Malware. An odd sounding word created to lump all malicious software programs, including viruses, worms, trojans, spyware, adware, and other malevolent codes into one cause-your-computer-serious-hurt category.
In 2005, Computer Economics released a report on malware. The good news was that for the first time since 2002, the total worldwide financial losses from malware actually declined to a mere $14.2 billion. The bad news was that the nature of malware was changing from overt threats to more focused, covert attacks. This definitely is not great news for the average computer user just trying to keep up with the hundreds of malware programs that bombard us daily.
It’s not an easy task keeping malware out of your computer system. In order to accomplish this, you need a strong antivirus program. One such program that can deliver the goods is ZoneAlarm Internet Security Suite 6 from Zone Labs. Zone Labs is one of the most trusted brands in Internet Security for good reason. Their product, simply put, kicks serious malware gluteus maximus.
ZoneAlarm has received more review recommendations that any other Internet-security software suite because of its superb firewall and antivirus protection. It blocks pop-up ads, protects against identify theft and provides adequate spam filters that are flexible. It even beats the market leader, Norton Internet Security, which is often criticized for excessive system drag.
Its newest version includes these additional features:
• Triple Defense Firewall to prevent spyware from sending your information across the Internet. It also makes your computer invisible to anyone on the Net.
• Smart Defense Advisor which can automatically adjust your security settings for maximum protection against the latest virus and spyware outbreaks.
• Advanced Identify and Privacy Protection to prevent your personal data from leaving your computer without your approval.
The bonus for the average user who cringes at the idea of setting-up one of these systems is that the interface is easier to understand and use in comparison to most if its competitors. If you choose to venture beyond the out-of-the-box default settings, and install a more elaborate filtering, know that this will require some additional time to set up on your part.
Overall, ZoneAlarm Internet Security Suite is a user-friendly, comprehensive security solution that will have your computer safe from Internet hazards and cyber criminals within minutes of installation.
Sunday, May 2, 2010
Saturday, May 1, 2010
Computer Security - Why Do I Feel Like Somebody’s Watching Me?
Spyware is one of the fastest-growing internet threats. According to the National Cyber Security Alliance, spyware infects more than 90% of all PCs today. These unobtrusive, malicious programs are designed to silently bypass firewalls and anti-virus software without the user’s knowledge. Once embedded in a computer, it can wreak havoc on the system’s performance while gathering your personal information. Fortunately, unlike viruses and worms, spyware programs do not usually self-replicate.
Where does it come from?
Typically, spyware originates in three ways. The first and most common way is when the user installs it. In this scenario, spyware is embedded, attached, or bundled with a freeware or shareware program without the user’s knowledge. The user downloads the program to their computer. Once downloaded, the spyware program goes to work collecting data for the spyware author’s personal use or to sell to a third-party. Beware of many P2P file-sharing programs. They are notorious for downloads that posses spyware programs.
The user of a downloadable program should pay extra attention to the accompanying licensing agreement. Often the software publisher will warn the user that a spyware program will be installed along with the requested program. Unfortunately, we do not always take the time to read the fine print. Some agreements may provide special “opt-out” boxes that the user can click to stop the spyware from being included in the download. Be sure to review the document before signing off on the download.
Another way that spyware can access your computer is by tricking you into manipulating the security features designed to prevent any unwanted installations. The Internet Explorer Web browser was designed not to allow websites to start any unwanted downloads. That is why the user has to initiate a download by clicking on a link. These links can prove deceptive. For example, a pop-up modeled after a standard Windows dialog box, may appear on your screen. The message may ask you if you would like to optimize your internet access. It provides yes or no answer buttons, but, no matter which button you push, a download containing the spyware program will commence. Newer versions of Internet Explorer are now making this spyware pathway a little more difficult.
Finally, some spyware applications infect a system by attacking security holes in the Web browser or other software. When the user navigates a webpage controlled by a spyware author, the page contains code designed to attack the browser, and force the installation of the spyware program.
What can spyware programs do?
Spyware programs can accomplish a multitude of malicious tasks. Some of their deeds are simply annoying for the user; others can become downright aggressive in nature.
Spyware can:
1. Monitor your keystrokes for reporting purposes.
2. Scan files located on your hard drive.
3. Snoop through applications on our desktop.
4. Install other spyware programs into your computer.
5. Read your cookies.
6. Steal credit card numbers, passwords, and other personal information.
7. Change the default settings on your home page web browser.
8. Mutate into a second generation of spyware thus making it more difficult to eradicate.
9. Cause your computer to run slower.
10. Deliver annoying pop up advertisements.
11. Add advertising links to web pages for which the author does not get paid. Instead, payment is directed to the spyware programmer that changed the original affiliate’s settings.
12. Provide the user with no uninstall option and places itself in unexpected or hidden places within your computer making it difficult to remove.
Spyware Examples
Here are a few examples of commonly seen spyware programs. Please note that while researchers will often give names to spyware programs, they may not match the names the spyware-writers use.
CoolWebSearch, a group of programs, that install through “holes” found in Internet Explorer. These programs direct traffic to advertisements on Web sites including coolwebsearch.com. This spyware nuisance displays pop-up ads, rewrites search engine results, and alters the computer host file to direct the Domain Name System (DNS) to lookup preselected sites.
Internet Optimizer (a/k/a DyFuCa), likes to redirect Internet Explorer error pages to advertisements. When the user follows the broken link or enters an erroneous URL, a page of advertisements pop up.
180 Solutions reports extensive information to advertisers about the Web sites which you visit. It also alters HTTP requests for affiliate advertisements linked from a Web site. Therefore the 180 Solutions Company makes an unearned profit off of the click through advertisements they’ve altered.
HuntBar (a/k/a WinTools) or Adware.Websearch, is distributed by Traffic Syndicate and is installed by ActiveX drive-by downloading at affiliate websites or by advertisements displayed by other spyware programs. It’s a prime example of how spyware can install more spyware. These programs will add toolbars to Internet Explorer, track Web browsing behavior, and display advertisements.
How can I prevent spyware?
There are a couple things you can do to prevent spyware from infecting your computer system. First, invest in a reliable commercial anti-spyware program. There are several currently on the market including stand alone software packages such as Lavasoft’s Ad-Aware or Windows Antispyware. Other options provide the anti-spyware software as part of an anti-virus package. This type of option is offered by companies such as Sophos, Symantec, and McAfee. Anti-spyware programs can combat spyware by providing real-time protection, scanning, and removal of any found spyware software. As with most programs, update your anti virus software frequently.
As discussed, the Internet Explorer (IE) is often a contributor to the spyware problem because spyware programs like to attach themselves to its functionality. Spyware enjoys penetrating the IE’s weaknesses. Because of this, many users have switched to non-IE browsers. However, if you prefer to stick with Internet Explorer, be sure to update the security patches regularly, and only download programs from reputable sources. This will help reduce your chances of a spyware infiltration.
.
And, when all else fails?
Finally, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.
Where does it come from?
Typically, spyware originates in three ways. The first and most common way is when the user installs it. In this scenario, spyware is embedded, attached, or bundled with a freeware or shareware program without the user’s knowledge. The user downloads the program to their computer. Once downloaded, the spyware program goes to work collecting data for the spyware author’s personal use or to sell to a third-party. Beware of many P2P file-sharing programs. They are notorious for downloads that posses spyware programs.
The user of a downloadable program should pay extra attention to the accompanying licensing agreement. Often the software publisher will warn the user that a spyware program will be installed along with the requested program. Unfortunately, we do not always take the time to read the fine print. Some agreements may provide special “opt-out” boxes that the user can click to stop the spyware from being included in the download. Be sure to review the document before signing off on the download.
Another way that spyware can access your computer is by tricking you into manipulating the security features designed to prevent any unwanted installations. The Internet Explorer Web browser was designed not to allow websites to start any unwanted downloads. That is why the user has to initiate a download by clicking on a link. These links can prove deceptive. For example, a pop-up modeled after a standard Windows dialog box, may appear on your screen. The message may ask you if you would like to optimize your internet access. It provides yes or no answer buttons, but, no matter which button you push, a download containing the spyware program will commence. Newer versions of Internet Explorer are now making this spyware pathway a little more difficult.
Finally, some spyware applications infect a system by attacking security holes in the Web browser or other software. When the user navigates a webpage controlled by a spyware author, the page contains code designed to attack the browser, and force the installation of the spyware program.
What can spyware programs do?
Spyware programs can accomplish a multitude of malicious tasks. Some of their deeds are simply annoying for the user; others can become downright aggressive in nature.
Spyware can:
1. Monitor your keystrokes for reporting purposes.
2. Scan files located on your hard drive.
3. Snoop through applications on our desktop.
4. Install other spyware programs into your computer.
5. Read your cookies.
6. Steal credit card numbers, passwords, and other personal information.
7. Change the default settings on your home page web browser.
8. Mutate into a second generation of spyware thus making it more difficult to eradicate.
9. Cause your computer to run slower.
10. Deliver annoying pop up advertisements.
11. Add advertising links to web pages for which the author does not get paid. Instead, payment is directed to the spyware programmer that changed the original affiliate’s settings.
12. Provide the user with no uninstall option and places itself in unexpected or hidden places within your computer making it difficult to remove.
Spyware Examples
Here are a few examples of commonly seen spyware programs. Please note that while researchers will often give names to spyware programs, they may not match the names the spyware-writers use.
CoolWebSearch, a group of programs, that install through “holes” found in Internet Explorer. These programs direct traffic to advertisements on Web sites including coolwebsearch.com. This spyware nuisance displays pop-up ads, rewrites search engine results, and alters the computer host file to direct the Domain Name System (DNS) to lookup preselected sites.
Internet Optimizer (a/k/a DyFuCa), likes to redirect Internet Explorer error pages to advertisements. When the user follows the broken link or enters an erroneous URL, a page of advertisements pop up.
180 Solutions reports extensive information to advertisers about the Web sites which you visit. It also alters HTTP requests for affiliate advertisements linked from a Web site. Therefore the 180 Solutions Company makes an unearned profit off of the click through advertisements they’ve altered.
HuntBar (a/k/a WinTools) or Adware.Websearch, is distributed by Traffic Syndicate and is installed by ActiveX drive-by downloading at affiliate websites or by advertisements displayed by other spyware programs. It’s a prime example of how spyware can install more spyware. These programs will add toolbars to Internet Explorer, track Web browsing behavior, and display advertisements.
How can I prevent spyware?
There are a couple things you can do to prevent spyware from infecting your computer system. First, invest in a reliable commercial anti-spyware program. There are several currently on the market including stand alone software packages such as Lavasoft’s Ad-Aware or Windows Antispyware. Other options provide the anti-spyware software as part of an anti-virus package. This type of option is offered by companies such as Sophos, Symantec, and McAfee. Anti-spyware programs can combat spyware by providing real-time protection, scanning, and removal of any found spyware software. As with most programs, update your anti virus software frequently.
As discussed, the Internet Explorer (IE) is often a contributor to the spyware problem because spyware programs like to attach themselves to its functionality. Spyware enjoys penetrating the IE’s weaknesses. Because of this, many users have switched to non-IE browsers. However, if you prefer to stick with Internet Explorer, be sure to update the security patches regularly, and only download programs from reputable sources. This will help reduce your chances of a spyware infiltration.
.
And, when all else fails?
Finally, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.
Friday, April 30, 2010
Computer Security - Who are the Players in the Antivirus Industry?
Everyone in the United States has heard of the leading antivirus vendors Symantec, Mcafee, Computer Associates, and Trend Micro. These companies have market-leading presence in the United States. Microsoft, as well, has plans become a key player in this market. Microsoft acquired intellectual property and technology from GeCad software in 2003, a company based in Bucharest, Romania. They also acquired Pelican Software, which had a behavior based security as well as Giant Company Software for spyware and Sybari Software, which manages virus, spam, and phishing filtering.
A lot of discussion has centered on whether Microsoft with come to own a dominant position in the antivirus market by simply bundling its technologies with its operating systems at no charge. This is a similar technique applied in other markets such as word processing and Internet browsers.
Of course there are a number of antivirus vendors who also play in this market. There are many companies with great market presence in other countries that are beginning to become more widely known. These vendors include GriSoft out of the Czech Republic, Sophos in the united Kingdom, Panda Software out of Spain, Kaspersky in Russia, SoftWin in Romania, F-Secure in Finland, Norman in Norway, Arcabit in Poland, VirusBuster out of Hungary, and AhnLab in South Korea.
It is not clear where the industry is heading and everyone in this market faces a rapidly changing landscape. The amount of effort to find and provide fixes for viruses is staggering. Malicious programs are getting more complex and the number of them is increasing. Many companies may find themselves without the resources to match the efforts of those truly bent on creating havoc. Some virus companies are getting of hundreds of new samples a day! Moreover, the new viruses are getting "smarter" in that they propagate themselves quickly and they often hide themselves and are smart enough to move around in a system by renaming themselves in an effort to make it hard to remove them.
A lot of discussion has centered on whether Microsoft with come to own a dominant position in the antivirus market by simply bundling its technologies with its operating systems at no charge. This is a similar technique applied in other markets such as word processing and Internet browsers.
Of course there are a number of antivirus vendors who also play in this market. There are many companies with great market presence in other countries that are beginning to become more widely known. These vendors include GriSoft out of the Czech Republic, Sophos in the united Kingdom, Panda Software out of Spain, Kaspersky in Russia, SoftWin in Romania, F-Secure in Finland, Norman in Norway, Arcabit in Poland, VirusBuster out of Hungary, and AhnLab in South Korea.
