Security Alert NewsReporter
                  October 3, 2009
html version
  Here are a few of the more interesting security and Internet safety postings we selected from the many reviewed during the past few days


ew FREE anti-virus and anti-spyware from the Microsoft Company
that they named "Microsoft Security Essentials" launched this past week. It's simple, Free, provides Real Time protection and has an automatic update feature.

I downloaded it - it's an 8.6 MB file - and was pleased at how easy it was to install. You can download it, too, at their webpage "Microsoft Security Essentials"

After downloading to my desktop, a click on the Icon started the
download Wizard. It was easy to follow the steps to finish the install.

Be patient during the next step while the program downloads the latest virus and spyware definitions. They are the key to your safety.

Also be prepared for a long wait during the initial scan of your system. My first-time quick scan took 28 minutes for about 35,000 items for just the "C" drive.

No threatening items were detected, so I proceeded to select a Daily Scanning schedule from the "Settings" dialog box.

The program isn't the most feature laden anti-malware software available, but I feel you can't go wrong for "FREE"

Note that Microsoft is blocking users of counterfeit copies of Windows from installing the free Security Essentials antivirus software. However, PCs that fail their validation check will display a second dialog that provides a link to the section of Microsoft's site where users can purchase -- or in some cases receive a free copy -- of Windows.


   Already using FREE anti-virus AND anti-spyware

If you are currently using other free Anti virus and Anti spyware software
from AVG, Avira, or others, and if you are curious about selecting the 'best' free safeware, check out the Sunbelt BLOG

On Tuesday, September 29, 2009, Alex Eckelberry of Sunbelt Software
posted some very thoughtful and in-depth comments on Microsoft
Security Essentials in his Sunbelt BLOG.

These are expert opinions from a honest competitor and worth reading


                          Another attack on Facebook

Computerworld reports that Hackers have apparently found a way to automate the creation of new Facebook profile pages by breaking the challenge-response mechanism used by the site to ensure that only humans sign up for the service.

You know - that "CAPCHA" thing that's sometimes very hard to read.

These Facebook pages are being used to spam links pointing to malicious sites. Users who click on the links are prompted to install rogue anti-spyware tools on their systems, and we know all about those threats from reading earlier issues of this newsletter, don't we?

The Facebook company is investigating the report and is working on identifying and disabling the fake accounts.

Internet Crime Complaint Center (IC3), which is a partnership between the FBI and the National White Collar Crime Center, cautions that users of social networking sites need to be aware of such threats.

I would add that
when you come upon a link to a site you've never visited before, DON'T look, CLICK and then think about it - instead

               Look, THINK and then Click


     Twitter also sent out an alert about Direct-messaging spam.

Twitter warned users last week that a link sent by direct message redirects users to a malicious site that attempts to steal account credentials.

This phishing scheme sends victims to a replica of the Twitter logon page.

According to reports from Twitter, accounts compromised by the attack will send out tweets (messages), which look like this

"rofl this you on here? http:// videos.twitter.*****,"

Last month, security researchers revealed details of a botnet that used Twitter and the shortened URLs common on the service, as an update service for its malicious code. In June, researchers warned that social networks were becoming a major avenue for attacks.

The Koobface worm, which uses Facebook and MySpace to spread, was one of the first major threats to highlight the danger of malicious code propagating through social networks


Another one to watch out for - an IRS notice about
                              Unreported Income

This alert from NetworkWorld who reported last week that this IRS scam is now the world's biggest e-mail virus problem.

What makes this so ugly is that the malware that accompanies the fake IRS messages is a variation of the hard-to-detect Zeus Trojan. This software hacks into bank accounts and withdraws money as part of a widespread financial fraud scheme.

We mentioned Cloudmark(*) in a recent issue, well, they have counted about 11 million of these IRS fraud messages sent to just their customers since early September.

The IRS warns not to open attachments or click on links included in e-mail that claims to come from the tax-collection agency.

See our warning, above

(*)Cloudmark provides comprehensive messaging security solutions that protect subscribers and messaging infrastructure from spam, phishing, viruses and other harmful content.


What's your ID Score? Identity Theft Score, that is

An ID Score differs from a Credit Score because it indicates the risk that you might be a victim of Identity fraud. (A Credit Score indicates your credit worthiness).

