System PC Info

Phishing For Your Identity

2009-12-18T02:26:00.000-08:00

Who hasn’t received an email directing them to visit a familiar website where they are being asked to update their personal information? The website needs you to verify or update your passwords, credit card numbers, social security number, or even your bank account number. You recognize the business name as one that you’ve conducted business with in the past. So, you click on the convenient “take me there” link and proceed to provide all the information they have requested. Unfortunately, you find out much later that the website is bogus. It was created with the sole intent to steal your personal information. You, my friend, have just been “phished”.

Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business. The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.

It is not at easy as you think to spot an email phishing for information. At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail. The clickable link even appears to take you to the company's website, when in fact, it is a fake website built to replicate the legitimate site.

Many of these people are professional criminals. They have spent a lot of time in creating emails that look authentic. Users need to review all emails requesting personal information carefully. When reviewing your email remember that the "From Field" can be easily changed by the sender. While it may look like it is coming from a .com you do business with, looks can be deceiving. Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible. They will even copy logos or images from the official site to use in their emails. Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.
A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view. It is a very quick and easy way to check if you are being directed to a legitimate site.

Finally, follow the golden rule. Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser. At least then you can be confident that you are, in fact, being directed to the true and legitimate website.

How many spyware items are infecting your computer?

2009-12-17T02:23:00.000-08:00

I just had, by mistake, a plug-in called Intelligent Explorer attach to my browser. What a nightmare! I have another article on this topic, but this brings home a point. Spyware or adware items are continually infecting computers. Most computers have no protection from them. Most frightening is the frequency of them. From the InfosecWriters web site, "According to a 2004 survey by America Online and the National Cyber Security Alliance, 91% of users questioned were familiar with the term spyware. Only 53% believed their computers were infected, but a scan found that 80% of their PCs had some type of spyware installed on them." It goes on to say, "...The average number of spyware components per computer was 93 with one computer having well over a thousand."

What is Spyware?

Butte College (www.bctv.butte.edu/support/spyware.html) offers this definition:

“The term ‘spyware’ is broadly defined as any program that gets into your computer without permission and hides in the background while it makes unwanted changes to your user experience.
Spyware is generally not designed to damage your computer. The damage it does is more a by-product of its main mission, which is to serve you targeted advertisements or make your browser display certain sites or search results.
At present, most spyware targets only the Windows operating system (Internet Explorer).”

To be fair, spyware can be harmless, for example tracking cookies don’t do much. While such things infringe on your privacy, they don't really harm anything. Others, however, are extremely dangerous.

So what do you do about it?

No spyware program seems to do everything, but there are a lot of goods solutions out there that can help. Here is a list of some of the top Spyware tools to look at:

1) Try Ad-Aware 6.0 Professional from LavaSoft (there is also a free version with less functionality)

2) Spybot Search & Destroy from PepiMK Software

3) Xoftspy form Pareto Logic

5) Spyware Guard from Javacool Software is a free program

4) Pest Patrol (now part of Computer Associates by acquisition)

5) McAfee Anti-Spyware

One thing is for certain: you do need to take spyware seriously. For some reason, too many people out there think anti-virus solutions are the end-all solution. They are not.

And, when all else fails?

Finally, as drastic as it seems, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.

Finding the Security Suite that meets your needs

2009-12-16T02:19:00.000-08:00

Before proceeding to read this article, it is important that we state something up front. It is essential for the reader to understand and appreciate that there is no such thing as a secure operating system or web browser. While the use of security suites and other complementing products can significantly reduce your risks, they are not magic wands that you can wave to eliminate 100% of your risk. Any product claiming they can do this should be viewed with great skepticism.

With that being said, let’s talk computer security and security suites. There are numerous ways in which the security of your computer can be breached. The most common threats come from worms, viruses, Trojans, phishing, hackers and crackers. Potential security breaches can come in the form of downloading unfamiliar email attachments, being monitored by spyware, maliciously attacked by malware, or probed through port scanning.

