Merchant Newsletter - July 8, 2006

Protecting your Computer!
Is there a spy hiding inside your machine?


 

New browser spoofing exploit!  If you think that because you use Firefox, Safari, Opera, or Navigator, you are safe, FORGET IT.  There is a new browser spoofing trick that allows a spoofed website to look like the real thing in both the hyperlink AND in the address bar of the browser.  The ONLY browser that is immune to this one is Microsoft's Internet Explorer! (It was just a matter of time until the hackers took advantage of those browsers with documented source code online... and such an easy target.) See the full article here. With this exploit, and a Non-Microsoft browser, they can even spoof the security certificate!  The next time you log into PayPal, you could be typing your info on a server in Nigeria!  The problem is that Mozilla, Firefox, Opera and others don’t restrict websites from including arbitrary, remote XUL (XML User Interface Language) files. This can be exploited to “hijack” most of the user interface (including tool bars, SSL certificate dialogs, address bar and more), thereby controlling almost anything the user sees….

  
SECURITY TIP:  New uses for Camera phones.  I have talked to a few our merchants, that have come up with an interesting use for the cameras built into their PDA phones.

One of our merchants who sells at the swap meets, takes a picture of anyone using a personal check.  Another merchant takes a photo of the customer's driver's license for large dollar amount purchases.   You may want to check and see if there are any ordinances or regulations in your state, county, or city against doing this, but according to the reports, it REALLY cuts down on fraud and chargebacks.  If a customer knows you have a picture of them holding the merchandise, it's pretty hard for them to call Visa, and claim he did not make the purchase.  Likewise, a bad check passer will walk away knowing you will have his picture to give to the police!  Most states have laws against passing bad checks, and here a picture speaks more than a thousand words!




Recently a merchant called in asking how she could tell of her computer had been infected where someone could access the information on it.  This is going to become more and more of a problem for merchants, so we decided to address the issue here. While there are thousands of programs designed to protect defend and fix computer systems, all of the ones mentioned in this article are FREE.

First, if there is a suspected problem, the machine should be scanned for spyware and other malicious software.  Windows Defender from Microsoft will do just that.

The data-blocking capabilities of Zone Alarm will prevent any existing data miner from "phoning home" with your stolen information.  This powerful program will alert you when any program attempts to send data over the internet, and YOU control what gets out and what does not!

If anyone but yourself has had access to your computer, look where your keyboard connects to the computer for a keylogger device.  A keylogger will record your every keystroke for a LONG time.  Generally a hacker will stick one on your computer (it goes between the keyboard connector and your computer), then retrieve it at a later date.  Once he has it, he can see all your keystrokes (passwords, credit card numbers, etc).



Ad-Aware by Lavasoft is also good at detecting spyware, and adware.  We use this utility ourselves as well, on a weekly basis. 

We also recommend using the UnPlug n' Pray utility from Gibson Labs. This disables a service that you do not use, but the hackers do.. to take control of your system remotely!  This is a "run once" program, it fixes your system permanently. 

We also strongly recommend that you apply the Windows updates to your system so that it is up-to -date.  Microsoft constantly changes the operating system as hackers discover new ways to break in.  We also recommend that you invest in an anti-virus and firewall package, these are available from companies like Symantec and Mcafee.  We have had very bad experiences with the antivirus software by Pandasoft here at AMSI, so we cannot recommend them.


There are a LOT of accessories for the iPod...  This product is actually available for sale!  Maybe they could call it the iPood.

ORDER FREE MERCHANT MATERIALS HERE!!!

Copyright (c) 2004 Advanced Merchant Solutions, Inc. All Rights Reserved
  See all of our newsletters in our newsletter archive!  Get tips and tricks, previews of new product announcements, tips to prevent fraud, Free stuff, and much, much more

Merchant Information is a newsletter that is available to all members of MerchantAnywhere.com and Advanced Merchant Solutions, Inc. This newsletter is provided as an informational tool designed to keep you up-to-date on the latest news and tools available for mobile commerce and merchant processing. As with all user information, we do not give or sell your personal information to any outside company for its use in marketing or solicitation. To unsubscribe from this newsletter, please reply with "REMOVE" in the subject line.  All of our merchant applicants should be receiving this email newsletter.  If you would like to subscribe, send an email with 'SUBSCRIBE' in the subject to: merchantapp@merchantanywhere.com.  If you are currently receiving the newsletter, and would like to be removed from the mailing list, send an email with the word 'REMOVE' in the subject to: inform@merchantanywhere.com . Once removed, we cannot reinstate that email address, you must re-subscribe with another.