Click fraud is a lot like shoplifting. It’s not the most shocking crime you know of, and it’s not really victimless. It is theft. But observing and identifying click fraud is more difficult than watching a kid slip an unpaid-for candy bar or magazine into their pocket. It’s also a cost of business that burdens all customers of a business. Ugly.

I wasn't sure I'd see this Browser Choice update:

I set my computer's Regional Options for the United States even though it's physically located in Finland (I'm an American after all).

Regional settings might trump my IP address, I thought… but it seems not. I manually ran Microsoft Update and was provided access to KB976002. Cool.

F-Secure has an additional blog that launched today. It's called Safe and Savvy.

You'll notice that the name is pink. That's part of our new brand but it also reflects the authorship. Safe and Savvy's contributors are the female employees of F-Secure (mostly).

Hetta, Marja, Annika, Alia, Melody-Jane, (and Jason) have already gotten started.

ATM skimmers are installed like this:

Video source: Spiegel.de & German Federal Criminal Office (Bundeskriminalamt)

On 10/03/10 At 12:06 PM

Microsoft schedules its security updates on the second Tuesday of the month. Adobe recently began following this schedule as well, and while there are no Adobe updates today, there was an out-of-cycle security update two weeks ago.

That update should now be applied if you haven't already done so.

Why?

The Bangkok Post’s article on a Malaysian man’s arrest and extradition to the U.S., charged with identity theft, a part of a prosecution begun in 2008, exposes potentially the 12th person known only by his handle “Delpiero”. The man will be extradited for theft and sale of over 40 million credit card numbers and personal information.

Securely deleting data is a requirement of most regulatory requirements. But many organizations struggle with just how to do this in a way that is both secure and compliant. Some ways to do this include using software to overwrite the data, using a degaussing tool to electronically damage the drives, and physically destroying them.

As "JiLsi" — one of the online criminals from Darkmarket — was sentenced last week to almost five years in prison, we have received some media queries on the case.

In particular, one journalist wanted to know what JiLsi (aka Renu Subramaniam), Matrix001 (aka Markus Kellerer) and Cha0 (aka Çağatay Evyapan) looked like when they were posting to the Darkmarket forum.

Somebody is trying to pose as us. If you see an email like the one below, please ignore it:

     From: security@f-secure.com
     Reply-To: securitysupport@hotxf.com
     Subject: Security Maintenance.F-Secure HTK4S
     Date: Fri, 5 Mar 2010 18:11:05 -0000
     To: undisclosed-recipients:;
     
     Dear Email Subscriber,
     
     Your e-mail account needs to be improved with our new
     F-Secure HTK4S anti-virus/anti-spam 2010-version.
     Fill in the columns below or your account will be

The Koobface gang’s changing tricks and longevity are noted at a recent USAToday article. They’ve recently upped their activity on a major social networking site and user infections appear to have a quick jump. The current theme has been effective for the past month. A message will arrive in a user’s box from a friend (names purposely removed from image). Note that the gang is no longer using the bit.ly service in their attack links: