Archive for Alerts

Avoid Trickery on Facebook and Twitter (pt. 2)

Last week I discussed some of the recent tricks being exploited by hackers on Facebook and Twitter. These tricks can be harmful to your:

  • personal identity
  • your personal finance
  • and your online reputation

These risks come from: 

  • malicious links in tweets and posts
  • account hi-jacking
  • and email spoofing

How To Stay Safe

To better avoid the risks and dangers of social media sites you should employ these best practices as much as possible. You may already be following many of these, but it is best to review them and keep them fresh. Iften we follow the safest road, and when no dangers seem apparent, we can get lulled into a false sense of security and let down our guard. Or in this case, our computer guards.

  1. Don’t assume a link sent or posted by a friend is “safe”: Your friend may have lowered their defenses, or not exercised caution with their online activity. As noted earlier, your friend’s account could have been infected, hacked, or hi-jacked. You may want to contact your friend first and check with them if the link is genuine. Many times I have found that they received the link from someone else, and just forwarded it assuming it was safe. They didn’t know that the friend be fore them hadn’t investigated the link either.
  2. Don’t assume a message from a friend is “safe”: Does the message sound like something your friend would actually say? Have they spoke on the subject before? Perhaps their accound has been hi-jacked. One of my own email accounts got hijacked this past summer, and the hacker sent messages from my account saying I was in need of money. One of my friends, believing I was in danger, sent $600 cash.  If you’re unsure, try to contact them through another channel. In my situation, many of my other friends sent me texts and made phone calls to me to check it out.
  3. Don’t assume Twitter links are safe just because Twitter scans for malware: In August 2010, Twitter partnered with Google to use Google’s Safe Browsing API. This technology checks URLs or web links against Google’s blacklisted sites. This prevents spammers from posting malicious URLs to Twitter, but it does NOT prevent them from using shortened address services such as bit.ly or tinyurl.com.  Hence….
  4. Don’t Assume Bit.ly and TinyURL Links are Safe: These legitmate address shortening service make it easy to convert long web addresses into short addresses. Bit.ly, in particular, is Twitter’s address or URL shortening service partner. Bit.ly, too, uses Google’s Safe Browsing API and two other blacklists to identify malicious links. BUT although the service doesn’t prevent users from posting these links, it will warn you when you click that the site being linked to is infected. BUT they’ve been known to miss a few according to various anti-virus services such as Kaspersky. As we’re learning, nothing online is ever completely safe, but then again, is anything ever?
  5. Use an up-to-date web browser: There are dozens or more browsers to choose from. There’s Microsoft Internet Explorer, Mozilla Firefox, Apple’s Safari, AOL’s online software, Opera, Google’s Chrome, and many more. They are periodically updated and “patched” by their respective companies. Hackers will find flaws in these programs that can be exploited. That means Internet Explorer users, the most frequently attacked, should be on IE8. Firefox is number two on the hitlist, but it alerts you when an update is available (if you have the most recent version that is). The same goes for Google’s Chrome browser.
  6. Keep Windows and Mac O/S up-to-date: As always, Windows users should make sure their systems are current with the latest patches from Microsoft. Automatic updates should be turned on. Mac issues updates periodically, too, though not as often as Microsoft.
  7. Keep Adobe Reader and Adobe Flash up-to-date: Since Microsoft, Apple, Google, and Firefox have been so diligent with updates, patches, and security; hackers have set their sights on these programs. A lot of malware exploits known vulnerabilities in Adobe’s software packages. One common attack from hackers directs victims to malware-infected sites that request you update your Flash or the Adobe Reader in order to view content on the site. DON”T DO IT using their links!  Instead, go directly to Adobe’s site (www.adobe.com) on your own and download the latest version. Why not do that right now? Go ahead, I’ll wait here.
  8. Don’t assume you’re safe because you use a Mac: Didn’t I hint at this on number 5 and 6? It’s true, Mac users are less “targeted” than Windows users, but they’re not immune. The truth is there are fewer Macs out there, so they present a smaller target, so hackers are less likely to attack them. But as they grow in popularity then get targeted more and more. Popular public opinion has it that Macs are invulnerable to viruses. This isn’t true. As a matter of fact, Apple has started to include some malware protection in their latest operating system, but it only protects users from two attack forms. There are currently several hundred attacks out there that specifically target Apple computers. The true number may be larger, but since so few Mac users use anti-maleware protection software, it’s hard to tell what the actual figure is.
  9. Beware of email messages from social networks: Email addresses can be “spoofed” by hackers, so you can’t assume a message from Facebook or Twitter is really from those sites. Don’t open attachments you’re not expecting, and be wary of clicking on links that request you “update your account.” And if you do click, and you arrive at a page that asks you to log in, DON’T.  You could be delivering your personal account info into the hasnds of a hacker. Instead, always access your favorite sites directly by “typing” the URL or web address into your browser or clicking in with your Bookmarks or Favorites.

