Wednesday, January 28, 2009

Defending Cell Phones and PDAs Against Attack: Cyber Security Tip ST06-007

Cyber Security Tip ST06-007
Defending Cell Phones and PDAs Against Attack (View the article with links to related articles)

As cell phones and PDAs become more technologically advanced, attackers are
finding new ways to target victims. By using text messaging or email, an
attacker could lure you to a malicious site or convince you to install
malicious code on your portable device.

What unique risks do cell phones and PDAs present?

Most current cell phones have the ability to send and receive text messages.
Some cell phones and PDAs also offer the ability to connect to the internet.
Although these are features that you might find useful and convenient,
attackers may try to take advantage of them. As a result, an attacker may be
able to accomplish the following:
* abuse your service - Most cell phone plans limit the number of text
messages you can send and receive. If an attacker spams you with text
messages, you may be charged additional fees. An attacker may also be
able to infect your phone or PDA with malicious code that will allow
them to use your service. Because the contract is in your name, you will
be responsible for the charges.
* lure you to a malicious web site - While PDAs and cell phones that give
you access to email are targets for standard phishing attacks, attackers
are now sending text messages to cell phones. These messages, supposedly
from a legitimate company, may try to convince you to visit a malicious
site by claiming that there is a problem with your account or stating
that you have been subscribed to a service. Once you visit the site, you
may be lured into providing personal information or downloading a
malicious file (see Avoiding Social Engineering and Phishing Attacks for
more information).
* use your cell phone or PDA in an attack - Attackers who can gain control
of your service may use your cell phone or PDA to attack others. Not
only does this hide the real attacker's identity, it allows the attacker
to increase the number of targets (see Understanding Denial-of-Service
Attacks for more information).
* gain access to account information - In some areas, cell phones are
becoming capable of performing certain transactions (from paying for
parking or groceries to conducting larger financial transactions). An
attacker who can gain access to a phone that is used for these types of
transactions may be able to discover your account information and use or
sell it.

What can you do to protect yourself?

* Follow general guidelines for protecting portable devices - Take
precautions to secure your cell phone and PDA the same way you should
secure your computer (see Cybersecurity for Electronic Devices and
Protecting Portable Devices: Data Security for more information).
* Be careful about posting your cell phone number and email address -
Attackers often use software that browses web sites for email addresses.
These addresses then become targets for attacks and spam (see Reducing
Spam for more information). Cell phone numbers can be collected
automatically, too. By limiting the number of people who have access to
your information, you limit your risk of becoming a victim.
* Do not follow links sent in email or text messages - Be suspicious of
URLs sent in unsolicited email or text messages. While the links may
appear to be legitimate, they may actually direct you to a malicious web
site.
* Be wary of downloadable software - There are many sites that offer games
and other software you can download onto your cell phone or PDA. This
software could include malicious code. Avoid downloading files from
sites that you do not trust. If you are getting the files from a
supposedly secure site, look for a web site certificate (see
Understanding Web Site Certificates for more information). If you do
download a file from a web site, consider saving it to your computer and
manually scanning it for viruses before opening it.
* Evaluate your security settings - Make sure that you take advantage of
the security features offered on your device. Attackers may take
advantage of Bluetooth connections to access or download information on
your device. Disable Bluetooth when you are not using it to avoid
unauthorized access (see Understanding Bluetooth Technology for more
information).
_________________________________________________________________

Author: Mindi McDowell
_________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Note: This tip was previously published and is being re-distributed
to increase awareness.

Terms of use



This document can also be found at

Monday, January 26, 2009

Greener Internet Searching

With "green" being so important now, did you know there is a greener way to search the internet?

http://www.blackle.com/

Blackle uses a Google Custom Search to display both the home page and search results on a black screen, reducing the amount of energy needed by your monitor.

Search results are provided by Google.

Wednesday, January 21, 2009

Understanding Hidden Threats: Corrupted Software Files

Cyber Security Tip ST06-006
Understanding Hidden Threats: Corrupted Software Files

Click here for a web version of the article with links to the other documents mentioned.

Malicious code is not always hidden in web page scripts or unusual
file formats. Attackers may corrupt types of files that you would
recognize and typically consider safe, so you should take precautions
when opening files from other people.

What types of files can attackers corrupt?

An attacker may be able to insert malicious code into any file,
including common file types that you would normally consider safe.
These files may include documents created with word processing
software, spreadsheets, or image files. After corrupting the file, an
attacker may distribute it through email or post it to a web site.
Depending on the type of malicious code, you may infect your computer
by just opening the file.

When corrupting files, attackers often take advantage of
vulnerabilities that they discover in the software. These
vulnerabilities may allow attackers to insert and execute malicious
scripts or code, sometimes without being detected. Sometimes the
vulnerability involves a combination of certain files (such as a
particular piece of software running on a particular operating system)
or only affects certain versions of a software program.

What problems can malicious files cause?

There are various types of malicious code, including viruses, worms,
and Trojan horses (see Why is Cyber Security a Problem? for more
information). However, the range of consequences varies even within
these categories. The malicious code may be designed to perform one or
more functions, including
* interfering with your computer's ability to process information by
consuming memory or bandwidth (causing your computer to become
significantly slower or even "freeze")
* installing, altering, or deleting files on your computer
* giving the attacker access to your computer
* using your computer to attack other computers (see Understanding
Denial-of-Service Attacks for more information)

How can you protect yourself?

* Use and maintain anti-virus software - Anti-virus software
recognizes and protects your computer against most known viruses,
so you may be able to detect and remove the virus before it can do
any damage (see Understanding Anti-Virus Software for more
information). Because attackers are continually writing new
viruses, it is important to keep your definitions up to date.
* Use caution with email attachments - Do not open email attachments
that you were not expecting, especially if they are from people
you do not know. If you decide to open an email attachment, scan
it for viruses first (see Using Caution with Email Attachments for
more information). Not only is it possible for attackers to
"spoof" the source of an email message, your legitimate contacts
may unknowingly send you an infected file.
* Be wary of downloadable files on web sites - Avoid downloading
files from sites that you do not trust. If you are getting the
files from a supposedly secure site, look for a web site
certificate (see Understanding Web Site Certificates for more
information). If you do download a file from a web site, consider
saving it to your desktop and manually scanning it for viruses
before opening it.
* Keep software up to date - Install software patches so that
attackers cannot take advantage of known problems or
vulnerabilities (see Understanding Patches for more information).
Many operating systems offer automatic updates. If this option is
available, you should enable it.
* Take advantage of security settings - Check the security settings
of your email client and your web browser (see Evaluating Your Web
Browser's Security Settings for more information). Apply the
highest level of security available that still gives you the
functionality you need. In email clients, turn off the option to
automatically download attachments.

Related information

* Securing Your Web Browser
* Recovering from Viruses, Worms, and Trojan Horses
______________________________

___________________________________

Author: Mindi McDowell
_________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Note: This tip was previously published and is being re-distributed
to increase awareness.