Dshield.org (www.dshield.org), a non-profit company, functions as a “dominating attach correlation engine with worldwide coverage”. In short, they work with people and companies to track, among other things, port scanning violations. Port scanning involves a person (referred to as a hacker or cracker) who attempts to break into you computer through the open ports in your system. Once an open port is located, the individual attempts to collect your personal data or install a malware program into you computer. On average, Dshield.org logs over 1.1 billion reported attempts of port scanning each month. What is even scarier is that this is just based on their program participants. You can imagine how many more incidents are occurring each month to the general population of computer users.

Dshield.org also reports on survival time. Survival time refers to how long it will take before an unpatched PC is attacked or infected. Below is a snapshot of their current operating system breakdown:

Current OS Breakdown
Category % Adjusted Survival Time
Windows 27.0000 128 min
Unix 0.5000 3648 min
Application 3.0000 1203 min
P2P 1.5000 1591 min
Backdoor 0.5000 5432 min
Source: Dshield.org – Survival Time History (11/8/05)

In short, if you have a Windows-based operating system and an unpatched PC, you will be attacked or infected in a little over 2 hours. When looked at in these terms, securing your computer becomes a mission.

Here are a few easy steps you can take to immediately protect your computer.

1. Don’t run unfamiliar programs on your computer.
It sounds like common sense, but many of the most prominent attacks have involved spyware and email attachment worms such as Bagle and Netsky. If you don’t recognize the sender, don’t download its attachments.
2. Don’t allow unrestricted physical access to your computer.
If you have sensitive or proprietary information on your computer, allowing other employees or family members to use your computer can lead to potential breaches in your computer’s security.
3. Don’t use weak passwords.
Use passwords which are difficult for someone to figure out. People frequently use the names of children, pets, anniversary dates, or birthdays. Because there seems to be a password needed for everything, it is not uncommon to see many people using the same password for everything. Big mistake! The use of only one password provides a hacker with easy access to a smorgasbord of personal information. If you have to write your passwords down, it is best not to leave them on a post-it, attached to the screen of your computer. You may chuckle at the absurdity, but it happens more than you think.
4. Don’t forget to regularly patch your operating system and other applications.
Many industry experts believe that most network security attacks would be stopped if computer users would just keep their computers updated with patches and security fixes. Too often, we forget to do this on a regular basis. Remember that every day, new viruses, worms and Trojans are being created and distributed. They are looking for the weaknesses in your computer system. Having outdated software is basically the same as holding the door open and inviting them in for a visit.
5. Don’t forget to make regular backups of important data
Always keep a copy of important files on removable media such as floppy/ZIP disks or recordable CD-ROM disks. Store the backups in a location separate from the computer.

In most cases, Windows desktop and screen-saver passwords provides adequate protection for normal security concerns. However, if you feel more comfortable taking additional security measures consider obtaining a comprehensive security suite.

How prevalent is Spam?

