ParagonHost.com “World Class Internet Services”

“Phishing” on the “Pharm”: How Thieves Combine Two Techniques to Steal Your Identity
 by: John Young

Bob squinted at the email and began to read:

“Dear eBay User, as part of our security measures, eBay Inc. has developed a security program against fraudulent attempts and account thefts. Therefore, our system requires further account verification…”

Security Measures. A threat to suspend his account to prevent “fraudulent activity”. The email went on to say that there were “procedural safeguards with federal regulations to protect the information you provide for us.”

Bob clicked the link and was confronted with an authentic looking logon page, just waiting for him to input his user name and password and confirm what ebay supposedly didn’t know.

He almost did it. The page looked absolutely authentic, and he had already been “set up” by the email message. His fingers were poised over the keyboard when he happened to glance at the URL.

There was something very, very wrong with it.

“PHARMING” TO FLEECE SHEEP

The art of “pharming” involves setting up an illegitimate website that is identical with its legitimate prototype, for example the ebay page Bob was almost suckered into using, and redirecting traffic to it.

“Pharmers” can do it in two ways:

1. By altering the “Hosts” file on your computer. The Hosts file stores the IP address of websites you have been accessing. By inserting a new IP address into the database field corresponding to a website, your own computer can be redirected to the pharmer’s website. Any information you give the bogus site is immediately hijacked by the pharmer.

2. Hijacking the DNS (Dynamic Name Server) itself. A DNS matches the names of address with their IP addresses. If this server can be coerced into assigning new IP addresses to traditional names, all computers using the name resolution provided by the DNS server will be redirected to the hijacker’s web site.

Once that happens, it’s time to be fleeced.

DOWN ON THE PHARM

“Pharmers” hijack your “hosts” file or DNS servers using Spyware, Adware, Viruses or Trojans. One of the most dangerous things you can do is to run your computer without some form of Internet Security installed on it.

Your security software should be continually updating its virus definitions, and be capable of warning you if something has been downloaded from a web site or through email. It should be able to remove it, “quarantine it”, or tell you where it is so that you can remove it by hand.

You should also have Spyware and Adware programs installed, and be aware of any change in Internet browsing patterns. If your home page suddenly changes, or you experience advertising pop ups (which may pop up even when you are not hooked up to the Internet), you should run a Virus, Spyware or Adware scan.

Thanks to the efficacy of these protection programs, pharming is a lot more difficult than it used to be. It isn’t as easy to hijack a computer as it once was.

So, the “pharmers” have teamed up with the “phishermen” to get you to visit the bogus web page yourself, and enter all the information they need.

PHISHING TO CATCH YOU ON THE PHARM

As Bob discovered, the page he had been taken to by the bogus email message was identical to the ebay logon page. Identical in every way except for the URL.

Out of curiosity, he checked the URL for the ebay logon by accessing ebay directly and clicking on the logon link. The two URL’s were nothing alike, except the bogus one did have the word “ebay” in it twice – just enough to make it look authentic.

By combining the two techniques, the phishermen/pharmers had avoided the high tech problems associated with downloading a Virus that could get past his protection software. They had gone straight for the throat.

Bob’s throat.

YOUR ONLY REAL IDENTITY THEFT PREVENTION AND PROTECTION

The bottom line is that the only real protection against the pharmers and phishermen is YOU. There are three things you must consider when you read any email demanding information:

• Why do they want it? Be extremely skeptical when they say they have to “update their records”, “comply with federal regulations”, or prevent fraud. They are the ones initiating the fraud.

• Why can’t this be done at the website? Why not invite you to access the website directly and provide this information? The answer is because the bonafide company doesn’t need an update.

• What does the URL look like? Is it a series of subdomains some of which have the name of the bonafide company? Most likely the subdomain is set up with a free hosting company.

• Have they provided partial information about you as a guarantee that the email authentically comes from the legitimate source? Be very careful of this one. This technique is effective for “pretexting”, impersonating a person or company, and was used in the Hewlett Packard scandal to collect information. Just because they know your first and last name (and any other information – known only to the legitimate source) doesn’t mean the email is legitimate. They probably hijacked the information off the server.

