Defense Against Crime

December 17, 2014

A perfect example of a Torjan Horse


cyberattack_1805164bA few minutes ago I received an e-mail from Best Buy about an order waiting for me. In my Hotmail box…can you spot the tale-tell signs it’s fake.
Hotmail of course put it in my junk box..but I say it on my tablet.

TrojanHere are ways to tell it’s fake other than the fact that I haven’t order’s anything

  1. I haven’t Ordered anything from Best Buy this month.
  2. The E-mail address isn’t from BestBuy.com
  3. Best Buy does not send attachments (zip files)
  4. This was sent 12/17…and it says Thanksgiving

Here is what a REAL E-Mail from Best Buy can look like. (warning criminals can make great looking fake e-mails)

BestBuy

The rest of the e-mail will have my order information which I excluded from this image.

WHAT DO DO IF YOU GET ONE

  1. Don’t Open it
  2. Make it as SPAM
  3. Report It
  4. Delete it.

PepperEyes.com Self-Defense Products is dedicated to providing you with the best and most affordable self-defense products, and safety products on the market to meet the security needs of you, your family members or your business, by assisting anyone who is unwilling to become a victim of crime.  If you want to take personal responsibility for protection, home security, business security, purchase our high quality discount self-defense products and arm yourself with the knowledge about self-defense and security products and information of the best way to stay secure in an ever-increasing violent world. In today’s society, being equipped mentally and physically is no longer an option.

December 16, 2014

Wait…Don’t Open that PDF!

Filed under: Cyber Crimes — peppereyes @ 19:55
Tags: , ,

Now that I have your attention, please gather around while I tell you a story. It’s a story about a lady, a computer and a thief. cyberattack_1805164bThe best part, or worst part is that this story actually happened, and is happening to thousands of unsuspecting computer users who just clicked on an innocent looking PDF attachment in their e-mail box that looked legitimate.

On day a very clever computer thief sent our millions of e-mails that stated that they were medical invoices and he attached a very cleaver file that looked like an ordinary PDF document.  He knew that there were unsuspecting people who would think that this email was read and that a PDF couldn’t harm them.  He was counting on it.  Several days later Nancy (not her real name), got the e-mail and thinking that it was an invoice for her mother who had been ill for the last few months. So she click on it and followed the instructions. However it wasn’t a PDF.  It was a Trojan horse that she let into her front door.  This thief was a very clever computer malware (bad software) called ransomware.  We discussed ransom ware previously. The name of this virus was called Cryptowall 2.0 (A new improved version of Cryptowall, and CryptoLocker)

What Happened Next?

While Nancy’s computer was on CryptoWall started doing what it was designed to do, infect her computer.  This infection is REAL NASTY. The infection process began by establishing a network connection to random servers, where it uploads connection information like the public IP address, location, and system information including OS of Nancy’s computer.

Next, the remote server will generate a random 2048-bit RSA key () pair that’s associated with Nancy’s computer. It copies the public key to the computer and begins the process of copying each file on its pre-determined list of supported file extensions (Text files, word documents, images, music..etc). As a copy is created, it’s encrypted using the public key, and the original file we deleted from the Nancy’s hard drives.

This process continued until all the files matching the supported file types have been copied and encrypted. This included files that are located on other drives, such as external drives and network shares — basically, any drive that’s assigned a drive letter was be added to the list. Also, cloud-based (such as DropBox or Microsoft, Amazon Cloud,  storage that stores a local copy of the files on the drive will be affected, and changes will propagate to the cloud, and down to the other connected location as the files are changed.

Finally, once the encryption process completed, CryptoWall 2,0 executed some commands locally to stop the Volume Shadow Copy Service (VSS) that runs on all modern versions of Windows. VSS is the service that controls the backup and restoration of data on a host computer. It also controls file versioning, a feature introduced in Windows 7 that keeps histories of changes made to files. The file may be rolled back or restored to a previous version in the event of an unintended change or catastrophic event that causes the integrity of the file to have been modified. The command run by the ransomware stops the service altogether and also adds the command argument to clear/delete the existing cache, making it even more difficult to recover files through versioning or system restore.  Yes this was bad news for Nancy

Her Files would Not Open .. Now What?

