The I.Q.D. Team Connection
  • Welcome
  • Iraq News Current
  • PRE & POST RV Information
  • Market Place
  • Twitter Feed
  • Join Our Mailing List
  • Future Of Iraq Project & Other Links
  • The IQD Team Connection Blog & Announcements
  • Quick Links
  • Conf Calls: Recordings
  • Contact Us
  • Financial Planning
  • How to Choose A Financial Advisor
  • Private Bankers: Contacts & Websites
    • Private Bankers - Articles of Interest
  • Computer Security
  • Dinar Dealer & Exchange Info
  • Public Record Sites - Background Checks FREE
  • Real Estate
    • Landlord Tenant Laws & Information
  • Documents: Gifting
  • In Loving Memory of Tim
  • Health & Wellness Blog
  • Health Wellness Products

IDrive 5GB FREE "On Line Back Up" Recommended by Straight Talkin Mike

3/19/2013

 
IDrive Remote Backup

As Recommended by Straight Talkin Mike - I Drive
5GB FREE Universal On Line Back Up

Back up your computer FREE

The IQD Team~~Words of Warning~~Anatomy of Con Men  Tiers and More

3/5/2013

 
The IQD Team....Straight Talkin Mike

Words of Warning ~~ The Anatomy of Con Men, Tiers, and so much more


641-715-3900 Pin 354332#   7 Minutes

July 17, 2012 or
http://download3.freeconferencepro.com/rec/1264699943-20120718214725-25252525.wav


641-715-3900  Pin 180911#  15 minutes

July 19, 2012 or 

http://download3.freeconferencepro.com/rec/1264699943-20120720225847-52523698.wav


Straight Talkin Mike~~RV for Dummies~~Discussion 10 year period & the LOP

7/7/2012

 
Straight Talkin Mike Comments about Article referencing the 10 year Period and the LOP

"Parliamentary Finance: Central Bank will continue to receive the old currency for a period of ten years" (Article is at bottom of this post - below comments made by Straight Talkin Mike on Thursday, July 5, 2012)

Straight Talkin Mike....July 5, 2012

So Shabibi Had a meeting with Maliki a year ago on June 19, 2011...So lets see they were ready a year ago...Its now July 5, 2012 - yes I would say they are ready to go...

This is going to be "RV for Dummies".....Let me break this down and understand why this is so important so all of the misinformation being given out on other calls can go away.....

You have 30 trillion dinars...thats the total M3 money supply...you have an internal money supply whats in the bank and whats in
the Iraqis pockets..thats the M1 money supply...thats a smaller portion of the total money supply..there are countries that hold dinar...We hold dinar in another country...Theres 15 trillion or less in country...most of that other is held outside of the country..there is not much held in the banks...

The reason this 10 yr period is so important is because when other countries cash out their money it goes to their Central Bank...Ours goes to the Federal Reserve Bank..Now they are not like all of us who just hit the lotto and are going to run and cash in your money and go out and spend it.....Central Banks are going to hold onto that money which means the have a 10 yr period to exchange what they have in their reserves for the new money.....they do that ...we don't do that....we just trade it in...this is almost like depreciating this money over 10 yrs for him as far as paying for the RV.....they are making it very clear to the world each time we see one of these articles that there is going to be a 10 yr period for these Central Banks to do that...

Now we may only have 2 yrs which is what they say and we are in this process and they are going to run them concurrently for 2
yrs and the new currency is coming out ....We believe that sometime before this currency comes out this RV will take place because you can't issue the new currency with money that is worthless because it costs more to print it than it does...

Now the debate can rage on all it wants on whether or not they are ready but when you have the Governor of the Bank a year ago telling them they are ready to do this and they wanted to do as of January of this year..June last year they went to Maliki and said we are ready to do this 2012...well all of the political stuff went on so they moved it to 2013 so they are beyond the point of no return..they know they are going to do this and that this is going to happen..as we move along this ride they are giving us all of friendly information to keep everybody on board...

Now everybody can come up with their theories and all of that other stuff...they are not not going to lop their currency...they are not going to take value away from it...we here on this team believe that this investment will be worth more than what we paid for it at some time in the future....Period... end of story...You can talk about all of the other theories, etc but this is basically what these articles are telling us and that the Finance Committee is on board.....I don't think we have had this kind of response from the Finance Committe ever....its almost like they are over zealous at the Finance Committee--they don't understand the difference between oversight and monetary policy..they think they have to implement all of this..so they are out there blabbering and talking away...half the time in these articles they don't know what they are are talking about - so when you read an article make sure where it is coming from..is it coming from the Finance Commitee or is it coming from Shabibi at the CBI...the more correct information is going to come from the CBI....the overblown info from the Finance Committes because they truly do not understand what that process is....so we really need to make sure you understand your frame of reference when you read these articles...but this is another article that lets us know that as they have been telling us for the last 1 1/2 years...there will be a 2 yr period...currencies will run concurrent which means they will have equal value....they keep on telling us that...and that at some point in time over 10 yrs people can turn these in and when they talk about people they are talking about the Central Banks...
It is truly that simple...people try to overcomplicate it....



Parliamentary Finance: Central Bank will continue to receive the old currency for a period of ten years
Published on Thursday, 05 / 2012 08:35 | posted by: Rasan | Print | E-mail | Hits: 253

BAGHDAD / With: revealed the parliamentary finance committee that the central bank has agreed to allow replacement of the survival rates for ten years from entry into the exchange, stressing that the three companies had to perform the printing new currency.

A member of the Finance Committee, the parliamentary Haitham al-Jubouri said in an interview to the correspondent of news agency future: "The Finance Committee and even the central bank were afraid of the process of handing over money to the Iraqi banks could see the manipulation or through which some of extortion in order to reduce the delivery time therefore, and after studying the abundant of the subject and agreed conservative central bank that there is a lot of time represented by ten years to the Imam on the currency exchange receipt of new surveys of the Iraqi currency and replace the old El Jadida. "

The Jubouri that "a mechanism to replace the currency will be in two years and the first three stages are the printing process and secondly the process of offering the two currencies in the markets of Iraq and the third pull the old currency and to keep only the new currency."

The Jubouri that "there are companies presentations were made to the Central Bank and the Iraqi government in order to compete on the process of printing new Iraqi currency as each company competes in terms of price, first hand, security second, and both these issues are two important too, noting that all the offers are under hand, but must first get to the final decision to switch the currency or not, and then can receive offers and discussed in detail. "

The Jubouri that "the offers made are from Switzerland and Russia and Brazil and that these offers are competing in terms of the quality of the paper and worker security primarily, so the offers must be subject to a discussion of a specialized committee of the Central Bank of Iraq to determine the priorities of the companies that can be printed Iraqi funds ".

The Central Bank of Iraq announced (29 September 2011) that the year 2013 will see the deletion of zeros and currency exchange rates, pointing out that the current formed a cluster of large cash estimated at 30 trillion dinars.

According to some economists that Iraq is ready for the time being to delete the zeros of the Iraqi dinar, pointing out that the deletion of zeros needed to stabilize the security and political as well as economic stability.

And declared the Iraqi Central Bank Governor Sinan Shabibi independent bodies during a meeting with Prime Minister Nuri al-Maliki, which was held in (June 19, 2011) is ready to create all supplies to replace the Iraqi currency. (Finished)

Marwan Shuwaili

Source


Straight Talkin Mike~~Cyber bank robbers attempt billion-dollar heist, targeting your money

6/27/2012

 
MORE FROM STRAIGHT TALKIN MIKE...

Cyber bank robbers attempt billion-dollar heist, targeting your money

By John R. Quain

Personal Tech

Published June 26, 2012

FoxNews.com

The next Internet billionaires won’t be pushing social-networking apps. They’ll be breaking into your bank accounts.

An organized global cyber crimewave has been underway for months, according to a report released today from security firms McAfee and Guardian Analytics, attacking banks in Columbia, Germany, Italy, the Netherlands, the United Kingdom and the U.S.

A total of roughly $78 million was successfully siphoned out of bank accounts, according to researchers, with a potential total of $2 billion attempted. (Banks are understandably loathe to reveal losses and due to additional security concerns have not been identified.)

Analysts at the firms report that these thefts represent a new generation of attacks running off of hijacked servers that can be frequently changed to avoid detection and completely automated so that thousands of customer accounts can be broken into without even raising the owners’ suspicion.

By adapting two types of malware designed to steal passwords — known as Zeus and SpyEye — hackers can now invisibly record login information and add additional requests for information on what appear to be valid online banking pages. They can even intercept secondary, one-time only passwords, and then put the user on hold while they login and transfer funds to criminal accounts. After the transfer is complete, the software can even post false balances so that the victim is unaware of the theft until it is too late.

What is different about these new attacks is their high level of automation. It allows organized cyberattacks that can drain just a few dollars from multiple accounts without any intervention by the crooks. Furthermore, according to McAfee, the criminals look for large account balances — hence the researchers dubbed the crime spree “Operation High Roller.” In at least one case, the criminals made off with $130,000 from a single account.

The moral of this latest cyberscare story is that you cannot rely on your bank or financial institution to protect your money. In many cases, the financial institution’s profits are sufficiently high and the investment in additional computer security measures considered too expensive to prevent many of these attacks. As some analysts have told me, it’s considered part of the cost of doing business. Just make sure it isn’t your cost of doing business online.

First, you have to run some sort of anti-virus software. There are free basic versions out there from the likes of Avast, AVG, and BitDefender. Many of these monitor new threats and will warn you about suspicious Web pages.

Second, never, ever, ever open a link in an “official” e-mail message you receive. This is the primary way criminals lead thousands of users astray every day. If you get a message from your bank, open a separate browser and type in the URL that you usually use. It’s the only way to avoid being led astray.

Third, update your software: in particular the Web browser you’re using and Sun’s Java and Adobe’s Reader software (for opening PDFs). These programs are the favorite targets of hackers and new exploits are uncovered every week. Keeping them updated can often prevent so-called iFrame hacks that may compromise legitimate Web sites and secretly install malware on your computer. So instead of watching that Tree Girl video, check for updates whenever you have a spare moment

The computer security threats are clearly endemic, prompting the head of Britain’s spy agency,  Jonathan Evans of MI5, to coincidentally come out this week to warn that the level of cyber attacks is now “astonishing.” Evans warned that the scale of such threats has now reached “industrial-scale” proportions.

So it’s no longer a matter of paranoia to check your software and Web surfing habits. It’s a matter of common sense.


SOURCE


http://www.thestraighttalkexpress.com/1/post/2012/06/cyber-bank-robbers-attempt-billion-dollar-heist-targeting-your-money1.html




Straight Talkin Mike~~Alert~~Fraud Ring In Hacking Attack On 60 Banks

6/27/2012

 
From Straight Talkin Mike....ALERT

Fraud Ring In Hacking Attack On 60 Banks


Some 60m euro is stolen from bank accounts in a massive cyber raid, after fraudsters raid dozens of banks around the world.

7:16am UK, Wednesday 27 June 2012 Video: McAfee: Biggest Cyber Bank Robbery In History

By Pete Norman, Sky News Online

Sixty million euro has been stolen from bank accounts in a massive cyber bank raid after fraudsters raided dozens of financial institutions around the world.

According to a joint report by software security firm McAfee and Guardian Analytics, more than 60 firms have suffered from what it has called an "insider level of understanding".

"The fraudsters' objective in these attacks is to siphon large amounts from high balance accounts, hence the name chosen for this research - Operation High Roller," the report said.

"If all of the attempted fraud campaigns were as successful as the Netherlands example we describe in this report, the total attempted fraud could be as high as 2bn euro (£1.6bn)."

The automated malicious software programme was discovered to use servers to process thousands of attempted thefts from both commercial firms and private individuals.

The stolen money was then sent to so-called mule accounts in caches of a few hundreds and 100,000 euro (£80,000) at a time.

Credit unions, large multinational banks and regional banks have all been attacked.

Sky News defence and security editor Sam Kiley said: "It does include British financial institutions and has jumped over to North America and South America.

"What they have done differently from routine attacks is that they have got into the bank servers and constructed software that is automated.

"It can get around some of the mechanisms that alert the banking system to abnormal activity."

The details of the global fraud come just a day after the MI5 boss warned of the new cyber security threat to UK business.

McAfee researchers have been able to track the global fraud, which still continues, across countries and continents.

"They have identified 60 different servers, many of them in Russia, and they have identified one alone that has been used to steal 60m euro," Kiley said.

"There are dozens of servers still grinding away at this fraud – in effect stealing money."


http://www.thestraighttalkexpress.com/1/post/2012/06/-fraud-ring-in-hacking-attack-on-60-banks.html


SOURCE




Straight Talkin Mike~~How many seconds would it take to break your password?

6/9/2012

 
How many seconds would it take to break your password?

'Strong' isn't a detailed password-rating; go for a quintillions possible combos, then add a symbol

By Kevin Fogarty  56 comments

June 07, 2012, 8:00 PM —
 
Security breaches of mind-numbing size like those at LinkedIn and EHarmony.com set crypto- and security geeks to chattering about weak passwords and lazy users and the importance of non-alphanumeric characters to security.

And insisting on a particular number of characters in a password is just pointless security-fetish control freakishness, right?

Nope. The number and type of characters make a big difference.

[ Stupid security mistakes: Things you missed while doing the hard stuff ]

How big? Adding a symbol eliminates the possibility of a straight dictionary attack (using, literally, words from a dictionary. Adding a symbol, especially an unusual one, makes it much harder to crack even using rainbow tables (collections of alphanumeric combinations, only some of which include symbols).

How big a difference to length and character make?

Look below and pick which password-cracking jobs you'd want to take on if you were a computer. The examples come from the Interactive Brute Force Password Search Space Calculator: at GRC.com, the love child of from former InfoWorld columnist and freeware contributor Steve Gibson

How long would it take to crack my password: (Includes letters and numbers, no upper- or lower-case and no symbols)

6 characters: 2.25 billion possible combinations

Cracking online using web app hitting a target site with one thousand guesses per second: 3.7 weeks.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 0.0224 seconds
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 0.0000224 seconds
10 characters: 3.76 quadrillion possible combinations

Cracking online using web app hitting a target site with one thousand guesses per second: 3.7 weeks.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 10.45 hours
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 37.61 seconds.
Add a symbol, make the crack several orders of magnitude more difficult:

6 characters: 7.6 trillion possible combinations

Cracking online using web app hitting a target site with one thousand guesses per second: 2.4 centuries.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 1.26 minutes
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 0.0756 seconds
10 characters: Possible combinations: 171.3 sextillion (171,269,557,687,901,638,419; 1.71 x 1020)

Cracking online using web app hitting a target site with one thousand guesses per second: 54.46 million centuries.
Cracking offline using high-powered servers or desktops (one hundred billion guesses/second) 54.46 years
Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 2.83 weeks.
Take Steve's advice: go for 10 characters, then add a symbol.


SOURCE





 

 

Currency Classifications

6/7/2012

 
CURRENCY CLASSIFICATIONS


currency_classifications.pdf
File Size: 37 kb
File Type: pdf
Download File

Straight Talkin Mike~~LinkedIn users targeted in phishing scam after hack

6/7/2012

 
7 June 2012

LinkedIn users targeted in phishing scam after hack

Convincingly-designed emails like these have been sent to LinkedIn users    


LinkedIn users have been targeted by email scams after hackers leaked more than six million user passwords online.

Emails designed to look like they were sent by the social-network website asked users to "confirm" their email address by clicking a link.

However, the link took unsuspecting recipients to a site selling counterfeit drugs.

Dating website e-Harmony has also admitted that a "small fraction" of its users' passwords have been leaked.

Approximately 1.5 million passwords from the US-based relationship site were posted online, reported Ars Technica.

The company said on its blog that it had reset the passwords of the affected users, who would receive an email with instructions on how to set new passwords.

On Wednesday it was revealed that 6.4 million passwords from LinkedIn had been posted on a Russian web forum, along with a message encouraging other hackers to help decrypt the "hashed" data.

Affected LinkedIn users have been told they will receive instructions in an email - but not with a link - on how to change their details.

HOW TO CHANGE YOUR LINKEDIN PASSWORD

Security experts have advised users to change their passwords on LinkedIn. Here's how: First, visit www.linkedin.com, and log in with your details

"Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid," said LinkedIn director Vicente Silveira, confirming that a breach had occurred.

He added: "These members will also receive an email from LinkedIn with instructions on how to reset their passwords.

"These affected members will receive a second email from our customer support team providing a bit more context on this situation and why they are being asked to change their passwords."

However, Ant Allen, from analyst firm Gartner, said LinkedIn must do more to inform their members about the situation.

"I'd really like to see a clearer statement from them on their front page," he told the BBC.

"A statement that they were taking steps to minimise the risks of passwords being exposed in the future and the risks to users if passwords were exposed would do a lot to reassure people. Simply saying, 'we need you to reset your password as a security precaution' is not enough."

Final tally 'higher' Security analyst Imperva said it believed the breach was larger than had been acknowledged, as the list did not duplicate individual passwords, even though many were likely to have been used by more than one user.

"The list doesn't reveal how many times a password was used by the consumers," the company said.

"This means that a single entry in this list can be used by more than one person. For reference, in the [social network] RockYou hack the 5,000 most popular passwords were used by a share of 20% of the users. We believe that to be the case here as well, another indicator that the breach size exceeds 6.5m."

The password breach came just hours after the company admitted it had updated its mobile apps due to a privacy flaw.

In a blog post, Skycure Security said the the mobile app was sending unencrypted calendar entries to LinkedIn servers without users' knowledge.

In response LinkedIn said it would "no longer send data from the meeting notes section of your calendar".

Source






Straight Talkin Mike~Using Public Wi-Fi to Pay Bills & Shop Can Be Very Dangerous

5/20/2012

 
Great advice from Straight Talkin Mike....

USING PUBLIC WI-FI TO PAY BILLS AND SHOP CAN BE VERY DANGEROUS


Have you ever gone to the local hotspot at the McDonalds to browse the internet, have a cup of coffee and pay bills?


Well did you know you are at risk having your password and Identity stolen...  Surprised?

Most people are...We have a false sense of privacy on the internet today and it can be damaging to you and your personal information.   The nature of Public Wi-Fi is that it is open and Free....The word Public should be a clue as to how safe you really are on the network.   Public Wi-Fi is an open network and all your information is open to anyone on the network to see and copy and use. 

