The Cocoon Blog
The Internet as it should be: private, secure and virus free

The potential for you or me to become the next victim of cybercrime is something that we both need to think about. I’ve been a victim a few times and I can tell you that it is frightening to be on the short end of the cybercriminal stick.

My heart was pounding…

Late one afternoon (in early 2011) my bank balance appeared to be dropping fast, and the only connection I could see was that it involved Megaupload Limited and PayPal. I contacted both PayPal and the 800 number to my bank, but I honestly did not feel as though they were doing enough to resolve my situation. The theft was happening in real time! So I did the next best thing and jumped on Twitter and tweeted that an account using  Megaupload Limited was draining my bank account via paypal! (At that time my main bank account was still back east in New Hampshire).

Twitter can be used as a powerful forum to get your point across if you know who to tweet to and the correct hash(#) tag(s) to use. It wasn’t long before I was on the phone with managers from PayPal and the bank and all was made good again. A story like mine does not always end as sweetly.

The victims of cybercrime suffer…

For victims like Michelle Marsico who owns a small business based in Redondo Breach, California; logging into her bank account one day turned into her own personal horror flick when she realized that half a million dollars was hauled off by money mules. Cybercriminals will stop at nothing to get what they want and they do not care if they take your grandparents life savings or rob your child’s college fund. If the money is there and they can find a weakness in security, a vulnerability in a web app, or an open door that lets them in – your money will become their money.

According to Bloomberg Businessweek: Online banking fraud is primarily carried out in two ways. In a phishing attack, criminals impersonate bank websites in order to get unsuspecting users to provide their login credentials. The other modus operandi of online banking frauds is to install keystroke-logging malware.

Of course there are other banking attack vectors such as man-in-the-middle attacks, man-in-the-browser attacks, cross-channel attacks and pharming (Trojan horse/virus on the victim’s computer). At times Internet  threat possibilities can become quite overwhelming.

Time for the geek-gal stuff…

I use desktops with Vista and Windows 7, an iMac, a laptop (Win 7), a Linux server, an iPhone and an Android. I find myself layering different operating systems with whatever flavor works for me. On Windows and iMac I generally use Cocoon in varying capacities and also use Cocoon on my iPhone as my primary browser of choice. On my Linux machine I am mainly inside my terminal and rarely use a browser. If I am on public Wi-Fi – Cocoon is my top choice for browsing the Internet.

I also find times that I use other services such as TorProject, Abine, and Hotspot Shield. It all depends upon the nature of what I need to do online when I am away from home or traveling. I am a very strong advocate of Internet security and privacy and appreciate having a multitude of online tools to choose from!

In a nutshell…

 There is no all-in-one solution for online privacy and security. 2012 is the year of layering. We are at a point in our digital lives where we need to steer the ship away from the hacker-reef. We need to take account of all of the solutions that are currently available to us for online security and privacy and utilize them via layering so that we can enjoy our online experience instead of fearing it.

A little bit of Cocoon history…

Cocoon began in 2008 with co-founders Jeff Bermant and Brian Fox. Jeff had a really bad experience when his server was toasted by a virus that spammed friends and colleagues with 30K messages a day. CTO, Brian Fox – (we all know him as the original author of the GNU Bash shell) teamed up with Jeff and founded GetCocoon from Virtual World Computing (VWC). In October, 2011 – Vernon Irvin, became the President and COO of VWC – and continues to nurture and lead the Cocoon service into avenues that will protect us and the most vulnerable  among us- our children, teenagers and grandparents.

How did ‘Teksquisite’ enter the mix…

The VP of Marketing, David Washburn approached me on Twitter in early 2011, possibly around the time I was tweeting about my PayPal account dilemma! I agreed with their company vision and have consulted with them since January 2011. They are a great team and work really hard to bring online privacy and Internet security to everyone. It is not always an easy endeavor.

Stay tuned for more cybercrime blog posts soon

My question to you: How do you stay safe online?

Last November the FBI arrested six Estonian hackers in a raid called “Operation Ghost Click” and dismantled their cybercriminal enterprise.

In a nutshell: the hackers created some malware dubbed DNSChanger that had the ability to redirect infected computers to hacker servers controlled by the fraud ring, which then piped web ads to users, ultimately putting millions of dollars in the cybercriminals’ pockets. The FBI disabled the ads on the rogue servers and will officially shut them down on July 9, 2012.

