By: Ang Biondo
In this fast moving age of technology, no one is safe. Last year someone in India charged first class airline tickets to one of our major credit cards. It was one of the most harrowing experiences of our lives. We had not monitored the availability of funds we could charge on our credit cards and this one had raised our credit limit at regular intervals to $25,000.00. We are retired and would never use such a credit limit on a fixed income. It took several months to straighten out, and I wouldn’t wish the experience on my worst enemy. Once we were cleared of the charge, we immediately lowered the credit limits on the cards we use and got rid of those we don’t. Obviously since that ordeal we are extremely jittery of anything that even looks suspicious on our bill.
If you use your computer for on-line shopping, you need to be made aware of a very serious “Trojan virus” in cyber land that literally attacks and plays havoc on the banking world. It’s called “Sinowal” and needs to be treated as seriously as a robber holding a loaded gun to your head. It is extremely stealth and has the ability of avoiding detection by the most sophisticated anti-virus anti-spyware out there. I will get into the details later, but for now – those who use computers and don’t have the faintest idea of how they work only need to know that it is very serious and must be avoided.
The latest U.S. Survey on the number of households with computers in the United States in 2003, puts the number of households with more than one computers in the home at 55%. The survey before that taken in 2000 was 51%. I’m sure the next survey will be astounding. That’s a lot of computers being used to communicate with other computers. The number of on-line shoppers in the United States has grown exponentially and has become common place not only during the holidays but all year round. This brings us to the question – “Do you feel safe on-line?” If you do, I’d like to know your secret. I personally was shocked by the news of the most secure building in the world, the Pentagon’s highly secured and classified information being hacked by some hacker, which they believe to have originated in China. This gives me one more reason not to buy “Made in China” goods.
It also encouraged me to do a little research which led me to the “Trojan virus malware Sinowal”, we’ve been talking about. if you haven’t heard about it – I believe it’s because it’s not too well advertised by most of the media, who’s been too busy bashing Bush.
The BBC reported on a paper released by the RSA Security team which they report on back in 2003, while the American news outlets apparently didn’t feel it important enough to report. The malware attacks the “mbr”, (master boot record) of your computer. In layman terms it changes the “mbr” and creates a small hidden partition and places a small spyware program in it. This is called a backdoor. Basically once this backdoor has been installed on your computer it reports every key stoke you make on your computer to a remote computer or network which is recording the information as its received. The receiving computer has a filtering program which is able to extrapolate information like the credit card info you just typed into your computer to purchase that item you conveniently purchased from the comfort of your home. It may also be looking for passwords. And while you see “**********” on your screen when you type your password it sees the actual password i.e.:, “mypa55word”.
There are volumes of information available on the WEB which describes exactly what and how serious this Trojan virus is. All of the major anti-virus software companies have volumes of information on it and is readily available. For me to write about it is redundant as it has already been written and reported by so many.
The RSA report can be seen at: http://www.rsa.com/blog/blog_entry.aspx?id=1378 The RSA Fraud Action Research Lab who discovered and first reported on the “Sinowal Trojan” reported “One Sinowal Trojan + One Gang = Hundreds of Thousands of Compromised Accounts.”
http://www.polandbusiness.com.pl/spyware/remove-sinowal-trojan-virus.html
“About Removing The Sinowal Trojan Virus
Trojan virus Sinowal infects victims’ computers and steals banking info without leaving any trace. And it can be difficult to remove if you do not use the right program.
The Sinowal trojan has been tracked by RSA, which helps to secure networks in Fortune 500 companies.
RSA said the trojan virus has infected computers all over the planet.
“The effect has been really global with over 2000 domains compromised,” said Sean Brady of RSA’s security division.
He told the BBC: “This is a serious incident on a very noticeable scale and we have seen an increase in the number of trojans and their variants, particularly in the States and Canada.”
The RSA’s Fraud Action Research Lab said it first detected the Windows Sinowal trojan in Feb 2006.