Nancy went to open one of her Word Documents, and they were gibberish.  Nancy thought she has gotten a virus and went to the store to get some virus software. While I encourage everyone to get a nice software package to scan for viruses and Malware and a host of other security measure, and keep them updated, you should do these things prior to going on line.  Also as a word of warning many of the new viruses won’t be detected because they haven’t been identified, or the creator is clever enough to make them currently undetectable.  After lots of frustration Nancy called me as I know a few things about computer.  After doing some work to speed up her computer I saw some interesting files:

  • DECRYPT_INSTRUCTION.txt
  • DECRYPT_INSTRUCTION.html
  • DECRYPT_INSTRUCTION.url

Clicking on any of these files will provide the victim to step-by-step instructions necessary to carry out the ransom payment. The HTML file will actually have a caption indicating the amount of time left on the ransom and how much money is being requested as payment. Typically, the ransom amount begins at $500 (USD) in bitcoins, and the countdown timer provides for a period of three days in which to get payment to the requester.

cryptowall-2-0-update-ransomware-message

After the timer has reached zero, the caption will change. The new amount requested will double to $1,000 (USD) in bitcoins and the timer will provide a cutoff date and time. Usually, the time frame is about one week, and it will indicate that if payment is not received before the cutoff time, the remote server housing the private key and decryption application to decrypt your files will be automatically deleted, making your files unrecoverable.

0057cryptowallhero

So what could she do?

At this point Nancy had two option

  1. Pay The Ransom
    If she had taken the choice to pay the ransom then there is a slight chance that these thieves would honor the ransom and release the unencrypted version of Nancy’s files. However, remember these are  Who says that once they have your money they will do anything.
  2. Not Pay the Ransom
    By Not paying you are saying you really don’t care about this data, and you can live without it (sorta the same fate has having your hard drive crash). If you take this route, you will need to reformat your hard drive, re-install your operating system, and software There is the possibility of using a File Recovery software to restore the files deleted by CryptoWall.20, but the more you use your computer after being attacked, the harder it will be to undelete the original files.

Protecting Yourself from being the victim

  • If you get an attachment that you were not expecting from a friend or company contact the friend before opening.
  • The best way to survive a ransomware attack is to keep up-to-date backups of your important files off site (like Carbonite) or onto a portable drive that you don’t connect to your computer unless you are doing a backup. A ransomware infection, which encrypts all of your files, is similar to a drive failure, except that for a small fee you have the chance to get your files back.
  • As mentioned above have an active and up-to-date anti-virus and malware detection program install on your computer. Make sure you so a full system scan once a week.
  • Learn all the things you should and should not do on the internet concerning file sharing, viruses, and malware. This blog has lots of resources, because there are new and creative threats happening all the time.
  • Viruses, regardless of whether they’re creating harmless pop up screens, attacking your files or stealing your personal or financial information, are a major annoyance. As a society, will need to continue to contend with them as digital divides slowly shrink and our connected lives stretch further out and the criminal element exists.
  • While there may be little recourse once infected, there’s a lot in the realm of possibilities that can be done to limit our exposure to infection and subsequent loss of data. You just need to be proactive enough to ensure that these fail-safes are in place and check on them from time to time.

“Out here, it’s better safe than sorry, because generally speaking, too much of the time sorry means you’re dead.”  ― Patricia C. Wrede, Across the Great Barr

Technical Things To do

  • Block downloads of executable files from the web without specific user consent from your web browser settings.
  • Employ an advanced detection system  to analyze all incoming executables, PDF files, and Microsoft Office Documents.
  • Consider blocking the Tor application completely within your network.
  • Ensure that only necessary users have write-access to network shares.CryptoWall will encrypt all files in network shares if the share is mounted at the time of infection and accessible to the logged-in user.
  • Disconnect or unmounts back-up drives when they aren’t being used, as CryptoWall can also encrypt your backups.

 Beware Geeks Bearing Gifts

As I mentioned above the CryptoWall 2.0 is a Trojan horse that is disguised to look legitimate and gain your trust to allow it onto your system. The majority of these types of malware have come through e-mails with executable attachments, sometimes contained in .zip files and in this case disguised PDF.Most of the e-mail attacks used fake invoice, fax and voicemail themes with attachments named like the following:

  • Complaint_IRS-Id-12839182.scr
  • fax00415741732781728.scr
  • VOICE387-778-3454.zip
  • CH_Import_Information.exe

A computer expert I know received an e-mail campaign pretending to be a fax report that carried a .zip attachment with a PDF inside. The PDF exploits CVE-2013-2729 to download a binary which also installed CryptoWall 2.0.

