12/01/2011 - 01/01/2012 ~ PCCare247.com PCCare247.com Blog, PC Care 247 Tech Support Redefined

Wednesday 28 December 2011

'Christmas theme' on Facebook gets stolen by the Grinch


Antivirus Support
Ho! Ho! Ho! Santa is coming to wish ‘netizens’ Merry Christmas on Facebook!! But watch out, for the Grinch is masquerading as Santa this Christmas and he has a malware up his sleeve; sugar coated as a theme for your Facebook profile.

The latest attack uses social engineering as a potent tool for luring people into installing a malicious browser plugin. And once people get sucked into the bait of clicking on the Like button, the page redirects them to a URL where a malicious plugin named Free Cheesecake Factory Coupons get installed on the PC.

With the plugin once activated affected users get their walls flooded with the catchy status, "Get Christmas Theme for FB, a free Christmas Theme for all FB users”. Caught by the antivirus software this file is christened as TROJ_REDIR.CU.

So, next around you want to make merry this Christmas season be careful because cyber criminals are for sure launching attacks using the holiday season as a big lure.

Merry Christmas and a Happy New Year!!!   www.pccare247.com

Monday 26 December 2011

Choke hackers Inc. with their own venom

Everything is going hunky-dory for your business, the online rankings are good, the internet marketing strategies seem to be leaving an impact, clients are thronging on to the site - in short business is doing well.  But then suddenly you wake one fine morning and end up finding your official portal has been hacked. Hackers Inc. have ended up punching gaping holes in the security. Leaving you with a persistent bot; now what?

Hacking Back In Self-Defense
Online Tech Support
The bottom-line is hackers Inc. is pulling out all strings to screw up security systems. And organizations need to take a good hard look at every available vista for stopping the loss of their money, technology and secrets.  With new laws being explored, old ones being amended and solutions sought, it is about time an outside the box thinking was adopted and good guys in the bargain were given advantage or at least a fighting chance. Although technically difficult but clearly feasible, adopting a clear, forward, out-of-the-box thinking and analysis to put back get thing chugging along.

Haul the crooks by scruff of their neck
Nations can legally defend themselves but what about organizations? Bound by legal compulsions and a code of conduct they really can’t end up going beyond a certain limit. But then with one hundred percent security considered to be a myth, what does one really do?

With standard responses considered to be slow and in many cases not very effective, it is a presumption a business cannot reach beyond its own network for blocking an attacker in self-defense. However, I strongly intend to strike a discordant note! Even though refraining from advocating vigilantism, in reality the war in the cyberspace is being lost and it is about time one did a hard rethink on existing strategies and laws.

Not the one to mince any words further, it is really about time we went in for a hard rethink. Opening up a dialogue and moving the conversation further down the road to shape better responses, solutions, and laws. In the retrospect not even shying away from advocating organizations of using an automated code going beyond their network and eliminating threat via a self-defense master stroke.

Getting into the technicality of it all
To get rid of that nasty Trojan, Virus or a Bot put into the system, what if were to suggest that you ended up implanting a code on the phone-home function or communication function of the bot so that when it was to end up communicating with the CnC server for instructions, the communication path would be blocked or cut off by the code at the CnC server? Does it sound like a perfect solution? Not even close, so what, you are at a liberty to try other measures to finally nail the nasty bot. Is this hacking? Is it gaining unauthorized access to or trespassing on a computer system?

I really don’t think so, for at the end of the day my ideology of ‘fighting fire with fire’ is really what ends up giving a befitting reply to those unworthy hackers.   www.pccare247.com

Thursday 22 December 2011

Fake antivirus: A contagion masking as an antidote

Fake antivirus is definitely counted amongst the most potent online threats. Christened as rogue antivirus, rogues, or scareware, the embezzler employs social engineering for luring users to malicious sites and scaring them into paying for fake threat removal tools.

Waylaying PC users into deft traps
Antivirus SupportFake antivirus as a security software pretends to find dangerous security threats—such as viruses—on a PC. The application while starting with a free scan ends up asking PC users to pay in the progressive stages for cleaning up fraudulently reported “threats”. The same set of alerts end up prompting users to visit a site where they would be asked to pay for non-existent threats to be cleaned up. With the fake antivirus malware continuing to send annoying and intrusive alerts until a payment is made or the malware is removed.

Compared to other malware such as Bots, Backdoor Trojans, Downloaders and Password Stealers; Fake Antivirus draws a victim towards handing money directly over to a malware author. With victims paying anywhere around 100-120 dollars to pay for junk software supposedly considered as a quick fix for the problem.