Ok....take a deep breath, now we can continue....Try this one day when you are traveling at the airport when connected  to the Wi-Fi..click on your network neighborhood icon and you can see all the information from other peoples computers.

If you are paying bills any one can glean passwords and logons and you have given your information to them freely. 

So how do you stop this?

First make sure your computer is up to date, all of the security patches are installed, you have a virus program and a Fire Wall running.
NEXT MAKE SURE YOU TURN OFF FILE AND PRINTER SHARING , so that others cannot see what you are broadcasting for others to share.
Remember it is possible to connect to any computer on the network.
Remember the internet is one big network and any one on that network can access your computer if you don’t take precautions. 

Windows 7 has the most secure features to protect you.  When you enter a new network it pops up a screen to ask you what type of network your are on, Public , home and work.   Each network applies different security policies to protect your computer and disallow  things like sharing.  The most vulnerable  operating system to expose to the network is Windows XP, so  make sure at a minimum you are using Windows firewall to protect your computer from others.

Remember, and  let me make it clear, on a public network it is never safe to do banking or shopping on a public Wi-Fi, because your data is never safe.  If you need to do banking on the road, you should remote into your home machine via LogMeIn, Team View, etc.... this lets you securely use your home computer to do banking on a safe network. 

Straight Talkin Mike

I have included a link and the News Article that will let you explore this further below:

Is It Safe To Bank On Public Wi-Fi? How Not To Get Hacked!

By Becky Worley | Upgrade Your Life – Wed, Feb 8, 2012 

LINK TO VIDEO
http://news.yahoo.com/video/us-15749625/28233096  

Online banking has grown in huge numbers, and mobile banking is on an even faster rise. But accessing your sensitive financial data via computer can be dangerous. One well known computer virus that steals banking logons and passwords is thought to have infected over 3 million computers in the US alone, siphoning at least $70 million dollars from consumers. So how can you access your bank account safely?

We've enlisted the help of noted hacking researcher Darren Kitchen to find out:
• Is it safe to bank on a public computer, like at a library or in a school?
• Can you safely check your bank balance in a Wi-Fi café on your own laptop?
• How safe is it to check your bank account from your home computer?
• Is it OK to bank on your phone?

I've known Darren Kitchen for years. He hosts a podcast about hacking called Hak5 and has been interviewed by ABC News, the New York Times and Wired Magazine on various hacking topics. In short, he's the real deal, and he sat down with me to answer the following questions and demo what a hacker could do if you log on to the wrong Wi-Fi.

Is it safe to bank on a public computer?
Answer: No
Public computers in libraries, schools, and hotels are completely unsafe for any sensitive web browsing. You have no idea if they are secure or if a criminal has installed a key-logger that tracks every username and password you enter.

Can you safely bank online at a Wi-Fi café on your own computer
Answer: Probably not
Darren and I set up an experiment.  With my own laptop, I logged onto the free Wi-Fi in a café while Darren sat across from me. I went to my bank site and entered my username and password. In real time, Darren intercepted the logon info. If that had been my real info he could have immediately logged onto my bank account (NOTE: I gave Darren expressed permission to hack my browsing — I need to say this for legal reasons. ALSO - I am a blond, but what you see in the video is not my real banking info.)

How did he hack my connection?
Darren brought his own router into the coffee shop. He can set it up to provide an open connection that is labeled "Internet" or "free Wi-Fi" or even includes the name of the café, something like "Cuppa Joe Wi-Fi."  Simply put, he pretends to be the Internet access provided by the café. The scenario: you turn on your computer and log on to what you think is the Wi-Fi provided by the business. Even more deviously, Darren can create a Wi-Fi signal called Linksys, TMobile, ATT Wireless or GogoInflight. If your computer has ever connected to those legitimate networks in the past, it will be fooled into thinking it already has permission to connect — and does so through Darren's router.

"Once you're on my router, I am the Internet. I'm the man in the middle, so I can see everything," said Darren. "I'm essentially your Internet service provider, and inherently, I can eavesdrop and even change data on the fly. And when I see you're going to a bank, I can serve up my own [site] that looks and feels in every way like the bank's site."

And that's how he got my info. I thought I was going to a legitimate bank, but really it was Darren serving up an easily faked version of the site.  It looked exactly the same as the real bank's site.

Bottom-line: if you must do sensitive web browsing over a Wi-Fi network in a public place you should be very sure you know that the Wi-Fi is actually provided by the business and being passed through their router. It should be encrypted so you need a password to log on. And finally, do you trust the business and its employees? There are enough risks that when I ask Darren if he would log on to his bank this way he says "Absolutely not."

How safe is it to check your bank account from home?
Answer: Safe, but be sure your computer is virus free
If you are connecting to the Internet at home over a Wi-Fi router that's encrypted with WPA2 security, you should be safe to log on to your bank.

BUT… big caveat! Are you sure your computer is virus free? Computer viruses are getting more devious about specifically targeting online banking information. The Zeus botnet has resulted in hundreds of millions of dollars funneled out of consumer bank accounts. If you have any doubt about the security of your home computer, it may be time to get serious about disinfecting it and protecting it with an antivirus program if you want to bank online without anxiety.

Is it okay to bank on your phone?
Answer: Yes, but…
Phones using Wi-Fi to connect to the Internet are susceptible to hacks just like the Wi-Fi café hack Darren exhibited. But phones using cellular data networks for their connection are MUCH harder to fool. It's not impossible. As Darren points out, he replicated the café's Wi-Fi with off-the-shelf router equipment. It's much harder to replicate a cell phone tower.

The biggest caveat for checking your bank account on your phone is to consider what would happen if the phone fell into the wrong hands. The financial and identity information on your phone has now become more valuable than the hardware itself, so thieves are getting much more sophisticated about mining bank and personal data from mobile devices. So keep a password screen lock on the phone and have a remote wipe program so you can delete all data if your phone is lost or stolen.

SOURCE

FBI: Beware Of Malware Installed Via Hotel Networks The Federal Bureau of Investigation is warning travelers to be in the lookout for fake software updates booby trapped

5/14/2012

 

The Federal Bureau of Investigation is warning travelers to be on the lookout for fake software updates booby trapped with malware that are being pushed through hotel internet connections.

FBI: Beware Of Malware Installed Via Hotel Networks The Federal Bureau of Investigation is warning travelers to be in the lookout for fake software updates booby trapped with malware that are being pushed through hotel internet connections.

The Seal of the United States Federal Bureau of Investigation. (Photo credit: Wikipedia)

According to the FBI, there has been an increase in instances of travelers’ notebooks being infected with malicious software while using hotel internet connections. While attempting to set up the internet connection in the room, some users have been presented with a pop-up notifying them of an update a widely-used software product.

Accepting the update resulted in malicious software being installed on the notebook.

The FBI’s Internet Crime Complaint Center (ISC3) has offered up some good advice for travelers, including:

  • Carry out all software updates before traveling.
  • Checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor.
  • Download software updates direct from the vendor’s website.
In addition to this, I would recommend that all important information — including, but not limited to, emails, documents, IMs and web logins — is sent over
secure HTTP or a VPN.

This advisory from the FBI follows a report by Bloomberg which claims that Chinese hackers have stolen private data from as many as 760 firms by hacking into the iBahn broadband and entertainment service offered to guests of hotel chains such as Marriott International Inc.

Firms compromised in this attack are believed to include Research in Motion Ltd. and Boston Scientific Corp., as well as some of the largest corporations and niche innovators in sectors such as aerospace, semiconductors, pharmaceuticals and biotechnology.

By breaking into iBahn’s networks, hackers may have had access to millions of confidential e-mails, even encrypted ones.

Last month, software engineer Justin Watt noticed during a stay at a Marriott International hotel in the U.S. that code was being injected into websites visited via the hotel WiFi in order to push third-party advertisement to users. According to an official statement from Marriott International, this was done “unbeknownst to the hotel”.

While the advertisements served were harmless, it can’t be reassuring to visitors to find that Marriott International didn’t know what was going on with its own network.


SOURCE



THANKS VW

Straight Talkin Mike~~8 Privacy Threats Worse Than Google

5/5/2012

 
8 Privacy Threats Worse Than Google

Google's privacy policy tweaks this week caused a fresh flurry of outrage. But Google should not be your top privacy worry.

4 Comments | Thomas Claburn | March 03, 2012 09:10 AM

Google has taken a lot of heat for combining several dozen privacy policies that few people ever read into a single set of rules that people might actually glance at, even if they don't really want to bother with the specifics.

The outcry is both appropriate and ridiculous.

  Worries about online privacy are appropriate because online privacy is terrible. Remember Facebook's Beacon ad targeting system, which caused similar controversy in 2007? Well, read Google's new privacy policy, the part about pixel tags.

Google explains, "A pixel tag is a type of technology placed on a website or within the body of an email for the purpose of tracking activity on websites, or when emails are opened or accessed, and is often used in combination with cookies."

That's basically what Facebook's Beacon system did. But it's not just Google doing this, it's pretty much every online ad company and major Internet service. Get ready for the Soylent Green moment: The information economy runs on your information.

[ Read Google Insists Privacy Change Is Legal. ]

But worries about online privacy are ridiculous because we don't really want privacy. We want to feel like we're in control, whether or not we are or can be. We want a property right in the information we generate and passively express. You'd better hope that we never get that far because there won't be any information economy after that.

Privacy doesn't sell, at least beyond those in the market for tin foil hats. I've lost track of the number of companies that have tried and failed to sell privacy as a product. It doesn't sell because we'd rather be connected and share, because we'd rather have advertisers subsidize online services, and because it's difficult to place a value on privacy.

Worries about online privacy are ridiculous because much of the hysteria comes from companies using fear mongering to compete, from lawmakers who don't understand technology, and from interest groups with ties to industry. Real cases of privacy-related harm are few and far between. Remember the Borings, the couple in Pennsylvania that sued Google for photographing their property with a Street View car? They settled for $1. Google paid too much.

In a more recent Street View privacy-related lawsuit, a French man is suing Google for capturing an image of him urinating in his yard. Although his face was blurred, locals apparently recognized him. Maybe Google will have to shift to full-body blurring, to protect the privacy necessary to relieve oneself in public.

Worries about online privacy are ridiculous because we're so schizophrenic about privacy. Google has to blur the face of people captured in Street View images, yet these same people are probably present in the backgrounds of tourists' pictures and video posted to countless social-sharing websites. We surrender our privacy to our employers and yet accept that companies have a right to operate without much scrutiny. We submit to invasive body scanning at airports and become indignant at the thought of seeing ads tailored to our interests.

Though Google consolidated its privacy policies to allow it to generate more ad revenue by delivering more relevant ads, it also is offering what it believes is a better experience. So before you take up arms against Google, which is mainly trying to make enough money to pay for all those videos you're uploading and watching on YouTube, here, in no particular order, are a few privacy violators to worry about.

1. Shoulder surfers. Remember, you don't have much privacy and you have even less sitting in a cafe or on a plane where people can see your computer screen.

2. Hackers. No computer user with an Internet connection is immune from hacking, but you can mitigate the risk by choosing strong passwords and using two-factor authentication. Sure, it's a pain, but assuring that your computer is secure will help you maintain your privacy.

3. Other people. When things are going well in a relationship or friendship, it's all about sharing. When things turn to divorce, child-custody battles, or other disputes, you might realize that your enemies don't adhere to privacy policies. And even your friends might cause problems, posting pictures or sharing email messages that don't portray you as you wish to be portrayed.

4. Governments. If you're more concerned about what Google knows than you are about what governments know, consider whether any government is more true to the "Don't Be Evil" motto than Google. Who watches the watchmen?

5. Credit bureaus. Unlike consumer credit companies, what Google knows about you probably never prevented you from getting a loan.

6. Information vendors. Google might be able to point people to a lot of public information about you, but companies such as Intellius, when presented with an email address, will produce a report that includes a person's personal name, address, residential and cell phone numbers, and location details.

7. Your employer. Google is reasonably specific about the information it collects and it allows users a fair degree of control over that information. Your employer probably has a record of all the websites you've visited while at work and access to your work-related email. Before you sue for employment discrimination or back pay, be sure your own conduct online at work has been beyond reproach.

8. You. Google can collect only a limited amount of information if you haven't signed in to your Google account. And the company provides plenty of tools for limiting the information it stores. Have you done your part to protect your privacy? Here's a first step in the journey toward privacy awareness: Keep your voice down when talking on your mobile phone.

The list could go on. Insurers, retailers, ISPs, developers, telecom companies, electric utilities, grocery stores, and anyone rifling through your garbage might know more about you than you realize. Frankly, if Google's tracking is your major concern, you probably have very little to worry about.

That doesn't mean privacy isn't worthwhile. It's just complicated. We should expect and demand that companies are straightforward about how they're using information. Here Google and other businesses need to do more, to be more specific about how they leverage data. But we should not expect them to turn a blind eye to the information we don't take the trouble to protect, particularly if they make a good faith effort to be transparent and involve us in the process.

Trust as much as you have to, verify what you care about, block where necessary, and try to find your own personal comfort zone in the information economy.

New privacy rules might sound appealing, but they probably won't be very effective. Advertising has a way to surviving. And in the event it doesn't, guess who'll end up paying?

As enterprises ramp up cloud adoption, service-level agreements play a major role in ensuring quality enterprise application performance. Follow our four-step process to ensure providers live up to their end of the deal. It's all in our Cloud SLA report. (Free registration required.)

Source

 


Straight Talkin Mike~~How can you detect if your computer has been violated and infected with DNS Changer?

5/5/2012

 
 
How can you detect if your computer has been violated and infected with DNS Changer?

An industry wide team has developed easy “are you infected” web sites.  They are a quick way to determine if you are infected with DNS Changer. Each site is designed for any normal computer user to browse to a link, follow the instructions, and see if they might be infected. Each site has instructions in their local languages on the next steps to clean up possible infections.

For example, the
http://www.dns-ok.us/ will state if you are or are not infected (see below).
  • No Software is Downloaded! The tools do not need to to load any software on your computer to perform the check.
  • No changes are performed on your computer! Nothing is changed on your computer when you use sites like http://www.dns-ok.us/.
  • No scanning!  The “are you infected with DNS Changer” tool does not need to scan your computer.
If you are not affected by DNS Changer then do nothing.


If you think your computer is infected with DNS Changer or any other malware, please refer to the security guides from your operating system or the self -help references from our fix page (
http://www.dcwg.org/fix).

Read More 

Source

Straight Talkin Mike~~DNSChanger is not the end of the world

5/5/2012

 
DNSChanger is not the end of the world

By Woody Leonhard on May 2, 2012 in Top Story

DNSChanger virus spells ‘Internet Doomsday’ … The end is nigh, according to the FBI … ‘Internet doomsday’ will strike us all on July 9 …

That’s what a couple of popular websites had to say about the DNSChanger virus. What a crock!

I’ve been writing about viruses for about two decades, and I don’t think I’ve ever seen headlines that ridiculous from sources that should know better.

DNSChanger is a real piece of malware — it’s a variant of the TDSS/Alureon family of Trojans — and it was a real problem until taken down Nov. 8, 2011, in a joint FBI–Estonian police action code-named “Operation Ghost Click” (FBI site).

Since then, it seems, DNSChanger has hit headline after headline — with dire warnings. Even local TV news programs have covered it in breathless terms, as if it were the worst thing to ever infect your computer.

Lemme tell ya. It’s easy to write scary headlines such as “New Mac Trojan makes your clicking finger fall off!” (no doubt because Mac mice have only one button) or “Log on to Windows and lose your life savings!” It’s not so easy to examine the threat, digest it, translate it into terms we can all understand, and make a few simple recommendations.

That’s the goal for this column. Is it true that, as a Huffington Post U.K. headline put it, “The end is nigh, according to the FBI!”? I don’t think so.

Exactly what does DNSChanger do? With an estimated four million infected computers — 500,000 in the U.S. alone — DNSChanger was one of the largest botnets ever disassembled. However, despite what you may have read, this botnet wasn’t designed to steal your credit-card numbers or bank-account passwords. DNSChanger rerouted your browser to websites that mostly sold little blue pills, antivirus products that didn’t work, and other scummy stuff.

The people behind DNSChanger received commissions from these fake pharmaceutical companies, rogue antivirus sites, and other unsavory cyber characters. The FBI avers that these “commissions” amounted to more than $14 million.

Typically, DNSChanger infected systems by posing as a codec needed for viewing videos streamed from adult sites. When you clicked to view these bogus videos, Windows Media Player would complain that it didn’t have the right codec. Users then downloaded the codec from the site, gave permission to install the codec, and — well, there you go.

(Given the amount of unauthorized Web surfing on business PCs, it should not be surprising that half of the Fortune 500 companies and roughly half of all U.S. government agencies now have one or more PCs infected with DNSChanger.)

As befits a TDSS/Alureon variant, the infection is a nasty one — full rootkit behavior that’s hard to detect and even harder to clean.

On Windows, the infection changes your computer’s DNS server, usually by hacking the Registry. (If you aren’t familiar with Domain Name Servers — the White Pages of the Internet — check out Susan Bradley’s April 5 Top Story.) With a subverted DNS server, you might type www.google.com into your browser — any browser — and end up at www.buyonlinepharmaceuticalsifyoudare.com. The bad guys set up several DNS servers that did exactly that.

Naturally, if you tried to go to common Web addresses that offer antivirus help, AV scans, patches, advice, or even news about DNSChanger, you were rerouted. Effectively, your browser belonged to DNSChanger.

DNSChanger meets its match on two continents As scary as that DNSChanger sounds, you no longer need fret over it — you no longer have to worry about DNSChanger changing your PC’s DNS server. The FBI and many other organizations — in the U.S. and in Estonia — took DNSChanger down. You might still get an Alureon infection, but it won’t be DNSChanger.

Although it took years, the FBI succeeded in identifying the people directly involved in the scam — six men in Estonia. The agencies also found the IP addresses of the DNSChanger servers: all were located within the U.S.

In a complex, well-coordinated action, Estonian police arrested most of the bad guys, who are now facing extradition to the U.S. To minimize Internet service disruptions to those four million infected PCs, the FBI and Internet Systems Consortium (the nonprofit company that maintains the ubiquitous DNS server software, Binds) pulled off an amazing technical feat: they quickly replaced the malicious servers with legitimate DNS servers. (Many PC users might still not know they’re infected. But at least they’re getting to their intended websites.)

Operation of the DNS server farm was given to a new organization called the DNSChanger Working Group, which consists of representatives from the computer industry and law enforcement. That left the FBI in the position of running a DNS server farm — and also left a nagging question.

The take-down aftermath, and what you can do For those four million PCs, what’s the smarter move: leave users unaware that they’re infected and maintain the servers indefinitely, or gradually shut down the servers and cut off small numbers of users at a time?

It’s a tough choice. There’s no right or wrong answer, from my point of view. The FBI and BINDS could perhaps try to intercept a handful of webpages and put up warnings on them. But that might scare the daylights out of a lot of people and leave them with the task of changing to another DNS server on their own.

The FBI and the DNSChanger Working Group originally had court permission to keep the server farm running until March 8. As the deadline approached, people fretted that shutting off the remaining infected machines (still millions of them, at that point) would cause a lot of panic. So they sought, and received, a court extension to July 9.

Will the DNSChanger Working Group look for another extension after July 9? I think it’s highly likely that they’ll ask for — and receive — an extention. Remember, though, somebody has to pay for running the temporary server farm.

So while we wait for an Internet Armageddon that will never come (at least not from DNSChanger), here’s something you can do (and have all your friends do, as well). Go to the DNSChanger Working Group Detect site and click the link at the bottom for your language or country. (Because you’re reading this in English, you’ll most likely click through to the main DCWG test page.) When you get to the DNS Changer Check-Up page, you’ll see a large graphic — if it’s green, you’re fine; if it’s red, you’re infected.

There are lots of DNSChanger-fixing programs out there. I’ve not run across any infected machines yet; but if I do, my first choice for cleaning them would be Windows Defender Offline, which I wrote about in my Jan. 5 Top Story.

Yep, this is one of the tests even your Aunt Martha needs to take.


Source
                     

Straight Talkin Mike~~CISPA: the controversy surrounding it and how it might affect you

4/28/2012

 
Thanks Straight Talkin Mike.....

CISPA: the controversy surrounding it and how it might affect you

By Rachel Rose Hartman | The Ticket – 21 hrs ago  

While much of America was gearing up to watch the NFL draft picks Thursday night, the House of Representatives passed a controversial cybersecurity bill to increase information sharing between private companies and the federal government.

The bill—H.R. 3523, the Cyber Intelligence Sharing and Protection Act (CISPA)—passed at 6:30 p.m. by 248 to 168, boosted by a Republican majority (206 Republicans voted for it, along with 42 Democrats). Debate on the bill was expected Thursday, but the vote was a surprise because it had been scheduled for Friday.

Here's a look at the controversy surrounding the bill, what's in store for its future and how it might affect you:

Check out our explainer below to find out more about CISPA
:

• What is the purpose of CISPA?
Michigan Republican Rep. Mike Rogers and Maryland Democratic Rep. Dutch Ruppersberger sponsored and, along with supporters, crafted CISPA to offer private companies new ways to protect themselves from potential economic cyberspies hailing from countries such as Russia and China. To accomplish this, the bill amends the National Security Act of 1947 (which contains no cyberthreat provisions) to increase information-sharing permission between U.S. businesses and the federal government. Supporters say information regarding cyberthreats will be more quickly and easily disseminated under CISPA.

• Why is it controversial?
Opponents aren't arguing against discussing cyberthreats, but they're concerned about the scope of sharing and privacy issues. Under CISPA, companies will be permitted to share information with entities such as the Department of Homeland Security and the National Security Agency and won't be required to protect Internet users' personal data. The shared information is supposed to be related to cyberthreats, but many opponents argue that term is too broad and offers too many exemptions to current privacy laws.

• How does CISPA differ from SOPA?
CISPA has been dubbed "the new SOPA," in reference to the Stop Online Piracy Act, a bill designed to curb copyright infringement by restricting sites that host pirated content. Congressional action on SOPA was postponed Jan. 20 after fierce protests from technology companies and others. SOPA centered around piracy, while CISPA is about cybersecurity. And while SOPA cracked down on domestic sites, CISPA is focused on overseas entities. Constitutional rights advocates, civil liberties groups and others oppose both bills. Unlike with SOPA, many tech companies, such as Facebook and Microsoft, support CISPA. The bill has already advanced in one chamber of Congress with a majority of support after amendments were added to define cyberthreats.

• Who opposes and who supports CISPA?


Against:
The American Civil Liberties Union and other advocacy groups such as the Sunlight Foundation, the American Library Association and the Electronic Frontier Foundation are staunchly opposed to CISPA as a potential threat to Americans' constitutional rights. The White House on Wednesday threatened to veto the bill in part over privacy issues and has backed a competing cybersecurity bill offered in the Senate. A majority of House Democrats and 28 Republicans voted against the bill Thursday due to privacy issues and other factors. Rep. Ron Paul of Texas voted no on the bill, saying on Monday that it would create a "Big Brother" culture.

For:
Many companies and groups including Facebook, AT&T, Intel, Microsoft, the U.S. Chamber of Commerce, the conservative Heritage Foundation and tech associations back CISPA as an effective way to combat overseas cyberthreats. Select members of Congress support CISPA for the same reason.

• What is the future of CISPA?
Don't expect the Democratic-controlled Senate to rush to pass CISPA after the White House's veto threat. In addition to the president's opposition, CISPA must now compete with the Senate's own cybersecurity legislation.

http://news.yahoo.com/blogs/ticket/cispa-controversy-surrounding-might-affect-173913974.html


http://www.thestraighttalkexpress.com/1/post/2012/04/cispa-the-controversy-surrounding-it-and-how-it-might-affect-you.html

Straight Talk Express~~Identity Theft~Here’s How Your Identity Will Be Stolen: The Top 10 ScamsI

4/28/2012

 
Identity Theft 

Here’s How Your Identity Will Be Stolen: The Top 10 Scams

By Martha C. White | April 5, 2012


ID Theft

  • 1. Phishing
  • 2. Pretexting
  • 3. Fake Job Offers
  • 4. Skimming
  • 5. Dumpster Diving
  • 6. Pickpocketing and Purse-Snatching
  • 7. Malware and Spyware
  • 8. Fake Tax Filing
  • 9. Change of Address
  • 10. Data Breaches
From Straight Talkin Mike
Source 

http://moneyland.time.com/2012/04/17/10-ways-youre-going-to-get-your-identity-stolen/#1-phishing#ixzz1tLJE1xqR



Straight Talkin Mike~~Looks too good to be True~~Fraud Risk Assessment Tests

4/21/2012

 
Looks too good to be True~~Fraud Risk Assessment Tests
Are you about to be a victim of Fraud?    

Looks Too Good to Be True Website:
http://www.lookstoogoodtobetrue.com/about.aspx

TAKE OUR TESTS

Many people aren't sure if they have been or are about to be become a victim of fraud.   Take the following risk assessment tests and see if you are a potential victim:

Is your computer Protected?
Is You Child at Risk on Line?
Are you protecting your identity?
Are you safe from Financial Fraud Opportunities?
Are you an unwitting accomplice in Crime?
Are you at Risk to be Scammed Through an Internet Auction?
Authentic or Counterfeit?
Are you the Lucky winner in a sweepstakes or Lottery?

CLICK BELOW FOR TESTS

http://www.lookstoogoodtobetrue.com/tests.aspx  



http://www.thestraighttalkexpress.com/1/post/2012/04/looks-too-good-to-be-truefraud-risk-assessment-testsare-you-about-to-be-a-victim-of-fraud.html

Straight Talkin Mike Post~~Internet Crime Prevention Tips

4/21/2012

 
Internet Crime Prevention Tips

Source 

http://www.thestraighttalkexpress.com/1/post/2012/04/internet-crime-prevention-tips.html  

Straight Talkin Mike Post~~Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files

4/21/2012

 
Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files  

Intelligence Note

Prepared by the Internet Crime Complaint Center (IC3)

January 20, 2012

Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files

Cyber criminals can damage their victim's computer systems and data by changing or deleting files, wiping hard drives, or erasing backups to hide some or all of their malicious activity and tradecraft. By wiping, or "zeroing out," the hard disk drives, which overwrites good data with zeros or other characters, the criminals effectively erase or alter all existing data, greatly impeding restoration. This sort of criminal activity makes it difficult to determine whether criminals merely accessed the network, stole information, or altered network access and configuration files. Completing network restoration efforts and business damage assessments may also be hampered.

The FBI and DHS encourage businesses and individuals to employ mitigation strategies and best practices such as:

  • Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.
  • Regularly mirror and maintain an image of critical system files.
  • Encrypt and secure sensitive information.
  • Use strong passwords, implement a schedule for changing passwords frequently, and do not reuse passwords for multiple accounts.
  • Enable network monitoring and logging where feasible.
  • Be aware of social engineering tactics aimed at obtaining sensitive information.
  • Securely eliminate sensitive files and data from hard drives when no longer needed or required.
The US-CERT Web page at www.us-cert.gov hosts a wide range of tips, best practices, and threat information for business and home users.

To receive the latest information about cyber schemes, please visit the FBI Web site and sign up for e-mail alerts by clicking on one of the red envelopes.

If you have been a victim of cyber crime, please file a report with the Internet Crime Complaint Center at www.IC3.gov.

SOURCE 


http://www.thestraighttalkexpress.com/1/post/2012/04/joint-fbi-and-dhs-public-service-announcement-best-practices-for-recovery-from-the-malicious-erasure-of-files.html  

Straight Talkin Mike Post~~INTERNET CRIME COMPLAINT CENTER

4/21/2012

 
Thanks to Jose from Puerto Rico who shared this great site all about Internet Scam & Crimes.   Info on where to report them, how to prevent them, and monthly listings of New Internet Scams and Fraud.

INTERNET CRIME COMPLAINT CENTER   (IC3)
(an FBI and the National White Collar Crime Center (NW3C), funded in part by the Bureau of Justice)

INTERNET CRIME COMPLAINT CENTER
Source

INTERNET CRIME SCHEMES

Source

Straight Talkin Mike Computer Security Blog

    Health Products Favs
    Health Books
    Picture
    filterfluoride
    IGNITEChewable Energy
    Get younger skin the natural way with Chews-4-Health™
    Picture
    Picture
    Liquid Zeolite
    Health Books
    Health Products FAV
    Picture
    Get 50% off Vetisse Jimin Ointment

    Categories

    All
    Articles Of Interest
    Automobile
    Banking
    Banking Laws
    Banking Tools
    Books
    Budget Tips
    Business Start Up
    Calculators
    Calling Help Google
    Cashing In
    Cashing In Info
    Cdars
    Changing State Residency
    Charities
    Check Authenticity Of Dinars
    Computer Security
    Con Men
    Credit
    Credit Cards
    Currency Classifications
    Currency Exchange
    Currency Trading Forex
    Debt
    Delarue
    Dinar Dealers - Check Out License
    Dinar Information
    Email Accounts Set Up
    Entities
    Entities Help
    Fair Debt Collection Practices Act
    Financial Planning
    Financing
    Fincen
    Forex & Currency Converters
    Fractional Banking
    Free
    Free Calling
    Fun
    Gifting
    Health & Wellness
    Home Ownership Help
    Home Safety
    Identity Protection
    Insurance
    Internet Crime Center
    Investing
    Iraq Investing
    Iraq News
    Iraq Stock Exchange Isx
    Lop
    Misc
    Modern Money Mechanics
    Money
    Money Financial Planning
    Money. Financial Planning
    Mortgage Scams
    Mr Anonymous
    Music & Inspiration
    News Sources
    Phone Security
    Post Rv Checklists
    Preparedness
    Pre & Post RV Daily Postings
    Privacy
    Private Banking
    Questions To Ask Professionals
    Real Estate
    Retirement
    Rfid Be Aware
    Safes
    Scam & Fraud
    Scam & Fraud
    Security
    Self Help
    Sent In By Our Listeners
    Shopping
    Straight Talkin Mike
    Sudden Wealth
    Tag Account
    Taxes
    Telephone
    Travel
    Twitter
    Veterans Assistance
    Words Of Wisdom

    Garden of Life