Lets recap! If your computer is infected with DNSChanger, you will not be able to access the Internet on Monday because the FBI will be shutting down the two remaining rogue servers. You can test your computer to see if it is infected at the FBI site or at  www.dns-ok.us. Everyone else (aside from DNSChanger-infected computers) will still be able to browse the Internet on Monday.

Be sure to watch this Sophos video: Understanding and avoiding the DNS Changer ‘internet blackout’ on July 9.

 ”As many as 64,000 Americans’ computers may still be affected by malware that will cause them to lose Internet service come Monday, so if you haven’t already, make sure you aren’t among them.” –Salvador Rodriguez | Los Angeles Times

When you browse the web it is easy to leave traces of yourself littered along the Internet highway and the potential for  meeting up with an unsavory site or getting hit by a drive-by-download  is a dime a dozen these days.

Today, the virtual threat landscape needs more protection than an antivirus suite or antimalware application.  Many exploits utilize 3^rd party browser plugins (Flash, Adobe Reader) and if your operating system or browser has a vulnerability – it can easily become an open door to hackers.

Cocoon offers a better way to view the web without fear of drive-by-downloads, malvertising or malware messing with your hard drive. Cocoon works by securely connecting over any network to Cocoon’s servers, providing enterprise-grade virus protection and encrypting all interactions to prevent cookies and other tracking.

Currently Cocoon is available for both Mozilla Firefox and Internet Explorer and offers a free version (ad-based) and the new Cocoon+ version, via an ad-free subscription-based plan and currently is being offered for the special price of $2.99 USD per month until midnight on April 15.

Cocoon advantages:

1. Antivirus scanning of downloads
2. Encrypted browsing history
3. Anonymous IP address
4. Malware blocking
5. On-the-fly disposable e-mail addresses
6. Secure public Wi-Fi

Take the Cocoon tour today!

Brick and mortar shops are seeing their fair share of Internet usage too. If you’re old fashioned like I am, you probably still enjoy browsing the tactile selection of merchandise at your local mall or boutique. This sensation, however, is supplemented by the ability to pull out your mobile device and draw comparisons with online vendors, review forums, and so on.

According to the Pew American & Internet Life Project , 2012, 52% of adult Smartphone owners use their device while in a store to get help with purchasing decisions. During the 2011 holiday season, PayPal reported that more than 67 percent of consumers planned to make a purchase using a mobile device.

It should come as no surprise that many shoppers will make purchases using their mobile devices while visiting their local mall or shopping center. With mobile shopping trends following closely in the footsteps of desktop consumerism, we’ll be seeing a major increase in the number of cyber criminals victimizing mobile consumers.

So, as the waning waters of Internet safety reveal new weaknesses in the online marketplace, we’re left wondering: who will police this mall? We’ll take a look at some of the burgeoning options in our next post.

Be sure to check back here next week for Part 4 of our Pickpocket Series.

Part 1: The Online Pickpockets of The World Wide Mall

Part 2: The Online Pickpockets of the Worldwide Mall

The Norton Cybercrime Report 2011 surveyed over 12,000 adults in 24 countries last year, and obtained some rather shocking results. Each day of the past year, the study suggests, over 1 million online adults in these 24 countries experienced cybercrime. The study determined the majority (54%) of those cases to be malware or virus attacks. The Second and third leading causes were online scams (11%) and phishing (10%), respectfully.

Norton estimated that the total bill for cybercrime in these 24 countries over the year in case was roughly $388 billion, which included time needed to recover. This astonishing amount nearly matches the entire illegal drug trade for that same period of time.

It is said that something like 1 in 10 US consumers have already been victimized by identity theft (Frugal Dad). A growing variety of methods are being implemented by criminals in order to achieve such results. Some of these methods include phishing scams, man-in-the-middle attacks, spyware, malware, keystroke logging, botnets, and viruses.