It is not clear where the industry is heading and everyone in this market faces a rapidly changing landscape. The amount of effort to find and provide fixes for viruses is staggering. Malicious programs are getting more complex and the number of them is increasing. Many companies may find themselves without the resources to match the efforts of those truly bent on creating havoc. Some virus companies are getting of hundreds of new samples a day! Moreover, the new viruses are getting "smarter" in that they propagate themselves quickly and they often hide themselves and are smart enough to move around in a system by renaming themselves in an effort to make it hard to remove them.
Thursday, April 29, 2010
Computer Security - What the Heck are Botnets?
"A botnet is comparable to compulsory military service for windows boxes" - Stromberg (http://project.honeynet.org/papers/bots/)
Botnets are networks of computers that hackers have infected and grouped together under their control to propagate viruses, send illegal spam, and carry out attacks that cause web sites to crash.
What makes botnets exceedingly bad is the difficulty in tracing them back to their creators as well as the ever-increasing use of them in extortion schemes. How are they used in extortion schemes? Imagine someone sending you messages to either pay up or see your web site crash. This scenario is starting to replay itself over and over again.
Botnets can consist of thousands of compromised machines. With such a large network, botnets can use Distributed denial-of-service (DDoS) as a method to cause mayhem and chaos. For example a small botnet with only 500 bots can bring corporate web sites to there knees by using the combined bandwidth of all the computers to overwhelm corporate systems and thereby cause the web site to appear offline.
Jeremy Kirk, IDG News Service on January 19, 2006, quotes Kevin Hogan, senior manager for Symantec Security Response, in his article "Botnets shrinking in size, harder to trace", Hogan says "extortion schemes have emerged backed by the muscle of botnets, and hackers are also renting the use of armadas of computers for illegal purposes through advertisements on the Web."
One well-known technique to combat botnets is a honeypot. Honeypots help discover how attackers infiltrate systems. A Honeypot is essentially a set of resources that one intends to be compromised in order to study how the hackers break the system. Unpatched Windows 2000 or XP machines make great honeypots given the ease with which one can take over such systems.
A great site to read up on this topic more is The Honeynet Project (http://project.honeynet.org) which describes its own site's objective as "To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned."
Botnets are networks of computers that hackers have infected and grouped together under their control to propagate viruses, send illegal spam, and carry out attacks that cause web sites to crash.
What makes botnets exceedingly bad is the difficulty in tracing them back to their creators as well as the ever-increasing use of them in extortion schemes. How are they used in extortion schemes? Imagine someone sending you messages to either pay up or see your web site crash. This scenario is starting to replay itself over and over again.
Botnets can consist of thousands of compromised machines. With such a large network, botnets can use Distributed denial-of-service (DDoS) as a method to cause mayhem and chaos. For example a small botnet with only 500 bots can bring corporate web sites to there knees by using the combined bandwidth of all the computers to overwhelm corporate systems and thereby cause the web site to appear offline.
Jeremy Kirk, IDG News Service on January 19, 2006, quotes Kevin Hogan, senior manager for Symantec Security Response, in his article "Botnets shrinking in size, harder to trace", Hogan says "extortion schemes have emerged backed by the muscle of botnets, and hackers are also renting the use of armadas of computers for illegal purposes through advertisements on the Web."
One well-known technique to combat botnets is a honeypot. Honeypots help discover how attackers infiltrate systems. A Honeypot is essentially a set of resources that one intends to be compromised in order to study how the hackers break the system. Unpatched Windows 2000 or XP machines make great honeypots given the ease with which one can take over such systems.
A great site to read up on this topic more is The Honeynet Project (http://project.honeynet.org) which describes its own site's objective as "To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned."
Wednesday, April 28, 2010
Computer Security - What are Intrusion Detection Systems?
Intrusion Detection System (IDS) are a necessary part of any strategy for enterprise security. What are Intrusion Detection systems? CERIAS, The Center for Education and Research in Information Assurance and Security, defines it this way:
"The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts"(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/)
There is a sub-category of intrusion detection systems called network intrusion detection systems (NIDS). These systems monitors packets on the network wire and looks for suspicious activity. Network intrusion detection systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.
Who is breaking into your system?
One common misconception of software hackers is that it is usually people outside your network who break into your systems and cause mayhem. The reality, especially for corporate workers, is that insiders can and usually do cause the majority of security breaches. Insiders often impersonate people with more privileges then themselves to gain access to sensitive information.
How do intruders break into your system?
The simplest and easiest way to break in is to let someone have physical access to a system. Despite the best of efforts, it is often impossible to stop someone once they have physical access to a machine. Also, if someone has an account on a system already, at a low permission level, another way to break in is to use tricks of the trade to be granted higher-level privileges through holes in your system. Finally, there are many ways to gain access to systems even if one is working remotely. Remote intrusion techniques have become harder and more complex to fight.
How does one stop intrusions?
There are several Freeware/shareware Intrusion Detection Systems as well as commercial intrusion detection systems.
Open Source Intrusion Detection Systems
Below are a few of the open source intrusion detection systems:
AIDE (http://sourceforge.net/projects/aide) Self-described as "AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more. There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire."
File System Saint (http://sourceforge.net/projects/fss) - Self-described as, "File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use."
Snort (www.snort.org) Self-described as "Snort® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry."
Commercial Intrusion Detection Systems
If you are looking for Commercial Intrusion Detection Systems, here are a few of these as well:
Tripwire
http://www.tripwire.com
Touch Technology Inc (POLYCENTER Security Intrusion Detector)
Http://www.ttinet.com
Internet Security Systems (Real Secure Server Sensor)
http://www.iss.net
eEye Digital Security (SecureIIS Web Server Protection)
http://www.eeye.com
"The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts"(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/)
There is a sub-category of intrusion detection systems called network intrusion detection systems (NIDS). These systems monitors packets on the network wire and looks for suspicious activity. Network intrusion detection systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.
Who is breaking into your system?
One common misconception of software hackers is that it is usually people outside your network who break into your systems and cause mayhem. The reality, especially for corporate workers, is that insiders can and usually do cause the majority of security breaches. Insiders often impersonate people with more privileges then themselves to gain access to sensitive information.
How do intruders break into your system?
The simplest and easiest way to break in is to let someone have physical access to a system. Despite the best of efforts, it is often impossible to stop someone once they have physical access to a machine. Also, if someone has an account on a system already, at a low permission level, another way to break in is to use tricks of the trade to be granted higher-level privileges through holes in your system. Finally, there are many ways to gain access to systems even if one is working remotely. Remote intrusion techniques have become harder and more complex to fight.
How does one stop intrusions?
There are several Freeware/shareware Intrusion Detection Systems as well as commercial intrusion detection systems.
Open Source Intrusion Detection Systems
Below are a few of the open source intrusion detection systems:
AIDE (http://sourceforge.net/projects/aide) Self-described as "AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more. There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire."
File System Saint (http://sourceforge.net/projects/fss) - Self-described as, "File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use."
Snort (www.snort.org) Self-described as "Snort® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry."
Commercial Intrusion Detection Systems
If you are looking for Commercial Intrusion Detection Systems, here are a few of these as well:
Tripwire
http://www.tripwire.com
Touch Technology Inc (POLYCENTER Security Intrusion Detector)
Http://www.ttinet.com
Internet Security Systems (Real Secure Server Sensor)
http://www.iss.net
eEye Digital Security (SecureIIS Web Server Protection)
http://www.eeye.com
Tuesday, April 27, 2010
Computer Security - Website Security Rules of the Road
In 2004, online consumer spending was at a record $65.1 billion. More and more people are attracted to the ease of online shopping and are spending higher amounts. Unfortunately, the chances of becoming a victim of Internet fraud are also increasing. The Internet National Fraud Center Watch reported that the average loss to fraud victims for just the first six months of 2005 was $2,579. This is compared to the $895 average for all of 2004. Complaints relating to general merchandise purchases (goods never received or misrepresented) accounted for 30% of Internet fraud complaints, and auction purchases (goods never received or misrepresented) topped the list at 44%.
While many e-commerce Websites are reputable and have taken the necessary safety precautions to protect you, it never hurts to always proceed cautiously. If you are making an online purchase consider these easy steps:
1. Use only one credit card, preferably with a low credit limit, when making online purchases. Avoid using an ATM or debit card.
2. Be wary of unsolicited offers by sellers. The Internet National Fraud Information Center Watch reported that email, as a method of contact by Internet scammers was up 22% in 2004.While the offer may be legitimate, spammers like to use this tactic to side-step reputable sites that provide consumer protection for online purchases.
3. Use only reputable e-commerce websites that list a street address and telephone number in case you need to contact them directly.
4. Read the website’s privacy policy. Some websites may reserve the right to sell/give your information to a third party. Check the document to see if they allow an opportunity to “opt-out” of receiving special offers from third-party vendors or for permission to share your personal information.
5. Check for a lock symbol in the status bar at the bottom of your Web browser window. Also, do not provide your personal information if the website address doesn’t start with “https” (a sign that the site is using a secure server).
6. Choose only verified sellers. Check to see if the vendor is a verified member of a reputable third party such as the Better Business Bureau, VeriSign, or Guardian eCommerce. These third-party sites help to ensure online consumers will be protected when shopping or conducting e-commerce transactions.
7. Check that the delivery date posted is reasonable. If you have not dealt with the vendor on a regular basis, be wary of any Website that states the shipment will be delayed 20 or more days. Delivery dates of 7-10 days are more common.
8. Keep a paper trail of all online transactions. Print out a hard copy of the transaction and keep it in a file for future reference.
9. Be wary of website offers that just sound too good to be true. The Internet is littered with get rich quick scams and false advertising claims. Investigate all claims thoroughly before proceeding.
10. If you do not receive what you paid for, and the vendor will not return your emails or calls, contact your state’s Department of Consumer Affairs for further assistance.
While many e-commerce Websites are reputable and have taken the necessary safety precautions to protect you, it never hurts to always proceed cautiously. If you are making an online purchase consider these easy steps:
1. Use only one credit card, preferably with a low credit limit, when making online purchases. Avoid using an ATM or debit card.
2. Be wary of unsolicited offers by sellers. The Internet National Fraud Information Center Watch reported that email, as a method of contact by Internet scammers was up 22% in 2004.While the offer may be legitimate, spammers like to use this tactic to side-step reputable sites that provide consumer protection for online purchases.
3. Use only reputable e-commerce websites that list a street address and telephone number in case you need to contact them directly.
4. Read the website’s privacy policy. Some websites may reserve the right to sell/give your information to a third party. Check the document to see if they allow an opportunity to “opt-out” of receiving special offers from third-party vendors or for permission to share your personal information.
5. Check for a lock symbol in the status bar at the bottom of your Web browser window. Also, do not provide your personal information if the website address doesn’t start with “https” (a sign that the site is using a secure server).
6. Choose only verified sellers. Check to see if the vendor is a verified member of a reputable third party such as the Better Business Bureau, VeriSign, or Guardian eCommerce. These third-party sites help to ensure online consumers will be protected when shopping or conducting e-commerce transactions.
7. Check that the delivery date posted is reasonable. If you have not dealt with the vendor on a regular basis, be wary of any Website that states the shipment will be delayed 20 or more days. Delivery dates of 7-10 days are more common.
8. Keep a paper trail of all online transactions. Print out a hard copy of the transaction and keep it in a file for future reference.
9. Be wary of website offers that just sound too good to be true. The Internet is littered with get rich quick scams and false advertising claims. Investigate all claims thoroughly before proceeding.
10. If you do not receive what you paid for, and the vendor will not return your emails or calls, contact your state’s Department of Consumer Affairs for further assistance.
Monday, April 26, 2010
Computer Security - Trojan Horse….Greek Myth or Computer Nemesis?
We have all heard the term Trojan Horse, but what exactly is it? A Trojan Horse is a destructive program that masquerades as a harmless application. Unlike viruses, Trojan Horses do not replicate themselves, but they can be just as destructive. One of the most dangerous examples of a Trojan is a program that promises to rid your computer of viruses but instead introduces viruses into your computer.
The Trojan can be tricky. Who hasn’t been online and had an advertisement pop up claiming to be able to rid your computer of some nasty virus? Or, even more frightening, you receive an email that claims to be alerting you to a new virus that can threaten your computer. The sender promises to quickly eradicate, or protect, your computer from viruses if you simply download their “free”, attached software into your computer. You may be skeptical but the software looks legitimate and the company sounds reputable. You proceed to take them up on their offer and download the software. In doing so, you have just potentially exposed yourself to a massive headache and your computer to a laundry list of ailments.
When a Trojan is activated, numerous things can happen. Some Trojans are more annoying than malicious. Some of the less annoying Trojans may choose to change your desktop settings or add silly desktop icons. The more serious Trojans can erase or overwrite data on your computer, corrupt files, spread other malware such as viruses, spy on the user of a computer and secretly report data like browsing habits to other people, log keystrokes to steal information such as passwords and credit card numbers, phish for bank account details (which can be used for criminal activities), and even install a backdoor into your computer system so that they can come and go as they please.
To increase your odds of not encountering a Trojan, follow these guidelines.
1. Remain diligent
Trojans can infect your computer through rogue websites, instant messaging, and emails with attachments. Do not download anything into your computer unless you are 100 percent sure of its sender or source.
2. Ensure that your operating system is always up-to-date. If you are running a Microsoft Windows operating system, this is essential.
3. Install reliable anti-virus software. It is also important that you download any updates frequently to catch all new Trojan Horses, viruses, and worms. Be sure that the anti-virus program that you choose can also scan e-mails and files downloaded through the internet.
4. Consider installing a firewall. A firewall is a system that prevents unauthorized use and access to your computer. A firewall is not going to eliminate your computer virus problems, but when used in conjunction with regular operating system updates and reliable anti-virus software, it can provide additional security and protection for your computer.
Nothing can guarantee the security of your computer 100 percent. However, you can continue to improve your computer's security and decrease the possibility of infection by consistently following these guidelines.
The Trojan can be tricky. Who hasn’t been online and had an advertisement pop up claiming to be able to rid your computer of some nasty virus? Or, even more frightening, you receive an email that claims to be alerting you to a new virus that can threaten your computer. The sender promises to quickly eradicate, or protect, your computer from viruses if you simply download their “free”, attached software into your computer. You may be skeptical but the software looks legitimate and the company sounds reputable. You proceed to take them up on their offer and download the software. In doing so, you have just potentially exposed yourself to a massive headache and your computer to a laundry list of ailments.
When a Trojan is activated, numerous things can happen. Some Trojans are more annoying than malicious. Some of the less annoying Trojans may choose to change your desktop settings or add silly desktop icons. The more serious Trojans can erase or overwrite data on your computer, corrupt files, spread other malware such as viruses, spy on the user of a computer and secretly report data like browsing habits to other people, log keystrokes to steal information such as passwords and credit card numbers, phish for bank account details (which can be used for criminal activities), and even install a backdoor into your computer system so that they can come and go as they please.
To increase your odds of not encountering a Trojan, follow these guidelines.
1. Remain diligent
Trojans can infect your computer through rogue websites, instant messaging, and emails with attachments. Do not download anything into your computer unless you are 100 percent sure of its sender or source.
2. Ensure that your operating system is always up-to-date. If you are running a Microsoft Windows operating system, this is essential.
3. Install reliable anti-virus software. It is also important that you download any updates frequently to catch all new Trojan Horses, viruses, and worms. Be sure that the anti-virus program that you choose can also scan e-mails and files downloaded through the internet.
4. Consider installing a firewall. A firewall is a system that prevents unauthorized use and access to your computer. A firewall is not going to eliminate your computer virus problems, but when used in conjunction with regular operating system updates and reliable anti-virus software, it can provide additional security and protection for your computer.
Nothing can guarantee the security of your computer 100 percent. However, you can continue to improve your computer's security and decrease the possibility of infection by consistently following these guidelines.
Sunday, April 25, 2010
Computer Security - The Advancement of the Keylogger
A keylogger is a program that runs in your computer’s background secretly recording all your keystrokes. Once your keystrokes are logged, they are hidden away for later retrieval by the attacker. The attacker then carefully reviews the information in hopes of finding passwords or other information that would prove useful to them. For example, a keylogger can easily obtain confidential emails and reveal them to any interested outside party willing to pay for the information.
Keyloggers can be either software or hardware based. Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable. Hardware-based keyloggers are more complex and harder to detect. For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.
As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a user’s privacy for months, or even years, without being noticed. During that time frame, a keylogger can collect a lot of information about the user it is monitoring. A keylogger can potential obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more. All this collected information can be used to steal user’s personal documents, money, or even their identity.
A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:
• Undetectable in the process list and invisible in operation
• A kernel keylogger driver that captures keystrokes even when the user is logged off
• A remote deployment wizard
• The ability to create text snapshots of active applications
• The ability to capture http post data (including log-ins/passwords)
• The ability to timestamp record workstation usage
• HTML and text log file export
• Automatic e-mail log file delivery
All keyloggers are not used for illegal purposes. A variety of other uses have surfaced. Keyloggers have been used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web. Additionally, in December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.
Keyloggers can be either software or hardware based. Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable. Hardware-based keyloggers are more complex and harder to detect. For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.
As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a user’s privacy for months, or even years, without being noticed. During that time frame, a keylogger can collect a lot of information about the user it is monitoring. A keylogger can potential obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more. All this collected information can be used to steal user’s personal documents, money, or even their identity.
A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:
• Undetectable in the process list and invisible in operation
• A kernel keylogger driver that captures keystrokes even when the user is logged off
• A remote deployment wizard
• The ability to create text snapshots of active applications
• The ability to capture http post data (including log-ins/passwords)
• The ability to timestamp record workstation usage
• HTML and text log file export
• Automatic e-mail log file delivery
All keyloggers are not used for illegal purposes. A variety of other uses have surfaced. Keyloggers have been used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web. Additionally, in December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.
Saturday, April 24, 2010
Computer Security - Surfing the Web Anonymously – Questions to Ask
When you surf the web it is possible to learn information about you even when you don't want to advertise who you are. This is true even if your system contains no virus or malware software. Specifically information that is easily available online includes your IP address, your country (and often more location information based on IP address), what computer system you are on, what browser you use, your browser history, and other information. It gets worse. People can get your computer's name and even find out your name if your machine supports programs like finger or identd. Also, cookies can track your habits as you move from machine to machine.
How do people get this basic information about you?
When you visit another web site, information about you can be retrieved. Basically, information is intercepted and used by others to track your Internet activities.
How do you stop this from happening?
First of all, it is possible to serf the web anonymously and thereby stop leaving a trail for others to find. Note that this is not fool-proof, but it makes it much harder for people to know who you are. There are products called anonymous proxy servers that help protect you. The anonymous proxy server replaces your Internet address for its own. This has the effect of hiding your IP address and making it much harder for people to track you.
How do I get an anonymous proxy server?
There are many vendors who sell anonymous proxy servers. There are also free proxy servers available to you. Two such products are ShadowSurf and Guardster. Guardster (http://www.guardster.com/) offers various services for anonymous and secure access to the web, some paid as well as a free service. ShadowSurf (http://www.shadowsurf.com/) ShadowSurf provides anonymous surfing at their site for free. Go to it and you will find a box to enter a URL that you want no one to track. There are many others, but here are two that are frequently used.
Another interesting product, given the recent news about the Google search engine filtering its findings for the Chinese government, is Anonymizer (http://www.anonymizer.com). This company, among others, recently (Feb 1st, 2006) pressed that it "is developing a new anti-censorship solution that will enable Chinese citizens to safely access the entire Internet filter-free" (http://www.anonymizer.com/consumer/media/press_releases/02012006.html).
Does an anonymous proxy server make you 100% safe?
No. Still, you are much better off if you use such technology.
What other things should I be concerned about when trying to keep my private information private?
Three other items come to mind when trying to keep your information private. First, you can use an encrypted connection to hide your surfing. This article does not go into detail on this, but search the web and you will find a lot of information on this. Secondly, delete cookies after each session. Third, you can configure your browser to remove JavaScript, Java, and active content. This actually leads to limitations, so you need to think about the cost/benefit of this course of action.
Anything else?
Wishing you happy and safe surfing!
How do people get this basic information about you?
When you visit another web site, information about you can be retrieved. Basically, information is intercepted and used by others to track your Internet activities.
How do you stop this from happening?
First of all, it is possible to serf the web anonymously and thereby stop leaving a trail for others to find. Note that this is not fool-proof, but it makes it much harder for people to know who you are. There are products called anonymous proxy servers that help protect you. The anonymous proxy server replaces your Internet address for its own. This has the effect of hiding your IP address and making it much harder for people to track you.
How do I get an anonymous proxy server?
There are many vendors who sell anonymous proxy servers. There are also free proxy servers available to you. Two such products are ShadowSurf and Guardster. Guardster (http://www.guardster.com/) offers various services for anonymous and secure access to the web, some paid as well as a free service. ShadowSurf (http://www.shadowsurf.com/) ShadowSurf provides anonymous surfing at their site for free. Go to it and you will find a box to enter a URL that you want no one to track. There are many others, but here are two that are frequently used.
Another interesting product, given the recent news about the Google search engine filtering its findings for the Chinese government, is Anonymizer (http://www.anonymizer.com). This company, among others, recently (Feb 1st, 2006) pressed that it "is developing a new anti-censorship solution that will enable Chinese citizens to safely access the entire Internet filter-free" (http://www.anonymizer.com/consumer/media/press_releases/02012006.html).
Does an anonymous proxy server make you 100% safe?
No. Still, you are much better off if you use such technology.
What other things should I be concerned about when trying to keep my private information private?
Three other items come to mind when trying to keep your information private. First, you can use an encrypted connection to hide your surfing. This article does not go into detail on this, but search the web and you will find a lot of information on this. Secondly, delete cookies after each session. Third, you can configure your browser to remove JavaScript, Java, and active content. This actually leads to limitations, so you need to think about the cost/benefit of this course of action.
Anything else?
Wishing you happy and safe surfing!
Friday, April 23, 2010
Computer Security - Spam Buster
Spam. Nobody likes it. Nobody wants it. No, we aren’t talking about the canned meat, but those unsolicited, unwanted, irrelevant, or even inappropriate messages that hit our email in mass quantities. While most mailboxes have some type of spam filtering software built into their system, they never seem to do a very good job of catching what you want them to catch, and letting through what you want them to let through. Therefore, it becomes increasingly important to turn to some type of additional spam filtering product. One such filtering system, designed for Outlook and Outlook Express users, is receiving rave reviews for its superior detection and low rate of false positives (i.e,. what you want to get through does).
Cloudmark Desktop, formerly known as SpamNet and SafetyBar, uses a unique community-based filtering process. This community-based filtering system relies on users to report any new spam. Within minutes of a spammer being reported, they are placed on a blacklist. At that point, no other member will receive that particular spam. Cloudmark also applies the same basic process to phishing email scams.
What is interesting is how Cloudmark creates a digital reputation model of reporting spam. Each user starts with a neutral reputation. A user’s reputation will rise if they are among the first to identify undesirable content. On the flip side of the coin, a user’s reputation falls when they falsely reports spam. The result is a system that is automated, highly scalable and resistant to tampering.
An added bonus is that because the software doesn’t depend upon the user to configure its settings, it installs in minutes and is easy to use. Cloud mark blocks over 98% of spam from reaching your inbox and boasts over one million users worldwide.
The cost of program is $39.95 for a one-year subscription. The subscription is renewable annually. For those wanting to test drive the product, a free 15-day trial period for either your Outlook or Outlook Express is available.
Cloudmark Desktop, formerly known as SpamNet and SafetyBar, uses a unique community-based filtering process. This community-based filtering system relies on users to report any new spam. Within minutes of a spammer being reported, they are placed on a blacklist. At that point, no other member will receive that particular spam. Cloudmark also applies the same basic process to phishing email scams.
What is interesting is how Cloudmark creates a digital reputation model of reporting spam. Each user starts with a neutral reputation. A user’s reputation will rise if they are among the first to identify undesirable content. On the flip side of the coin, a user’s reputation falls when they falsely reports spam. The result is a system that is automated, highly scalable and resistant to tampering.
An added bonus is that because the software doesn’t depend upon the user to configure its settings, it installs in minutes and is easy to use. Cloud mark blocks over 98% of spam from reaching your inbox and boasts over one million users worldwide.
The cost of program is $39.95 for a one-year subscription. The subscription is renewable annually. For those wanting to test drive the product, a free 15-day trial period for either your Outlook or Outlook Express is available.
Thursday, April 22, 2010
Computer Security - Securing Your Computer System
Today, more and more people are using their computers for everything from communication to online banking and investing to shopping. As we do these things on a more regular basis, we open ourselves up to potential hackers, attackers and crackers. While some may be looking to phish your personal information and identity for resale, others simply just want to use your computer as a platform from which to attack other unknowing targets. Below are a few easy, cost-effective steps you can take to make your computer more secure.
1. Always make backups of important information and store in a safe place separate from your computer.
2. Update and patch your operating system, web browser and software frequently. If you have a Windows operating system, start by going to www.windowsupdate.microsoft.com and running the update wizard. This program will help you find the latest patches for your Windows computer. Also go to www.officeupdate.microsoft.com to locate possible patches for your Office programs.
3. Install a firewall. Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet. Consideration should be given to the benefits and differences between hardware and software based firewall programs.
4. Review your browser and email settings for optimum security. Why should you do this? Active-X and JavaScript are often used by hackers to plant malicious programs into your computers. While cookies are relatively harmless in terms of security concerns, they do still track your movements on the Internet to build a profile of you. At a minimum set your security setting for the “internet zone” to High, and your “trusted sites zone” to Medium Low.
5. Install anti-virus software and set for automatic updates so that you receive the most current versions.
6. Do not open unknown email attachments. It is simply not enough that you may recognize the address from which it originates because many viruses can spread from a familiar address.
7. Do not run programs from unknown origins. Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes. They may contain a Trojans horse waiting to infect a computer.
8. Disable hidden file name extensions. By default, the Windows operating system is set to “hide file extensions for known file types”. Disable this option so that file extensions display in Windows. Some file extensions will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that do not belong.
9. Turn off your computer and disconnect from the network when not using the computer. A hacker can not attack your computer when you are disconnected from the network or the computer is off.
10. Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program. Obviously, you need to take this step before you experience a hostile breach of your system.
1. Always make backups of important information and store in a safe place separate from your computer.
2. Update and patch your operating system, web browser and software frequently. If you have a Windows operating system, start by going to www.windowsupdate.microsoft.com and running the update wizard. This program will help you find the latest patches for your Windows computer. Also go to www.officeupdate.microsoft.com to locate possible patches for your Office programs.
3. Install a firewall. Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet. Consideration should be given to the benefits and differences between hardware and software based firewall programs.
4. Review your browser and email settings for optimum security. Why should you do this? Active-X and JavaScript are often used by hackers to plant malicious programs into your computers. While cookies are relatively harmless in terms of security concerns, they do still track your movements on the Internet to build a profile of you. At a minimum set your security setting for the “internet zone” to High, and your “trusted sites zone” to Medium Low.
5. Install anti-virus software and set for automatic updates so that you receive the most current versions.
6. Do not open unknown email attachments. It is simply not enough that you may recognize the address from which it originates because many viruses can spread from a familiar address.
7. Do not run programs from unknown origins. Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes. They may contain a Trojans horse waiting to infect a computer.
8. Disable hidden file name extensions. By default, the Windows operating system is set to “hide file extensions for known file types”. Disable this option so that file extensions display in Windows. Some file extensions will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that do not belong.
9. Turn off your computer and disconnect from the network when not using the computer. A hacker can not attack your computer when you are disconnected from the network or the computer is off.
10. Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program. Obviously, you need to take this step before you experience a hostile breach of your system.
Wednesday, April 21, 2010
Computer Security - Protection You Can Afford
There are numerous ways you can lose the information on your computer. Your child decides to play Chopin on your keyboard, a power surge, lightening, a virus, or even simple equipment failure. Therefore, backing up the contents of your hard drive is an absolute MUST. By regularly making backup copies of your files and storing them in a separate location, you can typically get some, if not all, of your information back in the event your computer crashes.
While a regular backup to floppy, CD, or zip drive will save your files, wouldn’t it be great if you could create an exact copy (a drive image) of your hard disk? That means backups of all your files, programs, and user settings. This would definitely save you time when it came to reloading. Acronis may be able to help.
Acronis True Image 9.0 is a robust disk-imaging utility software that copies the entire contents of your hard drive including data and operating system files, personalized settings, and more, onto another disk or disk partition. Its layout is easy to use and navigate. It also includes wizards which can walk you through both backing up and restoring your computer. Highlighted features include:
• Secure Zone — allows you to save data to a special hidden partition located on your hard drive which would eliminate the need to purchase an extra hard drive.
• PC Cloning — you can upgrade to a new system disk without needing to reinstall the operating system and applications, or configure user settings.
• Acronis Snap Restore - lightening-speed restore of your PC from an image. You can start working in seconds while your system is still being restored.
Acronis provides a free test-drive of its product and a 30-day money back guarantee. When you are ready to purchase, you can either download for $49.99, or if you so desire, order a boxed version for $59.99. With Acronis True Image Home 9.0, you can rest easy that your family pictures, personal documents, tax returns, resumes, and other important information will not be lost forever.
While a regular backup to floppy, CD, or zip drive will save your files, wouldn’t it be great if you could create an exact copy (a drive image) of your hard disk? That means backups of all your files, programs, and user settings. This would definitely save you time when it came to reloading. Acronis may be able to help.
Acronis True Image 9.0 is a robust disk-imaging utility software that copies the entire contents of your hard drive including data and operating system files, personalized settings, and more, onto another disk or disk partition. Its layout is easy to use and navigate. It also includes wizards which can walk you through both backing up and restoring your computer. Highlighted features include:
• Secure Zone — allows you to save data to a special hidden partition located on your hard drive which would eliminate the need to purchase an extra hard drive.
• PC Cloning — you can upgrade to a new system disk without needing to reinstall the operating system and applications, or configure user settings.
• Acronis Snap Restore - lightening-speed restore of your PC from an image. You can start working in seconds while your system is still being restored.
Acronis provides a free test-drive of its product and a 30-day money back guarantee. When you are ready to purchase, you can either download for $49.99, or if you so desire, order a boxed version for $59.99. With Acronis True Image Home 9.0, you can rest easy that your family pictures, personal documents, tax returns, resumes, and other important information will not be lost forever.
Tuesday, April 20, 2010
Computer Security - Phishing For Your Identity
Who hasn’t received an email directing them to visit a familiar website where they are being asked to update their personal information? The website needs you to verify or update your passwords, credit card numbers, social security number, or even your bank account number. You recognize the business name as one that you’ve conducted business with in the past. So, you click on the convenient “take me there” link and proceed to provide all the information they have requested. Unfortunately, you find out much later that the website is bogus. It was created with the sole intent to steal your personal information. You, my friend, have just been “phished”.
Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business. The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.
It is not at easy as you think to spot an email phishing for information. At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail. The clickable link even appears to take you to the company's website, when in fact, it is a fake website built to replicate the legitimate site.
Many of these people are professional criminals. They have spent a lot of time in creating emails that look authentic. Users need to review all emails requesting personal information carefully. When reviewing your email remember that the "From Field" can be easily changed by the sender. While it may look like it is coming from a .com you do business with, looks can be deceiving. Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible. They will even copy logos or images from the official site to use in their emails. Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.
A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view. It is a very quick and easy way to check if you are being directed to a legitimate site.
Finally, follow the golden rule. Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser. At least then you can be confident that you are, in fact, being directed to the true and legitimate website.
Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business. The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.
It is not at easy as you think to spot an email phishing for information. At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail. The clickable link even appears to take you to the company's website, when in fact, it is a fake website built to replicate the legitimate site.
Many of these people are professional criminals. They have spent a lot of time in creating emails that look authentic. Users need to review all emails requesting personal information carefully. When reviewing your email remember that the "From Field" can be easily changed by the sender. While it may look like it is coming from a .com you do business with, looks can be deceiving. Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible. They will even copy logos or images from the official site to use in their emails. Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.
A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view. It is a very quick and easy way to check if you are being directed to a legitimate site.
Finally, follow the golden rule. Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser. At least then you can be confident that you are, in fact, being directed to the true and legitimate website.
Monday, April 19, 2010
Computer Security - Parental Peace of Mind
The advent of the Internet, in some respects, made the job of parenting a little harder. We want our children to experience the vast wealth of knowledge available on the Internet and communicate with their friends online (frees up the telephone). Unfortunately, it also potential exposes our children to inappropriate material, obscene pop-up ads, and even sexual predators. In fact, research indicates that 1 in 5 children aged 10 to 17 have received a sexual solicitation over the Internet. This is definitely not something any parent wants to hear, but is forced to face.
We need a little assurance that when our children access the web, they can do so safely. Internet filters are crucial to protect your children. One tool that can assist us in this goal is Internet Parental Control software. One of the top names in parental control software is ContentWatch, and if the Big Mouse himself recommends this product, then it has to be good. If Disney feels good enough to install three of the ContentWatch products in their Disney Dream Desk PC, it has to be worthy. After all, they are willing to stake their reputation on it.
Internetfilterreviews.com rated ContentProtect 2.0 the #1 Internet filtering software. It is easy to install, configure, and customize. If you do have any problems, ContentWatch provides unlimited toll-free technical support. ContentProtect can blocks pornography, hate sites, questionable chat rooms, and other known dangers of the Internet. You can even configure ContentProtect to block online game and gambling sites, and make it so your children can only install and play computer games with parental ratings that you deem appropriate.
Other features include:
• Integration with Safe Search features in popular search engines
• Reports of your children's internet activity
• Logs of your child's chat room and instant messages
• Reports if your child tries to remove or disable protection
• Filters bad content on Peer-to-Peer networks and other areas
• Password protected access for parents
• Customizable restrictions for each family member.
• Automatic software updates at no additional cost.
ContentWatch provides a two-week, no-obligation free trial of the full version. The product costs $39.99 per seat (installs on only one computer). This is a one time purchase price which will give you unlimited use of the service. You never have to renew a subscription or pay any additional membership fees for use of the program. It seems like a reasonable price for a little parental peace of mind.
We need a little assurance that when our children access the web, they can do so safely. Internet filters are crucial to protect your children. One tool that can assist us in this goal is Internet Parental Control software. One of the top names in parental control software is ContentWatch, and if the Big Mouse himself recommends this product, then it has to be good. If Disney feels good enough to install three of the ContentWatch products in their Disney Dream Desk PC, it has to be worthy. After all, they are willing to stake their reputation on it.
Internetfilterreviews.com rated ContentProtect 2.0 the #1 Internet filtering software. It is easy to install, configure, and customize. If you do have any problems, ContentWatch provides unlimited toll-free technical support. ContentProtect can blocks pornography, hate sites, questionable chat rooms, and other known dangers of the Internet. You can even configure ContentProtect to block online game and gambling sites, and make it so your children can only install and play computer games with parental ratings that you deem appropriate.
Other features include:
• Integration with Safe Search features in popular search engines
• Reports of your children's internet activity
• Logs of your child's chat room and instant messages
• Reports if your child tries to remove or disable protection
• Filters bad content on Peer-to-Peer networks and other areas
• Password protected access for parents
• Customizable restrictions for each family member.
• Automatic software updates at no additional cost.
ContentWatch provides a two-week, no-obligation free trial of the full version. The product costs $39.99 per seat (installs on only one computer). This is a one time purchase price which will give you unlimited use of the service. You never have to renew a subscription or pay any additional membership fees for use of the program. It seems like a reasonable price for a little parental peace of mind.
Sunday, April 18, 2010
Computer Security - Name, Rank and Social Security Number
Identity theft is the fastest growing crime in the U.S. The U.S. Secret Service has estimated that consumers nationwide lose $745 million to identity theft each year. According to the Identity Theft Resource Center, the average victim spends 607 hours and averages $1,000 just to clear their credit records.
Identity thieves employ a variety of methods to gain access to your personal information. They may get information from businesses or other institutions by stealing it; by bribing an employee who has access to records; hacking into records; or conning information out of employees. Once identity thieves have your personal information, they may use it to commit a fraud or theft in your name.
How can you tell if you have become a victim of identity theft? Some signs include unexplained charges or withdrawals from your financial accounts; bills or other mail stop arriving (the thief may have submitted a change of address); a credit application is denied for no apparent reason, or debt collectors begin calling about merchandise or services you didn’t buy.
Your computer can be a goldmine of personal information to an identity thief. To protect yourself and your computer against identity theft consider:
• Updating virus protection software frequently. Consider setting your virus protection software to update automatically. The Windows XP operating system also can be set to check for patches automatically and download them to your computer.
• Not opening files sent to you by strangers, clicking on hyperlinks, or downloading programs from people or companies you don’t know.
• Using a firewall program, especially if you use a high speed Internet connection like cable or DSL that leaves your computer connected to the Internet 24 hours a day.
• Providing your personal or financial information through an organization’s secured website only. While not fool proof, a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for secure), may provide additional security.
• Not storing your financial information on your laptop, unless absolutely necessary.
• Deleting all the personal information stored on a computer before disposing of it. A wipe” utility program to overwrite the entire hard drive is recommended.
• Checking with an anti-fraud education organization such as CardCops (www.cardcops.com). Card Cops runs a web site designed to help consumers determine whether their credit card numbers may have been stolen. They monitor Internet "chat rooms" where identity thieves illicitly trade and sell stolen credit card numbers. CardCops turns the information over to law enforcement authorities, but also allows consumers to access their database to see whether individual card numbers may have been stolen. In the first two months of operation, the site identified more than 100,000 stolen credit cards.
As with any crime, you can not completely control whether you will become a victim, but you can take steps to minimize your risk by remaining diligent and by minimizing outside access to your personal information.
Identity thieves employ a variety of methods to gain access to your personal information. They may get information from businesses or other institutions by stealing it; by bribing an employee who has access to records; hacking into records; or conning information out of employees. Once identity thieves have your personal information, they may use it to commit a fraud or theft in your name.
How can you tell if you have become a victim of identity theft? Some signs include unexplained charges or withdrawals from your financial accounts; bills or other mail stop arriving (the thief may have submitted a change of address); a credit application is denied for no apparent reason, or debt collectors begin calling about merchandise or services you didn’t buy.
Your computer can be a goldmine of personal information to an identity thief. To protect yourself and your computer against identity theft consider:
• Updating virus protection software frequently. Consider setting your virus protection software to update automatically. The Windows XP operating system also can be set to check for patches automatically and download them to your computer.
• Not opening files sent to you by strangers, clicking on hyperlinks, or downloading programs from people or companies you don’t know.
• Using a firewall program, especially if you use a high speed Internet connection like cable or DSL that leaves your computer connected to the Internet 24 hours a day.
• Providing your personal or financial information through an organization’s secured website only. While not fool proof, a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for secure), may provide additional security.
• Not storing your financial information on your laptop, unless absolutely necessary.
• Deleting all the personal information stored on a computer before disposing of it. A wipe” utility program to overwrite the entire hard drive is recommended.
• Checking with an anti-fraud education organization such as CardCops (www.cardcops.com). Card Cops runs a web site designed to help consumers determine whether their credit card numbers may have been stolen. They monitor Internet "chat rooms" where identity thieves illicitly trade and sell stolen credit card numbers. CardCops turns the information over to law enforcement authorities, but also allows consumers to access their database to see whether individual card numbers may have been stolen. In the first two months of operation, the site identified more than 100,000 stolen credit cards.
As with any crime, you can not completely control whether you will become a victim, but you can take steps to minimize your risk by remaining diligent and by minimizing outside access to your personal information.
Saturday, April 17, 2010
Computer Security - How many spyware items are infecting your computer?
I just had, by mistake, a plug-in called Intelligent Explorer attach to my browser. What a nightmare! I have another article on this topic, but this brings home a point. Spyware or adware items are continually infecting computers. Most computers have no protection from them. Most frightening is the frequency of them. From the InfosecWriters web site, "According to a 2004 survey by America Online and the National Cyber Security Alliance, 91% of users questioned were familiar with the term spyware. Only 53% believed their computers were infected, but a scan found that 80% of their PCs had some type of spyware installed on them." It goes on to say, "...The average number of spyware components per computer was 93 with one computer having well over a thousand."
What is Spyware?
Butte College (www.bctv.butte.edu/support/spyware.html) offers this definition:
“The term ‘spyware’ is broadly defined as any program that gets into your computer without permission and hides in the background while it makes unwanted changes to your user experience.
Spyware is generally not designed to damage your computer. The damage it does is more a by-product of its main mission, which is to serve you targeted advertisements or make your browser display certain sites or search results.
At present, most spyware targets only the Windows operating system (Internet Explorer).”
To be fair, spyware can be harmless, for example tracking cookies don’t do much. While such things infringe on your privacy, they don't really harm anything. Others, however, are extremely dangerous.
So what do you do about it?
No spyware program seems to do everything, but there are a lot of goods solutions out there that can help. Here is a list of some of the top Spyware tools to look at:
1) Try Ad-Aware 6.0 Professional from LavaSoft (there is also a free version with less functionality)
2) Spybot Search & Destroy from PepiMK Software
3) Xoftspy form Pareto Logic
5) Spyware Guard from Javacool Software is a free program
4) Pest Patrol (now part of Computer Associates by acquisition)
5) McAfee Anti-Spyware
One thing is for certain: you do need to take spyware seriously. For some reason, too many people out there think anti-virus solutions are the end-all solution. They are not.
And, when all else fails?
Finally, as drastic as it seems, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.
What is Spyware?
Butte College (www.bctv.butte.edu/support/spyware.html) offers this definition:
“The term ‘spyware’ is broadly defined as any program that gets into your computer without permission and hides in the background while it makes unwanted changes to your user experience.
Spyware is generally not designed to damage your computer. The damage it does is more a by-product of its main mission, which is to serve you targeted advertisements or make your browser display certain sites or search results.
At present, most spyware targets only the Windows operating system (Internet Explorer).”
To be fair, spyware can be harmless, for example tracking cookies don’t do much. While such things infringe on your privacy, they don't really harm anything. Others, however, are extremely dangerous.
So what do you do about it?
No spyware program seems to do everything, but there are a lot of goods solutions out there that can help. Here is a list of some of the top Spyware tools to look at:
1) Try Ad-Aware 6.0 Professional from LavaSoft (there is also a free version with less functionality)
2) Spybot Search & Destroy from PepiMK Software
3) Xoftspy form Pareto Logic
5) Spyware Guard from Javacool Software is a free program
4) Pest Patrol (now part of Computer Associates by acquisition)
5) McAfee Anti-Spyware
One thing is for certain: you do need to take spyware seriously. For some reason, too many people out there think anti-virus solutions are the end-all solution. They are not.
And, when all else fails?
Finally, as drastic as it seems, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.
Friday, April 16, 2010
Computer Security - Finding the Security Suite that meets your needs
Before proceeding to read this article, it is important that we state something up front. It is essential for the reader to understand and appreciate that there is no such thing as a secure operating system or web browser. While the use of security suites and other complementing products can significantly reduce your risks, they are not magic wands that you can wave to eliminate 100% of your risk. Any product claiming they can do this should be viewed with great skepticism.
With that being said, let’s talk computer security and security suites. There are numerous ways in which the security of your computer can be breached. The most common threats come from worms, viruses, Trojans, phishing, hackers and crackers. Potential security breaches can come in the form of downloading unfamiliar email attachments, being monitored by spyware, maliciously attacked by malware, or probed through port scanning.
Dshield.org (www.dshield.org), a non-profit company, functions as a “dominating attach correlation engine with worldwide coverage”. In short, they work with people and companies to track, among other things, port scanning violations. Port scanning involves a person (referred to as a hacker or cracker) who attempts to break into you computer through the open ports in your system. Once an open port is located, the individual attempts to collect your personal data or install a malware program into you computer. On average, Dshield.org logs over 1.1 billion reported attempts of port scanning each month. What is even scarier is that this is just based on their program participants. You can imagine how many more incidents are occurring each month to the general population of computer users.
Dshield.org also reports on survival time. Survival time refers to how long it will take before an unpatched PC is attacked or infected. Below is a snapshot of their current operating system breakdown:
Current OS Breakdown
Category % Adjusted Survival Time
Windows 27.0000 128 min
Unix 0.5000 3648 min
Application 3.0000 1203 min
P2P 1.5000 1591 min
Backdoor 0.5000 5432 min
Source: Dshield.org – Survival Time History (11/8/05)
In short, if you have a Windows-based operating system and an unpatched PC, you will be attacked or infected in a little over 2 hours. When looked at in these terms, securing your computer becomes a mission.
Here are a few easy steps you can take to immediately protect your computer.
1. Don’t run unfamiliar programs on your computer.
It sounds like common sense, but many of the most prominent attacks have involved spyware and email attachment worms such as Bagle and Netsky. If you don’t recognize the sender, don’t download its attachments.
2. Don’t allow unrestricted physical access to your computer.
If you have sensitive or proprietary information on your computer, allowing other employees or family members to use your computer can lead to potential breaches in your computer’s security.
3. Don’t use weak passwords.
Use passwords which are difficult for someone to figure out. People frequently use the names of children, pets, anniversary dates, or birthdays. Because there seems to be a password needed for everything, it is not uncommon to see many people using the same password for everything. Big mistake! The use of only one password provides a hacker with easy access to a smorgasbord of personal information. If you have to write your passwords down, it is best not to leave them on a post-it, attached to the screen of your computer. You may chuckle at the absurdity, but it happens more than you think.
4. Don’t forget to regularly patch your operating system and other applications.
Many industry experts believe that most network security attacks would be stopped if computer users would just keep their computers updated with patches and security fixes. Too often, we forget to do this on a regular basis. Remember that every day, new viruses, worms and Trojans are being created and distributed. They are looking for the weaknesses in your computer system. Having outdated software is basically the same as holding the door open and inviting them in for a visit.
5. Don’t forget to make regular backups of important data
Always keep a copy of important files on removable media such as floppy/ZIP disks or recordable CD-ROM disks. Store the backups in a location separate from the computer.
In most cases, Windows desktop and screen-saver passwords provides adequate protection for normal security concerns. However, if you feel more comfortable taking additional security measures consider obtaining a comprehensive security suite.
Selecting a Antivirus Software
The next question is how do you pick the best product for your needs? You start by asking yourself a series of questions. Do you need password protection for individual files, your desktop, a network, or to block someone’s access to the Internet? Is your computer used only by you or do multiple users have access to the computer? How many users in total do you expect on your computer? What are your system requirements? How much do you want to spend?
Once you are able to answer these questions, you can begin to research which security suite will best meet your needs. Product reviews and user statements provide a great starting point. PCMagaine (www.pcmag.com), Zdnet.com (www.zdnet.com), and Consumer Reports (www.consumerreports.org) are just a few informative sites that offer research on various computer software products.
There are numerous security suites available on the market. Take the time to choose the one that meets your specific needs. As a starting point, we’ve listed a couple of the more popular programs:
1. Kaspersky Personal Security Suite
Description: A comprehensive protection program package designed to guard against worms, viruses, spyware, adware and other malicious programs. The program offers five pre-defined security levels and is convenient for mobile users. System requirements: Window 98/2000/XP; Internet Explore 5.0 or higher, Memory: minimum of 64 MB RAM, 100 MB free on hard drive.
2. Shield Deluxe 2005
Description: This program provides protection from viruses, adware, spyware, and privacy threats while using very low system resources. Additionally, the maker, PC Security Shield offers ongoing free technical support. System requirements: Windows 98 or higher, WinNT, WinXP, WinME; Internet Explorer 5.1 or higher, Memory: 32MB ram or higher, 65 MB free disk space.
With that being said, let’s talk computer security and security suites. There are numerous ways in which the security of your computer can be breached. The most common threats come from worms, viruses, Trojans, phishing, hackers and crackers. Potential security breaches can come in the form of downloading unfamiliar email attachments, being monitored by spyware, maliciously attacked by malware, or probed through port scanning.
Dshield.org (www.dshield.org), a non-profit company, functions as a “dominating attach correlation engine with worldwide coverage”. In short, they work with people and companies to track, among other things, port scanning violations. Port scanning involves a person (referred to as a hacker or cracker) who attempts to break into you computer through the open ports in your system. Once an open port is located, the individual attempts to collect your personal data or install a malware program into you computer. On average, Dshield.org logs over 1.1 billion reported attempts of port scanning each month. What is even scarier is that this is just based on their program participants. You can imagine how many more incidents are occurring each month to the general population of computer users.
Dshield.org also reports on survival time. Survival time refers to how long it will take before an unpatched PC is attacked or infected. Below is a snapshot of their current operating system breakdown:
Current OS Breakdown
Category % Adjusted Survival Time
Windows 27.0000 128 min
Unix 0.5000 3648 min
Application 3.0000 1203 min
P2P 1.5000 1591 min
Backdoor 0.5000 5432 min
Source: Dshield.org – Survival Time History (11/8/05)
In short, if you have a Windows-based operating system and an unpatched PC, you will be attacked or infected in a little over 2 hours. When looked at in these terms, securing your computer becomes a mission.
Here are a few easy steps you can take to immediately protect your computer.
1. Don’t run unfamiliar programs on your computer.
It sounds like common sense, but many of the most prominent attacks have involved spyware and email attachment worms such as Bagle and Netsky. If you don’t recognize the sender, don’t download its attachments.
2. Don’t allow unrestricted physical access to your computer.
If you have sensitive or proprietary information on your computer, allowing other employees or family members to use your computer can lead to potential breaches in your computer’s security.
3. Don’t use weak passwords.
Use passwords which are difficult for someone to figure out. People frequently use the names of children, pets, anniversary dates, or birthdays. Because there seems to be a password needed for everything, it is not uncommon to see many people using the same password for everything. Big mistake! The use of only one password provides a hacker with easy access to a smorgasbord of personal information. If you have to write your passwords down, it is best not to leave them on a post-it, attached to the screen of your computer. You may chuckle at the absurdity, but it happens more than you think.
4. Don’t forget to regularly patch your operating system and other applications.
Many industry experts believe that most network security attacks would be stopped if computer users would just keep their computers updated with patches and security fixes. Too often, we forget to do this on a regular basis. Remember that every day, new viruses, worms and Trojans are being created and distributed. They are looking for the weaknesses in your computer system. Having outdated software is basically the same as holding the door open and inviting them in for a visit.
5. Don’t forget to make regular backups of important data
Always keep a copy of important files on removable media such as floppy/ZIP disks or recordable CD-ROM disks. Store the backups in a location separate from the computer.
In most cases, Windows desktop and screen-saver passwords provides adequate protection for normal security concerns. However, if you feel more comfortable taking additional security measures consider obtaining a comprehensive security suite.
Selecting a Antivirus Software
The next question is how do you pick the best product for your needs? You start by asking yourself a series of questions. Do you need password protection for individual files, your desktop, a network, or to block someone’s access to the Internet? Is your computer used only by you or do multiple users have access to the computer? How many users in total do you expect on your computer? What are your system requirements? How much do you want to spend?
Once you are able to answer these questions, you can begin to research which security suite will best meet your needs. Product reviews and user statements provide a great starting point. PCMagaine (www.pcmag.com), Zdnet.com (www.zdnet.com), and Consumer Reports (www.consumerreports.org) are just a few informative sites that offer research on various computer software products.
There are numerous security suites available on the market. Take the time to choose the one that meets your specific needs. As a starting point, we’ve listed a couple of the more popular programs:
1. Kaspersky Personal Security Suite
Description: A comprehensive protection program package designed to guard against worms, viruses, spyware, adware and other malicious programs. The program offers five pre-defined security levels and is convenient for mobile users. System requirements: Window 98/2000/XP; Internet Explore 5.0 or higher, Memory: minimum of 64 MB RAM, 100 MB free on hard drive.
2. Shield Deluxe 2005
Description: This program provides protection from viruses, adware, spyware, and privacy threats while using very low system resources. Additionally, the maker, PC Security Shield offers ongoing free technical support. System requirements: Windows 98 or higher, WinNT, WinXP, WinME; Internet Explorer 5.1 or higher, Memory: 32MB ram or higher, 65 MB free disk space.
Thursday, April 15, 2010
Computer Security - Fighting Spam
How prevalent is Spam? According to Scott McAdams, OMA Public Affairs and Communications Department (www.oma.org):
“Studies show unsolicited or “junk” e-mail, known as spam, accounts for roughly half of all e-mail messages received. Although once regarded as little more than a nuisance, the prevalence of spam has increased to the point where many users have begun to express a general lack of confidence in the effectiveness of e-mail transmissions, and increased concern over the spread of computer viruses via unsolicited messages.”
In 2003, President Bush signed the “Can Spam” bill, in December of 2003 which is the first national standards around bulk unsolicited commercial e-mail. The bill, approved by the Senate by a vote of 97 to 0, prohibits senders of unsolicited commercial e-mail from using false return addresses to disguise their identity (spoofing) and the use of dictionaries to generate such mailers. In addition, it prohibits the use of misleading subject lines and requires that emails include and opt-out mechanism. The legislation also prohibits senders from harvesting addresses off Web sites. Violations constitute a misdemeanor crime subject to up to one year in jail.
One major point that needs to be discussed about this: spam is now coming from other countries in ever-greater numbers. These emails are harder to fight, because they come from outside our country’s laws and regulations. Because the Internet opens borders and thinks globally, these laws are fine and good, but do not stop the problem.
So what do you do about this? Her are the top 5 Rules to do to protect from spam.
Number 1: Do what you can to avoid having your email address out on the net.
There are products called “spam spiders” that search the Internet for email addresses to send email to. If you are interested, do a search on “spam spider” and you will be amazed at what you get back. Interestingly, there is a site, WebPoison.org, which is an open source project geared to fight Internet "spambots" and "spam spiders", by giving them bogus HTML web pages, which contain bogus email addresses
A couple suggestions for you: a) use form emails, which can hide addresses or also b) use addresses like sales@company.com instead of your full address to help battle the problem. c) There are also programs that encode your email, like jsGuard, which encodes your email address on web pages so that while spam spiders find it difficult or impossible to read your email address.
Number 2: Get spam blocking software. There are many programs out there for this. (go to www.cloudmark.com or www.mailwasher.net for example). You may also buy a professional version. Whatever you do, get the software. It will save you time. The software is not foolproof, but they really do help. You usually have to do some manual set up to block certain types of email.
Number 3: Use the multiple email address approach.
There are a lot of free email addresses to be had. If you must subscribe to newsletters, then have a “back-up” email address. It would be like giving your sell phone number to your best friends and the business number to everyone else.
Number 4: Attachments from people you don’t know are BAD, BAD, BAD.
A common problem with spam is that they have attachments and attachments can have viruses. Corporations often have filters that don’t let such things pass to you. Personal email is far more “open country” for spammers. General rule of thumb: if you do not know who is sending you something, DO NOT OPEN THE ATTACHMENT. Secondly, look for services that offer filtering. Firewall vendors offer this type of service as well.
Number 5: Email services now have “bulk-mail” baskets. If what you use currently does not support this, think about moving to a new vender. The concept is simple. If you know someone, they can send you emails. If you don’t know them, put them in the bulk email pile and then “choose” to allow them into your circle. Spam Blocking software has this concept as well, but having extra layers seems critical these days, so it is worth looking into.
“Studies show unsolicited or “junk” e-mail, known as spam, accounts for roughly half of all e-mail messages received. Although once regarded as little more than a nuisance, the prevalence of spam has increased to the point where many users have begun to express a general lack of confidence in the effectiveness of e-mail transmissions, and increased concern over the spread of computer viruses via unsolicited messages.”
In 2003, President Bush signed the “Can Spam” bill, in December of 2003 which is the first national standards around bulk unsolicited commercial e-mail. The bill, approved by the Senate by a vote of 97 to 0, prohibits senders of unsolicited commercial e-mail from using false return addresses to disguise their identity (spoofing) and the use of dictionaries to generate such mailers. In addition, it prohibits the use of misleading subject lines and requires that emails include and opt-out mechanism. The legislation also prohibits senders from harvesting addresses off Web sites. Violations constitute a misdemeanor crime subject to up to one year in jail.
One major point that needs to be discussed about this: spam is now coming from other countries in ever-greater numbers. These emails are harder to fight, because they come from outside our country’s laws and regulations. Because the Internet opens borders and thinks globally, these laws are fine and good, but do not stop the problem.
So what do you do about this? Her are the top 5 Rules to do to protect from spam.
Number 1: Do what you can to avoid having your email address out on the net.
There are products called “spam spiders” that search the Internet for email addresses to send email to. If you are interested, do a search on “spam spider” and you will be amazed at what you get back. Interestingly, there is a site, WebPoison.org, which is an open source project geared to fight Internet "spambots" and "spam spiders", by giving them bogus HTML web pages, which contain bogus email addresses
A couple suggestions for you: a) use form emails, which can hide addresses or also b) use addresses like sales@company.com instead of your full address to help battle the problem. c) There are also programs that encode your email, like jsGuard, which encodes your email address on web pages so that while spam spiders find it difficult or impossible to read your email address.
Number 2: Get spam blocking software. There are many programs out there for this. (go to www.cloudmark.com or www.mailwasher.net for example). You may also buy a professional version. Whatever you do, get the software. It will save you time. The software is not foolproof, but they really do help. You usually have to do some manual set up to block certain types of email.
Number 3: Use the multiple email address approach.
There are a lot of free email addresses to be had. If you must subscribe to newsletters, then have a “back-up” email address. It would be like giving your sell phone number to your best friends and the business number to everyone else.
Number 4: Attachments from people you don’t know are BAD, BAD, BAD.
A common problem with spam is that they have attachments and attachments can have viruses. Corporations often have filters that don’t let such things pass to you. Personal email is far more “open country” for spammers. General rule of thumb: if you do not know who is sending you something, DO NOT OPEN THE ATTACHMENT. Secondly, look for services that offer filtering. Firewall vendors offer this type of service as well.
Number 5: Email services now have “bulk-mail” baskets. If what you use currently does not support this, think about moving to a new vender. The concept is simple. If you know someone, they can send you emails. If you don’t know them, put them in the bulk email pile and then “choose” to allow them into your circle. Spam Blocking software has this concept as well, but having extra layers seems critical these days, so it is worth looking into.
Wednesday, April 14, 2010
Computer Security - Fighting off Viruses: Advancements in Antivirus Software Suites
Protecting your computer from a virus is getting harder and harder each day. While it may border on the paranoid, it goes without saying that you can’t leave your guard down for one second. Even corporate giant Microsoft has found its own systems compromised on more than one occasion.
Remember the “good old days”, before the advent of the Internet and downloadable programs? Life was simple then in terms of computer viruses. With the primary way in which a virus could be transmitted being limited to floppy disks, the ability to catch and eradicate the virus was a lot easier. By today’s standards, it used to take quite a while before a virus was able to infect a computer and slow down the system. The antivirus software of that time was typically able to identify and eradicate viruses before they caused too much damage. Additionally, computer users were pretty savvy on how to protect themselves in terms of scanning all floppy disks before copying them to our desktop.
The Internet helped change all that. The Internet provided a conduit by which viruses could move from host to host with lightening speed. No longer could a computer user just worry about floppy disks as points of entry, but they now had to worry about email, email attachments, peer-to-peer file sharing, instant messaging, and software downloads. Today’s viruses can attack through multiple entry points, spread without human intervention, and take full advantage of vulnerabilities within a system or program. With technology advancing everyday, and the convergence of computers with other mobile devices, the potential of new types of threats also increase.
Protecting Your Computer
Luckily, the advancement of antivirus software has kept pace with current virus threats. Antivirus software is essential to a computer’s ability to fend off viruses and other malicious programs. These products are designed to protect against the ability of a virus to enter a computer through email, web browsers, file servers and desktops. Additionally, these programs offer a centralized control feature that handle deployment, configuration and updating.
A computer user should remain diligent and follow a few simple steps to protect against the threat of a virus:
1. Evaluate your current computer security system.
With the threat of a new generation of viruses able to attack in a multitude of ways, the approach of having just one antivirus software version has become outdated. You need to be confident that you have protected all aspects of your computer system from the desktop to the network, and from the gateway to the server. Consider a more comprehensive security system which includes several features including antivirus, firewall, content filtering, and intrusion detection. This type of system will make it more difficult for the virus to penetrate your system.
2. Only install antivirus software created by a well-known, reputable company.
Because new viruses erupt daily, it is important that you regularly update your antivirus software. Become familiar with the software’s real-time scan feature and configure it to start automatically each time you boot your computer. This will protect your system by automatically checking your computer each time it is powered up.
3. Make it a habit to always scan all new programs or files no matter from where they originate.
4. Exercise caution when opening binary, Word, or Excel documents of unknown sources especially if they were received during an online chat or as an attachment to an email.
5. Perform regular backups in case your system is corrupted. It may be the only way to recover your data if infected.
Recommended Antivirus Software
There are numerous applications available to consumers. With a little research, you can pick the program that is right for you. Many programs provide a trial version which allows you to download the program and test its abilities. However, be aware that some anti-virus programs can be difficult to uninstall. As a precaution make sure to set up a System Restore point before installing.
Here are a few programs which typically receive high marks in terms of cost, effectiveness, ease of use, and customer service.
The Shield Pro 2005™ provides virus protection and hacker security through ongoing support and updates. When a virus breaks out, The Shield Pro 2005™ promises to provide a patch within 2-3 hours and a fix for the virus within 5 hours. You can set your computer to update viruses weekly and run a complete virus scan.
BitDefender 9 Standard provides antivirus protection, as well as Peer-2-Peer Applications protection, full email protection, and heuristics in a virtual environment. This provides a new security layer that keeps the operating system safe from unknown viruses by detecting malicious pieces of code for which signatures have not been released yet.
Kaspersky Anti-Virus Personal 5.0 program is simple to install and use. The user only needs to choose from three levels of protection. It allows updates as frequently as every hour while promising not to disrupt your computer. The program also offers a two-tier email protection feature and round-the-clock technical support.
PC-cillin Internet Security combines antivirus security and a personal firewall—for comprehensive protection against viruses, worms, Trojans, and hackers. It also detects and removes spyware and blocks spam. It even guards against identity theft by blocking phishing and pharming attacks.
AVG Anti-Virus Free Edition is a free downloadable antivirus program that has received high marks for its reliability. In the past, free downloadable antivirus programs have been viewed skeptically because of issues relating to its reliability. However, AVG from Grisoft, remains one of the best-known free anti-virus programs available. While AVG can not be installed on a server operating system and there is no technical support, it still makes a good choice for many home computer users. The best part is that since it is free, you can try it with no further obligation necessary.
Remember the “good old days”, before the advent of the Internet and downloadable programs? Life was simple then in terms of computer viruses. With the primary way in which a virus could be transmitted being limited to floppy disks, the ability to catch and eradicate the virus was a lot easier. By today’s standards, it used to take quite a while before a virus was able to infect a computer and slow down the system. The antivirus software of that time was typically able to identify and eradicate viruses before they caused too much damage. Additionally, computer users were pretty savvy on how to protect themselves in terms of scanning all floppy disks before copying them to our desktop.
The Internet helped change all that. The Internet provided a conduit by which viruses could move from host to host with lightening speed. No longer could a computer user just worry about floppy disks as points of entry, but they now had to worry about email, email attachments, peer-to-peer file sharing, instant messaging, and software downloads. Today’s viruses can attack through multiple entry points, spread without human intervention, and take full advantage of vulnerabilities within a system or program. With technology advancing everyday, and the convergence of computers with other mobile devices, the potential of new types of threats also increase.
Protecting Your Computer
Luckily, the advancement of antivirus software has kept pace with current virus threats. Antivirus software is essential to a computer’s ability to fend off viruses and other malicious programs. These products are designed to protect against the ability of a virus to enter a computer through email, web browsers, file servers and desktops. Additionally, these programs offer a centralized control feature that handle deployment, configuration and updating.
A computer user should remain diligent and follow a few simple steps to protect against the threat of a virus:
1. Evaluate your current computer security system.
With the threat of a new generation of viruses able to attack in a multitude of ways, the approach of having just one antivirus software version has become outdated. You need to be confident that you have protected all aspects of your computer system from the desktop to the network, and from the gateway to the server. Consider a more comprehensive security system which includes several features including antivirus, firewall, content filtering, and intrusion detection. This type of system will make it more difficult for the virus to penetrate your system.
2. Only install antivirus software created by a well-known, reputable company.
Because new viruses erupt daily, it is important that you regularly update your antivirus software. Become familiar with the software’s real-time scan feature and configure it to start automatically each time you boot your computer. This will protect your system by automatically checking your computer each time it is powered up.
3. Make it a habit to always scan all new programs or files no matter from where they originate.
4. Exercise caution when opening binary, Word, or Excel documents of unknown sources especially if they were received during an online chat or as an attachment to an email.
5. Perform regular backups in case your system is corrupted. It may be the only way to recover your data if infected.
Recommended Antivirus Software
There are numerous applications available to consumers. With a little research, you can pick the program that is right for you. Many programs provide a trial version which allows you to download the program and test its abilities. However, be aware that some anti-virus programs can be difficult to uninstall. As a precaution make sure to set up a System Restore point before installing.
Here are a few programs which typically receive high marks in terms of cost, effectiveness, ease of use, and customer service.
The Shield Pro 2005™ provides virus protection and hacker security through ongoing support and updates. When a virus breaks out, The Shield Pro 2005™ promises to provide a patch within 2-3 hours and a fix for the virus within 5 hours. You can set your computer to update viruses weekly and run a complete virus scan.
BitDefender 9 Standard provides antivirus protection, as well as Peer-2-Peer Applications protection, full email protection, and heuristics in a virtual environment. This provides a new security layer that keeps the operating system safe from unknown viruses by detecting malicious pieces of code for which signatures have not been released yet.
Kaspersky Anti-Virus Personal 5.0 program is simple to install and use. The user only needs to choose from three levels of protection. It allows updates as frequently as every hour while promising not to disrupt your computer. The program also offers a two-tier email protection feature and round-the-clock technical support.
PC-cillin Internet Security combines antivirus security and a personal firewall—for comprehensive protection against viruses, worms, Trojans, and hackers. It also detects and removes spyware and blocks spam. It even guards against identity theft by blocking phishing and pharming attacks.
AVG Anti-Virus Free Edition is a free downloadable antivirus program that has received high marks for its reliability. In the past, free downloadable antivirus programs have been viewed skeptically because of issues relating to its reliability. However, AVG from Grisoft, remains one of the best-known free anti-virus programs available. While AVG can not be installed on a server operating system and there is no technical support, it still makes a good choice for many home computer users. The best part is that since it is free, you can try it with no further obligation necessary.
Tuesday, April 13, 2010
Computer Security - Department of Defense Crackdown on Security
The top commander of the department of Defense network operations just ordered a crackdown on security. According to a recent article by NetworkWorld on January 16,2006, Lt. General Charles Croom is quoted as saying, “The attacks are coming from everywhere and they’re getting better.” His talk was the keynote address at the Department of Defense Cyber Crime Conference held on January 9 - 14, 2005 in Clearwater, Florida. The event is sponsored by the Defense Cyber Crime Center and the Joint Task Force. Over 500 computer crime specialists from the FBI and the military attended the event.
The crackdown was related to a recent arrest of a “Computer Virus Broker” named Jeanson James Ancheta. On further investigation, a Department of Justice press release from Nov 3rd, 2005 offered the following information on this incident, “In the first prosecution of its kind in the nation, a well-known member of the “botmaster underground” has been indicted on federal charges for profiting from the use of “botnets” – armies of computers that are under the control of the botmaster and are used to launch destructive attacks or to send huge quantities of spam across the Internet.
Jeanson James Ancheta, 20, of Downey, California, was arrested this morning by special agents with the Federal Bureau of Investigation. Ancheta was indicted yesterday in two separate conspiracies, as well as substantive charges of attempting to cause damage to protected computers, causing damage to computers used by the federal government in national defense, accessing protected computers without authorization to commit fraud and money laundering.”
The press release goes on to describe more details of this scheme that clearly show why the Deparment of Defense is so concerned (for more information go to: http://www.usdoj.gov/criminal/cybercrime/anchetaArrest.htm )
“Ancheta had become an affiliate of several different advertising service companies, and those companies paid him a commission based upon the number of installations. To avoid detection by network administrators, security analysts and law enforcement, Ancheta would vary the download times and rates of the adware installations. When companies hosting Ancheta’s adware servers discovered the malicious activity, Ancheta redirected his botnet armies to a different server he controlled to pick up adware. To generate the roughly $60,000 he received in advertising affiliate proceeds, Ancheta caused the surreptitious installation of adware on approximately 400,000 compromised computers. Ancheta used the advertising affiliate proceeds he earned to pay for, among other things, the multiple servers used to conduct his schemes.
Ancheta used programs powerful enough to cause the infection of computers at the Weapons Division of the United States Naval Air Warfare Center in China Lake, as well as computers belonging to the Defense Information Systems Agency, a component of the United States Department of Defense. Both networks are used exclusively by the federal government in furtherance of national defense. After being arrested this morning at the FBI Field Office in Los Angeles, Ancheta was transported to United States District Court in Los Angeles. It is unclear if he will make his initial court appearance this afternoon or tomorrow. Ancheta is charged with two counts of conspiracy, two counts of attempted transmission of code to a protected computer, two counts of transmission of code to a government computer, five counts of accessing a protected computer to commit fraud and five counts of money laundering. Count 17 of the indictment seeks the forfeiture of more than $60,000 in cash, a BMW automobile and computer equipment that the indictment alleges are the proceeds and instrumentalities of Ancheta’s illegal activity.”
Some recent news. Ancheta pleaded guilty to charges of conspiring to violate anti-spam and computer misuse laws, and fraud and will serve from 4-6 years in prison, under the plea agreement - plus heavy fines.
The crackdown was related to a recent arrest of a “Computer Virus Broker” named Jeanson James Ancheta. On further investigation, a Department of Justice press release from Nov 3rd, 2005 offered the following information on this incident, “In the first prosecution of its kind in the nation, a well-known member of the “botmaster underground” has been indicted on federal charges for profiting from the use of “botnets” – armies of computers that are under the control of the botmaster and are used to launch destructive attacks or to send huge quantities of spam across the Internet.
Jeanson James Ancheta, 20, of Downey, California, was arrested this morning by special agents with the Federal Bureau of Investigation. Ancheta was indicted yesterday in two separate conspiracies, as well as substantive charges of attempting to cause damage to protected computers, causing damage to computers used by the federal government in national defense, accessing protected computers without authorization to commit fraud and money laundering.”
The press release goes on to describe more details of this scheme that clearly show why the Deparment of Defense is so concerned (for more information go to: http://www.usdoj.gov/criminal/cybercrime/anchetaArrest.htm )
“Ancheta had become an affiliate of several different advertising service companies, and those companies paid him a commission based upon the number of installations. To avoid detection by network administrators, security analysts and law enforcement, Ancheta would vary the download times and rates of the adware installations. When companies hosting Ancheta’s adware servers discovered the malicious activity, Ancheta redirected his botnet armies to a different server he controlled to pick up adware. To generate the roughly $60,000 he received in advertising affiliate proceeds, Ancheta caused the surreptitious installation of adware on approximately 400,000 compromised computers. Ancheta used the advertising affiliate proceeds he earned to pay for, among other things, the multiple servers used to conduct his schemes.
Ancheta used programs powerful enough to cause the infection of computers at the Weapons Division of the United States Naval Air Warfare Center in China Lake, as well as computers belonging to the Defense Information Systems Agency, a component of the United States Department of Defense. Both networks are used exclusively by the federal government in furtherance of national defense. After being arrested this morning at the FBI Field Office in Los Angeles, Ancheta was transported to United States District Court in Los Angeles. It is unclear if he will make his initial court appearance this afternoon or tomorrow. Ancheta is charged with two counts of conspiracy, two counts of attempted transmission of code to a protected computer, two counts of transmission of code to a government computer, five counts of accessing a protected computer to commit fraud and five counts of money laundering. Count 17 of the indictment seeks the forfeiture of more than $60,000 in cash, a BMW automobile and computer equipment that the indictment alleges are the proceeds and instrumentalities of Ancheta’s illegal activity.”
Some recent news. Ancheta pleaded guilty to charges of conspiring to violate anti-spam and computer misuse laws, and fraud and will serve from 4-6 years in prison, under the plea agreement - plus heavy fines.
Monday, April 12, 2010
Computer Security - Spyware Beware
Spyware and Adware are not only an ever increasing nuisance for computer users everywhere, but also a booming industry. According to Webroot Software, Inc., the distribution of online advertisements through spyware and adware has become a $2 billion industry.
The aggressive advertising and spying tactics demonstrated by some of these programs, require an equally aggressive response from a seasoned eradicator. Sunbelt Software is such a company. A leader in Anti-Spyware, Anti-Spam, Network Security and System Management tools, they gave consistently remained on the cutting-edge of anti-spyware programming since 1994.
One of their more notable software applications is CounterSpy 1.5. CounterSpy is designed to detect and remove spyware that is already in your computer system. Additionally, it provides real-time protection while preventing browser hijacking and changes to your computer’s Registry.
Other notable features include:
• Detection and Removal of Tracking Cookies – while it is true that applications like Microsoft AntiSpyware Beta are free, they do not include the ability to detect and remove tracking cookies like CounterSpy does.
• History Cleaner - erases any traceable trails left on your computer as you surf the Internet.
• Secure File Eraser - a powerful deletion tool that can completely eliminate all files you want removed from your computer including images, music, movies and applications.
• PC Explorer - allows you a look into files and areas that are normally inconvenient to access, such as your startup programs, browser helper objects, and ActiveX programs that are being downloaded or used.
• Support for Older Operating Systems – includes Windows 98SE, Windows ME, and Windows NT.
Recommended by PC World, ConsumerSearch, and Dell, CounterSpy holds one of the highest effective ratings for spyware removal. It also received high marks from TopTenReviews (2006) for ease of use, customization/installation, and help/support. For only $19.95 per machine, users can receive a one year subscription with updates, upgrades, and technical support from real live humans. CounterSpy definitely provides ease of use and affordability for just about any computer user from the novice to the expert.
The aggressive advertising and spying tactics demonstrated by some of these programs, require an equally aggressive response from a seasoned eradicator. Sunbelt Software is such a company. A leader in Anti-Spyware, Anti-Spam, Network Security and System Management tools, they gave consistently remained on the cutting-edge of anti-spyware programming since 1994.
One of their more notable software applications is CounterSpy 1.5. CounterSpy is designed to detect and remove spyware that is already in your computer system. Additionally, it provides real-time protection while preventing browser hijacking and changes to your computer’s Registry.
Other notable features include:
• Detection and Removal of Tracking Cookies – while it is true that applications like Microsoft AntiSpyware Beta are free, they do not include the ability to detect and remove tracking cookies like CounterSpy does.
• History Cleaner - erases any traceable trails left on your computer as you surf the Internet.
• Secure File Eraser - a powerful deletion tool that can completely eliminate all files you want removed from your computer including images, music, movies and applications.
• PC Explorer - allows you a look into files and areas that are normally inconvenient to access, such as your startup programs, browser helper objects, and ActiveX programs that are being downloaded or used.
• Support for Older Operating Systems – includes Windows 98SE, Windows ME, and Windows NT.
Recommended by PC World, ConsumerSearch, and Dell, CounterSpy holds one of the highest effective ratings for spyware removal. It also received high marks from TopTenReviews (2006) for ease of use, customization/installation, and help/support. For only $19.95 per machine, users can receive a one year subscription with updates, upgrades, and technical support from real live humans. CounterSpy definitely provides ease of use and affordability for just about any computer user from the novice to the expert.
Sunday, April 11, 2010
Computer Security - Computer Viruses that Come a Callin’
Every day new computer viruses are created to annoy us and to wreck havoc on our computer systems. Below are ten viruses currently cited as being the most prevalent in terms of being seen the most or in their ability to potentially cause damage. New viruses are created daily. This is by no means an all inclusive list. The best thing you can do is to remain vigilant, keep your anti-virus software updated, and stay aware of the current computer virus threats.
Virus: Trojan.Lodear
A Trojan horse that attempts to download remote files. It will inject a .dll file into the EXPLORER.EXE process causing system instability.
Virus: W32.Beagle.CO@mm
A mass-mailing worm that lowers security settings. It can delete security-related registry sub keys and may block access to security-related websites.
Virus: Backdoor.Zagaban
A Trojan horse that allows the compromised computer to be used as a covert proxy and which may degrade network performance.
Virus: W32/Netsky-P
A mass-mailing worm which spreads by emailing itself to addresses produced from files on the local drives.
Virus: W32/Mytob-GH
A mass-mailing worm and IRC backdoor Trojan for the Windows platform. Messages sent by this worm will have the subject chosen randomly from a list including titles such as: Notice of account limitation, Email Account Suspension, Security measures, Members Support, Important Notification.
Virus: W32/Mytob-EX
A mass-mailing worm and IRC backdoor Trojan similar in nature to W32-Mytob-GH. W32/Mytob-EX runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels. This virus spreads by sending itself to email attachments harvested from your email addresses.
Virus: W32/Mytob-AS, Mytob-BE, Mytob-C, and Mytob-ER
This family of worm variations possesses similar characteristics in terms of what they can do. They are mass-mailing worms with backdoor functionality that can be controlled through the Internet Relay Chat (IRC) network. Additionally, they can spread through email and through various operating system vulnerabilities such as the LSASS (MS04-011).
Virus: Zafi-D
A mass mailing worm and a peer-to-peer worm which copies itself to the Windows system folder with the filename Norton Update.exe. It can then create a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension. W32/Zafi-D copies itself to folders with names containing share, upload, or music as ICQ 2005a new!.exe or winamp 5.7 new!.exe. W32/Zafi-D will also display a fake error message box with the caption "CRC: 04F6Bh" and the text "Error in packed file!".
Virus: W32/Netsky-D
A mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the LSASS (MS04-011) exploit.
Virus: W32/Zafi-B
A peer-to-peer (P2P) and email worm that will copy itself to the Windows system folder as a randomly named EXE file. This worm will test for the presence of an internet connection by attempting to connect to www.google.com or www.microsoft.com. A bilingual, worm with an attached Hungarian political text message box which translates to “We demand that the government accommodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime. Jun. 2004, Pécs (SNAF Team)”
Virus: Trojan.Lodear
A Trojan horse that attempts to download remote files. It will inject a .dll file into the EXPLORER.EXE process causing system instability.
Virus: W32.Beagle.CO@mm
A mass-mailing worm that lowers security settings. It can delete security-related registry sub keys and may block access to security-related websites.
Virus: Backdoor.Zagaban
A Trojan horse that allows the compromised computer to be used as a covert proxy and which may degrade network performance.
Virus: W32/Netsky-P
A mass-mailing worm which spreads by emailing itself to addresses produced from files on the local drives.
Virus: W32/Mytob-GH
A mass-mailing worm and IRC backdoor Trojan for the Windows platform. Messages sent by this worm will have the subject chosen randomly from a list including titles such as: Notice of account limitation, Email Account Suspension, Security measures, Members Support, Important Notification.
Virus: W32/Mytob-EX
A mass-mailing worm and IRC backdoor Trojan similar in nature to W32-Mytob-GH. W32/Mytob-EX runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels. This virus spreads by sending itself to email attachments harvested from your email addresses.
Virus: W32/Mytob-AS, Mytob-BE, Mytob-C, and Mytob-ER
This family of worm variations possesses similar characteristics in terms of what they can do. They are mass-mailing worms with backdoor functionality that can be controlled through the Internet Relay Chat (IRC) network. Additionally, they can spread through email and through various operating system vulnerabilities such as the LSASS (MS04-011).
Virus: Zafi-D
A mass mailing worm and a peer-to-peer worm which copies itself to the Windows system folder with the filename Norton Update.exe. It can then create a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension. W32/Zafi-D copies itself to folders with names containing share, upload, or music as ICQ 2005a new!.exe or winamp 5.7 new!.exe. W32/Zafi-D will also display a fake error message box with the caption "CRC: 04F6Bh" and the text "Error in packed file!".
Virus: W32/Netsky-D
A mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the LSASS (MS04-011) exploit.
Virus: W32/Zafi-B
A peer-to-peer (P2P) and email worm that will copy itself to the Windows system folder as a randomly named EXE file. This worm will test for the presence of an internet connection by attempting to connect to www.google.com or www.microsoft.com. A bilingual, worm with an attached Hungarian political text message box which translates to “We demand that the government accommodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime. Jun. 2004, Pécs (SNAF Team)”
Saturday, April 10, 2010
Computer Security - Just what is Intelligent Explorer? For your safety, you really need to know
I recently hit, by mistake, what I thought was an Explorer upgrade option. It turned out to be a pop-up appearing legitimate but really was not. It uploaded a product called Intelligent Explorer on my machine. What a nightmare!
I did some research on the web and found messages like this one from a BullGuard Antivirus Forum,
"PLEASE HELP!!! I HAVE A SPYWARE, TROJAN AND HIJACKER ON MY COMPUTER. I HAVE RUN BULLGUARD, CWSHREDDER AND AD-AWARE. ALL HAVE PICKED UP THE VIRUSES AND SAID THAT THEY HAVE BEEN MOVED/REMOVED BUT WHEN I LOG ONTO THE INTERNET THAT DAMN INTELLIGENT EXPLORER TOOLBAR IS SHOWING"
Another message from spywareinfo Forum goes something like this:
"Hey I'm having issues with something called Internet explorer toolbar - Intelligent explorer. I can’t find a way to remove it from my comp and I really don’t want to reinstall windows. I've used spybot, ad-ware, and cw shredder but nothing seems to work."
It appears that Intelligent Explorer allows other software to be downloaded to your machine and this is where the problem occurs. What is even more remarkable is that by downloading Intelligent Explorer, their license grants them the right to install software add-ins on your computer at their will. Take a look at what the software license for Intelligent Explore says (go to http://www.ieplugin.com/terms.html to read it all):
"You grant to us the right, exercisable by us until you uninstall the Software or this agreement is otherwise terminated, to provide to you the Service of downloading and causing to be displayed advertising material on your computer, through ‘pop-up’ or other display while you use your browser. You acknowledge and agree that installation of the Software may automatically modify toolbars and other settings of your browser. By installing the Software you agree to such modifications."
The company, IBC incorporated, is incorporated in Belize. I really can't believe this license!
One end user found highly objectionable pop-up advertisements generated by this software bundled with Intelligent Explorer in the form of extreme pornography.
I have yet to break this.
Intelligent Explorer is a plug-in, which can create a new home page, as well as start up and endless loop of pop-ups. You can remove the view bar, but then starting up Internet Explorer will cause it to reappear. I asked some friends to help, and no one could tell me what to do.
This is what I did:
I bought a copy of a program called XoftSpy and it removed the software. It took two scans and a reboot to do it. This is not an advertisement for this product. They advertised it was free, which it was to run, but then I had to buy it to actually fix anything. It cost me $40 and I am sure that there are freeware products out there as well, but that is what ended the nightmare for me. Other spyware products I have seen out there include spybot, NoAdware, Spyware Eliminator, Pal Spyware Remover, and Spyware C.O.P.
Let the buyer beware!
I did some research on the web and found messages like this one from a BullGuard Antivirus Forum,
"PLEASE HELP!!! I HAVE A SPYWARE, TROJAN AND HIJACKER ON MY COMPUTER. I HAVE RUN BULLGUARD, CWSHREDDER AND AD-AWARE. ALL HAVE PICKED UP THE VIRUSES AND SAID THAT THEY HAVE BEEN MOVED/REMOVED BUT WHEN I LOG ONTO THE INTERNET THAT DAMN INTELLIGENT EXPLORER TOOLBAR IS SHOWING"
Another message from spywareinfo Forum goes something like this:
"Hey I'm having issues with something called Internet explorer toolbar - Intelligent explorer. I can’t find a way to remove it from my comp and I really don’t want to reinstall windows. I've used spybot, ad-ware, and cw shredder but nothing seems to work."
It appears that Intelligent Explorer allows other software to be downloaded to your machine and this is where the problem occurs. What is even more remarkable is that by downloading Intelligent Explorer, their license grants them the right to install software add-ins on your computer at their will. Take a look at what the software license for Intelligent Explore says (go to http://www.ieplugin.com/terms.html to read it all):
"You grant to us the right, exercisable by us until you uninstall the Software or this agreement is otherwise terminated, to provide to you the Service of downloading and causing to be displayed advertising material on your computer, through ‘pop-up’ or other display while you use your browser. You acknowledge and agree that installation of the Software may automatically modify toolbars and other settings of your browser. By installing the Software you agree to such modifications."
The company, IBC incorporated, is incorporated in Belize. I really can't believe this license!
One end user found highly objectionable pop-up advertisements generated by this software bundled with Intelligent Explorer in the form of extreme pornography.
I have yet to break this.
Intelligent Explorer is a plug-in, which can create a new home page, as well as start up and endless loop of pop-ups. You can remove the view bar, but then starting up Internet Explorer will cause it to reappear. I asked some friends to help, and no one could tell me what to do.
This is what I did:
I bought a copy of a program called XoftSpy and it removed the software. It took two scans and a reboot to do it. This is not an advertisement for this product. They advertised it was free, which it was to run, but then I had to buy it to actually fix anything. It cost me $40 and I am sure that there are freeware products out there as well, but that is what ended the nightmare for me. Other spyware products I have seen out there include spybot, NoAdware, Spyware Eliminator, Pal Spyware Remover, and Spyware C.O.P.
Let the buyer beware!
Friday, April 9, 2010
Computer Securtiy - About Encryption and Making Your System Secure
What does encryption do for me?
Encryption and cryptographic software has been used in many different ways to make systems more secure. This article discusses only a few ways that such software can make your system more secure, including:
1) Encrypting your email
2) Encrypting your files
To programs are mentioned that will help encrypt information. There are many more programs out there that will help, but these programs are good and a good place to start as any. They have the added benefit of both being free with source code available.
Will encryption stop people from accessing my information?
Encryption simply makes it harder for people to gain access to important information, like passwords or sensitive information in a file. The first thing you should know about encryption is that the algorithm that is used to encrypt can be simple or more complex and that affects how securely what you have encrypted is protected. Encryption systems have been broken when the method of encryption is understood by hackers and is easy to break.
Why bother to encrypt my email?
It should be noted that email is far less secure than paper mail for two very good reasons: first, electronic data can be accessed easily over an Internet and secondly, electronic data is really simple to copy. There is a very good chance that someone has snooped around in your email despite your best intentions to stop it.
How do I go about encrypting my email?
There are many programs out there that can help you encrypt your email. A very popular one is PGP (Pretty Good Privacy) or its Gnu offshoot GPG.
PGP (http://www.pgpi.org/) self-describes itself this way: This "is a program that gives your electronic mail something that it otherwise doesn't have: Privacy. It does this by encrypting your mail so that nobody but the intended person can read it. When encrypted, the message looks like a meaningless jumble of random characters. PGP has proven itself quite capable of resisting even the most sophisticated forms of analysis aimed at reading the encrypted text."
Why bother to encrypt my files?
The answer to this boils down to what you store on your computer. If you have financial data with important information like social security numbers, email addresses, account numbers and passwords, then you open yourself up to losing very valuable information. Most corporate Internet security employees will attest to the widespread theft of very valuable information. As long as you are connected to the Internet you are vulnerable.
How do I go about encrypting my files?
AxCrypt File Encryption Software (http://axcrypt.sourceforge.net/) Self-described as "Free Personal Privacy and Security for Windows 98/ME/NT/2K/XP with AES-128 File Encryption, Compression and transparent Decrypt and Open in the original application."
Encryption and cryptographic software has been used in many different ways to make systems more secure. This article discusses only a few ways that such software can make your system more secure, including:
1) Encrypting your email
2) Encrypting your files
To programs are mentioned that will help encrypt information. There are many more programs out there that will help, but these programs are good and a good place to start as any. They have the added benefit of both being free with source code available.
Will encryption stop people from accessing my information?
Encryption simply makes it harder for people to gain access to important information, like passwords or sensitive information in a file. The first thing you should know about encryption is that the algorithm that is used to encrypt can be simple or more complex and that affects how securely what you have encrypted is protected. Encryption systems have been broken when the method of encryption is understood by hackers and is easy to break.
Why bother to encrypt my email?
It should be noted that email is far less secure than paper mail for two very good reasons: first, electronic data can be accessed easily over an Internet and secondly, electronic data is really simple to copy. There is a very good chance that someone has snooped around in your email despite your best intentions to stop it.
How do I go about encrypting my email?
There are many programs out there that can help you encrypt your email. A very popular one is PGP (Pretty Good Privacy) or its Gnu offshoot GPG.
PGP (http://www.pgpi.org/) self-describes itself this way: This "is a program that gives your electronic mail something that it otherwise doesn't have: Privacy. It does this by encrypting your mail so that nobody but the intended person can read it. When encrypted, the message looks like a meaningless jumble of random characters. PGP has proven itself quite capable of resisting even the most sophisticated forms of analysis aimed at reading the encrypted text."
Why bother to encrypt my files?
The answer to this boils down to what you store on your computer. If you have financial data with important information like social security numbers, email addresses, account numbers and passwords, then you open yourself up to losing very valuable information. Most corporate Internet security employees will attest to the widespread theft of very valuable information. As long as you are connected to the Internet you are vulnerable.
How do I go about encrypting my files?
AxCrypt File Encryption Software (http://axcrypt.sourceforge.net/) Self-described as "Free Personal Privacy and Security for Windows 98/ME/NT/2K/XP with AES-128 File Encryption, Compression and transparent Decrypt and Open in the original application."
Thursday, April 8, 2010
Computer Security - 2010 Security Watch - What is this year going to have in store for us?
There is a lot going on in the information security space. 2010 looks to be an interesting year in these regards. Below are some things to watch for in 2010, some of them are good and, unfortunately, some aren’t.
First the good news:
- We are getting a lot more serious about our security. This has a lot of reasons behind it. For example, new privacy laws are mandating organizations to tighten their security. Look to see more consumer privacy laws passed in the coming year and more tightening of security systems.
- Authentication requirements are increasing. This is closing in large security holes. Corporations are requiring a great deal more of authentication to get into secure systems (this also is on the bad news side)
- There is a plethora of sophisticated programs to help us be more secure and they will continue to get better. Competition right now is strong in the security industry sparking a lot of innovation.
- ISPs are now taking on the responsibility to help us with our security. Take AOL's recent commercials as a good sign that others will follow the trend.
Now the bad news:
- Securing our networks is costing us. Most companies are globalizing their organizations and making them secure costs a lot of money. It will get worse before it gets better.
- Authentication requirements are increasing. This is getting claustrophobic. Corporations are requiring a great deal more authentication to get into secure systems (This is also on the good news side) Unfortunately, for the end user, it is one more thing to be unhappy about, not unlike airport security lines.
- Hackers are getting more sophisticated. For example, Botnets are becoming more complex and harder and harder to catch and stop. Do a search on botnets on the Internet. They really are causing a whole lot of problems, but it does not stop there. The number of viruses and malware out there is staggering.
- Spammers keep finding more creative ways to fill our email boxes. Don't look for this trend to stop anytime soon.
First the good news:
- We are getting a lot more serious about our security. This has a lot of reasons behind it. For example, new privacy laws are mandating organizations to tighten their security. Look to see more consumer privacy laws passed in the coming year and more tightening of security systems.
- Authentication requirements are increasing. This is closing in large security holes. Corporations are requiring a great deal more of authentication to get into secure systems (this also is on the bad news side)
- There is a plethora of sophisticated programs to help us be more secure and they will continue to get better. Competition right now is strong in the security industry sparking a lot of innovation.
- ISPs are now taking on the responsibility to help us with our security. Take AOL's recent commercials as a good sign that others will follow the trend.
Now the bad news:
- Securing our networks is costing us. Most companies are globalizing their organizations and making them secure costs a lot of money. It will get worse before it gets better.
- Authentication requirements are increasing. This is getting claustrophobic. Corporations are requiring a great deal more authentication to get into secure systems (This is also on the good news side) Unfortunately, for the end user, it is one more thing to be unhappy about, not unlike airport security lines.
- Hackers are getting more sophisticated. For example, Botnets are becoming more complex and harder and harder to catch and stop. Do a search on botnets on the Internet. They really are causing a whole lot of problems, but it does not stop there. The number of viruses and malware out there is staggering.
- Spammers keep finding more creative ways to fill our email boxes. Don't look for this trend to stop anytime soon.
Subscribe to:
Posts (Atom)