As I mentioned before. many of these practices are the same ones you should already be following from earlier risks. Hackers tend to elaborate on pre-existing schemes and attack forms, and so you should elaborate on pre-exisiting safe practices.

So always keep your computer and browser up-to-date, and don’t open attachments. PLUS don’t assume your friend has been playing it safe either.  How often do we talk with friends about updating somputers and anti-virus programs? Not often, right?

But we should because malware hackers are getting trickier, and know they are seeking to use the trusted identities of our friends on Facebook and Twitter, to lull us into a false sense of safety. So use caution when friends send or provide links. Specially if it is out of the ordinary for them. After all, the risks aren’t on Facebook and Twitter, but in the sites they link to.

Watch the connections.

24 Hour Price Drop Alert — Asus Eee NetBook for $219 with coupon code

ASUS Eee PC 1005HA

TigerDirect is offering a limited time run savings on the popular Asus Eee PC NetBook for $219. Use coupon code EYQ5050 at checkout to save $20 off the $239 price.

ASUS Eee PC 1005HA

ASUS Eee PC 1005HA

More on the Asus Eee PC. Take the ASUS Eee PC 1005HA-EU2X-BK Netbook wherever you choose with its 4 hour battery life and enjoy its brilliant 10.1-inch LED display with backlighting. It allows you to compute on the go with ease. It has a surpisingly large 160GB hard drive for storing, sharing, and accessing your important data anytime and anywhere. The ASUS Eee PC 1005HA-EU2X-BK Netbook is one of the leaders in the compact netbook industry, and it provides multi-tasking performance and superior portability, that will liberate you from wall chargers, putting you in the lead of mobile computing.

The ASUS Eee PC 1005HA-EU2X-BK Netbook draws its inspiration from seashells with an opalescent, glossy exterior is crafted by the innovative In-Mold Roller technology. It’s specially designed to be ultra-compact so you can take it anywhere with you. You’ll find it a joy to use and an excellent companion for long trips.

Additionally, the Eee PC Seashell’s keyboard is more comfortable and less fatiguing to type on for prolonged periods. You can also simultaneously slide two fingertips up or down the touchpad – making scrolling in a window easy without the use of a mouse.

Tech specs: It uses an Intel Atom N270 1.60GHz processor, 1GB of DDR2 RAM memory, and a 160GB hard drive (storage). It offers great user comfort with its 92-percent scaled keyboard, multi-touch trackpad, and convenient instant keys for Wi-Fi, and control of the ASUS Super Hybrid Engine (SHE).

Asus Eee PC

How to Get Featured in Fast Company Magazine

Fast Company's Influence Project

One of the best ways to promote yourself and your business, online and offline, is through associations. People and businesses frequently list the names of newspapers and magazines their company or personal name has been printed in because it builds credibility and reputation.

Fast Company's Influence ProjectRight now Fast Company Magazine, one of the most well respected business start-up and entrepreneurial magazines there is, is doing a feature on influential people. It’s called The Influence Project. They are going to post everyone’s photo in the magazine who registers. The size of you picture depends on how much influence you have.

But you will always be able to say you were in Fast Company magazine under the “Most Influential People”.
Not a bad thing to have on your website? Your Facebook page?

Click here to start influencing now! Fast Company will send you a link that you can spread any way you like to get people you know — or don’t know — to start voting for you.

Or just click here to vote for Skylarking as being influential in your opinion.

Facebook to charge $4.99 per month in June?

