/Phone numbers?
Primary/secondary email Id changed? If yes, review them all and change the
entire set of security and account recovery options.
oCheck your account (Inbox, sent, draft,
deleted/trash or any other folder/tag created) for any message, email not sent
by you, check properly.
o Scan your computer system with good, reputed antivirus and disinfect the same. o Keep your browser up-to-date, disable unwanted BHO, plug-ins and extensions, disable auto-opening of external files, like ppt/pptx, doc/docx, xls/xlsx, pdf etc. Disable JavaScript and Java applet execution, or atleast set them not execute automatically, without permission. There are many more settings you can do in browser, which are not explained here. :-)
Speak up,it is essential to broadcast among your loved ones and
business about the breach incident. Make them aware if you are unable to
contaminate this mess right now. It will help them not to open or view
something received from you, it could be septic. In this way, you are
protecting them from what you are affected with. And in another sense, you are
making them aware of this incident. Sometimes you may get help also, from the
one who knows better way to deal with this situation or have solution for this
problem.
Internal security audit,use
antivirus programs for smartphones, Windows PC etc. from reputed vendors, use
MBSA for windows to review the security of your windows PC etc. check for the
presence of Trojan, Backdoor, Virus, Worm, Keylogger, Adware, Crimeware,
Rootkits, Botnet etc. with the help of reputed antivirus. Check for the
password strength, change them and keep more secure passwords. Check for the
new user account added on to your system. Enable and strengthen your firewall
program.
Locking credit card, if you have supplied your credit card details
anywhere mentioned above, you need to better take care of it, disable it for
some time until you restore your digital fortress.
Take backup of your account, now and regularly too, accounts like Apple,
Facebook, Google, Microsoft, Twitter and Yahoo etc.
There are many more things which
is not possible to write at this time, in this much small space, I may write
specific, if anyone need, suggest or give ideas. J
Rebuilt your digital world and strengthen the security of your digital
fortress. :-)
Google has announced that it is closing Orkut down on September 30, 2014. The social network wasn't a huge success globally, but caught on in India and Brazil. This Tuesday on-wards, your ORKUT profile will be no more.
If you have any pictures or messages in Orkut that you want to keep, then you need to save them elsewhere.
Give a nice farewell to ORKUT and collect your personal belongings, its time to say bye bye.....
Dear all, its been long writing here, so thought of sharing something, which may save many of you out there in this cruel internet, being fooled or may be infected. :-(
Today, I read about a satirical news website, obviously illegitimate website, claiming that Facebook will soon be charging $2.99 every month from its billion users for access social networking website "Facebook".
These false news links are found and spreading around on FB and leading users to this illegitimate news website and making fool of innocent users. It’s a dirty trick, but it’s been done before – and it will happen again and again until internet users wise up and think before they share a link.
Please read more at: http://www.welivesecurity.com/2014/09/22/facebook-charging-2-99-month/
Beware of such fake news and educate yourself against such social-engineering techniques. If it were in anyway true, you would expect to see an announcement on Facebook’s official blog, or in the headlines of major online news outlets.
A click-fraud malware was propagating widely and Symantec announced the takedown of the Bamital botnet in partnership with Microsoft to identify and shutdown the vital components of botnet.
Bamital is a malware designed to hijack search engine results, redirecting clicks on these search results to an attacker controlled command-and-control (C&C) server. The C&C server redirects these search results to websites of the attackers' choosing. Bamital also has the ability to click on advertisements without user interaction. This results in poor user experience when using search engines along with an increased risk of further malware infections.
Bamital also intercepts web browser traffic and prevents access to certain security-related websites by modifying the Hosts file. The local Hosts file overrides the DNS resolution of a website URL to a particular IP address. Malicious software may make modifications to the Hosts file to redirect specified URLs to different IP addresses. Malware often modifies a computer's Hosts file to stop users from accessing websites associated with particular security-related applications (such as antivirus for example). Bamital variants may also modify certain legitimate Windows files in order to execute their payload. Bamital has primarily propagated through drive-by-downloads and maliciously modified files in peer-to-peer (P2P) networks.
In case, if you reach to this page "https://malwarenotice.microsoft.com/" while searching for something else, you are likely infected by Bamital malware. Please read the instructions mentioned properly and act smartly to help yourself.
Year 2038 problem
31st Dec 2036 is the last date for iPhones and Androids phone. No one will be able to see New year of 2037 on their phones. :-) Tested with my own Android device, I am not able to set dates beyond 31st December 2036. :-(
To read more, follow: http://en.wikipedia.org/wiki/Year_2038_problem http://www.f-secure.com/weblog/archives/00002489.html
