Kaspersky Total Security: The Safest Way to Shop and Bank Online Buy Now
For 2015: All-New Updated Security
Ring in the New Year by keeping your customers’ computers and mobile devices safe with Kaspersky Lab’s 2015 release of Kaspersky Total Security (formerly Kaspersky PURE Total Security), and Kaspersky Internet Security for Mac! Kaspersky Total Security is the solution for securing multiple vices running a variety of operating systems.
Kaspersky Internet Security for Mac protects users from the growing list of threats to Mac systems, and is OSX Yosemite compatible.
NEW! Kaspersky Total
NEW! Kaspersky Total Security | $99.95
Complete and total package for digital security
Financial protection: account numbers, and personal information while online banking and shopping
Protects user’s identity, passwords, and important documents
Assures that they and their child’s online activity is secure.
Provides the same efficient protection across all devices for the most enhanced digital experiences.
Internet Security for Mac
NEW! Kaspersky Internet Security for Mac | $59.95
Blocks network attacks that slow down user’s Mac
Prevents Macs from spreading malware to another user’s PC
Works with the latest versions of OS X, Yosemite
How to recognize and How to Report a PayPal Fake Email
Reporting a fake PayPal email to PayPal helps everyone. Your report gives PayPal another opportunity to see how these emails are being created and further protect your account from hacks.
1. PayPal answers what to do:
If you think you have experienced PayPal fraud or received a PayPal scam via email (e.g. a fake email pretending to be from PayPal), forward the entire email to email@example.com, and delete it from your email account. If you came across a fake PayPal website, contact our Customer Service team.
Recognizing a fake is easy:
Check the email greeting: Emails from PayPal will always address you by your first and last name or the business name associated with your PayPal account. A PayPal scam email may include the salutation “Dear PayPal User” or “Dear PayPal Member”
Here is a sample of one I got today:
The mail was sent from: Support Pay-Pal <firstname.lastname@example.org> This is not PayPal.
I forwarded the email and got this response. Join the fight against this FAKE email.
Dear Circe Denyer,
Thank you for being a proactive contributor by reporting
suspicious-looking emails to PayPal’s Abuse Department. Our security
team is working to identify if the email you forwarded to us is a
Paypal Will Always:
– Address our customers by their first and last name or business name of
their PayPal account
Paypal Will Never:
– Send an email to: “Undisclosed Recipients” or more than one email
– Ask you to download a form or file to resolve an issue
– Ask in an email to verify an account using Personal Information such
as Name, Date of Birth, Driver’s License, or Address
– Ask in an email to verify an account using Bank Account Information
such as Bank Name, Routing Number, or Bank Account PIN Number
– Ask in an email to verify an account using Credit Card Information
such as Credit Card Number or Type, Expiration Date, ATM PIN Number, or
CVV2 Security Code
– Ask for your full credit card number without displaying the type of
card and the last two digits
– Ask you for your full bank account number without displaying your bank
name, type of account (Checking/Savings) and the last two digits
– Ask you for your security question answers without displaying each
security question you created
– Ask you to ship an item, pay a shipping fee, send a Western Union
Money Transfer, or provide a tracking number before the payment received
is available in your transaction history
Any time you receive an email about changes to your PayPal account, the
safest way to confirm the email’s validity is to log in to your PayPal
account where any of the activity reported in the email will be
available to view. DO NOT USE THE LINKS IN THE EMAIL RECEIVED TO VISIT
THE PAYPAL WEBSITE. Instead, enter www.paypal.com into your browser to
log in to your account.
What is a phishing email?
You may have received an email falsely claiming to be from PayPal or
another known entity. This is called “phishing” because the sender is
“fishing” for your personal data. The goal is to trick you into clicking
through to a fake or “spoofed” website, or into calling a bogus customer
service number where they can collect and steal your sensitive personal
or financial information.
We will carefully review the content reported to us to certify that the
content is legitimate. We will contact you if we need any additional
information for investigating the matter. Please take note to the
security tips provided above as they may help to answer any questions
that you may have about the email you are reporting to us.
Help! I responded to a phishing email!
If you have responded to a phishing email and provided any personal
information, or if you think someone has used your account without
permission, you should immediately change your password and security
You should also report it to PayPal immediately and we’ll help protect
you as much as possible.
1. Open a new browser and type in www.paypal.com.
2. Log in to your PayPal account.
3. Click “Security and Protection” near the top of the page.
4. Click “Identify a problem.”
5. Click “I think someone may be using my account without permission.”
6. Click “Unauthorized Account Activity.”
Thank you for your help making a difference.
Every email counts. By forwarding a suspicious-looking email to
email@example.com, you have helped keep yourself and others safe from
The PayPal Team
Securi – WordPress Plugin Vulnerability –
This is a copy of an email I received. Pass the information along to anyone with a Word Press site that may be using this plugin.
|Our research team found a very serious vulnerability in the WPTouch Plugin for WordPress that allows an attacker to upload files remotely to websites running the plugin that have not updated to VERSION 3.4.3 VERSION 3.4.3 (the version the WPTouch team just put out to patch the vulnerability).In order to secure your website if you’re using the WPTouch Plugin (and over 5 million sites are), make sure to update the plugin immediately. If your website scans show an infection, be sure to quickly open a malware removal ticket so that we can help.
This is just another example of our research team, @sucurilabs, actively searching for vulnerabilities that could affect your website security. If you’re worried about the ever-increasing rate of vulnerabilities in plugins, then try protecting your website behind our website firewall, CloudProxy, for free for a month and we’ll be able to proactively block these threats and protect your website from negative consequences. To take advantage of a free month of CloudProxy, just email us at firstname.lastname@example.org.
Learn more about today’s WPTouch disclosure here: http://blog.sucuri.net/2014/07/disclosure-insecure-nonce-generation-in-wptouch.html
–The team at Sucuri
Official PayPal Logo
Beware of SCAMS Via Emails – PayPal
I recently received an email that appeared to be from PayPal. Taking a second glance, it was not from Paypal.
I forwarded the email to the PayPal Spoof organization so they can prevent this from happening.
Paypal Spoof Email Sample
This email has earmarks of a SPAM/Spoof/Phishing email:
- Misspellings in the Subject Line
- Link to “Fix What’s Wrong”
- Salutation: Dears;
- Closing: Security Team
- Email is not a PayPal email address
All official Paypal emails address the recipient by first and last name. (Dear Circe Denyer,)
Closing of the email is:
If you cannot see the email address, find out how to read it. In GMail, the address is visible without opening the email itself. PayPal email is from @payPal.com
Send your SPOOF/PHISHING/SPAM payPal emails to email@example.com.They will respond to you.
Here is a sample of a response by PayPal:
Every email you forward helps others to be protected. PayPal uses the information to prevent these from getting sent in the first place.
In February or March, Ebay was hacked and the database was stolen.
Ebay hacked. A cyber criminal has gotten into the Ebay customer database using an employee login account and the records for customers has been compromised.
It is a good time to change this password. For those that took my class on password suggestions and creation, remember you can use those symbols above the letters to form a phrase that visually you recognize, but make the password more cryptic.
Take a phrase like I buy ebay and turn it into a password that looks like this. IbuYEb@Y. Add non meaningful numbers to it and you’re done. IbuYEb@Y3409 where the numbers are meaningful only to you. ( A special date of old locker number).
Ebay password changes are done quite easily and is located under the Account settings for your Ebay account.
You can read the story of the attack on Fox2Now.com.
Changing your passwords frequently for Financial transaction sites is a good idea. Amazon, Ebay, PayPal, Banks, Stock sites, etc should be changed routinely. The changes should be logged so you do not get yourself locked out.
Password logbooks which allow you to write down the password off of your computer, but also let you store it away in a safe box that is fire safe, is also a good practice.
If you are using a laptop and keeping your passwords on the same laptop, you risk having your personal security breached if the laptop is stolen.
See a simple password logbook here on Amazon.
I have been using Malwarebytes since I first began cleaning systems of Malware. Wikipedia says it was first released in 2008.That was 5 years ago and the new interface (front user screen) is new and different.
Malwarebytes is the best and even better now. It scans for PUPs; potentially unwanted programs. These programs are the ones that start allowing malware to infiltrate your system with other more serious infections such as trojans, worms, keyloggers, bots, and many more.
Easy enough for a novice and robust enough for a skilled computer security professionals, this is the one to use for your anti-infection toolkit.
