There’s an increasing amount of email spam proportion to come from well known financial institutions and governing bodies, claiming that the recipient needs to take action by visiting the fake web site to update and or confirm their personal information.

The most recent scam is an email from FDIC that your account ACH and WIRE transaction have been temporarily suspended for security reasons due to the expiration of your security version. To download and install the newest installations read the document (pdf) attached below.

The attached file is called FDIC_document.zip and it is a file that will infect a person’s computer once the file is opened.

If you receive an email like the one above, I recommend that you do not open the attachment. Make sure that your security software is up-to-date in case you mistakenly open an attachment that may have an infection.

Source: Sophos

I am back from my 10 day vacation in sunny Bermuda and finally back blogging. This has been the longest I been away from a computer in 20 years.

Since the new redesign, there have been noticeable improvements and problems from a user experience. The most noticeable improvement is how you can add and remove your favorite links and sites from the My Favorites in the left sidebar. Yahoo has really done a nice job in providing a preview page when you mouse over any of your favorite links or sites. This provides information faster and it allows a user to get more done in a short period of time.

Yahoo has missed on some functionality on its homepage. The performance is somewhat lack luster and when you mouse over your favorite links and sites the page errors out. These errors are becoming more frequent lately and I am sure many users are experiencing the same issues.

Sample of the errors you get when you mouse over a link or site

Yahoo Email has been horribly slow at times. In fact, when I am using Firefox the page stops responding. The email client has been unstable or unavailable since the new design as pictured below. This seems to be a common occurrence during peak hours of the day.

Overall – the new look and feel is a major improvement. Yahoo focused on all the right ingredients on user experience. There is more emphasis on personalization, news content and community.

Yahoo needs to address and fix the errors that occur on the mouse over issues and email performance.

I mean come on, you are the colossus of companies with an infrastructure that is so large, it’s even hard for most Geeks to even imagine. This was a cluster “expletive here”.

According to Google – Their Gmail service was offline due to a maintenance miscalculation for the glitch and engineers took some servers offline, it says, and inadvertently overloaded other servers as a result.

I think at minimum, they should know what load balancing is and what is needed to take on the millions of emails that go through the Gmail servers each day. This is not rocket science, its Technology 101 and they failed the first course.

This is not the first time an outage has occurred with Gmail and I am sure it will not be the last. These mistakes should never happen if you practice change control correctly.

I am glad I do not use Gmail for my business or I would be (SOL). The outage lasted for about one hour and 40 minutes. I can tell you first hand that many users are outraged and I am sure many will look elsewhere for another email solution. I am one of those people.

Google claims 99.9 percent uptime, but lately they missed this mark.

According to PCWorld – Gmail seems to have suffered more than its fair share of outages lately. In May, a traffic routing error knocked the service offline for users across the globe, earning the hashtag “#googlefail” on Twitter. That crash came within weeks of several smaller outages, one just days earlier in May, another in mid-April, and another — this one lasting as long as 36 hours for some people — in March.

Let’s see how long before the next outage.

Did you forget to do something? Google’s Gmail team has added a new task manager that lets users keep track of their agenda.

Go to Settings at the top of your inbox, click the Labs tab and you’ll see the new feature option at the top. Select enable and click Save Changes at the bottom. You should then see the Tasks link under the “Contacts” link on the left of your inbox.

Click it, then click in an empty part of the list window that pops up on the right and start typing your task list in what is really the familiar Google Chat window. This means they’re visible while you’re scanning your inbox, reading mail, or searching. You can also pop your list out into a new window to.

The list you create saves automatically and you can hit return to begin entering a new task. There are a number of editing options, including the ability to add, delete, indent, un-indent tasks, move tasks up or down, or switch between task lists.

What’s really neat with this new feature is that you can also convert e-mails into tasks. To do this, select one or more messages and go to “More Actions,” then “Add to Tasks.” It pops up in the task list. You can read it by selecting it and clicking the related e-mail.

Task away all!

It didn’t take long (2 weeks) after the McColo host company was shut down for the world’s biggest spammers to get back online and start updating all their bots, a recent report by FireEye revealed. This means that all the time we’ve enjoyed with less spam is over now that the Srizbi botnet – responsible for almost half of the world’s spam – went back online. SecureWorks estimated at the time that McColo – Srizbi’s web host – was responsible for 75 percent of the spam sent daily in the United States.

FireEye explained that this was possible due to a mechanism that dynamically generates the Command and Control function to which it communicates based on a seed in the binary and a variation of the Julian date of the infected host.

FireEye attempted to block Srizbi from registering domains by figuring out what domains in specific Srizbi was looking for and registering them before the spammers did. Unfortunately, that proved to be efficient for just a short period of time, when the security firm realized that their work was increasingly expensive, since each domain that they registered cost money.

“As soon as we stopped registering domain names, the Botnet owner swooped in and began registering domains, as he was able to predict which would be in use today,” FireEye’s Atif Mushtaq and Alex Lanstein reported, adding that all the domains pointed to servers in Estonia, except one which had the IP registered out of the Cayman Islands and was hosted in Germany.

Source: eFluxMedia

Are you using Gmail, Yahoo or Windows Live Hotmail? Did you know there has been a tremendous increase in phishing emails due to the holiday season as well as the financial crisis? You can feel safer by downloading a free utility for added security protection for all 3 of these email services!

WOT (Web of Trust) has added the top three web-based email services – Google Gmail, Windows Live Hotmail and Yahoo! Mail, to its free security protection. WOT checks links embedded in email and warns users of dangerous websites to help them avoid spyware, spam, phishing, identity theft and other Internet scams, before they risk clicking.

WOT can provide consumers with information that alerts them if a link in an email is not safe.

Please help us spread the word about this new feature of WOT.

Supporting Facts of WOT:

• WOT has been downloaded by over 1.8 million users
• Information on over 20.7 million websites
• Based on WOT statistics, 1 out of 20 sites is dangerous
• WOT users can contribute by rating and commenting on websites
• WOT partners with a number of trusted sources, such as PhishTank, TRUSTe, hpHosts, DNS-BH Malware Domain list and Artists against 419

Resources:

• Press release: Click here
• Extended protection for email video: Click here
• Screen prints, logos and photos: Click here

Visit WOT today and start protecting yourself from malious email.

The amount of spam containing dangerous attachments designed to infect PCs with malicious viruses increased by eight times between July and September this year, according to Sophos.

The security firm said one in every 416 email messages received between July and September was spam compared to just one in every 3,333 emails between April and June.

Much of the increase has been caused by several large-scale malware attacks. Sophos said the worst single attack was the Agent-HNY Trojan horse, which was disguised as the Penguin Panic arcade game for Apple iPhones. However, only Windows users are affected by the viruses.

“For Apple Mac and Unix lovers, these major spam attacks just mean a clogged-up inbox, not an infected operating system. But organized criminals are causing havoc for Windows users in the hunt for cold hard cash,” said Graham Cluley, senior technology consultant at Sophos.

“Too many people are clicking without thinking – exposing themselves to hackers who are hell-bent on gaining access to confidential information and raiding bank accounts.”

Sophos highlighted a rise in the amount of spam being sent via social networking websites such as Facebook and Twitter, and the security firm expects this rise to continue.

Source: http://www.sophos.com/

The U.S. government has helped break up one of the largest organized spam rings in the world, which was responsible for sending billions of unsolicited e-mails. I am sure many of these emails have made it to my inbox in the past year.

The Federal Trade Commission (FTC) received more than 3 million complaints from internet users who received the spam e-mails tied to the group.

HerbalKing, promoting weight-loss drugs, male enhancement pills and prescription drugs, operated in the United States, China, New Zealand, and other nations, the U.S. government said.  Credit card transactions were processed in Cyprus and Georgia, and all products were shipped from India and China, with Chinese web servers used to host each web site.

According to the FTC investigation, the group received $400,000 in Visa credit card charges in a single month.  The government has asked a federal district court in the city of Chicago to freeze the ring’s bank accounts, after accusing HerbalKing of violating the Can-Spam Act of 2003.

Read more here

Listed below are 10 tips on managing your passwords and preventing someone from knowing your credentials.

1. Passwords must not be written down.
2. Passwords must be set. When the password is “password or a default that is assigned”, change it immediately.
3. Make sure (if available) to create a secret question (in the event you forget your password) that no one will be able to guess or search the answer on the internet.
4. Change your password at least every 8 weeks or (2 Months).
5. Make new passwords new. Old password = “myDog1980″ New password = “myDog1981. Not good.
6. Avoid obvious words. Passwords must be more complex than a single word which can be hacked with a dictionary attack.
7. Think long – but not too long. A password which consists of at least eight characters with a mix of upper case, lower case and numbers is a good start.
8. Don’t use password programs that store your information or provide auto password injection.
9. Never have your browser save or remember your passwords.
10. Always clear your cookies when you’re done for the day.

These 10 tips will help you properly manage your passwords and prevent anyone from invading your privacy. It’s important that we all practice proper security when it comes to our privacy.

If you have other tips you would like to share please comment.

The FBI over the weekend executed a search on the apartment of a University of Tennessee student suspected in the hacking of Republican vice presidential candidate Governor Sarah Palin’s Yahoo e-mail account.

It has been reported that hackers broke into the personal site of Fox News commentator Bill O’Reilly, who had been carrying on for several days in anger over the hacks, and posted subscriber information to the WikiLeaks Web site.

Last week, Tennessee state legislator Mike Kernell, a Democratic representative from Memphis, said his son David was a suspect in the investigation.

“I had nothing to do with it, I had no knowledge or anything,” Rep. Kernell told the Associated Press. “I was not a party to anything of this nature at all. I wasn’t in on this … and I wouldn’t know how to do anything like that.”

How do hackers get access to your email?

Once a hacker knows your email, they try to guess the secret question to change the password of your email account. Once they guess right they enter a new password and now have full access to your email.

How to avoid your email from being hacked?

First off, use a secret question that no one can look up on the internet or guess. It is best if you have the option to create your own secret question instead of using the pre-canned choices that many would-be hackers will search as indicated on how Palin and now Bill O’Reilly email accounts were hacked.