Security

Retailers aren't the only ones gearing up for the holiday season. Criminals are also out in force.

To highlight the increased crime during the holidays, security company McAfee has come up with the "12 Scams of Christmas" ranging from bogus electronic greeting cards that deliver malware instead of cheer to fake charities that steal your money and your identity.

It's especially important to be extra careful this time of year, says McAfee's David Marcus. "The bad guys know people are spending more time online, they're paying more bills online so [the criminals] stand a chance of being a bit more successful this time of year.

In a podcast interview (scroll down to listen), Marcus counted down the 12 scams of Christmas starting with:

1. Charitable phishing scams: Marcus warns consumers to be wary of e-mails that appear to be from legitimate charities. Not only will they take your money and deprive charities of needed funds, but they will also steal your credit card information and identity.


2. Fake invoices from delivery services: During this period, scammers will send out fake invoices and delivery notifications appearing to come from Federal Express, UPS, the U.S. Postal Service or even the U.S. Customs Service saying that they were unable to deliver a package to your address. They ask you to confirm your address and give them credit card information to pay for delivery.


3. Social networking friend requests: Bad guys take advantage of this social time of year by sending out authentic looking friend requests via e-mail. Marcus recommends that you not click on those links but sign into Facebook and other services and look for friend requests from the site itself. Clicking on a link could install malware on your computer or trick you into revealing your password.


4. Holiday e-cards: Be careful before clicking on a holiday e-card, especially if it's from a site you haven't heard of. This is a way to deliver malware, pop-ups, and other forms of unwanted advertising. Some fake e-cards will look like they come from Hallmark or other legitimate companies, so pay close attention and make sure it's from someone you know. If you're going to send an e-card, be sure you're dealing with a reputable service lest you risk infecting yourself and your friends.


5. Fake "luxury" jewelry: If you see an offer for luxury gifts from companies like Cartier, Gucci, and Tag Heuer at a price that's too good to be true, it probably isn't true. These links could lead you to malware and take your money or merchandise that will probably never arrive (or be fake if it does). Some of these sites, according to McAfee, even display the logos of the Better Business Bureau.


6. Practice safe holiday shopping. Make sure your wireless network is secure and be sure you're shopping on sites that are secure. Though it isn't an iron clad guarantee, you should look for the lock icon in the lower right corner of your browser and make sure the Web page starts with https. The "s" stands for "secure."


7. Christmas carol lyrics can be dangerous: Bad guys know that people are searching for holiday related sites for music, holiday graphics, and other festive media. During this time, they create fraudulent holiday related sites.


8. Job search related scams: With the unemployment rate at 10.2 percent, there are plenty of job seekers looking for work. Beware of online offers for high paying jobs or at-home money making schemes. Some of these sites ask for money up front, which is a good way for criminals not only to steal your "set up fee" but misuse your credit card too. Marcus said that some "get rich quick" sites are all about money laundering, asking you to accept an inbound financial transfer and pay them.


9. Auction site fraud: McAfee has observed a rise in fake auction sites during the holidays. Make sure you're actually going to eBay or whatever site you plan to deal with.


10. Password stealing scams: Criminals use low-cost tools to uncover passwords, in some cases planting key logger software to record keystrokes. Once they get your passwords, they gain access to bank accounts and credit card accounts and send spam from your e-mail accounts.


11. E-mail banking scams: A common type of phishing scam is sending out official looking e-mails that appear to come from your bank. Don't click on any links but type in your bank's Web address manually if you need to access your account.


12. Files for ransom: Hackers use malware to gain control of your computer and lock your data files. To access your own data you have to pay them ransom.

Listen to Larry's interview with McAfee's David Marcus

Listen now: Download today's podcast

Countries armed with "cyberweapons," according to McAfee.

(Credit: McAfee)

In particular, countries gearing up for cyberoffensives are the U.S., Israel, Russia, China, and France, the says the report, compiled by former White House Homeland Security adviser Paul Kurtz and based on interviews with more than 20 experts in international relations, national security and Internet security.

"We don't believe we've seen cases of cyberwarfare," said Dmitri Alperovitch, vice president of threat research at McAfee. "Nations have been reluctant to use those capabilities because of the likelihood that [a big cyberattack] could do harm to their own country. The world is so interconnected these days."

Threats of cyberwarfare have been hyped for decades. There have been unauthorized penetrations into government systems since the early ARPANET days and it has long been known that the U.S. critical infrastructure is vulnerable.

However, experts are putting dots together and seeing patterns that indicate that there is increasing intelligence gathering and building of sophisticated cyberattack capabilities, according to the report titled "Virtually Here: The Age of Cyber Warfare."

"While we have not yet seen a 'hot' cyberwar between major powers, the efforts of nation-states to build increasingly sophisticated cyberattack capabilities, and in some cases demonstrate a willingness to use them, suggest that a 'Cyber Cold War' may have already begun," the report says.

Because pinpointing the source of cyberattacks is usually difficult if not impossible, the motivations can only be speculated upon, making the whole cyberwar debate an intellectual exercise at this point. But the report offers some theories.

For instance, Alperovitch speculates that the July 4 attacks denial-of-service on Web sites in the U.S. and South Korea could have been a test by an foreign entity to see if flooding South Korean networks and the transcontinental communications between the U.S. and South Korea would disrupt the ability of the U.S. military in South Korea to communicate with military leaders in Washington, D.C., and the Pacific Command in Hawaii.

"The ability of the North Koreans to disable cybercommunications between the U.S. and South Korea would give them a huge strategic advantage" if they were to attack South Korea, he said.

There have been earlier attacks that smack of cyberwarfare too. Estonian government and commercial sites suffered debilitating denial-of-service attacks in 2007, and last year sites in Georgia were attacked during the South Ossetia war, orchestrated by civilian attackers, the report says.

The report concludes that if we aren't seeing it already, cyberwarfare will be a reality soon enough.

"Over the next 20 to 30 years, cyberattacks will increasingly become a component of war," William Crowell, a former NSA deputy director, is quoted as saying. "What I can't foresee is whether networks will be so pervasive and unprotected that cyberwar operations will stand alone."

Scammers are targeting social networks with phishing scams and relying more heavily on worms and Trojans to attack computers, according to security trend reports to be released Monday by Microsoft and McAfee.

Phishing attacks saw a big spike in May and June, primarily because of campaigns targeting social-networking sites, according to Microsoft's report covering the first half of 2009. Gaming sites, portals, and Web sites of banks and retailers were also popular targets for phishing attacks, the report said.

Trojans top the list of threats to computer security, according to Microsoft's latest Security Intelligence Report.

(Credit: Microsoft)

Trojans, including rogue security software, remained the most prevalent category of threats, while Microsoft statistics show that worms rose from fifth place in the second half of last year to become the second most prevalent category, led by Conficker and followed by Taterf, which targets multiplayer online role-playing games.

During the first half of the year, Microsoft detected and cleaned rogue security software--which displays false antivirus warnings to trick people into paying for software they don't need--from 13.4 million computers. That was down from 16.8 million computers in the second half of last year.

Most of the drive-by download pages are hosted on legitimate Web sites that have been compromised by attackers through intrusion or malicious code posted to a poorly secured Web form, such as a blog comment field. The Trojan Downloaders & Droppers category was the type of malware most often delivered in drive-by attacks, according to Microsoft.

The number of total unique vulnerability disclosures across the industry was down sharply from a year ago. While browser vulnerabilities increased slightly, application vulnerabilities dropped and operating system holes were flat, Microsoft said.

Microsoft software accounted for 6 of the top 10 browser-based holes attacked on Windows XP computers, compared with only one on Vista computers. Of the top 10 browser-based holes exploited on computers running Vista, 2 targeted Adobe Reader and the most significant one targeted Adobe Flash Player. In the third spot was an exploit aimed at Internet Explorer.

Infection rates for Windows Vista were significantly lower than Windows XP, while the rate for Windows Server 2008 was less than Server 2003.

Microsoft released 27 security bulletins in the first half of the year, addressing 85 individual vulnerabilities. Of those, 11 were exploited within the first 30 days after the release of the security bulletin.

As far as computer security consciousness, the U.S. is in the middle, according to George Stathakopoulos, general manager of Microsoft's Trustworthy Computing Group. Japan is at or near the top of the list and Germany is high up too, he said.

"We are average," he added. "We are not one of the cleanest countries, we are dead on in the middle."

