JFD ltd. Computer Consulting and Repair

Last up date: 11:17 PM 5/18/2012

Click on banner to try for free and then buy!

JFD ltd
16 Baldwin Blvd.
Bayville NY 11709

Phone (516) 628-9390
E-Mail Tech(AT)jfd-ltd.com
note replace(AT) with the @ symbol
this is to lessen spiders from mining
the address for spam

GFI Labs Tracks Resurgence of Fake Antivirus Programs Plaguing Businesses and Consumers

March 09, 2012 - Clearwater, Fla.

GFI Software warns of new variations of rogue antivirus programs often distributed through spam carrying the Blackhole exploit

GFI Software today released its VIPRE^® Report for February 2012, a collection of the 10 most prevalent threat detections encountered during the month. Most notably, GFI Labs has been documenting a new wave of fake antivirus programs (or rogue AV) on its Malware Protection Center blog. Growing since the start of the year, last month brought a significant spike in new variations of rogue AV.

“While the velocity at which rogues were successfully propagating may have slowed toward the end of last year, they are certainly back now, and they remain a popular tactic among cybercriminals,” said Christopher Boyd, senior threat researcher at GFI Software. “Users should not let their guard down. As always – no matter how convincing they look – always take the time to evaluate any piece of software that claims your PC is infected, prompts you for a credit card number or asks you to share any sensitive data, especially if it’s software that you or your employer did not install.”

Many rogue AV programs are being distributed via spam containing malicious links to the Blackhole exploit, a tool used by cybercriminals to target unpatched vulnerabilities in software applications from industry leaders like Microsoft Corp. and Adobe Systems Inc. Users infected by rogue AV may be redirected to fraudulent websites, have their systems hijacked by programs appearing to scan their PCs or plagued by messages warning of viruses and other PC security risk. These scareware tactics trick users into providing credit card data to purchases non-existent protection.

Rogue AV programs are continually tweaked in an attempt to avoid detection, with newer variants of these malicious applications propagating every 12 to 24 hours. When confronted with suspected rogue AV, users can visit the Malware Protection Center for removal advice or download GFI Software’s free virus removal tool, VIPRE^® Rescue.

Cybercriminals Target Tax Season, Holidays and Gamers
Last month also saw phishers posing as representatives of Intuit Inc., the developers of TurboTax^®, a popular tax preparation program. Victims were told that they must verify their tax information due to a discrepancy with information from the Social Security Administration only to click on links that led to Blackhole exploits. Meanwhile, emails purporting to come from the American Institute of Certified Public Accounts sent warnings of “unlawful tax return fraud” in order to scare victims into opening malicious attachments disguised as legitimate documents.

A more traditional holiday cybercrime campaign targeted Tumblr users last month with promises of $500 Victoria’s Secret gift cards. Like previous spam attacks offering Starbucks gift cards and free plane tickets, these Tumblr posts feigned legitimacy by claiming to come from a “Tumblr Staff Blog.” Users who clicked on the links were asked to sign up for various offers and submit personal information in order to claim their gift card. Gamers were also targeted via YouTube videos encouraging users to download a program that would generate codes that could be redeemed for free Microsoft points, the currency of the Xbox LIVE^® marketplace. The bogus generator prompted the victim to fill out various surveys in order to receive a password and continue the code generation.

Top 10 Threat Detections for February
GFI’s top 10 threat detection list is compiled from collected scan data of tens of thousands of GFI VIPRE Antivirus customers who are part of GFI’s ThreatNet™ automated threat tracking system. ThreatNet statistics revealed that Trojans once again dominated the list, taking half of the top 10 spots.

Description: Top 10 descriptions

About GFI Labs
GFI Labs specializes in the discovery and analysis of dangerous vulnerabilities and malware. The team of dedicated security specialists actively researches new malware outbreaks, creating new threat definitions on a constant basis for the VIPRE home and business antivirus products.

About GFI
GFI Software provides web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMB) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States, UK, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold ISV Partner.

Disclaimer: All product and company names herein may be trademarks of their respective owners. To the best of our knowledge, all details were correct at the time of publishing; this information is subject to change without notice.

Click on the banner above to Try and then Buy!
Antivirus software slowing down your PC? Save your family budget and ditch your old Antivirus software for high-performance protection that IS NOT a resource hog. VIPRE Antivirus + Antispyware gives you next-gen security that doesn't slow down your computer like older, traditional antivirus bloatware products. VIPRE combines antivirus, antispyware, anti-rootkit, anti-malware and other security technologies into a seamless, tightly-integrated security solution. VIPRE delivers comprehensive protection against today's highly complex spyware, viruses, and blended malware threats for superior PC and email security. Just $29.95. More than one computer at home? Try vipre site licence $49.95 protect them all!!

New Profile Spy Spam Spreading on Facebook Leads users to a survey scam

A new Facebook scam lures users into signing up for premium mobile services and spamming their friends by promising to show a list of profile visitors. It even instructs users to disable ad-blocking programs. Read the full article :
http://www.sunbeltsecuritynews.com/QU57EP/100811-Facebook-Spy-Spam

How Does a Computer Get Infected with Rogue Antivirus Programs?
The reason these rogue anti-virus programs are successful (for the malicious coders) is because the warning screens very closely resemble legitimate Windows warning screens, plus the rouge software program names closely resemble or sound like legitimate antivirus programs. When you load an infected Web site you might see a warning screen pop up and think that it is a legitimate Windows warning. Users unknowingly are tricked into downloading the software because they believe the warning to be a legitimate Windows messages. You might also be on a Web site trying to view a video and a screen may pop-up telling you that you need to download a codec to view the file. The window prompting you to download the codec looks legitimate, however you are not going to download a codec—instead you will receive one of the many rogue antivirus software programs. In April of this year, it was also reported that systems that had been previously infected with Conficker, found this worm had began installing rogue antivirus programs on infected machines. In the early cases this turned out to be a rogue application called SpywareProtect2009. Kaspersky researchers reported this was a typical rogue program that offered to clean the computer for $49.95. Lastly, if you use file sharing networks you also risk downloading a rogue antivirus as it can be easily hidden inside a legitimate program—that you may or may not be legitimately downloading. For more information on Rouge A/V programs see the full article here
Remember no antivirus program is ALL POWERFULL.. to paraphrase the movie "A Field of Dreams" .. if you click it it will come!!

Malware Watch: Adobe zero day attack, malicious FIFA-themed spam, exploit serving Virus Alerts Click for article

Bogus UPS shipping spam

Trojan resists deletion by attacking the bootloader This is potenitally a very nasty one..

By John E. Dunn | Techworld
Published: 16:05 GMT, 12 April 10

A new wave of bogus UPS shipping spam is being used to push a piece of malware which can render PCs unbootable, security company Webroot has warned. Read full article here,,

WARNING! In these times of Financial trouble Bank info scams will be on the RISE!!

Hey Guys! With all the problems in Washington on Wall street and in the banking sector, more and more phishing scams are on the way! If you get an email from your bank asking you to update your personal info THINK TWICE or even 5 Times..Most banks will not ask for personal info by sending an email it may be or more than likely is someone trying to STEAL your personal info.. PLEASE if you even are slightly afraid or suspicious, CALL the BANK and ask .. (Don't call the number in the email Look it up your self )

Just remember the motto of that great bank " The First Presbyterian Bank of Scotland"; " We cannot save your soul ..But we can save your Money!"

As always be careful opening those junk attachments.

Remember.. Grandpa said" there is no such thing as a free lunch". Everybody wants something...

Safe Computing .. Pat F..

How Not to Get Infected

Obviously, there are many ways to pick up a virus or other malicious software. We've put together a list of the more common methods of infection so that you know what to look out for and avoid.

Malicious links: (never click on a link unless you know the target destination is safe)
Drive-by downloads: these are the download of spyware, a computer virus, or any kind of malware that happen without knowledge of the user. Drive-by downloads may happen when you visit a website, view an e-mail message or click on a deceptive popup window. Many users click on the window in the mistaken belief that, for instance, it is an error report from their own PC or that it is an innocuous advertisement popup. In such cases, the malicious "supplier" may claim that the user "consented" to the download though he or she was completely unaware of having initiated a malicious software download.
Exploits: these are pieces of malware that take advantage of a weakness in a web browser, e-mail client, Adobe Flash installation or operating system. They install themselves without any user intervention whatsoever. Many take advantage of older vulnerabilities in applications or operating systems that don't have the latest updates installed. This is why it's important to install updates promptly.
Email attachments: infected attachments that arrive in spam emails can infect machines then send emails to everyone in the users address book. These spoofed email messages will contain some kind of enticing story to get you to follow a link to a malicious site or open an attachment which is actually the installer for the malware.

10 email scams to watch out for (click here)

If you are using WordPress, Opera or Firefox, make sure you get your updates.

FAKE Microsoft OUTLOOK Update!!

A fake E-mail notifying of a Microsoft outlook/outlook express Update is going around.

Microsoft DOES NOT send out e-mail notifications of patches/updates. This is malicious software contained in the link . Here is an article about the potential threat. Fake Microsoft patches themed malware campaigns spreading | Zero Day | ZDNet.com.

Remember follow safe computer practices and watch what you download and open in E-mails ....even from senders your know.

Google Sponsored Links Spreading Rogue Anti-Virus Software
sunbeltsecuritynews.com