Not true. Just a few weeks ago, if you’re an active Facebook user, you may have read that Facebook was going to start charging $4.99 to use the service starting at the end of June 2010. Here’s a snippet of the message that circulated last month:

Spyware Doctor Free Scan

There is a website that has over 83,000 members of people protesting the following… WE’RE AGAINST THE 4.99 A MONTH CHARGE FOR FACEBOOK FROM JUNE 30TH 2010 See website here…

[website address removed]

Thankfully, this was just one of many Facebook-related hoaxes that circulate the web. (The bigger the site, the bigger the target, the bigger the audience.) Unfortunately, the bogus message caused real problems for many people who decided to look into the web site and Facebook group it promoted.

Many who visited the web site clicked on certain elements which initiated a hijacking attempt on their computers. Further clicking resulted the downloading of malware, spyware, and “highly objectionable images” to the visiting computer.

Shortly after a counter message began circulating among Facebook users and friends alerting them to the harmful effects of the phony Facebook group and web site. (I received copies of both messages. I ignored the first, and said “Just as I thought” to the second.) The warning messages looked something like this:

WARNING: DO NOT JOIN the group We are against paying $4.99 for Facebook – IT’s A VIRUS AND HACKER! There are extremely graphic images at the website they suggest you visit. FACEBOOK has no plans on charging us. ELIMINATE THIS GROUP from your groups & run your spyware ASAP. REPOST THIS AS YOUR STATUS on your Profile. Thanks

Do you think, or know, you were a victim of this insidious hoax?

The problem with malware and spyware is its hard to detect, and its becoming an ever more common problem. Even more problematic than virus attacks.

Best Buy’s Geek Squad will charge any where from $200—$300 to remove spyware from your computer, but I strongly recommend you purchase Spyware Doctor software from PC Tools. It costs only $39.95 and can be installed on up to 3 computers. I recommend Spyware Doctor over any other antispyware program on the market today, but it’s not available in stores.

Only have one computer? Why not ask a friend or relative if they’d like to split the cost with you? You can have PC Tools mail you a CD copy for $9.95.

Read more Skylarking articles about Internet and email hoaxes circulating the web:

Recommended Updates: Adobe Flash Player

Adobe Flash logoThis is part 2 of a two-part article.

This past Tuesday I was discussing how hackers are exploiting flaws in other programs you may have installed on your computer or laptop. First, I discussed run-time Java code from Sun Microsystems, and today I’ll follow up with Adobe Flash Player.You should make sure that these two programs on your computer are up-to-date.

Whether you have a PC or a Mac, there’s a 99.9% likelihood that you have this software on your computer; and regardless of your OS, flaws in these two programs can be exploited by hackers and affect your computer. Much ballyhoo is made about Mac’s safety from viruses, but the exploits I’m discussing aren’t viral.

What is Adobe Flash Player? Which version do you have?

Sample version check image

Sample version check image

Adobe Flash is used on many web sites these days. Just about any animation or movement you see when you are visiting a web page is handled by the Flash software installed on your computer. Flash is also used for some video web sites such as Youtube. And there are also a lot of web sites that have games that are designed using the Adobe Flash program.

Whenever you access one of these Flash-enabled sites, the Flash software on your computer goes to work behind the scenes, but if your Flash software is outdated you might be vulnerable to hacker attacks. As of Sept. 2009 the most current version of the Adobe Flash Player is 10.0.32.18. You can check your installed version of Adobe Flash Player here.

Updating Adobe Flash Player

Updating Adobe Flash Player is very easy to do. Just go to Adobe’s Flash Player Installation page here (http://get.adobe.com/flashplayer/). Then click “Agree and install now” on that page. They often include some optional software with the download such as Google’s toolbar or some antivirus software. It isn’t necessary to download those programs when your get Adobe Flash Player, so you can clear those check boxes by clicking them before clicking “Agree and install now”.

Adobe's Download Manager (DLM)

Adobe's Download Manager (DLM)

You might receive some additional instructions from Adobe for proper installation on your specific computer, operating system, and web browser. In some cases you may need to restart your computer, or close and reopen your web browser. Oftentimes the software installer will do this automatically for you.

FTC Puts an end to “Robocalls” tomorrow

Ever get one of those automated phone calls with the taped (okay, recorded) voice? Most of the time its telling you about something you have no interest in, and you can tell right away you’re not interested, and now you have the added aggravation as you realize the “person” at the other end doesn’t even want to talk to you about it personally.

Well, many, many, many of those calls become history today. Sept. 1 marks the end of the pre-recorded telemarketing “robocall “.

The Federal Trade Commission** said it is banning “robocalls” to consumers, unless the telemarketer has “written permission” from a customer that they want to receive these calls. (Ooo! Ooo! Sign me up, please! …Not!)

Now, perhaps you noticed, I said “many” and not “all”. Did you see that? No? You didn’t? … Oh … you did? Yeah, well, don’t worry, there’s no catch, … really. There will be some automated calls that are allowed without written permission. For example, informative calls like flight cancellations, prescriptions from your doctor or pharmacist, delivery notices, and debt collectors calls will be allowed.

Hmm. I can happily live with the first three, but can I opt out of the last one? (Probably not).

Franly, there are a lot of other annoying calls that are still permitted, and those also include calls from politicians, charities, banks, insurers, phone companies, and survey calls. Why aren’t they banned, too? Because this is an FTC or Federal Trade Commission ruling, and not an FCC or Federal Communications Commission ruling. The FTC deals with trade and sales, not communications. Since the latter calls aren’t selling anything (at least not for money) they they aren’t part of the FTC’s jurisdiction.

Rats! What a difference one letter makes.

By the way, this kinda does away with the do-not-call list, and as of tomorrow no one should be receiving these “most” of these calls anymore; and if you do, now you can file a complaint with the commission at www.FTC.gov or by calling 1-877-FTC-HELP. Under the new rules violators can expect to pay a $16,000 fine.

Loophole: This doesn’t put an end to annoying “live” calls. The robots may have lost some jobs here; but humans are still permitted to pick up the phone and personally annoy their fellow man (or woman).

** Think about who put this out. It’s important later.

Homeland Security and Laptop Searches

Image from ARS Technica

Image from ARS Technica. (Click image for article)

This past Thursday, August 27, 2009, Department of Homeland Security (DHS) Secretary Janet Napolitano announced new directives to enhance and clarify oversight for searches of computers and other electronic media at U.S. ports of entry. New guidelines are being designed to reinforce the Department’s efforts to combat crime and terrorism while protecting personal right’s to privacy and civil liberties.

The new directives and guidelines will “enhance transparency, accountability and oversight” of searches at borders, airports, and other ports of entry to the U.S.  Included are new administrative procedures “designed to ensure that officers and agents understand their responsibilities to protect individual private information and that individuals understand their rights.”

Airport laptop search. Image from Center for American Progress.

Airport laptop search. Image from Center for American Progress. (Click image for article)

The DHS further stated that searches are permitted by law and are not restricted to detection of terrorist plans, but are also necessary to uncover possession of child pornography and criminal possession of intellectual property, trademark and copyright infringement.

You can read three reports made available by the government along with this recent announcement. First, the DHS Privacy Office released a Privacy Impact Assessment, which is also available at www.dhs.gov/privacy. This document is designed to improve the public’s understanding of the authorities, policies, and procedures used during searches. It also let’s them know what is being done to protect individuals’ privacy.

(In a related story, the DHS Office for Civil Rights and Civil Liberties (CRCL) will also conduct a “Civil Liberties Impact Assessment” within 120 days.)

Next, additional reports were released by the U.S. Customs and Border Protection (CBP) and U.S. Immigration and Customs Enforcement (ICE).  Their guidelines also made mention of searches of iPods and other digital media players, as well as video and digital cameras. Click the links to see the PDFs of the reports.

laptop searchThis is all well and good, but I was a little surprised to learn that out of the 221,000,000 (that’s 221 million) travellers that crossed U.S. borders in the last 10 months that only 1,000 laptops were searched in this period, and that less than 50 of those searches were in depth. That’s about 3 laptops a day being checked out. Typically, the laptop wner is asked to turn on the laptop and demonstrate that it is a working computer, but apparently there are at least 3 PCs a day that require a little bit more scrutiny.

Have you had your camera, iPod, or laptop searched while you were travelling and out of the US? Tell me your story. I’m sure I’m not the only one who’d like to hear it.

Quick News from Affiliate Summit East

imagesHi, folks. I should be in NYC right now attending day 2 of Affiliate Summit East, but I stayed in for a little extra sleep.

