A national computer security campaign is urging smartphone users to do more to protect themselves from unwittingly downloading malware applications.

Get Safe Online says that there has been an increase in smartphone malware as the market has grown.

Criminals are typically creating Trojan copies of reputable apps and tricking users into installing them. Once on the phone, the app can secretly generate cash for criminals through premium rate text messages.

Get Safe Online, a joint initiative between the government, police and industry, said it was concerned that users of smartphones, such as Android devices, were not taking steps to protect their devices.

Get Safe Online said fraudsters are designing apps which generate cash secretly in the background without the owner realising until their monthly bill.

A typical scam involves an app designed to send texts to premium rate services without the user knowing. Apps can appear to be bona fide software or sometimes masquerade as stripped down free versions of well-known games.

Rik Ferguson, a hacking researcher with internet security firm Trend Micro, said: “This type of malware is capable of sending a steady stream of text messages to premium rate numbers – in some instances we’ve seen one being sent every minute. With costs of up to £6 per message, this can be extremely lucrative. The user won’t know this is taking place, even if they happen to be using the device at the same time, as the activity takes place within the device’s back-end infrastructure.”

Here’s a few tips to keep your own Smartphone free of attack

Source BBC Tech News

More than one million websites were believed to be infected with malware in the fourth quarter of 2010, nearly double the previous year, according to figures released on Tuesday by Dasient.

‘Malvertising’, advertising containing malware, is also on the rise, with impressions doubling to three million per day from the third quarter of 2010, Dasient said in a blog post. “The probability that an average internet user will hit an infected page after three months of web browsing is 95%,” the company said.

The news corresponds with information released this week by another security firm. An analysis of than 3,000 websites across 400 organisations in 2010 found that 44 percent of them had serious vulnerabilities at all times, while 24 percent were frequently vulnerable for an average of at least 270 days a year, according to WhiteHat Security.

Neither WhiteHat nor Dasient identified the Web sites they analyzed or disclosed whether any of the biggest Web brands were among those with malware or vulnerabilities.

Read more: www.zdnet.co.uk/news/security-threats/2011/03/09/

Tip: To check your Windows PC for malware and other nasties visit our Software Reviews Page and under the heading ‘Adware, Spyware and Hackers’ download – Microsoft Windows Defender, AdAware, SpyBot Search & Destroy and Malwarebytes. These are all free to use and run.

While you are on this reviews page download CCleaner. This wonderfull free program can clean out your Windows Registry, clear out all your temporary Files and remove your browser or start menu run histories. It can also do a whole lot more!

Internet users are being warned about cold callers who offer to fix viruses but then install software to steal personal information.

Campaign group Get Safe Online said a quarter of people it had questioned had received such calls, many suspected to have been from organised crime gangs.

Some gangs, employing up to 400 people, are known to set up their own call centres to target people en masse.

Internet users are also urged to be wary of pop-ups offering virus checks.

Earlier this year, search engine giant Google warned it had discovered massive amounts of malicious fake anti-virus software.

The UK warning on such software comes from Get Safe Online, which is backed by the government, police forces and major businesses with a stake in internet security.

It says it has charted a growth in two related scams designed to trick people into installing fake anti-virus software as a means of harvesting personal information such as credit card details.

Some of the scams involve pop-up windows claiming that the computer has been infected.

These “scareware” approaches encourage users to click through to a site hosting malicious or useless software that acts as a front for gathering personal information. Most of the time, the software appears almost identical to professional anti-virus products.

In other cases, gangs have set up call centres in eastern Europe or Asia and cold-call UK phone numbers attempting to find people to con.

In both cases, information gathered from the identity thefts can be used by gangs or sold on to other criminals through online market places.

Get Safe Online’s annual report says its research suggests a third of UK internet users are still victims of viruses, despite steady improvements in security. More than a fifth said they had suffered identify fraud.

Source: BBC Tech

Twitter has identified a scheme that uses compromised file-sharing sites to steal the log on information of users.

The service said it had discovered a number of compromised “torrent” sites that had been set up specifically to skim usernames and passwords. Torrent sites act as indexes of links to TV, film and music files.

Scammers were then able to use the data to gain access to Twitter and other sites because many people use the same logon for multiple services.

The firm has reset the accounts of affected users, it said.

“The takeaway from this is that people are continuing to use the same email address and password (or a variant) on multiple sites,” the firm said in a blog post. “We strongly suggest that you use different passwords for each service you sign up for.”

The conclusion is echoed by security researchers who say it is a particular problem for banking websites.

The information comes as security firm Sophos launched its annual report.

One of its findings that spam and attacks on social networks – such as Twitter and Facebook – had risen 70% in the last year.

Facebook was branded the “riskiest” network, although the firm also pointed out that it was also the largest and would therefore attract the most attention form cyber-criminals.

Source: BBC Tech News