Home » Internet

October Threat Landscape Report Highlights Increased Zeus/Money Mule Risk

October Fortinet Threat Landscape Report highlights few key points on the increased of Zeus/Money Mule risks as follows

  1. Fortinet today announced its October 2010 Threat Landscape Report which warns of increased Zeus activity and the related risks money mules take when signing up for questionable job opportunities.
  2. Money mules have been aggressively recruited this year to help cyber criminals launder money.
  3. Fortinet’s Money Mule warning signs and key guidelines on how to prevent someone from inadvertently becoming a money mule.

Further reading could be found on the press release

Fortinet October Threat Landscape Report Highlights Increased Zeus/Money Mule Risks

Report Offers Money Mule Recruitment Warning Signs

MALAYSIA, 29 October, 2010 Fortinet – a leading network security provider and the worldwide leader of unified threat management (UTM) solutions – today announced its October 2010 Threat Landscape report, which warns of increased Zeus activity and the related risks money mules take when signing up for questionable job opportunities.

“As outlined in our ‘2010 Threat Predictions Realized’ report, money mules have been aggressively recruited this year to help cyber criminals launder money,” said Derek Manky, project manager, cyber security and threat research, Fortinet. “A recent example of this is the worldwide prosecutions of a Zeus criminal operation, which included 37 charges brought against alleged money mules.”

Recent Zeus stories illustrate how prevalent money mules have become and how they are being used to filter, disguise and spread money transfers. Mules today are typically recruited into criminal organizations through legitimate-looking advertisements. A suspect ad may suggest a client is looking for a “payment processing agent,” “money transfer agent,” or something as general and vague as an “administrative representative.” These recruitment ads can be found anywhere from print and online job sites to direct points of contact. While many mules likely enter into the business relationship knowing the full criminal implications of what they’re doing, there are a surprising number that do not.

Preying on the Desperation of Job Seekers

One of the most recent money mule recruitment emails FortiGuard flagged this month began the subject line with, “Re: CV.” The body of the email offered the recipient an “administrative representative” position for a proposed salary of 5,000 per month plus commission. One of the listed job duties was to “administer day-to-day financial responsibilities for clients,” as well as prepare weekly financial reports.

“The majority of opportunities we’re seeing today offer prospects roughly 10 percent commission for any transfers they make,” Manky continued. “With a few simple clicks, a $10,000 transfer could net the mule roughly $1,000.”

Money Mule Warning Signs

The following guidelines can be used to help prevent someone from inadvertently becoming a money mule:

· If the job offer sounds too good to be true, then it probably is. Be wary of any job opportunities that promise great rewards for little or no work or work experience.

· If the job description is vague, unclear and/or doesn’t stipulate who you would be reporting to in the new position, then do deeper research into the company to get those questions answered.

· Be especially scrupulous with regards to money transfer job offers that are coming from overseas, as they can be very difficult to research and verify. If the company in question doesn’t have verifiable contact information (phone, email contact and address) on their web site, think twice about working with them.

· Be cognizant of any company that asks for a personal bank account number as the means through which money is expected to flow. Recruiters will typically mandate that their mules use anonymous money transferring services for outbound funds; as with any scam, be cautious of a request such as this.

· Security services such as antispam and web content filtering can also help to minimize money mule recruitment attempts, as they could help flag the recruitment emails, or potentially warn or block specific illegitimate job recruitment domains.

· Anyone suspecting they may have been a victim of this type of crime should contact their bank immediately.

FortiGuard Labs compiled threat statistics and trends for October based on data collected from FortiGate network security appliances and intelligence systems in production worldwide. Customers who use Fortinet’s FortiGuard Services should already be protected against the threats outlined in this report.

FortiGuard Services offer broad security solutions including antivirus, intrusion prevention, Web content filtering and anti-spam capabilities. These services help protect against threats on both application and network layers. FortiGuard Services are updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats. For customers with a subscription to FortiGuard, these updates are delivered to all FortiGate, FortiMail and FortiClient products.

The full October Threat Landscape report, which includes the top threat rankings in several categories, is available now. Ongoing research can be found in the FortiGuard Center or via FortiGuard Labs’ RSS feed. Additional discussion on security technologies and threat analysis can be found at the Fortinet Security Blog.

Admin 3 November 2010 security No Comments

Fortinet Advocates Healthcare Organizations to Consider Their Data Security Strategy in Today’s Dangerous Cyberspace

Several key highlights from Fortinet on the current state of healthcare data security in todays’ world

  • There are no existing standards for Asia to address data privacy of electronically protected health information and medical records.
  • Medical records are also prone to attacks at the network level, via the web, email and directly at the databases. In fact, threats can enter the healthcare organization’s network from various points of entry.
  • The HIPAA and Health Information Technology for Economic and Clinical Health Act (HITECH) enacted in the West are key standards for Asian region to emulate in order to address data privacy of electronically protected health information and medical records

Press Release

Fortinet Advocates Healthcare Organizations to Consider Their Data Security Strategy in Today’s Dangerous Cyberspace

MALAYSIA, 18 October, 2010 — Fortinet’s security experts have singled out Asia as the highest risk geography in the world today, compared to the Americas and European region. It is therefore imperative that Malaysia’s health industry takes on a more orderly way to communicate medical information, as globalization causes patients medical data to travel seamlessly across the world for professional and personal reasons.

“There are no existing standards for Asia to address data privacy of electronically protected health information and medical records,” said George Chang, Regional Director for Fortinet Southeast Asia & Hong Kong. “Security as an all-encompassing mindset for IT and business decision makers is still in its early stage, and verticals such as government and healthcare still has room to standardize practices, especially in Asia.”

He pointed out that the medical tourism industry in Malaysia can be seen as as huge potential sector with fast growth and increasing profit. Many international patients come from neighbouring Asian countries with less developed medical infrastructure. However, a patient may go from one hospital to another, but their medical data might not follow.

What’s more alarming is that medical records are also prone to attacks at the network level, via the web, email and directly at the databases. In fact, threats can enter the healthcare organization’s network from various points of entry. Just like country border security, it is essential to consider every possible entry points so that every form of attack can be thwarted. Other privacy concerns surrounding electronic medical records (EMR) include hacking incidents to alter patients’ data or destruct clinical systems, misuse of health information records by authorized users, long term data management concerns and government intrusion on private healthcare matters.

As it is with the state of security in cyberspace, there is no foolproof solution or a 100% secure plan, similar to the state of human health. However, the evolution of IT communication systems has opened the door for business, technology and medical professionals to create a better platform provided there is secure technology in place.

The HIPAA and Health Information Technology for Economic and Clinical Health Act (HITECH) enacted in the West are key standards for Asian region to emulate in order to address data privacy of electronically protected health information and medical records. Compliance requires the implementation of technical policies and controls over systems managing such information, allowing access to only people or software, which has been granted access rights. Today, Hong Kong Hospital Authority (HA) is leveraging the HIPAA as a guidepost to ensure personal data privacy for the healthcare industry.

As the threats in cyberspace are borderless and non-specific in nature, consolidated network security systems also known as Unified Threat Management (UTM) devices represent a solid solution to a dynamic and complex challenge for all verticals including the healthcare industry today.

“Fortinet is well positioned to help key players in the healthcare industry understand how they can pull together a proven, cost-performance effective and industry leading solution. Therefore, Fortinet advocates that healthcare organizations in the region and particularly Malaysia consider implementing a complete IT security strategy, while embracing the HIPAA compliance act,” said Chang.

Admin 20 October 2010 internet tool No Comments

Job That Require You To Spend All Day On Facebook

CIMB facebook Job That Require You To Spend All Day On Facebook

Isn’t that good to spend all day long in Facebook? Well, to some perhaps yes, it is dream job, but not to me definitely. This is vacant post in CIMB, part of so called CIMB Social Media team. Sounds cool. The job scope is PR sort of, managing online reputation, engage community and customer online and etc. The requirement include your Facebook and Twitter account. Another WOW. Good luck guys. More on the requirement, job scope are available below.

Assistant Manager / Executive – CIMB Social Media Team

Location: The World Wide Web
Company: CIMB Investment Bank Berhad
Department: Group Corporate Communications
Closing Date: 31 Dec 2010

Responsibilities:

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Create and execute social media campaigns across the various platforms that CIMB has established communities in (forums, Facebook, Twitter, YouTube etc)

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Manage, monitor and engage in our online community as well as provide quantitative and qualitative insights based on feedback from this community

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Formulate strategies for programs on social media that will compliment CIMB’s initiatives

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Assist in the development of social media strategies as well as community management and implementation of social media campaigns across the region

Requirements:

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Posses a Bachelors Degree in any field

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook At least 1-3 years working experience in any field

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Facebook & Twitter savvy with an intimate knowledge on developments of the media landscape

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Able to work and engage with people easily and comfortably

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Experience in Banking / PR / Marketing Communications / Advertising would be an added advantage

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Understand and appreciate the difference between LOL and ROFLMAO

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Willing to travel

app full proxy.php?app=10531514314&v=1&size=o&cksum=5f9325a4310f5cc58d61c4266fdd9d6d&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Farrow Job That Require You To Spend All Day On Facebook Fluent in written English and Malay

Please ensure that resumes are submitted together with your Facebook ID and Twitter handle for our reference.
app full proxy.php?app=10531514314&v=1&size=o&cksum=97050ffeb45dd89ab2140f2f1c4cb0a2&src=http%3A%2F%2Fwww.vocanic.net%2Fcimb%2Fmindedpeople%2Fsendresume textimage1 Job That Require You To Spend All Day On Facebook
source : CIMB Facebook
Admin 5 October 2010 socialize & media , No Comments

Five Easy Steps To iPhone Security

secure iphone4 Five Easy Steps To iPhone Security

With iPhone 4 frenzy continue to last until the next couple of weeks here in Malaysia as well as other countries, do not taking  lightly about the possible threat that could harm your iPhone and it’s user. If the iPhone is meant for your kids, it’s a good idea to start thinking of securing your loves one from anything that could possibly hurt them. Fortinet FortiGuard Labs has released short but useful article that will be a basis to get started with. Read on.

Five Easy Steps to iPhone Security!

Apple’s latest shiny new iPhone 4 gadgets may have taken the world by storm but in the same vein, such mobile devices are now becoming a key target for cybercriminals and mobile spyware.

Why? Well, your trusty iPhone contains your closely guarded personal information, including photographs, contact database, possibly your credit card details, banking information, email exchanges, personal address, etc. It also connects you to tens if not hundreds of Internet applications that make your life easier. So now, imagine all this information falling into unscrupulous hands, a psychotic stalker, or becoming public information overnight!

This is exactly what a mobile spyware can do once it has entrenched itself in your iPhone. This insidious, crafty malware can secretly tap your phone calls, record and transfer SMS/MMS/e-mail messages, locate you geographically, listen to your surroundings, take pictures, downloads contacts, log activity… or steal your online banking credentials like the infamous Eeki worm did.

So, even if it has not been affected yet, do not underestimate the potential vulnerability of your iPhone. Taking care of your iPhone security is very much like taking care of your child.
Education plays an important role!

Follow these essential security tips to protect your iPhone and its data:

1. Would you let your child answer a stranger?

No. So, do not open unknown SMS or MMS on your iPhone.

2. Just before buying your child a new game, wouldn’t you check if it’s suitable for his/her age or if other parents consider it as an interesting game?

You probably try to. The same applies to your phone: gather as much information as possible before downloading an unknown application (search for comments and reviews from other users,
scan for online against viruses etc).

3. Do you inoculate your child against polio?

Then, you might consider installing an anti-virus on your mobile phone, or at least check anti-virus reports regularly.

4. Imagine a highly dangerous virus was circulating in your child’s school. Wouldn’t you keep him/her away, until any risks have disappeared?

Similarly, do not connect your iPhone to an infected computer and run anti-virus software on your PC or laptop to make sure it is malware-free before connecting your iPhone for synchronization.

5. When your child is harmed, wouldn’t you report it to some official authority (school,police, medical doctor)?

Do the same with your phone. Do not fear to report suspicious activities to your operator, your bank, consumer groups, anti-virus companies or in worse cases to the nearby police station. The
more we are aware, the more we can all fight against criminality.

Admin 28 September 2010 security , , , , , , , No Comments

Boomerang : Browser Addon To Schedule Sending and Receiving Emails

boomerang addon Boomerang : Browser Addon To Schedule Sending and Receiving Emails

Imagine if you can schedule sending your email such as birthday wishes, ticket booking and etc? Or schedule when you want the email you have received to appears again when you need it. Boomerang has translated this cool idea to browser addon for Firefox and Chrome that works only in Gmail at the moment.

After you have installed the browser addon, in Gmail compose email page, there is new ‘Send Later’ button appear right beside the send button, where you can specify when you want the email to be sent. As for the received emails, ‘Receive Later’ button will appear on top of the email that you opened. While receive later might no really important, at least to me, ‘Send Later’ is quite interesting feature that I wish available in Gmail lab as well.

The browser addon is still in development stage, but if you want to try it out, download it from here and enter the invite code b4gtweet . More on the features are demonstrated in video below.

via techfreakstuff

Admin 30 August 2010 internet tool , , , , Comments Off
Page 2 of 3612345102030...Last »