Crimeware Defined and Explained

Crimeware is malicious software used to initiate a crime that is typically Internet-based. During the past two years, crimeware attacks have increased at a far greater rate than the normal virus. International gangs of virus writers, hackers and spammers are joining forces to steal information and collect huge profits illegally.

A classic example of crimeware is a backdoor keylogger trojan that collects keystroke information and transmits it back to an attacker.

For example, a bank login ID and password may be collected and sent back to an attacker. The attacker typically will use this information in order to collect illegal profits.

Ransomware is another form of crimeware. In this case, a malicious Trojan encrypts files on an unsuspecting user’s hard drive. Once the files are encrypted the Trojan then displays a message, or leaves behind a ransom note demanding money from the user for the decryption key.

Given the newness of this threat type, and the potential of how it might evolve in the future, further clarification and dissection of the definition of crimeware will likely be required.

Bank of America Scam

Below is the latest scam that is going around, I received this from a lady who wanted to know if it was real or not. I did some research and of course it was not. If you google the following (Joan Own, David Dupont or daviddupont154@aol.com) , you will find more information on this scam.
My recommendation is to delete it and do not respond to this email.
_________________
From: BANK OF AMERICA <joan.own@bankofamerica.com>
Sent: Tue, Aug 4, 2009 7:41 am
Subject: YOUR PAYMENT NOTIFICATION…
Bank of America Corporate Center
Senior Personal Banker – Head Office
Bank Of America Corp Ctr 100 North Tryon Street
Charlotte, NC 28255-0001
ATTN: BENEFICIARY
This is to Officially inform you that it has come to our notice and we have thoroughly completed an Investigation with the help of our Intelligence Monitoring Network System that you legally won the sum of $800,000.00 USD from our online balloting system in the Banks Head Quarter in United States of America. This funds have been investigated and we have discovered that your e-mail won the money from our Online Balloting System and we have been authorized to contact you and pay to you, your winnings via a Certified Cashier’s Check.
Normally, it will take up to 2 business days for an Bank of America Check to be cleared, cashed and remmited into your account by another local bank. We have successfully notified the banks on your behalf that funds are to be drawn from our registered bank, the Bank Of America so as to enable you cash the check instantly without any delay, henceforth the stated amount of $800,000.00 USD has been deposited with our bank, Bank Of America in COVINA, CALIFORNIA. where your check is deposited in a new online account. This is the Online Number: 626-453-8400 to verify the deposited Check.
We have completed this investigation and you are hereby approved to receive the certified cashier’s check into your personal account as we have verified the entire transaction to be Safe and 100% risk free, due to the fact that the funds is with Bank Of America you will be required to settle the following bills directly to the Bank of America Agent in-charge of this transaction whom is located here in United States of America.
According to the directives, you are required to pay for the following –
(1) Deposit Fee’s (Fee’s paid to setup a new account for the beneficiary by the Bank Of America)
(2) Courier Delivery Fee (Fee paid to deliver the check through UPS deleivery to your designated address)
(3) Insurance (This is the fee paid by bank to insure the check before been deposited at the bank)
The total amount for everything is $450.00 (Four Hundred and Fifty-US Dollars). We have tried our possible best to indicate that this $450.00 should be deducted from your funds but we found out that the funds have already been deposited at Bank Of America and cannot be accessed by anyone apart from you the beneficiary, therefore you will be required to pay the required fee’s to the Agent in-charge of this transaction via Western Union Money Transfer Or Money Gram.
In order to proceed with this transaction, you will be required to contact the agent in-charge (Mr. David Dupont) via e-mail. Kindly look below to find appropriate contact information:
CONTACT AGENT NAME: MR. David Dupont
E-MAIL ADDRESS: daviddupont154@aol.com
BANK OF AMERICA, 1375 N Citrus Ave, Covina, CA 91722.
You will be required to e-mail him with the following information:
FULL NAME:
ADDRESS:
CITY:
STATE:
ZIP CODE:
DIRECT CONTACT NUMBER:
You will also be required to request Western Union details on how to send the required $450.00 in order to immediately Deliver your funds $800,000.00 USD via Certified Cashier’s Check drawn from Bank Of America, also include the following transaction code in order for him to immediately identify this transaction : EA2948-910.
After making the payment to the Agent in-charge, an Account Information, with Account Name and Access Code will be given to you, to access your funds where it is deposited in an online account with the bank of america. This is the Online Account Number: 626-453-8400 and the Agent incharge will issue you the CODES.
This letter will serve as proof that the BANK OF AMERICA is authorizing you to pay the required $450.00 ONLY to Mr. David Dupont via information in which he shall send to you, if you do not receive your funds of $800,000.00 we shall be held responsible for the loss and this shall invite a penalty of $10,000 which will be made PAYABLE ONLY to you (The Beneficiary).Failure to contact Mr. David Dupont and complete the delivery of your check to you, the check will be deposited with the bank reserve.
Best Regards
JOAN OWEN
Senior Personnel Banker – Head Office
Note: The $450 can not be deducted from your fund of $800,000 becuase the cashiers’s check have been insured and also all fees must be paid before the check will be delivered your designated address.

Below is the latest scam that is going around, I received this from a lady who wanted to know if it was real or not. I did some research and of course it was not. If you google the following (Joan Own, David Dupont or daviddupont154@aol.com) , you will find more information on this scam.
My recommendation is to delete it and do not respond to this email._________________

From: BANK OF AMERICA <joan.own@bankofamerica.com>Sent: Tue, Aug 4, 2009 7:41 amSubject: YOUR PAYMENT NOTIFICATION…
Bank of America Corporate CenterSenior Personal Banker – Head OfficeBank Of America Corp Ctr 100 North Tryon StreetCharlotte, NC 28255-0001ATTN: BENEFICIARYThis is to Officially inform you that it has come to our notice and we have thoroughly completed an Investigation with the help of our Intelligence Monitoring Network System that you legally won the sum of $800,000.00 USD from our online balloting system in the Banks Head Quarter in United States of America. This funds have been investigated and we have discovered that your e-mail won the money from our Online Balloting System and we have been authorized to contact you and pay to you, your winnings via a Certified Cashier’s Check.Normally, it will take up to 2 business days for an Bank of America Check to be cleared, cashed and remmited into your account by another local bank. We have successfully notified the banks on your behalf that funds are to be drawn from our registered bank, the Bank Of America so as to enable you cash the check instantly without any delay, henceforth the stated amount of $800,000.00 USD has been deposited with our bank, Bank Of America in COVINA, CALIFORNIA. where your check is deposited in a new online account. This is the Online Number: 626-453-8400 to verify the deposited Check.We have completed this investigation and you are hereby approved to receive the certified cashier’s check into your personal account as we have verified the entire transaction to be Safe and 100% risk free, due to the fact that the funds is with Bank Of America you will be required to settle the following bills directly to the Bank of America Agent in-charge of this transaction whom is located here in United States of America. According to the directives, you are required to pay for the following -(1) Deposit Fee’s (Fee’s paid to setup a new account for the beneficiary by the Bank Of America)(2) Courier Delivery Fee (Fee paid to deliver the check through UPS deleivery to your designated address)(3) Insurance (This is the fee paid by bank to insure the check before been deposited at the bank)The total amount for everything is $450.00 (Four Hundred and Fifty-US Dollars). We have tried our possible best to indicate that this $450.00 should be deducted from your funds but we found out that the funds have already been deposited at Bank Of America and cannot be accessed by anyone apart from you the beneficiary, therefore you will be required to pay the required fee’s to the Agent in-charge of this transaction via Western Union Money Transfer Or Money Gram.In order to proceed with this transaction, you will be required to contact the agent in-charge (Mr. David Dupont) via e-mail. Kindly look below to find appropriate contact information:CONTACT AGENT NAME: MR. David DupontE-MAIL ADDRESS: daviddupont154@aol.comBANK OF AMERICA, 1375 N Citrus Ave, Covina, CA 91722.You will be required to e-mail him with the following information:FULL NAME:ADDRESS:CITY:STATE:ZIP CODE:DIRECT CONTACT NUMBER:You will also be required to request Western Union details on how to send the required $450.00 in order to immediately Deliver your funds $800,000.00 USD via Certified Cashier’s Check drawn from Bank Of America, also include the following transaction code in order for him to immediately identify this transaction : EA2948-910.After making the payment to the Agent in-charge, an Account Information, with Account Name and Access Code will be given to you, to access your funds where it is deposited in an online account with the bank of america. This is the Online Account Number: 626-453-8400 and the Agent incharge will issue you the CODES.This letter will serve as proof that the BANK OF AMERICA is authorizing you to pay the required $450.00 ONLY to Mr. David Dupont via information in which he shall send to you, if you do not receive your funds of $800,000.00 we shall be held responsible for the loss and this shall invite a penalty of $10,000 which will be made PAYABLE ONLY to you (The Beneficiary).Failure to contact Mr. David Dupont and complete the delivery of your check to you, the check will be deposited with the bank reserve.Best RegardsJOAN OWENSenior Personnel Banker – Head OfficeNote: The $450 can not be deducted from your fund of $800,000 becuase the cashiers’s check have been insured and also all fees must be paid before the check will be delivered your designated address.

Washington D.C. Carries the Most Cyber-Criminals Per Capita

In an article written on Examiner.com it is stated Washington D.C. Carries the Most Cyber-Criminals Per Capita.

The Washington DC Metro area is known to have some of the best high-tech companies and some of the best technical minds in the country, but along with this recognition, it seems we are now known for the area with the most cyber-criminals.

A report by The Internet Crime Complaint Center states, D.C. has the most cyber-criminals per capita at 116 for every 100,000 people, while Maryland and Virginia ranks 19th (29.72 perpetrators per 100,000) and 28th (24.12 perpetrators per 100,000) respectively.

To check out the article click here.

Information Security or Information Assurance: Same Meaning?

I read and interesting posting titled, “Information Security or Information Assurance: Same Meaning?” by Jeri Brown at http://lavirtuosity.com/

Here is what the article had to say, enjoy…

http://lavirtuosity.com/?p=50

Internet Explorer 8 blocks a billion malware downloads

James Pratt, Microsoft’s Product Manager stated in a blog post , “The SmartScreen team just informed me that we’ve reached an amazing milestone – Internet Explorer 8 has blocked 1 billion attempts to download malware!”

The SmartScreen Filter evaluates URLs and their associated servers. If the software recognizes a server as containing malicious content, it displays a warning, saying it is unsafe to browse to a respective site that could cause harm on the user’s computer. The user is then given the option to continue to the page or go back to their home page without downloading any content.

SecurityOrb, LLC and members from the Tech Talk Show discussed the matter in a recent BlogTalkRadio program.  Consensus is that, due to Microsoft’s security vulnerabilities in its operating system and IE browsers, this news is not a surprise.  The use of IE8 users base grew from a year ago, so it is only logical, the numbers would increase pertaining to blocked malware.

In a CNET posting, Don Reisinger stated, “Of course, whether Microsoft’s ability to block a billion malware download attempts is really something to gloat about is up for debate.  On one hand, the company seems to be doing a better job of keeping users safe.  On the other, the fact that that many attempts have been made might speak to security issues that still plague the Windows ecosystem.  Regardless, it seems that Microsoft is turning its blocking abilities into a positive thing. And to some extent, it’s commendable.

But that won’t stop me from choosing Google Chrome or Mozilla Firefox over Internet Explorer.”

Source: http://news.cnet.com/8301-13506_3-20011538-17.html

Pentagon Workers Tied to Child Porn

The Boston Globe’s Bryan Bender reported Friday that federal investigators “have identified several dozen Pentagon officials and contractors with high-level security clearances who allegedly purchased and downloaded child pornography, including an undisclosed number who used their government computers to obtain the illegal material.”

Check out his video and write-up at the link below:

http://voices.washingtonpost.com/checkpoint-washington/2010/07/boston_globe_pentagon_workers.html