14 Mar
2013
14 Mar
'13
9:51 a.m.
Hi everyone!
Per some advice here I posted locally on craigslist for items wanted. This morning I
received a text message saying "click here to see if my items match what you're
looking for." ? it was an image hosting site named "imgsend.com" and seemed
nearly-legit. I went there from my phone and said "missing plug-in." Odd. I went
there from my Mac. It said I needed a plug-in to view GMP-based GIMP images. GIMP
doesn't make GMP images. At this point I knew something was wrong and began to break
out my google-fu.
This is what I learned, after you click to "add plugin" it points you to a
website that redistributes GIMP with known malware and spyware. Once you have that
installed and visit the site to view your photos, the malware is activated, and likely
your banking credentials are stolen.
Just something else to be alert for.
14 Mar
14 Mar
10:17 a.m.
Here's how I browse the web:
The latest version of Firefox + NoScript + a few other privacy and cookie
blocker extensions on my main machine, with no plugins. This is what I use
to access web mail / web banking / etc... I use SumatraPDF as my PDF
viewer. I just use the free MS security essentials for AV.
Then I have a Windows XP image in VMWare running Firefox along with
NoScript, just about every plugin (Flash, Java, Shockwave, Djvu, QuickTime,
etc...) and Adobe Acrobat. It has a resident Kaspersky AV scanner running
all the time, and McAfee command line does a system scan at boot time. This
is what I use to do casual web browsing, watching videos, etc...
NoScript takes care of a lot of problems. If I get sent to a web site that
has a big "Plugin blocked" icon on it, I know something fishy is going on,
especially since I already have every plugin under the sun installed in the
VMware browser.
I've been playing around with scripting to see if I can get copied URLS to
automatically open in Firefox in the VM image.
4301
days inactive
4301
days old
1 comments
2 participants
participants (2)
-
jbmcb1@gmail.com -
jon@jonworld.com