If your system is clunky, slow or just plain not what it used to be, a scan with Malwarebytes could reveal why.
The users I support are older computer users that need a easy to use, friendly scanning system to identify and remove Malware. This new version is just that. It does not require a computer degree to get the system scanned, cleaned and operational.
Sharing Malware 101 from About .com
Check out this article from About.com. You will find a great definition of threats to your PC explained in a way that is easy and clear.
Click the image to read the article
Do you like this?
Norton products are often questioned: Does Norton Protect Against Malware?
They come for free on many new systems from the Big Box stores and I find myself uninstalling them in favor of a more robust Anit-Malware product. So, does Norton protect against malware? I think so. But a person using the computer needs to be educated in the use of this product to make it beneficial.
Often when I look at a system checking it for Malware, and I see Norton there, I also notice that the software has not been kept up to date. NO Anti-Malware software will do it’s job if the software is installed and then forgotten about.
Updates to the definitions, the product core need to be updated and made ready to fight against the viruses and malware attacks that infect computers.
To fairly answer the question does Norton protect against Malware? I would ask you three questions:
Do you click on things that pop up and say “you need to scan you computer to make it run faster”
Do you regularly check the status of the program and the definitions updates?
Do you regularly run a scan or run a scan if you notice a change in your system?
If you answered no to any of the questions above, Norton will not effectively help you. You should get a product that manages the updates, scans and pop ups on your system. You will still need to run full scans periodically, but you will be more satisfied with the protection activity. Here are some programs I recommend:
- One of these would do a good job
- Anvisoft Defender
- Download AVG AntiVirus 2014 Free
- Avira 35% off Avira Internet Security Suite
Keep this in mind when selecting your Malware prevention Protection. It does not have to cost a lot of money to protect you. It does cost your time and attention.
Can webcam be used remotely?
Web Cams Used Remotely according to this article in Wired Magazine can and have been used this way since 2007. A tool called Flame Spy tool does it. It is not just in the movies.
Is it true? Can a computer Webcam be used remotely?
Your can read the “Wired” story here.
You can be seen and heard. Webcams have microphones. Flame can activate the microphone and the camera and “spy” on you through it.
Flame Spy Tool is Malware: software that is running without intervention from you. As such, if you have the Anti-Malware protection that automatically stops unwanted Malware, you do not have anything to worry about.
Do these things:
- Check your system to see if you have Anti-Malware software.One of these would do it
- Anvisoft Defender
- Verify the Anti-Malware you are using is updated weekly
- Run System Scans on your system to verify that there is no Malware on yourcomputer
- Repeat 2-3 regularly
Webcam covers – Amazon
The wired article stated that gaffer tape is good to cover the web cam. See what that is here.
You want something that doesn’t leave residue, especially if you use your webcam for Skype etc.
The microphone is vulnerable to being used for listening in. Plug it with an audio cable, says Wired.
This is a repost from an announcement by Sucuri, The web security company.
Protect your site from DDoS attacks
If you’ve been following our blog, you know that we recently uncovered multiple DoS / DDoS (Distributed Denial of Service) attacks, in which attackers are abusing the built-in pingback feature found in WordPress to carry out DDOS attacks on sites. If you’re running your website on WordPress, then it’s possible for your site to be used in a Denial of Service attack (Learn about DOS and DDOS attacks here).
We flagged this problem when we analyzed data from a recent attack on a client that has our CloudProxy Website Firewall activated. Specifically, the attackers are using the pingback feature inherent in WordPress to perform Layer 7 Flood Attacks. This attack extends beyond the WordPress platform, and can be used to attack sites on any platform–e.g. Joomla, Drupal, osCommerce, vBulletin. If you are experiencing a disruption in service with your website, get in contact with your hosts, or if you prefer to shield yourself from attacks like this in advance, look into activating a website firewall, like CloudProxy*, that can virtually patch and harden issues like this.
If you’re monitoring your website or have ever had to clean your website of malware using our service, you know how awful it feels when your site goes down or is blacklisted through no fault of your own, and you know that the internet is only secure when all of us in the community make it secure.
Together, we can all make the web a safer place.
-The team at Sucuri
I have seen what can happen when a site is infected. The visitors get infected. The site reputation gets ruined and nobody is happy. You can prevent that, check that and know your business online is not infecting its customers.
Get Sucuri protection today.