Brave New World of Passwords

It wasn’t that long ago that things were so much simpler!  Before you may have only had to worry about your password for your email account.  In today’s brave new world, you have passwords for your phone, your WiFi (at home and at work), your banks, your utilities, your magazine subscriptions, etc. etc.  It’s a lot of accounts to keep track of!  This series of articles over the next few weeks will give you some practical ways to manage this headache.

Sadly, all these wonderful tools to help manage your life also have a nasty dark side: with the exponential rise in computer crime, they can be used by other people to manage your life for you.  Or, at least, drain your bank account and use your identity to commit fraud.  The best way to combat this is to start with a change in mindset: you can no longer think of your password as just a way to check email from your family.  Your passwords are your life!  A competent criminal can do just as much damage to your life with access to your electronic records as they can with your Social Security Number.  No sane person would give up their SSN to a stranger, and you should think THE SAME WAY in regards to your passwords.

Many institutions dictate that any activity done with your account is your responsibility.  The reasoning is that ONLY YOU should know the password to access your account, thus any activity on your accounts MUST have been authorized by you.  This has resulted in several tricky legal scenarios in both civil and criminal court.

The moral of the story: PASSWORDS ARE CRITICAL!  This is important so I will say it again – Passwords are like underwear:

  • Change them often;
  • NEVER share them with others;
  • Leaving them out in the open is something kids do;
  • It can be really hard to part ways with one you are used to, but it needs to be done.

Next time, I will share some tips on how create good passwords.  In the meantime, feel free to use the comments to ask questions or share your thoughts!

New VZW Email Phishing Scam

Be on the lookout!  A new email scam has been going around recently, and the scammers are getting more and more creative in trying to get your information:

 

At first glance, it appears that a gigantic payment of close to $1700.00 was made to a Verizon Wireless account.  While not everybody has a cell phone thru Verizon, their large market share ensures that a LOT of people will take a look at this message and think that something has gone horribly awry.  Clicking on the “Manage Your Account Online” link will load up some nasty JavaScript that will really ruin your day.

Common tips to always keep in mind:

  • Beware of misspellings, broken links or undisplayed images in emails.
  • Hover over email links to see if they will take you to reputable sites.  In this case, hovering over the link brings you to:
  • Visit websites by typing their address directly into your browser bar.  Avoid clicking email links if you are not expecting them!
  • If something seems too good or too strange to be true, it probably is.  Proceed with caution!

DNSChanger

Several local and national news outlets have been reporting on the potential consequences of the DNSChanger Trojan recently, and I have fielded several inquiries about what is going on.  Here is a quick rundown on the situation:

DNSChanger is a Trojan family from 2007 that, when you got infected, changed your DNS server settings to point to other malware DNS servers, as opposed to your normal trusted ones.  The idea being, if you control a computer’s DNS settings, you can also control what comes up when you go to any particular webpage.  Infected computers were being redirected to illicit and virus-riddled websites, thus propagating the problem even further.

The FBI took this seriously, and in 2011 with the assistance of Estonian law enforcement, arrested the responsible individuals and additionally seized those rogue DNS servers and domains.  They made sure that no more malicious activity was going on, but then they came to the sad realization that the moment they power down those rogue servers, all the infected computers will be slightly borked because their programmed DNS servers will no longer respond to requests.  Originally slated for shutdown on March 8, the servers will now stay online until July 9 just so that the 100k+ infected computers don’t grind to a standstill.  Meanwhile, they are trying to get out the word for people to check their settings by going to a website such as:

http://dns-ok.us/
http://www.dcwg.org/

More information regarding the DNSChanger Trojan can be found at the following FBI publication:
http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf

Thankfully, none of those 100,000 infections appear to be here on Wayne State’s campus.  Network logs do not show any DNS traffic going to these malicious domains, and IT Security staff receive notifications from our ISP (Merit) when they detect DNSChanger traffic as well.  Perhaps once every two weeks I get a single notification that a student’s laptop on the Wireless is infected, but that is all.

Thankfully, I do not believe that there will that large of a negative impact when July 9 rolls around.  The “fix” for cleaning your computer of this is remarkably simple, and can usually be performed without any special tools or software.  Unfortunately, when the news hears that “the government can shut down hundreds of thousands of computers” rumors and emotions can start to flare pretty quickly.