Infection is a Click Away!!
Although through many different ways a fake antivirus may get onto a system, the majority of distribution avenues rely on social engineering. Going ahead and tricking PC users into running a fake antivirus install executable in a way similar to many other types of Trojans. With fake antivirus, a huge range of social engineering tricks are being used and still new ones are coming up all the time. Commonly ending up comprising of:
  •  Email spam campaigns
  •  Compromised websites and exploit payloads
  •  Search engine optimization poisoning
  •  Fake antivirus downloads by other malware

Wednesday 21 December 2011

Look out!! Malware seeks to fuel its gluttonous zest with your PC

Instead of succumbing to the voguish threat hype, organizations and individuals can accentuate their threat tolerance through creation and promotion of a more secure system. Sprucing up defenses against an ever-evolving malware industry via strategic investment in security policies; thus eliminating vulnerabilities in the times to come.

Set your priorities Right!!
MalwareFor enhancing the malware-defense capability, security professionals would need to stop chasing malware flavor of the month and instead develop proactive security measures for proactively stopping it. All going on to suggest, if you have not opted for “defense against malware” as a top priority, it is high time you ended up doing so.

As time runs out variants in present times are fast becoming more polymorphic, stealthy, targeted and agile – indubitably leaving no doubt malware is capable of exploiting several vulnerabilities. With effect, giving security professionals sleepless nights and work hard towards detecting malicious elements looking to penetrate into an environment.

Sheath your PC out of harm’s way
Shielding a PC is easy if you know how!! Believe us, for following such handy tips is bound to ensure your PC remains in the pink of health.  

·         Offline malware and threat Detection
Inline technologies, such as IPS and secure Web gateways, need to adhere to line speed and therefore are restricted in the amount of analysis which can be performed. But, offline detection capabilities provided by a number of vendors in the market can go a long way in conducting a much deeper analysis and catching malware otherwise missed.

·         Whitelisting the maladies
In a highly controlled environment, white listing is a powerful tool against anomalies, including malware. One can end up applying it to Web accesses, software installed on servers and endpoints, and server-to-server communication. Organizations however using Whitelisting must have a fast response capability towards handling exceptions and the rarest of cases.

·         Enhancing the Browser security
With a majority of malware issues spreading via the Web and looking to exploit browser vulnerabilities, a hardened browser environment works towards eliminating such a major threat. With new technologies being regularly released from prominent vendors in the market, a full-proof browser security is no more an invincible prospect. www.pccare247.com

Tuesday 20 December 2011

Beware!!! Scraping Attacks are on the Prowl!!


Computer Tech SupportWhenever we imagine a thief, we envision a masked man lurking in a dark alley? Or a teenage hacker nestled in a dimly lit basement striving to break into a remote Web server? But then in real time try and move past such clichés, for data is even being swindled by big conglomerates belonging to the software, finance and event planning verticals.

Employing a technique better known as site scraping or alternatively called data harvesting, screen scraping or Web scraping, such entities resort to all means necessary for extracting data from a Website. Depending on the requirement; either manually copying Website content from Web browsers or employing software programs for an automatic extraction of data.

Fatal effects of Site Scraping
Site scraping can undermine victims’ revenues and profits by siphoning off clients and reducing competitiveness. Unfortunately, site scrapers can be very tough to differentiate from legitimate Web application users. However, when left unchecked, site scraping quickly ends up transitioning from merely being innocuous to malicious; especially when individuals or businesses end up reusing the scraped data for financial gain.

What Site Scraping intends to do?
  • Harvesting user information from social network sites or user forums
  • Plagiarizing content comprising of news articles, blog posts, medical information and financial research
  • Gathering product and pricing data for to peg back prices of goods and services for a rival
  • Collecting email IDs from Websites for spam email campaigns
  • Detecting changes on a competitor’s website
  • Republishing Website listings, such as job board postings, real estate listings, and phone directories
  • Re-purposing the scraped content for applications such as comparison shopping sites or reverse phone look up tools. 
  • “Auction sniping” or placing bids on online auction sites within minutes or seconds of the auction ending

The aforementioned actions end up violating the intended use of application data. And for Web-based companies, site scraping acts as a big threat to revenues and competitiveness; even endangering business viability.

Common Weaponry of Choice
Site scraping tools range from simple, home grown scripts to commercial scraping software embedded with Web browsers. Tools one would say not only come in good towards parsing HTML, DOM (Document Object Model) but even interpreting the most complex of Java Scripts. Often ranging from simple, custom scripts to advanced software tools with built-in browser-like capabilities designed to impersonate normal users. Many scraping tools also include Web site crawlers that help automate initial configuration. Ring and Grab Major Printer Support Virus Removal Support at +1-855-877-5848, http://www.pccare247.com/

Saturday 17 December 2011

Phising Attacks: Malafide Intentions Personified

In the times gone by, it was observed financial credentials ended up bearing the brunt of phishing attacks. But Snap!! Coming back to the present, phishing attacks have evolved; targeting sensitive corporate data. A fact evidenced by high-profile data breaches. At the receiving end have been organizations targeted with advanced persistent threats and phishing and spear-phishing emails posing as entry vectors.

Email SupportSo Take Care!! Representing the greatest threat to even the biggest organizations they are there to decimate the best defense put forth by you.

Phishing Attacks high on Adrenaline Rush
The seriousness of phishing threats may sound very theoretical, but a harsh reality is – “phishing attacks are achieving their malicious goals”. Organizations are on the knife’s edge thanks to devastating breaches resulting from phishing and spear-phishing attacks. With attackers leaving no stone unturned to utilize a broad spectrum of technologies and techniques. Highly focused and persistent, often these attacks are considered to be highly opportunistic in their orientation.

Specimens of a Phish Attack
  • Phishing emails sent – employees are not necessarily high profile or high value targets.
  • Email is crafted well enough and even if it is caught by the email security solution employees may be   tricked into retrieving it from their quarantine.
  • The employee then clicks on the URL in the message, initiating a drive-by download of malware.
  • Malware may be designed to coax a desktop machine to reach out to command and control servers.
  • Malware propagates across the network, searching for specific user accounts with relevant privileges (initial entry points/accounts may not have sufficient administrative rights).
  • With sufficient privileges and target systems reached, data is acquired and staged for exfiltration.
  • Data is exfiltrated (extracted outside the organization), typically via encrypted files over available ports – FTP, HTTP, or SMTP. www.pccare247.com

Monday 12 December 2011

Take care!! Security concerns for 2012 are knocking on the door

With 2012 just about round-the-corner, security concerns are also rather new and are being considered more than menacing in their outlook ever before. What’s more, adding to already burgeoning security hassles are the influx of bring your own devices (BYOD), social media, cloud computing and other operational challenges. In short, all we can say is buckle up, for if 2011 was a shocker, then 2012 is likely to be a motherload of all security issues.

What’s 2012 got in store?
2012 is for sure going to pain in the neck or the IT guys dealing with the security scenario. Since, as it goes the year will end up promising hassles galore in fields such as:

PC Security·         Social Media
It goes without saying identity may prove more valuable to cybercriminals than credit cards. For at the end of the day, bad guys would be actively involved in the activity of buying and selling social media credentials on online forums. And if facts are anything to go by then with Facebook nearly boasting of more than 800 million active users and over half of them logging on to the site daily, with every user nearly boasting of as many 130 friends on an average, a less than favorable scenario is not far away.  And yes with trust ending up being the foundation of social networking, if in case a bad guy does end up compromising with the logins, there is a good chance a manipulation on friends list is in the pipeline.

·         Blended Attacks
This method is considered as one of the most advanced attacks trying to sneak its way past elements social media elements such as ‘friends’, ‘mobile devices’ and the cloud. Blended attacks are generally a considered as a mix of two elements, namely E-mail and the Web. In the coming year advanced attacks are increasingly going to rely on at least two and sometimes all the emerging technologies such as social media, cloud platforms and mobile.

·         Volley of Attacks in 2012
End up expecting an increase in exposed vulnerabilities from black hats and white hats in coming year for mobile devices. In 2012, if estimates are anything to go by then nearly 1,000 different variants of exploits, malicious applications, and botnets would be ready to infect hand held devices and those plugged to the head. And yes with nearly a new variant every day the number of people falling victim to believable social engineering scams will rise manifold.

·         Containment is the new prevention 
For years, security defenses have focused on keeping cybercrime and malware out. There’s been much less attention on watching outbound traffic for data theft and evasive command and control communications. Organizations on the leading edge will implement outbound inspection and will focus on adapting prevention technologies to be more about containment, severing communications, and data loss mitigation after an initial infection.