 

PepperEyes.com Self-Defense is dedicated to providing you with the best and most affordable self-defense products, and safety products on the market to meet the security needs of you, your family members or your business, by assisting anyone who is unwilling to become a victim of crime.  If you want to take personal responsibility for protection, home security, business security, purchase our high quality discount self-defense products and arm yourself with the knowledge about self-defense and security products and information of the best way to stay secure in an ever-increasing violent world. In today’s society, being equipped mentally and physically is no longer an option.

December 5, 2014

Other Ways Police Could Take Down an Unarmed Suspect.


First, if you are not familiar with my Blog, please know that I have lots of respect for the members of the Law Enforcement Security_Guardscommunity  just as I do with my brothers and current members of our Armed Forces. I applauded all the respectable men and women who put their lives on the line for public service.  However, even many police department know that now every person who puts on that uniform does not deserve to wear it. This is why many law enforcement centers have an internal affairs department to weed out bad officers.  That being said in recent months we have seen what is in MY OPINION, lots of bad decision by police officers when dealing with unarmed suspect. I know there can be different deep rooted racial issue at heart and I’m will not attempt to discuss not debate them them here. Some people can and will use their differences be they racial, religious, political or other to not treat another person justly or think themselves superior to the other person. I can’t say that in all cases.  The purpose of this blog is not to discuss this, and I’ll leave it you each of you to discover and discuss it solutions to these issues. Also realize there are many interesting situations that law enforcement officer’s have to deal with, that we can’t even image. Let us acknowledge that police officers are humans and carry all the baggage of humanity including sometimes having their feelings override their intellect or training and reacting accordingly.  It happens to all of us at one time or another and it’s probably encoded in either our DNA or human legacy.  The City of Charleston host a Citizen Police Academy where among other things they demonstrate and show what they have available when dealing with people and Situations. I’m sure at this point, various police department will be reviewing their policies in dealing with unarmed criminal elements.

Recent Stories

There have been several incidents in the history of this country of controversial incidents of how the police deal with a person or persons who are deemed as breaking the law. In other countries the number of unarmed citizens killed by police is much much lower for many factors and reasons. Here are two recent ones that have ignited the country in 2014

  • New York Police Department Officer Daniel Pantaleo killed uncooperative Eric Garner while subduing him with a choke hold for selling loose cigarettes. The Officer claimed that he was trained to take down suspects that way.
  • Officer Darren Wilson shot several times and killed a belligerents unarmed 18 year-old Michael Brown, who he had an altercation with earlier. In keeping with current Missouri law of when and how deadly-force can be used on unarmed suspects.

The Arsenal of Peace Keeping

Police officers can probably attribute their response to situations to the way they were trained to think and  to deal with suspects. However, I know in the City of Charleston, SC and many towns and cities officer are armed with an arsenal of non-lethal as well as lethal devices to subdue even unarmed suspects.  I ponder why these tools and techniques are not being used when there is not life-threatening issue, other than bad training or anther factor.