McAfee's report showed the U.S. as the top country when it comes to the number of compromised computers that are zombies used in botnets to do things like send spam, followed by China and Brazil. The U.S. also is the top distributor of spam and has the most servers hosting malware, McAfee said.

Spam comprises 92 percent of all e-mail. It jumped 24 percent from a year ago, McAfee said.

More midsize companies are being attacked by cybercriminals at the same time they're spending less on security, says a McAfee report released Wednesday.

Across the world, more than half of the 900 midsize businesses (51 to 1,000 employees) surveyed by McAfee for its report, The Security Paradox, said they've seen an increase in security breaches over the past year. Despite the threat, the recession has caused most of these companies to freeze their IT security budgets.

(Credit: McAfee)

McAfee found that the costs of dealing with a security attack can be high. Over the last year, one of five midsize companies surveyed lost $41,000 in sales on average as a result of a breach. In China alone, 38 percent of the businesses questioned lost an average of $85,000 due to an attack. And more than 70 percent believe a serious data breach could put them out of business, noted the report.

(Credit: McAfee)

But as the recession has grown, IT budgets have dropped. Almost 40 percent of the companies trimming their IT security budget plan to limit the purchase of new security products. And more than a third are switching to cheaper security software to cut expenses, even though they realize that may put them at greater risk.

"An organization's level of worry and awareness about increasing threats has not overcome the downward pressure on budgets and resources," said Darrell Rodenbaugh, senior vice president of global midmarket for McAfee, in a statement. "But this creates a vicious cycle of breach and repair that costs far more than prevention."

Midsize companies also may underestimate their risk, according to McAfee. Among companies with fewer than 500 employees, more than 90 percent believe they're protected from cybercriminals and feel they don't face the same threats that larger firms do.

But McAfee discovered that businesses with 101 to 500 people had on average 24 security breaches over the past three years, compared to 15 breaches for those with 501 to 1,000 employees.

In the long run, dealing with the aftermath of a security attack eats up a company's time and expenses. The study found that 65 percent of firms spend less than four hours a week on IT security, but around the same percentage have spent more than a day recovering from security breaches.

"Our research shows that organizations that put more effort on preventing attacks can end up spending less than a third as much as those that allow themselves to be at risk," said Rodenbaugh.

The study was conducted by research firm MSI International, which surveyed 100 midsize businesses in each of the following countries: U.S., U.K., Australia, Canada, China, France, Germany, India, and Spain. The results were compared with prior studies done in North America and Europe.

Updated 1:45am PST Tuesday with pricing information.

McAfee has released a new security suite designed to help businesses better handle security for their growing segment of Macintosh computers.

Targeting small to large companies, McAfee Endpoint Protection for Mac provides antivirus and antispyware features, and both an inbound and outbound firewall, McAfee said Tuesday.

The company is positioning the tool as a plus for IT administrators and for users. Administrators can use the same console to manage McAfee security on both Mac and Windows machines, said the company. The software lets administrators deny or control which applications can run on supported Macs. The suite's ePolicy Orchestrator tool can also generate reports of malicious activity for review.

Some have debated whether the Mac needs security software since it has traditionally been a less visible target than Windows for attack. But with Internet threats continually on the rise, few computer environments are completely immune. Even Apple has advised Mac users to protect themselves with security software.

Antivirus software for the Mac has been sold for a long time by companies such as Symantec and McAfee. But most products have been geared to the individual user.

McAfee sees its Endpoint Protection suite as filling a growing need at schools, companies, and government agencies that have adopted more Macs in recent years.

"The demand for Macintosh in the enterprise is steadily growing, yet organizations are either not using any security technology for these endpoints, or they are using a standalone, non-manageable anti-virus protection solution," Peter Lincoln, IT director at Aquent, said in a statement provided by McAfee. "The use of McAfee Endpoint Protection for Mac enables us to have complete protection on all our endpoints. Using the same integrated management console also allows us to lower our operational cost and ensure security and compliance."

A survey conducted last year by ITIC showed that a greater number of companies were planning to allow Macs into their workforce.

McAfee Endpoint Protection for Mac is compatible with the latest release of Apple's Snow Leopard as well as existing Leopard and Tiger environments. A McAfee spokesperson said the product's retail price would be $55.08 per computer for a network of 500 - 1000 computers. The pricing includes one year of Gold technical support.

With security and cloud-computing both hot-button topics, Verizon Communications and McAfee are joining forces to offer customers a combination of the two.

Verizon's business unit and McAfee announced Thursday a new joint venture to sell cloud-based security products and services to large businesses and government agencies. With more companies tapping into the "cloud" to lower costs and outsource administration, McAfee and Verizon will sell a new suite of cloud-based security products, expanding on Verizon's current lineup.

Managed by Verizon, the new cloud-based services will offer an array of security products, including firewalls, intrusion prevention, anti-malware, and Secure Socket Layer (SSL) virtual private networks (VPNs).

"This strategic agreement with McAfee enables us to drive even more complete and integrated IT solutions to enterprises across the world," said Kerry Bailey, senior vice president of Verizon Business global solutions. "Our newly expanded and next-generation cloud capabilities will enable organizations to better use security as a strategic tool and business enabler."

The team-up will also allow Verizon and McAfee to tap into each other's portfolio of products and services.

Verizon will offer its customers McAfee's entire line of security software and will soon provide McAfee's PCI (Payment Card Industry) compliance services to banks and other organizations that need to secure credit card data.

The PCI services will be targeted to "Level 4" merchants--businesses that manage up to 1 million credit card transactions each year. Verizon said this business class is at the highest risk for security breaches and accounts for one-third of all credit card transactions. In April, Verizon released a report showing that more payment card records were breached in 2008 than in the previous four years combined.

McAfee's customers will now be able to contact Verizon's network of 1,200 security professionals for assistance on setting up and managing in-house security.

Finally, Verizon will help McAfee consolidate its data centers, so that McAfee can better offer 24/7 management for its own Web hosting and cloud-based services.

Verizon and McAfee will target the new products and services to small-to-medium companies, large enterprises, and government entities.

McAfee has been pushing to grow beyond the consumer market through a series of deals and acquisitions. In July, the company said it would buy MX Logic, which provides cloud-based e-mail and other services. In May, McAfee bought white-listing vendor Solidcore.

Through no fault of her own, actress Jessica Biel is now the most hazardous celebrity on the Internet.

McAfee names Jessica Biel most dangerous celebrity online in 2009.

(Credit: Business Wire)

Fans searching online for Biel have a one-in-five chance of hitting a Web site with malware, according to McAfee's third annual report listing Hollywood's most "dangerous" online celebrities.

In general, hunting for Hollywood's in-crowd poses a much greater threat than searching for just about anyone else. For example, President Obama and first lady Michelle Obama ranked No. 34 and No. 39, respectively.

Other unsafe celebrities near the top of the cybersecurity company's list include singer Beyonce at No. 2, former "Friends" star Jennifer Aniston at No. 3, and football hero Tom Brady, who came in at No. 4.

McAfee found that searching for photos, videos, downloads, wallpaper, and screensavers of celebrities who made the list could prove hazardous to the health of your computer.

"Cybercriminals are star watchers too--they latch onto popular celebrities to encourage the download of malicious software in disguise," Jeff Green, senior vice president of McAfee Avert Labs, said Tuesday in a statement. "Consumers' obsession with celebrity news and culture is harmless in theory, but one bad download can cause a lot of damage to a computer."

Using its SiteAdvisor technology, McAfee compiled the list by hunting for celebrity names that produced the largest number of risky sites and the highest percentage of risk.

McAfee's top 15 most "dangerous" celebrities

(Credit: McAfee)

Former McAfee President Kevin Weiss

(Credit: Author Solutions)

Former McAfee President Kevin Weiss, exonerated of wrongdoing in a stock option-backdating scandal, plans to ask a judge on Monday to unseal the arbitration award that cleared him of wrongdoing and ordered McAfee to pay damages for firing him without proper cause.

Three years after being unceremoniously ousted from McAfee amid the options mess that was sweeping through corporations at the time, Weiss is attempting to clear his name in public.

"If an executive is terminated, how does he get his reputation back? Is it even possible to do that?" Weiss' attorney, Scott Fletcher, asked rhetorically in a phone interview on Friday.

Fletcher could not comment on the arbitration award because a Texas state court had agreed to a McAfee request to put it under temporary seal. Depending on what happens in Monday's hearing before Judge Carlos Cortez in the 44th District Court in Dallas, the information may stay confidential indefinitely.

McAfee claims that the arbitration proceedings were confidential. Fletcher disputes that.

A McAfee representative did not return a call seeking comment. Weiss, who is now president and chief executive of self-publishing firm Author Solutions, could not be reached for comment.

On October 11, 2006, Mcfee announced that it had ousted Weiss and that CEO George Samenuk had resigned in a management shake-up attributed to an internal investigation into the stock option backdating.

As a result of the stock option practices, McAfee had to restate its earnings and was subject to a U.S. Securities and Exchange Commission investigation. McAfee was just one of a number of firms that found itself in the predicament involving the practice of granting an employee stock options with a date prior to the date it was actually granted.

At the time, Weiss had been McAfee president only for seven months, having been promoted to the post from executive vice president of worldwide sales and services in March 2006. Prior to joining McAfee, the Princeton University graduate had held senior positions at Ariba, BindView, and BMC Software.

In January 2007, Weiss filed claims in arbitration for breach of his employment contract. Separately, he filed an action for defamation and breach of his stock option agreements against McAfee in Santa Clara District Court in September 2007. Those court claims were folded into the arbitration.

On June 1, the arbitrator ruled in favor of Weiss on his claims for breach of contract and breach of duty of good faith and fair dealing, according to a motion Weiss filed in the Texas court in response to McAfee's request to seal the arbitration order. The arbitrator found that Weiss had had no part in the stock option-granting process and that he had been improperly fired, and awarded him substantial damages, the document states.

The amount of the damages awarded was not disclosed in that document, but a footnote says McAfee withheld "several million dollars" from the payment, designating it as ordinary income for tax purposes, which provides some sense of the size of the award.

Following the arbitrator's ruling, Weiss filed paperwork in the Texas court on June 16, seeking to have the award confirmed judicially. McAfee then filed documents asking the court to seal the records relating to the arbitration, and Weiss responded.

"McAfee's request is merely the last in a long series of attempts to undermine Mr. Weiss' credibility and tarnish his reputation," the court document filed on behalf of Weiss said. "Confirmation of the award provides a means to clear Mr. Weiss' name publicly--something McAfee is apparently unwilling to do."

The arbitrator never ordered that the award be confidential, and Weiss did not agree to keep it confidential, the filing states.

In addition, McAfee has not shown a compelling need for keeping the award secret, the document claims.

In what could be its final public word on the case, McAfee's latest quarterly filing with the SEC two weeks ago states, "In January 2007, a former executive filed an arbitration demand with the American Arbitration Association, Dallas, Texas, seeking arbitration of claims associated with his employment. McAfee filed counterclaims. The arbitration took place in March 2009, and the matter was closed in June 2009."

This was originally published at ZDNet's Between the Lines.

McAfee on Thursday announced it's acquiring MX Logic, which provides on-demand e-mail, continuity, and Web services, for $140 million in cash.

(Credit: McAfee)

The move is designed to bolster McAfee's security as a service lineup. Security software vendors have been racing to the cloud. MX Logic has 40,000 customers who cover more than 4 million end users. McAfee said that it plans to cross-sell MX Logic with its Web services such as the Total Protection Service (statement).

Separately, McAfee topped second quarter estimates and delivered a better-than-expected third quarter outlook (statement).

The company reported second quarter net income of $28.7 million, or 18 cents a share, down from $47.8 million, or 30 cents a share, a year ago. Non-GAAP earnings in the second quarter were 60 cents a share, 3 cents better than expectations. Second quarter revenue of $468.7 million was up 18 percent from a year ago.

McAfee said its enterprise revenue was up 21 percent in the second quarter to $291 million. The company also closed 424 deals worth more than $100,000 and 57 deals worth more than $500,000 and 28 worth more than $1 million. That tally indicates that McAfee may be putting pressure on Symantec, which reported disappointing enterprise results.

In McAfee's consumer business second quarter revenue was up 13 percent to $177 million.

As for the outlook, McAfee said third quarter revenue will be between $475 million and $495 million. Non-GAAP earnings will be 58 cents a share to 62 cents a share. Wall Street was expecting non-GAAP earnings of 59 cents a share on revenue of $477.7 million.