·         Social Event Magnets
The London Olympics, U.S. presidential elections, Mayan calendar and apocalyptic predictions are events cyber criminals will try and exploit to the hilt. SEO poisoning has become an everyday occurrence and one just needs to the name the trend and it is for sure going to be poisoned. Further, as the bigger search engines have become savvier towards removing poisoned results; criminals in 2012 will end up using the same techniques ported to new platforms. So, in short Twitter feeds, Facebook posts/emails, LinkedIn updates, YouTube video comments, and forum conversations need to be handled with extreme caution. Better still searches, wall posts, forum discussions, and tweets dealing with topics listed above, as well as any celebrity death or other surprising news are considered to be magnets for unsuspecting netizens. www.pccare247.com

Friday 2 December 2011

Malware: An ultimate nemesis for SMB’s

Malicious attacks via social networks and through other mediums are considered to be a number one cause for data breaches, surpassing lost or stolen laptops and accidental sharing.


Impacting businesses big time, the costs comprise of detection, remediation, notification efforts, tech support, credit monitoring and legal fees.


Malware SupportIn dire situations, resources are even diverted from other sales, marketing, customer service projects to focus on repair and damage control. With effect, leading the management teams to shift tasks to emergency communication efforts in order to repair customer trust.

But that’s not all, in addition to increased costs; businesses even end up risking the loss of their intellectual property. And if in a situation a cybercriminal were to end up gaining access to a corporate network, the company stands to lose new product development plans, confidential marketing, shareholder information and even its intellectual capital.

SMB’s need to tread with caution
Malware attacks can end up playing havoc with any organization, but for SMBs (Small and Medium-Sized Businesses) the costs are magnified. And in such a situation, the best protection strategy against social networking malware would be to go in for a two-pronged approach: education and technology.

To start with the easiest way to prepare employees against malware would be by means of showing them examples. Say for instance, one could always start by showing screenshots of Facebook scams, Twitter hacks or fake LinkedIn invitations. Yet, at the same time coming up with inclusive quick tips on how to avoid social malware via creation of strong passwords, using only trustworthy news sources and not clicking on questionable links. www.pccare247.com

And yes at the end of the day when employees do up realizing how convincing such attacks might be, giving them a good understanding of how to end up avoiding them.

Source your antivirus judiciously
Only employee education won’t do, for at the end of the day blue-chip business antivirus solutions are considered as an effective solution against social malware. However, as it goes all AV solutions are equal, so the one you should end up choosing should be inclusive of:
  •  A powerful scanning technology. High-quality AV solutions come in good towards analyzing and   detecting potential viruses and malware before they end up infecting user machines.
  •  Active monitoring and protection as a majority of the SMBs don’t have time or resources to constantly monitor their networks for security threats. So, investing in a solution protecting your network and user machines in real time would end up helping big time.
  • Web filtering for malicious elements and blocking bad URLs before they hit the network. This should  be done by implementing a solution using the latest behavioral analysis and malware URL detection technology.

Thursday 1 December 2011

How to win loyal clientele via superlative online tech support?

In spite of the best client experience initiatives being led by someone from marketing, organizations boasting of superlative programs end up having a mixture of people who are responsible for coming out with periodical reports having a bearing on entire client base of an organization.

At the same time attached to the whole process they have something better known as a "case report", a document saving up information whenever a client ends up calling a contact centre to lodge either a compliment or a complaint.

Key Initiatives for flawless online tech support
Every contact centre can end up delivering a smooth tech support experience to its clients, provided it is ready to adhere to the following points:

·         Prompt action on Feedback
Online Tech SupportOrganizations failing to respond to client feedback are throwing away a chance to increase their base of satisfied and loyal clients. At the same time changes need to be deployed throughout the company and need to be communicated on a regular basis to employees and customers.

·         Client-Centric Processes
Organizations should identify processes crucial for clients rather than designing them with an objective of improving operational efficiencies.

·         Ensuring consistency via a united front  
Companies should ensure any information gleaned from a client during one interaction is not forgotten in the next channel.

·         Being receptive
Opening channels or extending hours are one way of doing it.  But it can be way more than that, say for instance it can be like building communities. It goes without saying that organizations need to be transparent, clear, open-minded and inclusive.

·         Personalization
Personalization can be complex, and it can lead to accentuated costs for the company. Companies need to evaluate the costs of personalization against sales benefits in order to improve a client’s experience in the longer run.

·         Altering company behavior and attitudes  
The most powerful actions in a client's experience are the ones taken by the employees. In a nutshell there can be three ways to alter employee behavior:
·         Recruitment of right employees
·         Laying down standards with policies, procedures and governance structures
·         Creation of training programs  for modifying employee behavior

·         Design the complete customer experience:
To just cut the whole thing short, it would be right to say - Organizations need to plan and design the client experience, rather than letting it "just happen". 

PCCare247.com Copyright © 2012-2013 by PCCare247 Solutions (P) Ltd.