2009-12-15T02:15:00.000-08:00

How prevalent is Spam? According to Scott McAdams, OMA Public Affairs and Communications Department (www.oma.org):
“Studies show unsolicited or “junk” e-mail, known as spam, accounts for roughly half of all e-mail messages received. Although once regarded as little more than a nuisance, the prevalence of spam has increased to the point where many users have begun to express a general lack of confidence in the effectiveness of e-mail transmissions, and increased concern over the spread of computer viruses via unsolicited messages.”
In 2003, President Bush signed the “Can Spam” bill, in December of 2003 which is the first national standards around bulk unsolicited commercial e-mail. The bill, approved by the Senate by a vote of 97 to 0, prohibits senders of unsolicited commercial e-mail from using false return addresses to disguise their identity (spoofing) and the use of dictionaries to generate such mailers. In addition, it prohibits the use of misleading subject lines and requires that emails include and opt-out mechanism. The legislation also prohibits senders from harvesting addresses off Web sites. Violations constitute a misdemeanor crime subject to up to one year in jail.
One major point that needs to be discussed about this: spam is now coming from other countries in ever-greater numbers. These emails are harder to fight, because they come from outside our country’s laws and regulations. Because the Internet opens borders and thinks globally, these laws are fine and good, but do not stop the problem.
So what do you do about this? Her are the top 5 Rules to do to protect from spam.
Number 1: Do what you can to avoid having your email address out on the net.
There are products called “spam spiders” that search the Internet for email addresses to send email to. If you are interested, do a search on “spam spider” and you will be amazed at what you get back. Interestingly, there is a site, WebPoison.org, which is an open source project geared to fight Internet "spambots" and "spam spiders", by giving them bogus HTML web pages, which contain bogus email addresses
A couple suggestions for you: a) use form emails, which can hide addresses or also b) use addresses like sales@company.com instead of your full address to help battle the problem. c) There are also programs that encode your email, like jsGuard, which encodes your email address on web pages so that while spam spiders find it difficult or impossible to read your email address.
Number 2: Get spam blocking software. There are many programs out there for this. (go to www.cloudmark.com or www.mailwasher.net for example). You may also buy a professional version. Whatever you do, get the software. It will save you time. The software is not foolproof, but they really do help. You usually have to do some manual set up to block certain types of email.
Number 3: Use the multiple email address approach.
There are a lot of free email addresses to be had. If you must subscribe to newsletters, then have a “back-up” email address. It would be like giving your sell phone number to your best friends and the business number to everyone else.
Number 4: Attachments from people you don’t know are BAD, BAD, BAD.
A common problem with spam is that they have attachments and attachments can have viruses. Corporations often have filters that don’t let such things pass to you. Personal email is far more “open country” for spamers. General rule of thumb: if you do not know who is sending you something, DO NOT OPEN THE ATTACHMENT. Secondly, look for services that offer filtering. Firewall vendors offer this type of service as well.
Number 5: Email services now have “bulk-mail” baskets. If what you use currently does not support this, think about moving to a new vender. The concept is simple. If you know someone, they can send you emails. If you don’t know them, put them in the bulk email pile and then “choose” to allow them into your circle. Spam Blocking software has this concept as well, but having extra layers seems critical these days, so it is worth looking into.

Advancements in Antivirus Software Suites

2009-12-14T02:12:00.000-08:00

Protecting your computer from a virus is getting harder and harder each day. While it may border on the paranoid, it goes without saying that you can’t leave your guard down for one second. Even corporate giant Microsoft has found its own systems compromised on more than one occasion.

Remember the “good old days”, before the advent of the Internet and downloadable programs? Life was simple then in terms of computer viruses. With the primary way in which a virus could be transmitted being limited to floppy disks, the ability to catch and eradicate the virus was a lot easier. By today’s standards, it used to take quite a while before a virus was able to infect a computer and slow down the system. The antivirus software of that time was typically able to identify and eradicate viruses before they caused too much damage. Additionally, computer users were pretty savvy on how to protect themselves in terms of scanning all floppy disks before copying them to our desktop.

The Internet helped change all that. The Internet provided a conduit by which viruses could move from host to host with lightening speed. No longer could a computer user just worry about floppy disks as points of entry, but they now had to worry about email, email attachments, peer-to-peer file sharing, instant messaging, and software downloads. Today’s viruses can attack through multiple entry points, spread without human intervention, and take full advantage of vulnerabilities within a system or program. With technology advancing everyday, and the convergence of computers with other mobile devices, the potential of new types of threats also increase.

Protecting Your Computer
Luckily, the advancement of antivirus software has kept pace with current virus threats. Antivirus software is essential to a computer’s ability to fend off viruses and other malicious programs. These products are designed to protect against the ability of a virus to enter a computer through email, web browsers, file servers and desktops. Additionally, these programs offer a centralized control feature that handle deployment, configuration and updating.
A computer user should remain diligent and follow a few simple steps to protect against the threat of a virus:

1. Evaluate your current computer security system.
With the threat of a new generation of viruses able to attack in a multitude of ways, the approach of having just one antivirus software version has become outdated. You need to be confident that you have protected all aspects of your computer system from the desktop to the network, and from the gateway to the server. Consider a more comprehensive security system which includes several features including antivirus, firewall, content filtering, and intrusion detection. This type of system will make it more difficult for the virus to penetrate your system.
2. Only install antivirus software created by a well-known, reputable company.
Because new viruses erupt daily, it is important that you regularly update your antivirus software. Become familiar with the software’s real-time scan feature and configure it to start automatically each time you boot your computer. This will protect your system by automatically checking your computer each time it is powered up.
3. Make it a habit to always scan all new programs or files no matter from where they originate.
4. Exercise caution when opening binary, Word, or Excel documents of unknown sources especially if they were received during an online chat or as an attachment to an email.
5. Perform regular backups in case your system is corrupted. It may be the only way to recover your data if infected.

Spyware Beware For Computer Users

2009-12-13T01:56:00.000-08:00

Spyware and Adware are not only an ever increasing nuisance for computer users everywhere, but also a booming industry. According to Webroot Software, Inc., the distribution of online advertisements through spyware and adware has become a $2 billion industry.

The aggressive advertising and spying tactics demonstrated by some of these programs, require an equally aggressive response from a seasoned eradicator. Sunbelt Software is such a company. A leader in Anti-Spyware, Anti-Spam, Network Security and System Management tools, they gave consistently remained on the cutting-edge of anti-spyware programming since 1994.

One of their more notable software applications is CounterSpy 1.5. CounterSpy is designed to detect and remove spyware that is already in your computer system. Additionally, it provides real-time protection while preventing browser hijacking and changes to your computer’s Registry.

Other notable features include:
• Detection and Removal of Tracking Cookies – while it is true that applications like Microsoft AntiSpyware Beta are free, they do not include the ability to detect and remove tracking cookies like CounterSpy does.
• History Cleaner - erases any traceable trails left on your computer as you surf the Internet.
• Secure File Eraser - a powerful deletion tool that can completely eliminate all files you want removed from your computer including images, music, movies and applications.
• PC Explorer - allows you a look into files and areas that are normally inconvenient to access, such as your startup programs, browser helper objects, and ActiveX programs that are being downloaded or used.
• Support for Older Operating Systems – includes Windows 98SE, Windows ME, and Windows NT.

Recommended by PC World, ConsumerSearch, and Dell, CounterSpy holds one of the highest effective ratings for spyware removal. It also received high marks from TopTenReviews (2006) for ease of use, customization/installation, and help/support. For only $19.95 per machine, users can receive a one year subscription with updates, upgrades, and technical support from real live humans. CounterSpy definitely provides ease of use and affordability for just about any computer user from the novice to the expert.

Computer Viruses that Come a Calling

2009-12-12T01:52:00.000-08:00

Every day new computer viruses are created to annoy us and to wreck havoc on our computer systems. Below are ten viruses currently cited as being the most prevalent in terms of being seen the most or in their ability to potentially cause damage. New viruses are created daily. This is by no means an all inclusive list. The best thing you can do is to remain vigilant, keep your anti-virus software updated, and stay aware of the current computer virus threats.

Virus: Trojan.Lodear
A Trojan horse that attempts to download remote files. It will inject a .dll file into the EXPLORER.EXE process causing system instability.

Virus: W32.Beagle.CO@mm
A mass-mailing worm that lowers security settings. It can delete security-related registry sub keys and may block access to security-related websites.

Virus: Backdoor.Zagaban
A Trojan horse that allows the compromised computer to be used as a covert proxy and which may degrade network performance.

Virus: W32/Netsky-P
A mass-mailing worm which spreads by emailing itself to addresses produced from files on the local drives.

Virus: W32/Mytob-GH
A mass-mailing worm and IRC backdoor Trojan for the Windows platform. Messages sent by this worm will have the subject chosen randomly from a list including titles such as: Notice of account limitation, Email Account Suspension, Security measures, Members Support, Important Notification.

Virus: W32/Mytob-EX
A mass-mailing worm and IRC backdoor Trojan similar in nature to W32-Mytob-GH. W32/Mytob-EX runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels. This virus spreads by sending itself to email attachments harvested from your email addresses.

Virus: W32/Mytob-AS, Mytob-BE, Mytob-C, and Mytob-ER
This family of worm variations possesses similar characteristics in terms of what they can do. They are mass-mailing worms with backdoor functionality that can be controlled through the Internet Relay Chat (IRC) network. Additionally, they can spread through email and through various operating system vulnerabilities such as the LSASS (MS04-011).

Virus: Zafi-D
A mass mailing worm and a peer-to-peer worm which copies itself to the Windows system folder with the filename Norton Update.exe. It can then create a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension. W32/Zafi-D copies itself to folders with names containing share, upload, or music as ICQ 2005a new!.exe or winamp 5.7 new!.exe. W32/Zafi-D will also display a fake error message box with the caption "CRC: 04F6Bh" and the text "Error in packed file!".

Virus: W32/Netsky-D
A mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the LSASS (MS04-011) exploit.

Virus: W32/Zafi-B
A peer-to-peer (P2P) and email worm that will copy itself to the Windows system folder as a randomly named EXE file. This worm will test for the presence of an internet connection by attempting to connect to www.google.com or www.microsoft.com. A bilingual, worm with an attached Hungarian political text message box which translates to “We demand that the government accommodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime. Jun. 2004, Pécs (SNAF Team)”

Beware Internet Explorer Plug Ins

2009-12-11T01:52:00.000-08:00

Just what is Intelligent Explorer? For your safety, you really need to know

I recently hit, by mistake, what I thought was an Explorer upgrade option. It turned out to be a pop-up appearing legitimate but really was not. It uploaded a product called Intelligent Explorer on my machine. What a nightmare!

I did some research on the web and found messages like this one from a BullGuard Antivirus Forum,

"PLEASE HELP!!! I HAVE A SPYWARE, TROJAN AND HIJACKER ON MY COMPUTER. I HAVE RUN BULLGUARD, CWSHREDDER AND AD-AWARE. ALL HAVE PICKED UP THE VIRUSES AND SAID THAT THEY HAVE BEEN MOVED/REMOVED BUT WHEN I LOG ONTO THE INTERNET THAT DAMN INTELLIGENT EXPLORER TOOLBAR IS SHOWING"

Another message from spywareinfo Forum goes something like this:

"Hey I'm having issues with something called Internet explorer toolbar - Intelligent explorer. I can’t find a way to remove it from my comp and I really don’t want to reinstall windows. I've used spybot, ad-ware, and cw shredder but nothing seems to work."

It appears that Intelligent Explorer allows other software to be downloaded to your machine and this is where the problem occurs. What is even more remarkable is that by downloading Intelligent Explorer, their license grants them the right to install software add-ins on your computer at their will. Take a look at what the software license for Intelligent Explore says (go to http://www.ieplugin.com/terms.html to read it all):

"You grant to us the right, exercisable by us until you uninstall the Software or this agreement is otherwise terminated, to provide to you the Service of downloading and causing to be displayed advertising material on your computer, through ‘pop-up’ or other display while you use your browser. You acknowledge and agree that installation of the Software may automatically modify toolbars and other settings of your browser. By installing the Software you agree to such modifications."

The company, IBC incorporated, is incorporated in Belize. I really can't believe this license!

One end user found highly objectionable pop-up advertisements generated by this software bundled with Intelligent Explorer in the form of extreme pornography.

I have yet to break this.

Intelligent Explorer is a plug-in, which can create a new home page, as well as start up and endless loop of pop-ups. You can remove the view bar, but then starting up Internet Explorer will cause it to reappear. I asked some friends to help, and no one could tell me what to do.

This is what I did:

I bought a copy of a program called XoftSpy and it removed the software. It took two scans and a reboot to do it. This is not an advertisement for this product. They advertised it was free, which it was to run, but then I had to buy it to actually fix anything. It cost me $40 and I am sure that there are freeware products out there as well, but that is what ended the nightmare for me. Other spyware products I have seen out there include spybot, NoAdware, Spyware Eliminator, Pal Spyware Remover, and Spyware C.O.P.