Visit speed website Speed blog home
April 3rd, 2011 by Dan Howe

Exploring QR codes for malware delivery

I really like QR codes and am seeing them more and more in my neighbourhood, being incorporated on posters for restaurants, church groups and yoga classes. But as the popularity increases, so do the opportunities for malevolence.

Wadds recently explored QR codes as an engagement mechanic, so they were fresh on my mind when the Canadian media covered an embarrassing QR code mistake on Friday. A high profile politician’s election sign used a QR code, but instead of pointing to Liberal.ca, the party website, it apparently pointed Luberal.ca, a pornographic website dedicated to “encouraging the liberal use of lube in sexual encounters.”

Trudeau April Fools QR Code Sign

This was, however, a Montreal freelance journalist’s hilarious April Fools gag, but still a very possible blunder. This example would have been a typo, but a QR code could also be purposely used to direct you to a misleading site. Like URL shorteners, with QR codes you aren’t really sure what you are opening up. Criminals take advantage of URL shorteners to make phishing URLs less suspicious to detection. As we are increasingly using smartphones to handle sensitive information and financial transactions, and mobile malware is quickly evolving, how long until our phones become a major target and we see criminals using QR codes to send us to infected sites?

Posted in pr
Tags: ,
1 Comment »
Share this:Stumble It!Digg This!Add to del.icio.usBookmark to TechnoratiShare on FacebookSend to Reddit
April 20th, 2010 by Dan Howe

I went drinking with Gray Powell and all I got was a lousy iPhone prototype

We’ve all drunkenly left a book, camera or something behind after a night out in the pub. Just the other week the bartender at my local Facebooked me letting me know that I had forgot my bag. I bet Gray Powell wished he had someone behind the bar looking out for him.

You’ve likely heard all about Gray by now. He is either a fictional character in an elaborate PR stunt or just another unlucky drunk who forgot something he shouldn’t have. Of course, in his case, that thing is a prototype of the highly anticipated Apple iPhone 4G.

What’s not surprising about this story is how fast it spread around the internet. The story passed quickly around the blogs and made it to traditional media in no time. On the way of course it spawned mocking Facebook pages and funny t-shirts.

What is surprising is how quickly malicious cyber criminals have sought to capitalise on the story. Bogdan Calin over at Acunetix reports that four out of 10 search results for Gray on Google’s first page were links to malware. Bogdan has noticed a trend of just how inventive malware writers are nowadays. They are no longer just trying to attack the masses with blanketing messages of widespread interest, they are now making custom attacks looking at very specific interests, in this case, picked up from Google’s Hot Trends page.

That’s also one of the findings in Speed client Symantec’s Internet Security Threat Report, which came out today. Among other things, the ISTR found that hackers are using social media to learn about potential victims, then attacking them using specific keywords that they’ll be likely to respond to. Consequently, as individuals we all need to think more about what information we make available.

UPDATE: Just confirmed Gray is in fact a real person and does work for Apple. He is a friend of a friend from Facebook.

Reblog this post [with Zemanta]
Posted in Uncategorized
Tags: , , , , ,
7 Comments »
Share this:Stumble It!Digg This!Add to del.icio.usBookmark to TechnoratiShare on FacebookSend to Reddit
December 22nd, 2009 by Lisa Francis

Daily News: 22/12

The London Stock Exchange takes control of Turquoise
The London Stock Exchange is taking over competitor Turquoise and the platform is set to be migrated to its Millennium IT trading platform. The deal, which involves no money changing hands, will see the technology used by Turquoise dropped.

Computing.co.uk – Banking sector set for IT hiring spree in 2010
The banking, telecoms and software sectors will be the key areas for IT employment in 2010, according to new research from technology recruitment organisation The IT Job Board.

BBC – BT to complete super-fast broadband network by 2012
BT’s superfast broadband network will be completed in time for the 2012 Olympic Games, the firm has announced.

BBC – India survey says Facebook affects productivity
Indian firms are losing productivity because office staff spend too long on social networking sites, a survey says.

FT.com – Avatar takes $242m globally in first weekend
Hollywood’s heavy investment in 3D has passed it s biggest test yet, analysts and cinema executives said this week, as they tallied the takings from Avatar, James Cameron’s 3D epic.

The Register – Microsoft AV advice may aid attackers, researcher warns
A security researcher is taking Microsoft to task for advising customers to exclude certain files and folders from anti-virus scanning, arguing the practice could be exploited by pushers of malware.

Guardian – Vodafone to offer iPhone from January
Vodafone will start selling the iPhone in Britain next month, offering customers a free handset for £35 a month on a two-year contract, disappointing consumers hoping for a high-street price war over the device.

Posted in Uncategorized
Tags: , , , , , , , , , , , , ,
1 Comment »
Share this:Stumble It!Digg This!Add to del.icio.usBookmark to TechnoratiShare on FacebookSend to Reddit
December 1st, 2009 by Lisa Francis

Daily News: 01/12

Computing.co.uk – Server market shows signs of stabilising, says Gartner
Despite shipments falling 17 per cent and revenue dropping 15 per cent, the global server market seems to be stabilising, according to analyst Gartner.

Computing.co.uk – Malware can be hidden in English language text, says US scientists
A team of US security researchers has engineered a way of hiding malware in sentences that read like English language spam.

IT PRO – Twitter crowned top word of 2009
The Global Language Monitor has announced that Twitter is the Top Word of 2009 in its annual global survey of the English language. ‘Twittered’ was followed by Obama, H1N1, Stimulus, and Vampire. The near-ubiquitous suffix, 2.0, was number six, with Deficit, Hadron – the object of study of CERN’s new atom smasher – Healthcare, and Transparency rounding out the top 10.

IT PRO – Heathrow rolling out facial recognition tech
New electronic border gates are set to be introduced at Heathrow to speed up the process of passing through border control. The new gates will allow travellers over 18 with biometric passports to come back into the UK using facial recognition technology, comparing the picture with that on their passport as well as checking against any internal watch lists held by the UK Border Agency.

IT PRO – Parents call for online privacy lessons
The majority of parents want their children to receive lessons in online privacy, according to survey results released today. The YouGov study, commissioned to form part of the Digital Literacy Report 2009, showed 69 per cent of parents asking for the Government to provide compulsory lessons in school so children understand their online footprint and the effects it can have.

Computerworld UK – Are YouTube and Facebook guzzling your company bandwidth?
Figures uncovered by managed network provider Network Box between July and November of 2009, reveal the enormous impact YouTube and Facebook are having on corporate bandwidth.

Posted in Uncategorized
Tags: , , , , , , , , , , ,
1 Comment »
Share this:Stumble It!Digg This!Add to del.icio.usBookmark to TechnoratiShare on FacebookSend to Reddit