Thursday, September 15, 2011

Android A Target for Malware Writers

New Malware: Q2 2011 by Platform

*provided my McAfee
Two things I found interesting about this graph. First, Android is obviously a huge target for malware writers. Why? Hold that thought ...
Who's missing from this graph? Why wasn't iOS among the top six OS's targeted by malware writers in Q2?  It can't be the reason OSX malware is relatively low; iOS has a significant share of it's market, much more than the others listed.

So what's different about iOS that's not true about Android? 

Android is considered an open platform, whereas iOS has been described as a walled garden. 

Apple keeps tight control over it's ecosystem, much to the chagrin of many consumers and developers alike.  But perhaps there is a security advantage to such fastidious controls, and if so, this closed posture benefits IT and consumers.

Is a closed platform inherently more difficult to hack? Is this why iOS not attracting malware authors, and why Android malware development is out of control?  Or does it have more to do with each providers app marketplace and their respective app vetting processes?

What's your opinion on the matter?








Posted by at 1 comment:
Labels: , , , ,

Wednesday, September 14, 2011

Craigslist Scam #2

This is a big week for Craigslist scams. Scam #2 could easily trick you into divulging personal information or signing up for a fallacious service.

I was on Craigslist looking for a good deal on the wildly popular iPad2 so I clicked on this ad:


The ad itself is unremarkable, so I clicked on the annonymized email address to contact the seller, which of course launched my email client.  I sent out an inquiry, asking for more detail, pictures, etc.  Several days went by, and I received this response.


Hmmm.  My spidey sense is starting to tingle.  Curious about the URL, I want to click on it, but better judgement tells me to do two things: hover over the hyperlink to made sure it's not more than meets the eye, and check out www.trustedsource.org and other URL or IP reputation databases.  Since I don't see any danger, I manually enter that URL into my browser, or better yet, into a Google search to see what's being said about that URL, rather than going directly to it.

Well, it turns out this takes me to a Penny Auction site. 


Who knows how legit this site is, meaning if I take the time to register, can I really get a new iPad2 for $300, or if my personal and financial data is safe, or is malware lurking, waiting to pounce?  I don't have a lot of confidence at this point, because BouncyBids already lost my trust.  Classic bait and switch, which is no way to start out a relationship, even a transactional one.

Incidentally, I responded to two other similar Craigslist posts this week, and got nearly identical reply emails taking me to similar Penny Auction sites with slightly different URLs.

I've said it once and I'll say it again: The best approach to protecting yourself is a combination of education and a technology safety net.  Be careful out there!



Posted by at No comments:
Labels: , ,

Craigslist Scam #1

I came across a simple yet interesting Craigslist scam this week.  The scam appears to start with your email address being scraped from a Craigslist ad that you've posted. (I am currently investigating why a Google result exposes an email address that was supposed to be annonomyzed by Craigslist.)  Since the scammer knows you've posted on Craigslist, a targeted email is sent to the scraped address that looks like this in the inbox:


Drilling down ...
Uh, oh! In a panic, I'd better investigate why my ever-so-important Craigslist account has been suspended. 

Wait, what's this?  If I hover over the Login link, what do I find? Hmmm ...  I wasn't expecting to see that URL.

Manually navigating to pw2.ro/808 in a virtual desktop environment, I am redirected cltos-change.ucoz.org/secure/survey/1/:


Whew! I'm back at Craigslist.  Or am I?  

How many times will you enter your UN and PW before you figure out you've been pwned?

At the time of this writing, trustedsource.org and senderscore.org have nothing negative to say about either of the URL's I posted, so they don't yet have a bad reputation.  

The best approach to protecting yourself is a combination of education and a technology safety net.  Be careful out there!







Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)