FTC cracks down on firms for 'work from home' online scams

The US Federal Trade Commission (FTC) has agreed to setttle a case against a group of individuals and businesses charged with running a massive marketing scam targeting home workers.

The FTC said that it had a agreed to a series of settlements against the group which had been charged with using deceptive marketing practices to collect money from users looking to start their own web businesses.

The settlement will bar the individuals from continuing with their practices and will also collect a series of fines, though many of the penalties were suspended due to an inability to pay.

According to the complain, first brough forward in May of last year, the scam advertised the opportunity for users to work from home with their own marketing and advertsiing sights. The scam promised users large cash returns by generating referrals and sales commissions from major retailers.

Instead, users were pushed to first invest hundreds of dollars for startup fees and were then solicited a series of advertising packages costing as much as $20,000 with the promise of alrge cash returns which were never generated.

In addition to the ban ending the 'work at home' scheme, the FTC has placed an order barring the group from violating telemarketing regulations and collecting or profiting from the personal data of users under threat of further penalty.

The FTC said that the order was part of aalrger effort to crack down on scams preying on users in financial hardship. With unemployment still high in many areas, users seeking steady employment can often finds themselves more vulnerable to online scams and 'get rich quick' schemes.

Hackers use Opera to sneak spyware onto thousands of Windows machines

Hackers have infected thousands of Windows machines with spyware using a stolen Opera digital signing certificate.
Opera's Sigbjørn VikSigbjorn confirmed the web browser company had lost at least one digital signing certificate during a recent network breach, warning the crooks are using it to mount a defence-dodging spyware campaign on Windows users.
"The current evidence suggests a limited impact. The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware. This has allowed them to distribute malicious software which incorrectly appears to have been published by Opera Software, or appears to be the Opera browser," wrote VikSigbjorn.
"It is possible that a few thousand Windows users, who were using Opera between 01.00 and 01.36 UTC on June 19, may automatically have received and installed the malicious software. To be on the safe side, we will roll out a new version of Opera which will use a new code signing certificate."
VikSigbjorn called for Opera users to update to the latest browser to avoid falling victim to the attack. "Users are strongly urged to update to the latest version of Opera as soon as it is available, keep all computer software up to date, and to use a reputable antivirus product on their computer," wrote VikSigbjorn.
Trend Micro security researcher Alvin Bacani reiterated VikSigbjorn's sentiment, warning the TSPY_FAREIT.ACU malware used in the attack has several advanced spying powers. "Once executed, TSPY_FAREIT.ACU steals crucial information from certain FTP clients or file managers including usernames, passwords and server names. Aside from FTP clients, TSPY_FAREIT.ACU gathers more information from internet browsers," wrote Trend's Bacani.
"The data is typically login credentials for social networking, banking and ecommerce websites. Using the information, the people behind the malware can get hold of your various online accounts or even initiate unauthorised transactions. They can also profit from the stolen data by selling it to the underground market."
The malware is one of many to use legitimate certificates to bypass traditional defence systems. Last year the tactic was used by the infamous Flame malware, which used a spoofed Microsoft update certificate to bypass its victims' defences.