Since then, Mr Brady said, more than 270,000 banking accounts and 240,000 credit and debit cards have been compromised from financial institutions in countries including the US, UK, Australia and Poland. Trojan virus steals banking info
Tips and remedies to avoid becoming a victim:
Attacks are on the rise and more and more unsuspecting people fall victim daily. Common sense and some simple precautions will help to prevent you from becoming one of them.
-
“Think before you link”, you need to be wary of where you go on the web, high traffic sites like social networks, i.e.: chat rooms and popular game rooms are a perfect target for these malware programs. This is especially true on sites that you have to pay a subscription fee and have to use your credit card to join.
-
Select one credit card to use for on-line money transactions. Monitor the credit limit and call the card company and adjust the credit line as often as necessary to limit loss in the event of a credit card breach.
-
Buy a debit card, i.e.: Master Card, Visa, Amex, Discover, etc. available at most super markets and department stores and use that for on-line purchases. The card can be replenished with funds and you have full control of these risk assists. The down side is you don’t get that monthly bill to keep you informed of the funds available; a simple call however, takes care of that.
-
Be wary of vendors who are asking for different and unusual forms of authentication such as a social security number etc.
-
Don’t think you are safe by not clicking on a pop-up or opening an attachment, all you need do is visit a website for them to obtain the information stored on your computer.
-
And probably the most important tip I can give you, is if you don’t have a spyware program installed, install one.
-
All anti-virus/spyware programs are not created equal, and it pays to research them to see which one is best for you.
-
The most expensive is not necessarily the best or the best for your needs.
-
If you don’t know if you are infected, start by downloading and running Microsoft’s “malicious software removal tool” from the Microsoft site at: http://www.microsoft.com/security/malwareremove/default.mspx . Microsoft releases an update of this tool every 1st Tuesday of the month. It is not designed to totally protect your computer, and they strongly suggest you install an anti-virus/spyware program and run it frequently.
-
Not all spyware is capable of detecting Trojan spyware, if your not sure if yours will detect Trojan spyware, especially one like sinowar, contact your vendor and ask them. Or go on-line and research them.
You can see how one of the research sites rates what they consider the top ten anti-virus software products at:
http://www.2009softwarereviews.com/default.aspx?refer=2GAS&keyword=AntiSvirus . There are a number of sites out there that are constantly evaluating all types of software including security software. The ratings are constantly changing as the companies modify and update their product. So, depending on when the study was taken, the position rating may vary per evaluator. I currently am using a product called “Vipre”, which I am impressed with and does not even make the list of the evaluator I have listed above. The product has only been on the market since July of 2008, and is listed #5 on the “ToptenReviews” site which can be viewed at: http://anti-virus-software-review.toptenreviews.com/ . Vipre is lacking certification in two areas which probably have not been benchmarked yet. I consider that to be a plus, since they have only been on the market for less than 5 months.
I hope this article has been helpful, please feel free to comment on it.
Related Articles
2 users responded in this post
I found this blog post, and thought it interesting. I have been using CyberDefender which has an ID Theft function as part of it, a toolbar that comes with it called MyIdentityDefender. MID allows you to rate sites as well as see how the site has been rated as far as trustworthyness. I think MID is also avalible as just the toolbar too but I have the whole cyberdefender package. I actually hit a couple sites which had warnings, and later found that they were part of ID Theft scams. I think MyIdentityDefender is a great toolbar and since getting cyberdefender I have not had any virus or malware issues.
I got Cyberdefender antivirus software, and liked the free scanner and spyware remover that I bought the upgrade and it really saved my ass when I was near a deadline and it blocked a bunch of virus attacks I got from some websites.
I did find out that they are a NASDAQ company, which means there is some accountability and that they sell a valid product. I will try the registry cleaner, since I had such a positive experience from Cyberdefender anti-virus.
Leave A Reply