  • Here are a few tool law enforcement officers have at their disposal:
    • Talking – Sometimes it is possible to talk a person out of making a bad decision instead of just rushing in with a show of force.  Sometimes it matters HOW you talk to people to diffuse a situation. A wise person said if you treat a person like an animal, expect them to behave that way. Yelling and cursing it the best way to lose control of a potential dangerous situation.
    • Physical or Self Defense Techniques – The human body is its own worst enemy in the hands of someone who takes the time to learn all of its weaknesses. I know many police academies have some basic self-defense or martial arts training. I ponder if more is not required. In reviewing the video tapes of how many suspects are treated from Rodney King to Eric Gardner I there are simple martial arts techniques that could have taken them down easily.  I wonder if these need to be explored more. Of course police officers who are not in great physical shape are not in a good position to use these techniques again someone in better physical shape.
    • Stun Gun or Tasers – These relatively non-lethal electro-shock devices have proven to be extremely effective pepper-spray-policemanin most cases to take down the most disobedient persons. Stun devices come in all shapes including as flash light, batons and hand held devices.
    • Pepper Spray – this ancient of weapons has proven itself for centuries. Just think what would have happen in many of these cases if the officers had just used Pepper Spray as opposed to outlawed choke holds. Many Police grade pepper spray is 87% hotter than the normal street variety and can subdue a person.
    • Metal Baton/Night sticks – Many officer carry metal batons that can inflict pain and injury to a suspect to try to subdue anyone resisting arrest. A correct  striking blow to the back of the leg, knees, elbows, wrist can subdue many suspects. Pain is usually a good way to make a person think twice.
    • The Gun – Unfortunately in the United State, many police officers are trained to shoot center mass to stop a person. Often of all the weapons in their arsenal, it is the first one they use, because simply it is easiest and most effective way to stop a suspect in some situation. However, I don’t see it as the only solution in some of these situations. I do not have an issue with a police officer defending themselves against an armed suspect with deadly force. I have said in many writings, if it comes down to you are them – choose you. However, when it comes to an unarmed belligerent suspect.  A shot to the knee will stop them from charging at you. However, this too requires proper training at shooting smaller targets, but it is not difficult. After all if people can shoot moving birds, how hard is it to take out a knee or leg.  Again let us acknowledge that when law enforcement officers are dealing with a belligerent person, they can’t always tell if the person is just non-compliant, mentally ill, or on drugs, and often only have moments to stop the person from doing harm to others, or to the officer. However, is killing a suspect first the best solution in all cases. NO.

The Bottom Line

In the 1987 movie The Untouchables ; Officer Malone said that they first rule of law enforcement is to make sure when your shift is over you go home alive.  I am aware that that in some situations a police officer only has a split-second to make a life changing decision to stop a suspect who is endangering their lives  Again when encountering a criminal and the choice comes down to you or them, choose you.

See Also :
History of Law Enforcement (http://peppereyes.wordpress.com/2014/07/16/history-of-law-enforcement-officers/)

PepperEyes.com is  dedicated to providing you with the best and most affordable self-defense products, and safety products on the market to meet the security needs of you, your family members or your business, by assisting anyone who is unwilling to become a victim of crime.  If you want to take personal responsibility for protection, home security, business security, purchase our high quality discount self-defense products and arm yourself with the knowledge about self-defense and security products and information of the best way to stay secure in an ever-increasing violent world. In today’s society, being equipped mentally and physically is no longer an option. PepperEyes.com is a division of OKE

December 2, 2014

Cyber Monday, Cyber Hacking and other Cyber Crimes


Tis the Season…to be careful.

Yesterday was Cyber Monday when lots of people turn to their electronic devices to look for Christmas deals on line.  It’s 100411_1721_DoNoOpenTha1.jpgalso the time where a few criminals will want to prey on your ignorance.  Here is a few to be careful of

SCAM 1

The biggest uptick that I’ve seen are E-mail notifications  that claim that there is a PROBLEM with your order and Shipment.

One of our employees  just got a message from Home Depot saying they had an order “whose recipients details match” the employees

For this person  it was a dead cyber-crime giveaway, aside from the fact that they have not ordered anything from Home Depot! But in the holiday season, when we may be ordering stuff on line, its easy to make mistakes, so this kind of message sounds more plausible than otherwise. DO NOT click on the link! If you have made an order that hasn’t arrived, use approved methods (such as the telephone!) to find out what is going on.

There have been reports of other stores being used in these scams.

SCAM 2

The other scam that I’ve seen is for people or companies shipping gifts/presents/merchandise here is one that arrived in my inbox

Our company’s courier couldn’t make the delivery of package.
REASON: Postal code contains an error.
DELIVERY STATUS: Sort Order
SERVICE: One-day Shipping
NUMBER OF YOUR PARCEL: USPS11984477
FEATURES: No
Download your label here ( https://my.usps.com/go/pages/labels/XXXXXXXXX)
Print a label and show it at your post office.

An additional information:
You can find the information about the procedure and conditions of parcels keeping in the nearest office.

Thank you for using our services.

USPS Global.