THE BOTTOM LINE

The bottom line is: don’t provide any information at the behest of an email, no matter how authentic it looks, or how authentic the page it directs you to looks. If you must log in, do so at the parent site itself.

Your Identity Theft prevention and protection is, in the final analysis, up to you.

Don’t be the next sheep fleeced by the pharmers who caught you with the phisherman’s hook. Being dropped naked into their frying pan is NOT a fate you want.

Copyright 2006 John Young

 Instructions: Run the MySpeed Internet speed test below to see a VoIP (Voice over IP) analysis of your current Internet connection.

When the bandwidth test completes, an analysis that a VoIP provider might use will be dynamically added into this area.

http://voipreview.org/voipspeedtester.aspx

About Us

VoipReview.org is a one stop shopping and information place for consumer VoIP providers and small business VoIP providers. You can search our site for dozens of VoIP providers and compare different VoIP plans to find out which is best for you. You can also learn about how VoIP works and how it can be beneficial to you.

VoipReview.org is the market leader in the VoIP search business. We pioneered the concept of comparing VoIP service providers and were the first to bring that concept to the Internet. We are constantly innovating our site and establishing new relationships with broadband phone company providers (VoIP providers), bringing even more options to the consumer. We are continuously adding information on VoIP and more efficient search tools to make our site easier to understand and use.

VoipReview.org is also the market leader in consumer and small business VoIP services with our Commerce Partners program. Our Commerce Partners program is a way in which other websites (usually VoIP-related websites) can utilize our search tools and content by embedding them into their own sites. This allows them to leverage our investment in our search technology and relationships with VoIP providers without losing their customer base or loyalty. The embedded search tools are tightly integrated into their sites and allow them to generate revenue from consumers searching VoIP providers.

The TeamThe Voip Review team continues to grow and we are now up to 3 developers, 1 project manager, 1 data entry person, 1 VP of Business Development, 1 VP of Marketing, a CEO, and 8 highly respected individuals serving on our board of advisors.

What Is A VoIP Phone?
 by: Peter Nisbet

In spite of the growing popularity of IP telephony, there are still many people who do not know what a VoIP phone is. What is the difference between a VoIP phone and an ordinary phone?

As far as you are concerned, probably not a lot. You can still use your own landline phone if need be, though in its simplest form there is no VoIP phone handset as such. Just a microphone and speakers will do. All you need is some software which is supplied by the provider.

You can use your normal land-line phone. Just like digital TV requires a box, either set-top or included in the set, VoIP needs a box which you can either buy yourself, or get from your VoIP provider. Once you connect your phone to the box and the box to your internet connection, you have your VoIP phone system using your own phone. Due to the connection speeds involved you have to have broadband or another high-speed internet connection.

Your telephone conversation passes through the internet in packets in the same way as any other file does. As you speak, your analogue voice signal is digitized by the VoIP software into binary form, and the digital stream broken up into small ‘packets’ which are sent through the internet. These packets each take their own fastest route through the internet, from computer to computer, till they reach their destination. This is the way that all files are sent through IP.

The problem with a streamed signal, such as a VoIP phone conversation, and a packet system, is that the packets do not always arrive in the correct order. This is due to the releative amount of internet traffic each packet comes up against, and the fact that they can each take different routes. Also, some packets are lost, or ‘dropped’.

Modern software is becoming increasingly better at arranging packets in the correct order (often through slight time delays which allow them to be rearranged) and covering up ‘dropped’ packets. VoIP phone conversations are therefore more audible now than they were in the early days of VoIP phone systems.

As I said, you can use your computer microphone and speakers to make and receive conversations, but you can also get a dedicated VoIP phone if you prefer. It’s all a matter of choice and does not significantly affect the services you can have.

Some of the services supplied free with VoIP phone systems are:

* Caller ID
* Call waiting
* Call forwarding
* Voicemail
* Conference calls
* Call transfer
* Group pick-up

Once you have your box, any calls you make to another VoIP are free – anywhere. For calls to non-VoIP phones there is a charge, but this is generally lower than normal land-line charges.

