Celebrity news, holidays & malware

Families certainly don't need computer hassles during the holidays, but this highly social time is right when everybody needs to be a little extra alert to social engineering. Here's what social engineering looks like this week, at the convergence of last-minute holiday distractions and the sudden death of a young actor, Brittany Murphy. "As a young star in movies that were highly popular with a younger audience, Brittany may currently be the search engine topic of choice among your own children," writes Trend Micro's Net-safety activist Lynette Owens in her blog. "Regardless of whether or not you knew who she was or how much talent you thought she had, many people are crowding on the internet to find out more about her and what lead to her death." So what happens? "Alongside the stories about Brittany in a Google search, researchers at Trend Micro found links to hoax Web sites purporting to offer information about her death.... If you clicked on these links you would see a pop-up message telling you that your computer has been infected with a virus and you need to scan it immediately." Select "ok," and you get a screen saying your system's being scanned. Once the fake scan is "done," you get another screen prompting you to download free security software. Click "ok" again, and the intruder opens a door in your system that can give the source of this scam control of it.

Another scam this year is offers of "free" versions of the film Avatar. In its security blog, Symantec says "there are literally hundreds of ... scam sites and pages trying to cash in on the hype around this new film. All of these sites are offering full free downloads or streaming videos of this new film.... Some are collecting email addresses, others are trying to get you fill in surveys, IQ tests, and so on that will eventually ask you to enter in your mobile phone number, which will sign you up for some unwanted and subscription-based, premium-rate services," among other potential problems.

Massive ID theft & new media literacy ed

The identities of some 4 million Britons and 40 million people worldwide (mostly Americans), are up for sale on the Internet to the highest bidder, the TimesOnline reports. "Highly sensitive financial information, including credit card details, bank account numbers, telephone numbers and even PINs are available to the highest bidder. At least a quarter of a million British bank and credit card accounts have been hacked into by cybercriminals, exposing consumers to huge financial losses." All of it has been put into a single database built by a retired police officer in the UK who wants to offset his 160,000-pound ($263,000+) investment "by charging members of the public for access to his database to check whether their data security has been breached," raising consumer-privacy questions (see the Times for more on this). This is and isn't kid-tech news. It isn't only at the superficial level: it's about the privacy of Net users of all ages. It is because we need to start teaching our kids critical thinking about social and commercial influencing just about the same day they start using the Internet. Critical thinking is protective - of our psyches, identities, pocketbooks, and computers. Increasingly, phishers' and other Internet fraudsters' success is based on their social-engineering skills as much as their technical ones - creating messages that trick people into clicking to sites that download keylogger and other malicious software onto their computers or into typing passwords or account numbers into fake bank sites. Stark stories like this illustrate not only how important it is to fold computer security into new-media literacy ed but also what an opportune subject it is, for examining all forms of manipulation. See also "How social influencing works."

Facebook & ID theft

This is something for social networkers to be on the alert about: computer security and social engineering on social-networking sites (social engineering is what phishers and identity thieves use to trick people into making themselves and their devices vulnerable to hacks and ID theft). The latest warning signal concerns Facebook, which recently announced it's becoming a social-networking platform for all kinds of online services and widgets. "While thousands of applications being developed by third parties for Facebook users are enriching the social network's functionality, the Facebook Platform provides a perfect channel for distributing malicious software," CNET reports. To be fair, experts quoted in the article are talking more about the potential than actual attacks. And, "while Facebook third-party developers do not necessarily have access to Facebook members' personal details, whether users agree to install an application is ultimately a caveat emptor scenario" - meaning read the fine print before you agree to install stuff, people!