*** This is an automatically generated email, please do not reply ***

CONFIDENTIALITY NOTICE: This electronic mail transmission and any attached files contain information intended for the exclusive use of the individual or entity to whom it is addressed and may contain information belonging to the sender (USPS , Inc.) that is proprietary, privileged, confidential and/or protected from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distributions of this electronic message are violations of federal law. Please notify the sender of any unintended recipients and delete the original message without making any copies. Thank You.

It certainly appears to be a message from the United States Postal Service, and we certainly send merchandise all the time.

Here is what happens when you click the link (or similar).

  • I will take to you to a malicious site in Russia (this one) or China, or some other site
  • The hackers will attempt to download malicious software to your computer, where they cause you real problems.

How to Defend Your Computer

  • NEVER CLICK ON THESE LINKS
  • Have your Virus Software updated every week/day
  • Have MALWARE Software installed as well like Malwarebytes.

PepperEyes.com is dedicated to providing you with the best and most affordable self-defense products, and safety products on the market to meet the security needs of you, your family members or your business, by assisting anyone who is unwilling to become a victim of crime.  If you want to take personal responsibility for protection, home security, business security, purchase our high quality discount self-defense products and arm yourself with the knowledge about self-defense and security products and information of the best way to stay secure in an ever-increasing violent world. In today’s society, being equipped mentally and physically is no longer an option. PepperEyes.com –Self-Defense Products is a Division of Onyx Knight Enterprises.

November 25, 2014

Aggravated Assault averted with Pepper Spray


I’ve written before the College Students are a miniature version of society at large, and while many think that students are 012612_1935_DoesPepperS1.jpgsafe from the criminal elements of society, reality says different.
We often share events of actual crimes so that college students can take the necessary countermeasures to stay safe.

From College Of Charleston (Charleston, SC)

In compliance with the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act (the “Clery Act”), 20 U.S.C. 1092 (f), the College of Charleston issues timely notices to notify the campus community of Clery Act crimes or other serious incidents that the College determines represent a serious and ongoing threat to the campus. In compliance with the Jeanne Clery Act, the Department of Public Safety is informing the College of Charleston campus community of an off-campus assault.

Incident:  Aggravated Assault

Date:  11-24-2014

Time:  9:15 PM (2115 Hours)

Reported to:    College Of Charleston Department of Public Safety (Report # 14 – 20186)

Suspects’ status:  At Large

Incident description:  The victim was walking to a vehicle parked in the area of Charlotte Street and Concord Street. The suspect struck the victim with an elbow while the victim was leaning over and then struck the victim in the face, possibly with glass. The victim fought back spraying the suspect with pepper spray. The suspect fled the scene.

Suspect Description:   Male, 5’10” tall, wearing a dark hoodie and blue jeans

Important Message:  It is important to note that the victim/survivor is never the cause of the criminal offense.  The College does not tolerate this behavior.

Public Safety Tips:

  • Avoid confrontation with individuals you encounter.
  • Avoid becoming involved in incidents you observe.
  • Use well-lit- routes, avoid dark vacant areas, and those not frequented by other people
  • Avoid walking alone at night.
  • Be alert and aware of your surroundings at all times.
  • Avoid distractions like talking on your cell phone.
  • If you observe unusual activity, try to remember details as best you can.
    • For example, what a person was wearing or any other identifiers like scars, tattoos or shoes.
  • Please always be aware of your surroundings, avoid walking alone at night, and notify Law Enforcement immediately if you observe potentially dangerous situations or individuals.

While these are the advice of the police in attempt to keep students from getting hurt over replaceable possession, we often advise female students to carry Pepper Spray that will help keep them safe. The Pepper Spray we sell is not only lab certified to be effective, but also carries a UV Dye that will mark the assailant so that they can easily be identified.

PepperEyes.com Self-Defense Products is dedicated to providing you with the best and most affordable self-defense products, and safety products on the market to meet the security needs of you, your family members or your business, by assisting anyone who is unwilling to become a victim of crime.  If you want to take personal responsibility for protection, home security, business security, purchase our high quality discount self-defense products and arm yourself with the knowledge about self-defense and security products and information of the best way to stay secure in an ever-increasing violent world. In today’s society, being equipped mentally and physically is no longer an option. A Division of OKE.

Next Page »

The Rubric Theme. Create a free website or blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 299 other followers

%d bloggers like this: