The Cocoon Blog
The Internet as it should be: private, secure and virus free

Trusteer reported today that a P2P variant of the Zeus platform is carrying out attacks on popular online services and websites. The Facebook attack offers a fraudulent 20% cash back (web inject malware) on the purchase of Facebook points simply by linking a Mastercard or Visa debit card to a Facebook account (via filling out their fake web form).

If you need to purchase Facebook points use a reloadable prepaid MasterCard or Visa Card and keep the dollar amount on the card below $100.00.

The only place that you should  list your credit card details is on the payments tab of your Facebook account: 

After listing your credit card details with Facebook, it is not necessary to re-enter credit card information again (while logged in to Facebook). Re-registering any credit card information elsewhere on the site is a No-No.  Always be cautious when making financial decisions about offers that you view on Facebook and other popular social media sites.

The Cocoon Team!

We’re very excited to announce that Cocoon is now available on Apple’s iPad and  iPhone devices! Now you can enjoy the same level of privacy and protection that Cocoon has brought to your computer, while on the go! With smartphone malware, public wi-fi sniffing, and mobile identity theft on the rise, it’s essential that Cocoon users are able to browse securely from any location.

Why it’s Important

A recent survey by Javelin found that 7 percent of U.S. adult smartphone owners have been victim of identity fraud. Furthermore, it is said that as much 24 percent of mobile devices reported malware infections in 2011 (PC Advisor). Mobile malware, like its desktop counterpart, has been known to send malicious text messages, location, or even log keystrokes. The Cocoon app will help protect users from a growing mobile concern: the drive-by malware download.

Perhaps the most alarming issue posing a threat to those browsing from a mobile device is the man-in-the-middle attack. This type of attack is carried out on public wi-fi networks, where users generally browse the Internet over an insecure network with a roomful of strangers. Any one of those strangers could potentially intercept sensitive data and information through what is called a man-in-the-middle attack. In addition to intercepting bank login info, email messages, or credit card details, the attacker may hijack your online accounts; giving them access to all of your personal information.

This is why Cocoon has brought it’s encrypted browsing technology to the mobile platform. With the amount of mobile browsing increasing at the rate it is, it’s becoming very important that we protect ourselves wherever we go.

Fun Tip

Did you know that the Cocoon app will allow you to create disposable email addresses on the go? Just think, you’re signing up for something online, but you really don’t want to be barraged by all that spam mail. When prompted to enter an email address on your iPad or iPhone, simply tap the email field a second time and the “Mailslot” option appears. Hit the button and voila, Cocoon has presented you with a disposable, fully anonymous email address just for that website. Now all the mail that site sends you will be delivered to its own Mailslot box available on all of your Cocoon apps, wherever you go!

The Cocoon Team is excited to announce our sweepstakes winners!

Amazon Gift Cards:

$50– Grapeseek

$25– AJ & Ellen S.

$10– Kathleen Conner & Hank Mccoy

Annual Cocoon+ Accounts– SWEETHOME4 & N1QVQ

We would like to thank all our Facebook Fans for following us and entering the Cocoon Sweepstakes!

People choose Cocoon to browse privately, secure and virus free. When it comes to exploring the vast oceans of the Internet, we do so with the comforting knowledge that Cocoon is protecting us. Our team has spent a great deal of time contemplating the next step in Cocoon’s evolution, and have gone right to the source of Internet exploration itself: the search engine. Your typical search engine will gladly have you searching the web through them, and for good reason. They want to know what you’re up to, what you’re searching, and where you’re going. Do these search engines respect and promote your privacy? Absolutely not.

Well, Cocoon does, so we figured you deserve to search the web in a manner that promotes privacy and security. That’s why we’ve partnered up with blekko. Searching with blekko is the best way to ensure that absolutely no search click-tracking data is being saved. What better way to browse safely and privately than to couple that experience with tracking-free searches?

Not only will blekko deliver a more private web search experience, but one with better search results. Each search will sort the far reaches of the Internet using slashtags and trusted human-derived search results. Typical search engines use algorithms to deliver results, which are subject to pulling material from content farms and people gaming the search system. With blekko, web searches will yield a differentiated editorial voice, one with accuracy and no hidden agenda. Learn more about blekko here.

We’re excited to provide Cocoon users with a built-in web searching experience that matches our philosophy on privacy. It’s your Internet; keep it private and secure.

Cocoon+ with NO ADS

There is only 6 days left to upgrade to Cocoon+ for $2.99.

Facebook Cocoon Sweepstakes

You can “like” GetCocoon on Facebook for online privacy & security updates and a chance to win:

• 2 Annual Cocoon+ Accounts
• 4 Amazon Gift Cards ($50, two $20 and $10)

Prizes will be given to 6 randomly selected fans. You can enter here: Cocoon Sweepstakes.

The Cocoon Team!

Every move you make on the Internet is being monetized by the advertising ecosystem.

“Already, the web sites you visit reshape themselves before you like a carnivorous school of fish, and this is only the beginning. Right now, a huge chunk of what you’ve ever looked at on the Internet is sitting in databases all across the world. The line separating all that it might say about you, good or bad, is as thin as the letters of your name. If and when that wall breaks down, the numbers may overwhelm the name.” –The Atlantic

Alexis Madrigal of  The Atlantic, recently begged the question “Who’s following your every move on the web, and what do they want from you?”  Madrigal recorded a 36-hour period of standard web surfing with Mozilla’s tool Collusion (a tool that collects data about the companies that are collecting data about you), and recorded 105 companies that were collecting information on his web travels.

“AS USERS, WE move through our Internet experiences unaware of the churning subterranean machines powering our Web pages with their cookies and pixel trackers, their tracking code and databases. We shop for wedding caterers and suddenly see ring ads appear on random Web pages we’re visiting. We sometimes think the ads following us around the Internet are “creepy.” We sometimes feel watched. Does it matter? We don’t really know what to think. --The Week 

Advertising $$$’s

The purpose for all of this online snooping is singular: Google, Microsoft, Yahoo, Apple, Facebook and others are intent on delivering more relevant online ads to each and every one of us — and bagging that advertising money. —BYRON ACOHIDO | USA Today

Internet users should be informed that there are tools available, such as Cocoon, that give Internet consumers control of their private information and places a roadblock against online tracking.

Via: Online Background Check Resource

When you browse the web it is easy to leave traces of yourself littered along the Internet highway and the potential for  meeting up with an unsavory site or getting hit by a drive-by-download  is a dime a dozen these days.

Today, the virtual threat landscape needs more protection than an antivirus suite or antimalware application.  Many exploits utilize 3^rd party browser plugins (Flash, Adobe Reader) and if your operating system or browser has a vulnerability – it can easily become an open door to hackers.

Cocoon offers a better way to view the web without fear of drive-by-downloads, malvertising or malware messing with your hard drive. Cocoon works by securely connecting over any network to Cocoon’s servers, providing enterprise-grade virus protection and encrypting all interactions to prevent cookies and other tracking.

Currently Cocoon is available for both Mozilla Firefox and Internet Explorer and offers a free version (ad-based) and the new Cocoon+ version, via an ad-free subscription-based plan and currently is being offered for the special price of $2.99 USD per month until midnight on April 15.

Cocoon advantages:

1. Antivirus scanning of downloads
2. Encrypted browsing history
3. Anonymous IP address
4. Malware blocking
5. On-the-fly disposable e-mail addresses
6. Secure public Wi-Fi

Take the Cocoon tour today!

Any developer can create an application on Facebook and some of these applications can wreak havoc on your wall and on the walls of your friends and family. Though Facebook applications do not have direct access to your computer from Facebook they can be coded to prompt you to access an external website that may be able to install malware on your computer if you have vulnerability in your operating system or browser.

It is important that you be highly selective in the apps that you choose to install. If the app is an unknown, this should raise a red flag immediately.

More Red Flags

-The app does not have a fanpage and even if they do have a fanpage, there is little or no information available when you check the info or the page about tab.

-Requests too much permission such as permission to post to Facebook chat or to manage your events

-If the about page  suggests that you  copy strange looking code into your browser address bar

-The app has no link to a company website or a privacy policy and the developer is unknown.

You can review all of the potential permissions that an application could request at the Facebook developer site here. Some of the extended API permissions are quite scary:

-read_mailbox:  This gives permission for the app to read your Facebook mail.

-xmapp_login:  This gives the app permission to integrate with Facebook chat and login a user.

-publish_stream: This gives the app permission to comment, like and post to the user stream and on the walls of anyone on your friend list.

Be sure to check over at Facecrooks for an excellent article on how to protect your Facebook account from these types of apps.

During the past decade social networking sites have become optimal grazing grounds for cybercriminals to easily target large pools of victims. With the free flow of personal information cybercriminals easily digest all this social data and devise targeted attacks that prey on consumers using social engineering tactics and sensationalism.

One of the biggest crowd enticers on Facebook is for the cybercriminal to produce an unbelievable video, rogue app or viral link that can be shared with a large number of users. The idea is to perpetuate a continuous bombardment of shared content that can spam the wall or messaging system of the original victim, their friends and even friends of friends.

This content is generally socially engineered to convince the victim to download a fake video viewer (in order to view that fabulous video), take a scam survey via a rogue app in order to win an iPad 3 or share a link that is infested with several redirects until it arrives at a malicious website.

Sophos Senior Technology Consultant, Graham Cluley once termed this type of cybercriminal behavior as “Jaa (Finnish for share),” because the scammers want you to share their links far and wide with your family and all of your friends in order to propagate their scams.

Social media behavior

Javelin’s 2012 Identity Fraud Report examined social media behavior amongst U.S. adults and found that certain conduct posed much higher risks of fraud. It comes as no surprise that consumers with publicly viewable social media profiles are at much higher risk to identity fraud than those without. According to Javelin, nearly half of people with public profiles share the entirety of their birth date information. Furthermore, large amounts of said population also share the name of their high school, their phone number, and even their pet’s name. These details can be dangerous in the wrong hands as they tend to be information that secure websites use to verify one’s account information.

Think before you “share” or “like”

Posting too much information in status updates can pose unintended consequences. Cybercriminals  often prey on social networking sites looking for ways to steal identities and to target well-devised scams that often sound too good to be true.

Going on vacation? Create a private group of close friends and family to share this with and never post it in your status updates to all your friends.  Other unsavory characters may be lurking on your friend’s pages and your home could get burglarized.

Are you thinking about “liking” that Facebook app or link that has gone viral on all your friend’s walls? You may want to think twice about that as well! There are many cybercriminals stirring the share/like pot, wishing your participation in the spread of their scams in order to further their own agenda.

Be sure to check back tomorrow for some important tips on protecting yourself before you “share” or “like” again.