Trojan Horses have been known to trick users into installing them by masquerading as legitimate software packages. Malware, however, can be delivered via drive-by downloads through a website you trust, all without your knowledge. The Zeus malware platform in late 2010, for instance, would use infected computers to form a botnet where it would then target holiday shoppers. Zeus used man-in-the-middle attacks socially engineered to get Macy’s and Nordstrom account holders to reveal sensitive information online (CSO Online). Once a consumer has handed over their private information, cyber criminals can then use it to steal the victim’s identity, commit fraud, and more.

Be sure to check back here tomorrow for Part 3 of our Pickpocket Series.

Part 1: The Online Pickpockets of the Worldwide Mall

Attention shoppers, the mall will be closing in, well, never. The times are changing, and consumerism is far from waning. Your local brick and mortar shops are struggling to keep their doors open; meanwhile, online commerce continues to grow at an alarming rate.

In the UK, for instance, online retailers saw sales nearly double the week before Christmas 2011 when compared to the same week one year prior, according to MetaPack. Similarly, e-commerce revenue continues to see exponential growth as online shopping grows. Total revenue in 1996 was $600 million, compared to roughly $680 billion in 2011, and climbing to an estimated trillion plus dollars by 2014 (Techcrunch).

Whilst online retailers gleefully reap the benefits of these numbers, another kind of beneficiary watches from the shadows of the Internet. We’re talking about “cybercriminals”, and they aren’t looking at numbers, but rather the increasingly large flow of money being exchanged between individuals and their trusted servers. These are modern day pickpockets, and they’re here to stay.

Be sure to check back here tomorrow for Part 2 of our Pickpocket Series.

Part 2: The Online Pickpockets of the World Wide Mall

Whether you have your grandchildren over for a few hours or a weekend visit, it is very important to be aware of how your grandchildren use digital technologies. Learning how to use the latest Internet technologies can become an important tool in interacting with your grandchildren.

According to Kaiser Family Foundation, Generation M (8-18 years old) spend 7 hours and 38 minutes a day using entertainment media. Whether it is through television, computer, smartphone or other electronic device – a Generation M child could potentially be connected to entertainment media 53 hours per week. With the growth of child media consumption, academic work could suffer and behavior problems could arise.

“Whether you are 5, 40 or 75 years old, whether you use the internet once a month or several times a day – each person has something different to bring to the table that can help shape our online experiences and our understanding of online competences and safety. We all have a role to play in ensuring that every child is safe online.” -SaferInternet.org

Grandparents.com offers strong advice on how to keep kids safe online: “These days every parent or grandparent has to teach children how to navigate our very connected world. According to a recent survey by Intel, kids on average start using desktop computers at age five-and-a-half and laptops at seven-and-a-half. So when do adults need to have the tech equivalent of the birds and the bees talk with children?”

There are many ways that you can become Internet and computer savvy too! Take Internet classes at a local community college (many classes are offered free for retirees and seniors).  Check local resources to see what is offered in your community. There are also many online tutorials available such as The Senior’s Guide to Computers, Facebook for Senior Citizens and Online Computer Tutorials.

4 Internet Safety Tips for Grandparents

1. Be aware of parental guidelines – Do your grandchildren have clear rules at home about Internet use? Age-based guidelines for kid’s Internet use by Microsoft is a good place to start. If the family does not have an online safety contract agreement, as a concerned grandparent you could suggest that the parents check it out here.
2. Keep entertainment media in the common room – It is much more difficult for an online stalker or bully to communicate with your grandchild when the computer or electronic device is in the same room as you.
3. Check Out Where Your Grandchildren Go Online – Ask questions! Don’t fret about being uncool – be curious!
4. Keep tabs on entertainment media consumption – How much time do your grandchildren spend connected? Every minute that they spend in your home does not mean that they have to remain connected. Arrange activities that are not always online.

 Cocoon Resources

Currently we offer am ultra-COOL FREE Firefox Plug-in (available for Internet Explorer too!) that creates a new way for people to browse the web privately and securely with total freedom from viruses, malware and online tracking. Cocoon hides your identity and IP address behind a protective barrier that gives you control over what you choose to share or not share. Cocoon also encrypts your connection to the web and make every site you visit as safe as visiting your online bank.

You can find out more about our product by visiting us here.

The following Infographic from FrugalDad gives timely advice on web safety. Taking the time to read site privacy policies prior to signing up for a web service and using strong passwords top the list of precautions that everyone should take when surfing the web.

Cocoon Beta is now available for Internet Explorer exclusively from CNET downloads today!

Cocoon Internet Explorer offers the same protection that our Firefox version offers:

1- Antivirus scanning of downloads
2- Encrypted browsing history
3-IP address anonymising
4-Malware blocking
5-On-the-fly disposable e-mail addresses
6-Secure public Wi-Fi

Internet Explorer users can easily download the free plug-in, which instantly provides users with greater privacy protection, security and convenience when surfing the Web. Cocoon works by securely connecting over any network to Cocoon’s servers, providing enterprise-grade virus protection and encrypting all interactions preventing “man in the middle attacks.”

Your privacy is protected because websites and advertisers only see Cocoon servers, hiding your unique IP address and preventing your online activity from being tracked by cookies. Unlike traditional anti-virus software, Cocoon prevents malicious software and virus downloads by instantly scanning files for viruses before they reach your computer.

Download Cocoon IE from CNET Downloads Today!

The Cocoon Team

By Blake Bronstad

Commerce in today’s world pushes convenience like never before. With more and more businesses encouraging the use of their services online, consumers are offered increasingly attractive options in which they may stay productive on the Internet. Where the people go, so does the money; and where the money goes, criminals will follow. Just as the online community is growing and evolving, so is the world of cybercrime.

Cybercriminals are sharpening their tools and improving their methods, and the proof is out there. Last year’s breach of Sony’s Playstation Network brought the issue to
headlines around the world. The more recent hacking of online shoe retailer, Zappos proved to be yet another example of why online consumers need to protect themselves and stay alert. The retail giant had to alert its nearly 24 million customers of a data breach that exposed various personal details related to their online accounts. This data ranged from names, email address, and billing addresses to the last four digits of customers’ credit cards.

So, why do criminals want this information and what do they do with it? The answer is simple: the underground network of data mining works similar to that of the advertising and data mining companies, except they run on a more malicious, less legal level. Rather than tracking your online whereabouts and selling that information to ad companies, these cybercriminals are going straight for the vitals. Names, email addresses, physical addresses, credit card numbers, and so on are mined through various techniques and sold to the highest bidder. In the case of Zappos’ customers, the hackers that infiltrated their data likely sold it to spammers, botnet operators, and identity thieves and other organized underground networks. Each one of these crime rings is capable of making that stolen data even more profitable than those before them.

By now, it should be obvious why so many people are after your data: there’s lots of money to be made and spread throughout the rings. There is an equally daunting amount of methodology and technology that goes along with this need for harvesting data. Phishing is a common technique employed by identity thieves because it allows them to simply ask you for your private information directly. This may sound absurd, but phishing scams are becoming all the more elaborate with each passing year. Cyber criminals have nearly perfected the art of impersonating websites that you trust and doing everything from sending fake emails to creating rogue, but identical web pages. Fabricated forms request that you fill out what you believe to be a legitimate corporate request, instead you’re essentially handing phishers your personal data first hand. Once they have the information, they can choose to sell it or steal your identity. It happens every day, and phishers will succeed in accessing bank accounts and making fraudulent purchases on behalf of countless phishing victims.

In addition to phishing scams, hackers have developed more elaborate ways to use and abuse you. Malware, or malicious software, can be downloaded to your computer or smartphone without your knowledge. This software can be dropped on your machine when you visit an infected web page, and does not require you to click on anything. Some of the more dangerous types of Malware can install keystroke-tracking software on your machine that records each stroke of the keyboard and tell hackers anything you’ve entered (think bank account passwords, usernames, social security numbers, etc.). Botnet operators can install malware to a victim’s computer and use it to spread spam, malware, and more.

With each new convenience, comes a new scam. This is exactly why more people are finding it necessary to protects themselves online just as they’d cover their PIN while using a cash machine or lock their homes when they go to work. Using Cocoon can instantly hinder many of the aforementioned attempts on your identity and data. Cocoon Mailslots is an easy way to make sure that hackers do not gain access to your real email address, which in turn can save you from spam and many potential phishing campaign attempts. Browsing the Internet through Cocoon’s secure proxy servers will keep any unwanted malware from attaching itself to your system, which may save you from having your identity stolen or worse.

You’re walking down a dangerous street; why not make yourself invisible to thieves?