I got an email today that looks like the archetypal phishing spam – a message from the Federal Reserve with a warning about a ‘large scale phishing attack’ and threats about restrictions being placed on wire transfers through March – a link at the bottom has a domain name that could just possibly be real; ‘bank-net.us’.
This is, if anything, better than average – nice domain name, well written email message (albeit with a few grammatical and spelling errors ["and has been still lasting"]), on the whole, believable….. so the link……
http://ustreasury.bank-net.us/3371091/issue~76099/
FEDERAL RESERVE BANK
Important:You’re getting this letter in connection with new directions issued by U.S. Treasury Department. The directions concern U.S. Federal Wire and ACH online payments.
On February 17, 2009 a large-scaled phishing attack started and has been still lasting. A great number of banks and credit unions is affected by this attack and quantity of illegal bank transfers has reached an extremely high level.
U.S. Treasury Department, Federal Reserve, America Bankers Association (ABA) and Federal Deposit Insurance Corporation (FDIC) in common worked out a complex of immediate actions for the highest possible reduction of fraudulent operations. We regret to inform you that definite restrictions will be applied to all Federal Wire and ACH transfers from February 23, 2009 till March 6, 2009.
Here you can get more detailed information regarding the affected banks and U.S. Treasury Department restrictions:
http://ustreasury.bank-net.us/3371091/issue~76099/
Federal Reserve Bank System Administration
takes you to an ineptly written web page with a US flag banner and an input box and some hidden dot graphics… and then, after a few seconds, takes you to a porn site.
So, I visited the site again a few minutes later and the US flag page is gone and there is a completely blank page instead.
The site is hosted in Guangdong, China but the domain name is registered to Edward Rosales in Hartford, CT. The domain name was registered today, 23rd Feb 2009.
So…. a pathetic spam switch and bait to get people to go to a porn site, or a fledgling phishing site? or maybe a cunning combination of the two? whichever, I think it’s safe to say that nothing good will come out of bank-net.us anytime soon. If you see anything scammy, let me know, or better still, report it to PhishTank.
Cyber Security Tip ST06-008 Safeguarding Your Data
When there are multiple people using your computer and/or you store sensitive personal and work-related data on your computer, it is especially important to take extra security precautions.
Why isn’t “more” better?
Maybe there is an extra software program included with a program you bought. Or perhaps you found a free download online. You may be tempted to install the programs just because you can, or because you think you might use them later. However, even if the source and the software are legitimate, there may be hidden risks. And if other people use your computer, there are additional risks.
These risks become especially important if you use your computer to manage your personal finances (banking, taxes, online bill payment, etc.), store sensitive personal data, or perform work-related activities away from the office. However, there are steps you can take to protect yourself.
How can you protect both your personal and work-related data?
1. Use and maintain anti-virus software and a firewall – Protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer and leave you vulnerable by using anti-virus software and a firewall (see Understanding Anti-Virus Software and Understanding Firewalls for more information). Make sure to keep your virus definitions up to date.
2. Regularly scan your computer for spyware – Spyware or adware hidden in software programs may affect the performance of your computer and give attackers access to your data. Use a legitimate anti-spyware program to scan your computer and remove any of these files (see Recognizing and Avoiding Spyware for more information). Many anti-virus products have incorporated spyware detection.
3. Keep software up to date – Install software patches so that attackers cannot take advantage of known problems or vulnerabilities (see Understanding Patches for more information). Many operating systems offer automatic updates. If this option is available, you should turn it on.
4. Evaluate your software’s settings – The default settings of most software enable all available functionality. However, attackers may be able to take advantage of this functionality to access your computer. It is especially important to check the settings for software that connects to the internet (browsers, email clients, etc.). Apply the highest level of security available that still gives you the functionality you need.
5. Avoid unused software programs – Do not clutter your computer with unnecessary software programs. If you have programs on your computer that you do not use, consider uninstalling them. In addition to consuming system resources, these programs may contain vulnerabilities that, if not patched, may allow an attacker to access your computer.
6. Consider creating separate user accounts – If there are other people using your computer, you may be worried that someone else may accidentally access, modify, and/or delete your files. Most operating systems (including Windows XP and Vista, Mac OS X, and Linux) give you the option of creating a different user account for each user, and you can set the amount of access and privileges for each account. You may also choose to have separate accounts for your work and personal
purposes. While this approach will not completely isolate each area, it does offer some additional protection. However, it will not protect your computer against vulnerabilities that give an attacker administrative privileges. Ideally, you will have separate computers for work and personal use; this will offer a different type of protection.
7. Establish guidelines for computer use – If there are multiple people using your computer, especially children, make sure they understand how to use the computer and internet safely. Setting boundaries and guidelines will help to protect your data (see Keeping Children Safe Online for more information).
8. Use passwords and encrypt sensitive files – Passwords and other security features add layers of protection if used appropriately (see Choosing and Protecting Passwords and Supplementing Passwords for more information). By encrypting files, you ensure that unauthorized people
can’t view data even if they can physically access it. You may also want to consider options for full disk encryption, which prevents a thief from even starting your laptop without a passphrase. When you use encryption, it is important to remember your passwords and passphrases; if you forget or lose them, you may lose your data.
9. Follow corporate policies for handling and storing work-related information – If you use your computer for work-related purposes, make sure to follow any corporate policies for handling and storing the information. These policies were likely established to protect proprietary information and customer data, as well as to protect you and the company from liability. Even if it is not explicitly stated in your corporate policy, you should avoid allowing other people, including family members, to use a computer that contains corporate data.
10. Dispose of sensitive information properly – Simply deleting a file does not completely erase it. To ensure that an attacker cannot access these files, make sure that you adequately erase sensitive files (see Effectively Erasing Files for more information).
11. Follow good security habits – Review other security tips for ways to protect yourself and your data.
_________________________________________________________________
Author: Mindi McDowell Produced 2006 by US-CERT, a government organization.
<http://www.us-cert.gov/cas/tips/ST06-008.html>