Your phone number relates to the adaptor, so you can take this with you and use it on any computer with fast internet connection. You can also buy a VoIP phone to go with your laptop and make telephone calls anywhere at any time; just as you can with a mobile, but at a fraction of the cost, and usually free to any other IP phone. This is an excellent inexpensive solution for businesses with a network of offices – all calls between them will be free throughout the world.

Another cool feature is virtual phone numbers. You can get local area numbers allocated to your regular phone number, so that if your family live in LA and you are in New York they can ring your LA local number with their landline and speak to you in New York at local rates. How cool is that!

A VoIP phone is now an attractive option for anyone, both as a cheap alternative to a mobile phone and as a complete replacement for a landline.

Copyright 2006 Peter Nisbet

ScanSafe appoints former Websense executive Bill Goldbach as Vice President of North American sales

26 September 06
Seasoned Industry Veteran to Drive Sales for Leading Managed Web Security Services Company

ScanSafe, the worldwide leader in managed Web security, today announced that Bill Goldbach has joined the company’s executive team as vice president of sales in North America.

Goldbach most recently served as vice president, Americas at Websense, Inc., a provider of Web filtering software. During his five year tenure, he rebuilt and grew the sales and channel team resulting in 30 percent sales growth each year and accounting for 70 percent of the company’s corporate sales and revenue.

“Bill has a proven track record of successfully launching sales programs that grow the customer base and help turn innovative, emerging companies into industry leaders,” said Roy Tuvey, president, ScanSafe. “In addition, he brings a wealth of Web security industry knowledge and channel expertise to the table. He’s the perfect addition to the ScanSafe team.”

A seasoned executive with over 25 years experience, Goldbach will be responsible for leading the sales team, building out strategic alliances, continued development of ScanSafe’s channel program and driving overall market penetration in North America.

“Having been involved in the security industry for many years, I immediately recognized the value of ScanSafe’s fresh approach to Web security,” Goldbach said. “As a fully managed service, ScanSafe addresses many of the market needs that are not being met by existing on-premise solutions. With its unmatched, innovative technology, ScanSafe is poised to dominate the managed Web security market in North America. I am eager to work with the ScanSafe team and its partners to achieve this goal.”

Prior to Websense, Goldbach was director, North America at MRO.com, the leading provider of asset and service management solutions, where he was responsible for the successful development, launch and execution of the company’s sales program. While at MRO, he managed direct and indirect sales teams and drove annual sales in excess of $50 million.

Earlier in his career, Goldbach held sales positions with companies including ADP, Infinium Software, and Consilium, Inc. He holds a bachelor of science degree in accounting from Boston University.

About ScanSafe

ScanSafe is the global leader in managed Web security, ensuring a safe and productive Internet environment for businesses worldwide. ScanSafe solutions keep viruses and spyware off corporate networks and allow businesses to control and secure the use of the Web and instant messaging. As a fully managed service, ScanSafe’s solutions require no hardware, upfront capital costs or maintenance and provide unparalleled real-time threat protection.

Powered by its proactive Outbreak IntelligenceTM heuristic technology, ScanSafe processes more than five billion Web requests and blocks ten million threats each month for customers worldwide, including Rothschild, Condé Nast and BMW.

Since pioneering the market for managed corporate Web security, ScanSafe continues to deliver innovative Web security solutions, including the introduction of ScandooTM—the world’s first free Internet safe search tool that classifies search engine results based on the presence of malware and unwanted content.

With offices in London and San Mateo, California, ScanSafe is privately owned and financed by Benchmark Capital. The company received the 2006 Info Security Global Product Excellence Award for Best Managed Security Service, and was named one of Red Herring’s Top 100 Technology companies of 2005. For more information, visit www.scansafe.com.

ScanSafe reports an unexpected 47 percent drop in Web viruses in september; spyware increases 21 percent

18 October 06
YouTube Accounted for One in Every 200 Web Pages Viewed in the Workplace during the MonthScanSafe, the global leader in managed Web security, today released its latest Global Threat Report on Web filtering, spyware and viruses. Among the report’s key findings, ScanSafe reported that Web viruses decreased 47 percent in September, despite recent high-profile Microsoft vulnerabilities, and that one in every 200 Web pages viewed in the workplace were YouTube pages.The ScanSafe Global Threat Report is based on real-time analysis of more than five billion Web requests and more than 10 million Web threats processed by the company in September and represents the largest analysis of Web security threats based on real-world traffic. “We were surprised to see such a drop-off in Web viruses during September,” said Eldar Tuvey, CEO and co-founder, ScanSafe. “With all the recent attention on Microsoft vulnerabilities and zero-day exploits, we thought we’d see an increase. Despite the hype, a mass outbreak did not occur in September. In fact, none of the top 10 Web viruses blocked by ScanSafe during the month were exploits of Microsoft vulnerabilities uncovered in September, including the much publicized Vector Markup Language vulnerability,” Tuvey said. “While these vulnerabilities were exploited, the exploits did not occur in high volume.”

On September 20, reports surfaced of a new vulnerability in Internet Explorer specifically targeting a Windows component called vgx.dll. This component is meant to support Vector Markup Language (VML) documents in the Windows operating system. VML is used for high-quality vector graphics on the Web and is used for viewing pages in the Internet Explorer browser.

The company blocked 158 unique viruses during the month, 31 percent of which were new unique viruses – viruses blocked for the first time by ScanSafe. Zero-hour threats—attacks that appear before an anti-virus signature is available—accounted for 14 percent of all Web-viruses blocked by ScanSafe in September.

In addition to its data on Web viruses, ScanSafe reported that spyware and adware increased 21 percent in September and that 8 percent of the spyware blocks were to prevent already infected PCs from “calling home” or transmitting outbound to a spyware domain. “An effective anti-spyware solution should filter both inbound and outbound Web traffic, to identify already infected PCs for remediation and to block them from being further compromised,” Tuvey said.

In August, Web viruses rose 23 percent while spyware decreased 12 percent.

“There is seasonality to Web viruses and spyware,” Tuvey added. “We fully anticipate a jump in malware as consumers go online to start their holiday shopping. As such, we caution users and those responsible for corporate networks not to be lulled into a sense of complacency, but to take the necessary precautions to protect themselves from Web threats.”

ScanSafe leverages industry-leading signature-based engines as well as Outbreak IntelligenceTM—ScanSafe’s own proactive heuristics technology, to provide protection from inbound and outbound Web-based threats. Outbreak Intelligence leverages ScanSafe’s position at the Internet-level to proactively identify threats, quickly develop heuristics, and test these against real data to ensure accuracy and effectiveness. ScanSafe’s ability to analyze threats proactively ensures that Outbreak Intelligence heuristics are created and updated for immediate protection from both known and zero-hour threats.

YouTube Accounted for One in Every 200 Web Pages Visited During the Month

In addition to its statistics on Web-based malware, ScanSafe reported that during September one in every 200 Web pages viewed in the workplace were YouTube pages.

“The numbers are a reflection of the widespread popularity of YouTube as a Web destination,” said Tuvey. “Different businesses have different approaches to recreational use of the Web and they should deploy a Web security solution that allows them to set policies that reflect their corporate Web use culture—whether it be restricting, monitoring or allowing access for individual employees or groups of users.”

To obtain a copy of the latest ScanSafe Global Threat Report, send an email to gtr@scansafe.com.

About ScanSafe

ScanSafe is the global leader in managed Web security, ensuring a safe and productive Internet environment for businesses around the world. The easy-to-use service requires no hardware and delivers real-time, complete protection from the latest Web threats. ScanSafe’s solutions keep viruses and spyware off corporate networks and allow businesses to control and secure the use of the Web and instant messaging applications.

Powered by its proactive Outbreak Intelligence heuristic technology, ScanSafe processes more than five billion Web requests and blocks 10 million threats each month for customers including Rothschild, Condé Nast and BMW.

Since pioneering the market for managed corporate Web security, ScanSafe continues to deliver innovative Web security solutions, including the introduction of ScandooTM—the world’s first free secure Internet search tool that classifies search results based on the presence of malware and unwanted content.

With offices in London and San Mateo, California, ScanSafe is privately owned and financed by Benchmark Capital. The company received the 2006 Info Security Global Product Excellence Award for Best Managed Security Service, and was named one of Red Herring’s Top 100 Technology companies of 2005. For more information, visit scansafe.