You can learn what your ID Score is at the "My ID Score" website here -
"My ID Score" The site calculates a three digit number between 1 and 999. It describes your risk of being a victim of identity fraud and gives you real–time, actionable insight into the security of your identity.

I checked my ID Score - it indicated a MODERATE risk of identity fraud. It also suggested reviewing my Credit report to see if there was any suspicious activity. They also listed the four main sites where individuals can obtain free copies of their personal credit records.

* TransUnion: 1-800-680-7289
Fraud Victim Assistance Division
P.O. Box 6790
Fullerton, CA 92834-6790

* Equifax:
P.O. Box 740241
Atlanta, GA 30374-0241

* Experian:
1-888-EXPERIAN (397-3742)
P.O. Box 2002
Allen, TX 75013

or mail your request to the Annual Credit Report Request Service
P.O. Box 105281
Atlanta, GA 30348-5281
(You can print the form from

It's more than worth the time you spend in this research - for the peace of mind that results from knowing where you stand.


October is National Cyber Security Awareness  Month
                                 Are Your Prepared?


Why just October? Shouldn't every month be devoted to Cyber Security - or every week, maybe every day - how about every minute spent online?

But human nature is what it is, and with so many distractions from anything we may try to focus on, or do, highlighting the urgency of Cyber Security with banners proclaiming it as a special event can help develop an awareness, and a habit for exercising sufficient precaution.

That's the goal of the National Cyber Security Alliance(*) and they promote it with sites like

Content on their Website is developed in cooperation with many partners including government, industry, non-profit, and education partners. Since the goal is increased education about and adoption of cyber security practices, all of the content found at (*) may be reproduced, if provided for free, to educate the public on good cyber security and safety practices.

I encourage everyone, young or older, to visit and benefit from the wealth of information, tools, guidelines, and just plain common sense presented there.

One of the best ways to minimize the threats associated with the Internet is to be aware of them, know how to avoid them, and how to recover from accidental entrapment by cyber criminals.

Are you ready to help spread the word? By participating in my Security Awareness campaign, you'll be helping others stay safe, and in turn, help yourself. Visit Stay Safe Online here

   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

(*) is the National Cyber Security Alliance’s Website. Content on the Website is developed in cooperation with many partners including government, industry, non-profit and education partners. Since their goal is increased education about and adoption of cyber security practices, all of the content found at may reproduced, if provided for free, to educate the public on good cyber security and safety practices

(*) National Cyber Security Alliance -  founded in 2001, is the pre-eminent public private partnership, working with the Department of Homeland Security (DHS), corporate sponsors (Symantec, CISCO, Microsoft, SAIC, EMC, McAfee), and nonprofit collaborators to promote cyber security awareness for home users, small and medium size businesses, and primary and secondary education.
                       (also posted in the
Security Alert blog. on Sep 20, 2009)

 Family Safety

The Family Safety section of the Firewalls-and-Virus Protection website
encourages helping each other in
Internet security practices and covers basic guidelines to make the Internet safer for children and their families, plus - there are some valuable resources available - many free.


(and Here's the link to the current Security Alert Blog posts)

Important reminder: Don't be lulled into a false sense of security because there isn't much hyped up media news about viruses recently. They are 'out there', but the current threat levels are still fairly low. As I suggested in the last issue, it would be a safe move to prepare yourself and your family for the next big security threat.

In that issue, I listed a couple of resources - still available
Get this FREE ecourse on Avoiding Current Security Threats  and
Avoid Identity Theft - FREE 5 part eCourse. Feel free to share with your family members and friends
 And remember, when you come upon a link to a site you've never visited before, DON'T look, CLICK and then think about it - instead

               Look, THINK and then Click

To your safe surfing, and a delightful fun filled Fall season.

Richard Rossbauer
Follow Me on Twitter

Helping to change your ideas into
safe fun and rewarding results at
Old School Bldg D1
230 Centre St Langhorne, PA 19047 USA

Do you like the Newsletter in this format? I would really like your comments and opinions. Click here to send me an eMail. Thank you.
                               Send Richard an Email

And if you don't receive your own copy, you can Subcribe HERE

  P.S. Here are more resources, FREE for the taking

  10 (FREE) Powerful Lessons on Protecting Your Home, Your self, and your whole family

   Thanks for Visiting !

                                            Close Window

                                                                                                                                                Hit Counter

                        ©   All Rights Reserved    Privacy Policy | Contact