Friday, October 30, 2009

Security Smorgasbord, Vol 1, No. 5

There are a number of Firefox security fixes coming your way (at least, if you use Firefox, which you should). You want to get these, since they include (among ten others) a "drive by download" fix that keeps malware from being downloaded and run without you having to click anything.

From the "Help" menu, select "Check for Updates". It will tell you if there are any waiting for you.

----------------------------------------------

In other browser security news, Opera also released a number of security updates. If you use Opera (for example, for electronic transactions - like I recommend), then you should head on over for a plate of security goodness.

----------------------------------------------

If you use Facebook, there is a massive password "phishing" attack under way right now. A phishing attack is to trick the user into thinking that a spam email is from someone you know - in this case, from Facebook.

This one is pretty good. It looks like it's from Facebook, and tells you that you need to change your password. Of course, it steals your password, and tries to install malware that steals your bank account information.

A good rule of thumb is to know that you'll never be asked for your password by Facebook, or your bank. Anyone asking is up to no good. They will never send you something you have to run to get a password, either:


Nobody (legit) sends a password in a ZIP file, or in an executable. They won't send you a password, unless you use their automatic "I forgot my password" reset pages from their web site. If you didn't, but something shows up saying it's just the thing - it isn't.

Great article by Bryon Acohido. There's more, about Twitter phishing, so RTWT.

No comments: