Safety on the WEB

spiderman Not every threat on the web will be obvious to you. Very few will look like this evil looking ‘Spidey’ knock-off. Most will be very much more like your sweet old uncle or a really amazing looking young, beautiful co-ed that for some reason thinks you are her only reason for living! A look at some recent data will be helpgrandfather-and-granddaughter-family-lifestyleful in understanding the nature of stalkers and other criminal ‘entrepreneurs.’ Beside the typical identity theft issues, persons like this young female may be attempting to use what is called legally as ‘undue influence’ where they step into a typically elderly person’s life who is lonely, less capable of decision making and they guide the decisions to their own benefit, often taking all the life savings and having the Last Will and Testament rewritten to their own advantage. SCI is going to review just a few one the issues currently hitting internet users which is called a new type of downloader.

The following report by Dr. Brett Stone-Gross and Russell Dickerson of the Dell Secure Works Threat Unit outlines a downloader threat that is currently loose within the cyber-world:

The Gameover ZeuS trojan, also known as Peer-to-Peer (P2P) ZeuS, is one of the largest and most sophisticated botnets involved in online banking fraud. The botnet operators are very well connected in the underground community, and they rely upon a variety of tools and services provided by other cybercriminals to run their operation. In particular, the group regularly uses the Cutwail spam botnet to lure new victims and the Pony Loader malware to steal credentials and download additional malware, including Gameover ZeuS. In August 2013, the Dell SecureWorks Counter Threat Unit™ (CTU) research team discovered that in addition to the Pony Loader, the group is using a new downloader known as Upatre to distribute its malware. The downloader has a small file size and is extremely simple, implementing its functionality entirely in a single function. It downloads and executes a file from a hard-coded URL over an encrypted Secure Sockets Layer (SSL) connection from a compromised web server and then exits. Figure 1 diagrams the malware distribution process.

The Gameover ZeuS botnet operators distribute both Pony Loader and the Upatre downloader through spam emails sent by the Cutwail botnet. Many lures have used social engineering techniques by impersonating financial institutions and government agencies to trick a victim into executing the malware. The spam emails have an embedded malware executable in a ZIP attachment, so user interaction is required to infect the system. Figure 2 shows an example spam email containing the Upatre downloader as an attachment.

Technical information can be found at: URL:

SCI and the CTU research team advises organizations to remain vigilant and to deploy a defense-in-depth strategy that includes the following components:

  • Educate employees about the dangers of clicking on links and attachments in emails.
  • Filter email / scan email file attachment contents and consider blocking executable file types (including those found in ZIP attachments).
  • Deploy advanced malware protection devices in-line with incoming email streams containing malicious file attachments as well as subsequent file downloads.
  • Implement end-point controls on users’ computers to help limit opening of malicious file attachments and to catch malware installation / execution.
  • Apply post-infection controls such as firewall policies, web proxies, file downloads over HTTPS, and associated log monitoring to identify anomalies.
  • Keep antivirus, operating system, and browser software up to date.

This cyber-report is courtesy of Dell Secure Works at and is simply one of the threats that are currently out in the cyber-world preying on those who are browsing the web without the appropriate protecting software and without using some common sense in not opening emails with attachments that are suspicious.

Security Consulting Investigations, LLC is pleased to introduce SecCom 360 –  a video/audio communications system that is web based yet 100 per cent safe, not only protected by what we have dubbed ‘above military grade’ secure encryption but also with Cyber Agents that guard each com-meeting to prevent hackers and other cyber interlopers.


Watch for further information from SCI as Sec Com 360 is launched for 2014!

SCI – Building for Tomorrow – Today!

Follow SCI at under NEWS for recent cyber-world updates and current threats. InSCIghts also on provides current issues in law enforcement, security concerns, and cyber-world threats as well as comment on international terrorism.

You can also reach SCI at 330-956-9561 or at


Normally, the Ministry Minute is about ministering to others or getting closer to God for yourself so that you can comfort others with the comfort by which you, yourselves, have been comforted… and maybe that is what this is all about. I know some stories of folks who have lost everything by criminals masquerading on-line, sometimes as government officials. At tax time when many people are doing their taxes on-line, it is a very dangerous time, particularly for those who are not ‘computer literate’. If you are having difficulty or you know someone who might struggle or be an easy target for these scam artists, consider it your ministry to help them avoid becoming a victim to this horrible crime. So, with that in mind, I want to share with you about a company in which I believe. They have helped me and I trust that they can help you too. No, I am not a paid endorser, I get only the satisfaction of knowing that maybe this will help some of you if you listen and read carefully.

LifeLock, a company that I trust with all of my personal and business information has some great tips for all those who are concerned with cyber-crime and the identity theft that happens so easily through the computer. At tax time, LifeLock has some expert advice for its members. Here is the introduction they have and I would strongly encourage you to take advantage of their services whenever possible. It is definitely affordable and certainly less expensive than correcting the mess of identity theft, particularly if the bad guys have raised up large amounts of debt for you. Always remember that unless you remove personal information from your computer, such as when you are doing your taxes, leaving that information stored on there is asking someone to steal it from you. We have alerted you before that scams on the internet usually start when someone approaches you on-line and claims to be someone they are not and asks for information. Do not respond to requests for information from someone claiming to be with the IRS or whomever. You make contact with the IRS directly to see if someone is trying to steal your information. will get you to where you need to be. Here is what LifeLock has to say, please follow their advice and check them out as a company for your own protection before your retirement dreams become a nightmare.

Tax season is the time of year when people work diligently to fulfill their obligations to the Internal Revenue Service (IRS). It’s also when aggressive identity thieves target unsuspecting taxpayers to steal Social Security numbers and fraudulently file tax returns and claim refunds.

Knowing how to manage your sensitive information and identify when you’ve been targeted can help proactively protect your identity.


%d bloggers like this: