时间:2020年01月26日 12:07:01

This Christmas looks like being a bumper one for online shopping but not everyone is filled with the festive spirit and some have aly set online traps they hope you will fall into. Here are twelve cyber-scams to watch out for this Christmas:据英国广播公司报道,圣诞节是很多人的购物盛宴,同时也是很多骗子活跃的高峰时期。如今网络骗局层出不穷,不过万变不离其宗,其中12种特别值得警惕。The first scam of Christmas is phishing网络钓鱼They#39;ve been around for years and we#39;ve all received a version.Fraudsters send you a message and attempt to make you click on a link to a fake site or open some malware that infects your machine.“网络钓鱼”盛行多年。骗子给你发送信息,让你点击一个虚假网站或者打开恶意软件。They may be old but they have evolved and some are very cleverly targeted (known as spear phishing). Imagine you are placing orders on a well-known website for gifts. Suddenly you receive an email - apparently from that very site - saying that there is a problem with your last order and can you please ;click here; to attend to the problem. Logos, email addresses, even the link might look genuine but you#39;ll get more than you bargained for if you do as the email asks. Check twice and click once.这种把戏并不新颖,但是骗子们也在“创新”,他们学会针对特定目标人群,这就是所谓的“鱼叉式网络钓鱼”。比如你在一个知名网站下订单,突然收到一封邮件,乍看是这个网站发送的,邮件称你的订单有问题,可以“点击这里”解决。The second scam of Christmas is the fake virus checker虚假病毒检查程序You search for that elusive gift, and finally you#39;re led to a site that appears to sell just what your nearest and dearest want.But wait, a message flashes up saying that your machine is infected… but don#39;t worry just download the free virus check shown and your problem will be solved.想象一下你上网给亲友挑选礼物,突然弹出一个消息框称你的电脑受到了病毒感染,需要下载一个免费的病毒检查程序解决问题。By downloading it you will actually be infecting your machine and your problems will only just have begun. Install a good virus checker before you go online.事实上,如果你下载了这个软件,电脑才会真正的受到感染。对此,我们应该在上网前安装好病毒检查程序。The third scam of Christmas is the fake upgrade虚假升级软件As the Christmas spirit gets going we all send each other links to jokes and s, on Facebook, by email and via Twitter.Now imagine you arrive at one of these sites and it tells you that you don#39;t have the latest Flash Player so you can#39;t watch that funny , but not to worry click here and you can get your upgraded player immediately.我们习惯在圣诞节给亲朋友好友发送笑话和视频链接。想象一下,你登录一个社交网站,它提示你没有最新的Flash播放器,无法观看搞笑视频,“点击这里”就可以升级播放器。Not only will this ;upgrade; be malware but that malware will go on to send messages to all your friends telling them to go see the ;funny; .而这里的“升级软件”本身就是恶意软件,它还会发送信息给你的朋友,让他们也来看这个有“埋伏”的搞笑视频。The fourth scam of Christmas is the ;current news scam;慈善骗局People will use major world events to scam you out of money, regardless of how sad the event may have been. We saw it with Typhoon Haiyan in the Philippines.Difficult to believe in a season of goodwill but before the aid agencies had reached the poor people affected there were aly scam emails and associated websites asking you to donate.骗子们还会用一些大的灾难来骗你的钱。很难想象,在台风“海燕”肆虐菲律宾后,竟有诈骗邮件和相关网站骗取人们的捐款。They look genuine but don#39;t be fooled. The money goes nowhere but to the scammers.它们看上去很真实,但实际上这些钱只会流进骗子的口袋里。The fifth scam of Christmas is the illegal ;cracked; download非法的“破解”软件下载Many will be buying laptops or other computing devices for under the tree.They are expensive and there are many tempting offers to buy incredibly cheap operating systems, office products or other tasty goodies. There are even more tempting opportunities to download ;free; copies of ;cracked; pirated software.笔记本电脑及其相关设备都比较昂贵,骗子们就会提议你去购买便宜的操作系统软件、office办公产品等,并称你可以下载“破解”的盗版软件的“免费”副本。However, not only are you likely to find that the download is an illegal copy - and may not actually run or has an invalid key - but also that it comes with a hidden present: malware.然而,不仅该软件是非法的副本,而且可能隐藏有恶意软件。Buy from reputable sites and remember if it#39;s too good to be true then it probably is.因此,我们应该从有信誉的网站购买相关产品。 /201312/270432

这是关于一个女孩、女人、女性的成长漫画On A Claire Day:亲情、友情、爱情;家庭,朋友、婚姻,工作,生活……一切的一切~今日嘱咐:骑在前面体验的潇洒哥,落在后面的吃土——所以,还是走在前面比较好!!译者:koogle /201305/238384

1. I#39;ve heard so much about you.久仰!2. You#39;ve had a long day./ You#39;ve had a long flight.辛苦了!3. Distinguished/Honorable/Respected friends尊敬的朋友们!4. On behalf of the Beijing Municipal government, I wish to extend our warm welcome to the friends who have come to visit Beijing.我代表北京市政府欢迎各位朋友访问北京。5. On behalf of the Beijing Municipal government, I wish to express our heartfelt thanks to you for your gracious assistance.我谨代表北京市政府表示衷心的感谢您的大力协助。6. How are you making out in Beijing?在北京过得怎么样?7. I#39;ll surely remember you and your invitation to him.我一定向他转达您的问候和邀请。8. American businessmen are welcome to make investment in Beijing.欢迎美商来北京投资。9. Your valuable advice is most welcome.欢迎多提宝贵意见。10. It#39;s a rewarding trip!不虚此行! /201311/266186

If the Internet has one enduring constant, it#39;s that somewhere, somehow, somebody is being hacked. Last month cyberassaults on banks, including BBamp;T (BBT, Fortune 500), Citigroup(C, Fortune 500), and SunTrust (STI, Fortune 500), made headlines. But a recent Ponemon Institute survey reported that the average company is attacked twice a week and loses .9 million a year to cybercrime. Security analysts say the first thing businesses must know is just what types of threats are lurking in the shadows. While many hackers use relatively basic tools, such as phishing or malware, they often wield them with different motives. Here are six of the most effective actors.如果说互联网有一个永恒的主题的话,那就是总有某些人在某处被黑客以某种方式攻击了。上个月,针对发起的网络攻击再次成为头条新闻,受害者包括BBamp;T公司、花旗集团(Citigroup)和太阳信托(SunTrust)。不过最近由波尼蒙研究所(Ponemon Institute)所做的一项调研显示,各公司每周平均受到两次攻击,每年由于网络犯罪损失的金额高达890万美元。安全分析师称,企业首先要了解藏在暗处的到底是何种威胁。尽管许多黑客用的只是相对基础的工具,比如网络钓鱼或恶意软件,但他们运用这些工具的目的各有不同。下面我们为大家盘点了六类最有攻击力的黑客。1. State sponsored政府撑腰的黑客Who: Iran, Israel, Russia, U.S.身份:伊朗,以色列,俄罗斯,美国Objectives: Intelligence, state secrets, sabotage目的:情报,国家机密,破坏活动Targets: Foreign governments, terrorists, industry目标:外国政府,恐怖分子,各种产业Signature: Multi-tiered, precisely orchestrated attacks that breach computer systems特征:精心组织的破坏计算机系统的多层次攻击Classic Case: One-fifth of Iran#39;s nuclear centrifuges crashed after Stuxnet, a worm reportedly developed by U.S. and Israeli intelligence, penetrated computers at an Iranian enrichment facility. Iran allegedly retaliated by disrupting access to the websites of J.P.Morgan (JPM, Fortune 500), PNC (PNC, Fortune 500), Wells Fargo (WFC, Fortune 500), and others.经典案例:受到震网病毒攻击后,伊朗核工厂五分之一的离心机崩溃了。它是一种蠕虫病毒,据称由美国和以色列情报机构开发,能侵入控制伊朗浓缩装置的电脑。而伊朗随后就发起了反击,使用户无法访问根大通(J.P.Morgan)、PNC,富国(Wells Fargo)及其他金融机构的网站。2. Hacktivist维权黑客Who: Anonymous, AntiSec, LulzSec身份:匿名组织,反安全组织,鲁兹安全Objectives: Righting perceived wrongs, publicity, protecting Internet freedoms目的:修正已知错误,推广自身,保护互联网自由Targets: Bullies, Scientologists, corporations, governments目标:网络坏分子,科学论派,公司,政府Signature: Leaking sensitive information, public shaming, creepy YouTube s特征:泄露敏感信息,公开羞辱,潜入YouTube视频Classic Case: The websites of PayPal, Visa (V, Fortune 500), and MasterCard (MA,Fortune 500) were disrupted during Operation Payback, an Anonymous-led effort to punish companies that suspended the accounts of WikiLeaks in 2010. Some .6 million was lost by PayPal alone.经典案例:在所谓的“报复行动”(Operation Payback)中,贝宝(PayPal)、维萨信用卡(Visa)和万事达信用卡(MasterCard)的网站都遭到了破坏。这是一次由匿名组织发起的行动,旨在惩罚那些2010年冻结维基解密(WikiLeaks)账户的公司。仅贝宝一家公司就因此损失了560万美元。3. Cyber-Criminal网络犯罪Who: Nigerian ;princes,; carders, identity thieves, spammers身份:尼日利亚“王子”,信用卡盗用者,身份窃贼,垃圾邮件制造者Objective: Treasure目的:劫财Targets: The gullible, online shoppers, small businesses, data-rich health care and retail companies目标:容易上当的人,在线购物者,小企业,拥有大量数据的保健机构和零售企业Signature: Stealing data, looting bank accounts特征:盗窃数据,洗劫账户Classic Case: Coreflood, malicious software that records keystrokes and passwords, infected 2.3 million computers in 2009, some in police departments, airports, banks, hospitals, and universities. Affected companies suffered six-figure fraudulent wire transfers.经典案例:2009年,专门记录击键动作和密码的恶意软件Coreflood感染了230万台电脑,其中包括一些警察局、机场、、医院和大学的电脑。受害公司遭到高达6位数的虚假电子转账侵袭。4. Insider (You)内鬼Who: Disgruntled employees, contractors, whistleblowers身份:心怀不满的员工,承包商,举报人Objectives: Score-settling, leaks, public good目的:利益之争,泄露信息,公共利益Targets: Large companies, governments目标:大公司,政府Signature: Document theft特征:窃取文件Classic Case: Maroochy Shire, an Australian district along the Sunshine Coast in Queensland, was inundated with millions of gallons of untreated sewage in 2001 when a contractor hacked and took control of 150 sewage pumping stations. He had been passed over for a job with the district. His dirty work cost Maroochy Shire upwards of million.经典案例:马谷志郡位于澳大利亚昆士兰州阳光海岸。2001年,一个承包商用黑客攻击并控制了当地150座污水泵站,导致该地区被上百万吨未处理的污水淹没。他这么干的起因是在该地区的一项业务承包中落选。结果,这次卑鄙行为让马谷志郡损失了超过100万美元。5. Script Kiddie脚本小子Who: Bored youth身份:无聊的年轻人Objectives: Thrills, notoriety目的:寻求刺激,得恶名Targets: Low-hanging fruit such as unprotected websites and e-mail accounts目标:容易下手的对象,比如没有保护措施的网站和电子邮件账户Signature: Defacing or dismantling websites特征:丑化或破坏网站Classic Case: An e-mail subject-lined I LOVE YOU duped people -- some of them inside the Pentagon -- in 2001. The virus it contained, which originated in the Philippines, destroyed files and simultaneously replicated itself, seeding in-boxes as it went. The so-called Love Bug caused an estimated billion in digital damage and lost productivity.经典案例:2001年,一封主题为“我爱你”的电子邮件把人们弄得晕头转向——包括一些五角大楼的人。这封信含有来自菲律宾的病毒,它在破坏文件的同时进行自我复制,在收件箱里扎根。所谓的“爱虫”所引起的数据破坏和生产力损失估计高达100亿美元。6. Vulnerability Broker漏洞经纪人Who: Endgame, Netragard, Vupen身份:Endgame公司,Netragard公司,Vupen公司Objective: Hacking as legitimate business目的:把黑客行为当成合法生意Targets: Agnostic目标:未可知Signature: Finding so-called zero-day exploits -- ways to hack new software, selling them to governments and other deep-pocketed clients特征:找到所谓的“零天攻击”代码(zero-day exploit)——即攻击新软件的方法,再把它们卖给政府和其他财大气粗的客户。Classic Case: French firm Vupen hacked Google#39;s (GOOG, Fortune 500) Chrome browser at a security conference last March. Rather than share its technique with the company (and accept a ,000 award), Vupen has been selling the exploit to higher-paying customers.经典案例:去年3月举行的一次安全会议上,法国公司Vupen黑掉了谷歌公司(Google)的Chrome浏览器。这家公司并没有(收下6万美元,)把这项技术和谷歌分享,而是把代码卖给了出价更高的客户。 /201303/228211

文章编辑: 城市分类