I’m attending Affiliate Summit East 2009 in NYC at the Hilton. It’s my first Affiliate Summit, and I have learned so much in less than 6 hours that it’s hard to believe. I’ve learned a bit about marketing, and I’ve learned that the affiliate marketing community is real tight and friendly. A bunch of great people out there.

First, thanks to Evan Weber of Experience Ads (@experienceads) for helping me get my pass. And we finally got to meet after trying to meet all day.

Sunday I attended three seminars: Getting Noticed Fast (with Mike Buechele, Trisha Lyn Fawver, Jen Goode, and Stephanie Lichtenstein), Viral Campaigns by Larry Bailin, and What the heck is a web site? (Or are web sites dead?) All three were very informative, and chock full of useful info and ideas. I’ll write more about them later.

Drew, Brett, and Heather

Drew, Brett, and Heather

I met some more bloggers such as Ben Spark (Drew) at benspark.com; @HeatherinBC (boatinginbeautifulbritishcolumbia.com) who was great; Brett Bumeter from softduit.com; and Andre Natta of bhamterminal.com. Real nice people.

John Chow, me, and Jeremy Schoemaker

John Chow, me, and Jeremy Schoemaker

I also got to chat briefly with John Chow of JohnChow.com and Jeremy Schoemaker of shoemoney.com. I completely look like I snuck up behind them and had someone sneak this photo when they weren’t looking, but I had been chatting with them both beforehand. It was great to meet them, and they’re two really down to earth guys for such well-known bloggers.

Much more to tell, but I’m going to save it for later and head on down to ASE09 ASAP.

Buy your kid a computer, and save on your tax return

recovery-dot-gov-actHere’s some great news for anyone who wants to cut the costs of sending their kids to college!

Under the new American Recovery and Reinvestment Act of 2009, taxpayers who buy PCs for their children in 2009 and 2010 can claim those Desktops, Notebooks, and Netbooks as qualified higher education expenses.

The Act defines computer-related qualified expenses as “any expense incurred for buying any computer technology and equipment”, as well as Internet access and related services as long as the equipment and technology is used by the student and the student’s family during any of the years the student is enrolled at an eligible educational institution.

1040aAnyone with college-aged kids knows that tuition costs are skyrocketing, so this additional perk will be a welcome benefit for many. Be aware that this tax break is only in effect through 2010, so anyone who will have, or has, children in college need to start shopping for a new PC today.

This post is not to be construed as tax advice, so please consult your tax professional for more info. Applicable to U.S. Tax Filers only.

Need some ideas for new computers for the kids? Take a look at our recommendations in our previous post.

Got a story to share? Have a question? Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with Skylarking’s email form.

Conficker Virus Begins To Attack PCs

I was reading about the Conficker virus on Shawn’s Technology Blog. He says that a report from Reuters says the Conficker virus — which was supposed to activate on April 1st — has slowly started activating on computers by installing spyware and turning them into spam servers.

Conficker is also known as Downadup and Kido, and it also installs a second virus called Waledac.

Reuters mentions how the computer worm began spreading late last year, and how it was designed to respond to commands from a remote server. This army of slave computers infected with the worm controlled by a remote server is called a botnet.

Furthermore, Vincent Weafer, a vice president with Symantec Security Response, makers of Norton Antivirus, has reported that recently the unknown controllers of this remote server have begun using a small percentage of the computers they control to upload ‘malware’ and ‘spyware’. One such piece of malware is the Waledac virus which installs itself on the infected computer, and then uses the computer to send out spam email messages promoting a fake anti-spyware program.

Meanwhile, Shawn’s technology Blog is very wisely recommending that computer owners keep your Windows software up to date by visiting the Windows Update web site. He also recommends you install anti-spyware software such as PC Tools Spyware Doctor. I strongly agree with his recommendations, and have done so frequently in this blog. I also recommend you install an antivirus program such as Alwil’s free Avast! antivirus program. Yes, you read that correctly, Avast antivirus is free. I have been using it on all my computers for several years now.

http://www.pctools.com/free-antivirus/

There is a free version of Spyware Doctor available from Google which does a good job of removing spyware, but for real time protection against spyware you should purchase Spyware Doctor. If you don’t have an antivirus program, you might also consider downloading Spyware Doctor with AntiVirus.

Have a question about spyware or viruses? Then why not post a Comment or Question with the link below.

Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with Skylarking’s email form.