Spyware is one of the fastest-growing internet threats. According to the National Cyber Security Alliance, spyware infects more than 90% of all PCs today. These unobtrusive, malicious programs are designed to silently bypass firewalls and anti-virus software without the user’s knowledge. Once embedded in a computer, it can wreak havoc on the system’s performance while gathering your personal information. Fortunately, unlike viruses and worms, spyware programs do not usually self-replicate.
Where does it come from?
Typically, spyware originates in three ways. The first and most common way is when the user installs it. In this scenario, spyware is embedded, attached, or bundled with a freeware or shareware program without the user’s knowledge. The user downloads the program to their computer. Once downloaded, the spyware program goes to work collecting data for the spyware author’s personal use or to sell to a third-party. Beware of many P2P file-sharing programs. They are notorious for downloads that posses spyware programs.
The user of a downloadable program should pay extra attention to the accompanying licensing agreement. Often the software publisher will warn the user that a spyware program will be installed along with the requested program. Unfortunately, we do not always take the time to read the fine print. Some agreements may provide special “opt-out” boxes that the user can click to stop the spyware from being included in the download. Be sure to review the document before signing off on the download.
Another way that spyware can access your computer is by tricking you into manipulating the security features designed to prevent any unwanted installations. The Internet Explorer Web browser was designed not to allow websites to start any unwanted downloads. That is why the user has to initiate a download by clicking on a link. These links can prove deceptive. For example, a pop-up modeled after a standard Windows dialog box, may appear on your screen. The message may ask you if you would like to optimize your internet access. It provides yes or no answer buttons, but, no matter which button you push, a download containing the spyware program will commence. Newer versions of Internet Explorer are now making this spyware pathway a little more difficult.
Finally, some spyware applications infect a system by attacking security holes in the Web browser or other software. When the user navigates a webpage controlled by a spyware author, the page contains code designed to attack the browser, and force the installation of the spyware program.
What can spyware programs do?
Spyware programs can accomplish a multitude of malicious tasks. Some of their deeds are simply annoying for the user; others can become downright aggressive in nature.
Spyware can:
1-Monitor your keystrokes for reporting purposes.
2-Scan files located on your hard drive.
3-Snoop through applications on our desktop.
4-Install other spyware programs into your computer.
Read your cookies.
5-Steal credit card numbers, passwords, and other personal information.
6-Change the default settings on your home page web browser.
7-Mutate into a second generation of spyware thus making it more difficult to eradicate.
8-Cause your computer to run slower.
9-Deliver annoying pop up advertisements.
10-Add advertising links to web pages for which the author does not get paid.
11-Instead, payment is directed to the spyware programmer that changed the original affiliate’s settings.
12-Provide the user with no uninstall option and places itself in unexpected or hidden places within your computer making it difficult to remove.
Spyware Examples
Here are a few examples of commonly seen spyware programs. Please note that while researchers will often give names to spyware programs, they may not match the names the spyware-writers use.
CoolWebSearch, a group of programs, that install through “holes” found in Internet Explorer. These programs direct traffic to advertisements on Web sites including coolwebsearch.com. This spyware nuisance displays pop-up ads, rewrites search engine results, and alters the computer host file to direct the Domain Name System (DNS) to lookup preselected sites.
Internet Optimizer (a/k/a DyFuCa), likes to redirect Internet Explorer error pages to advertisements. When the user follows the broken link or enters an erroneous URL, a page of advertisements pop up.
180 Solutions reports extensive information to advertisers about the Web sites which you visit. It also alters HTTP requests for affiliate advertisements linked from a Web site. Therefore the 180 Solutions Company makes an unearned profit off of the click through advertisements they’ve altered.
HuntBar (a/k/a WinTools) or Adware.Websearch, is distributed by Traffic Syndicate and is installed by ActiveX drive-by downloading at affiliate websites or by advertisements displayed by other spyware programs. It’s a prime example of how spyware can install more spyware. These programs will add toolbars to Internet Explorer, track Web browsing behavior, and display advertisements.
How can I prevent spyware?
There are a couple things you can do to prevent spyware from infecting your computer system. First, invest in a reliable commercial anti-spyware program. There are several currently on the market including stand alone software packages such as Lavasoft’s Ad-Aware or Windows Antispyware. Other options provide the anti-spyware software as part of an anti-virus package. This type of option is offered by companies such as Sophos, Symantec, and McAfee. Anti-spyware programs can combat spyware by providing real-time protection, scanning, and removal of any found spyware software. As with most programs, update your anti virus software frequently.
As discussed, the Internet Explorer (IE) is often a contributor to the spyware problem because spyware programs like to attach themselves to its functionality. Spyware enjoys penetrating the IE’s weaknesses. Because of this, many users have switched to non-IE browsers. However, if you prefer to stick with Internet Explorer, be sure to update the security patches regularly, and only download programs from reputable sources. This will help reduce your chances of a spyware infiltration.
.
And, when all else fails?
Finally, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.
5.5.09
Trojan Horse….Greek Myth or Computer Nemesis?
We have all heard the term Trojan Horse, but what exactly is it? A Trojan Horse is a destructive program that masquerades as a harmless application. Unlike viruses, Trojan Horses do not replicate themselves, but they can be just as destructive. One of the most dangerous examples of a Trojan is a program that promises to rid your computer of viruses but instead introduces viruses into your computer.
The Trojan can be tricky. Who hasn’t been online and had an advertisement pop up claiming to be able to rid your computer of some nasty virus? Or, even more frightening, you receive an email that claims to be alerting you to a new virus that can threaten your computer. The sender promises to quickly eradicate, or protect, your computer from viruses if you simply download their “free”, attached software into your computer. You may be skeptical but the software looks legitimate and the company sounds reputable. You proceed to take them up on their offer and download the software. In doing so, you have just potentially exposed yourself to a massive headache and your computer to a laundry list of ailments.
When a Trojan is activated, numerous things can happen. Some Trojans are more annoying than malicious. Some of the less annoying Trojans may choose to change your desktop settings or add silly desktop icons. The more serious Trojans can erase or overwrite data on your computer, corrupt files, spread other malware such as viruses, spy on the user of a computer and secretly report data like browsing habits to other people, log keystrokes to steal information such as passwords and credit card numbers, phish for bank account details (which can be used for criminal activities), and even install a backdoor into your computer system so that they can come and go as they please.
To increase your odds of not encountering a Trojan, follow these guidelines.
Remain diligent
Trojans can infect your computer through rogue websites, instant messaging, and emails with attachments. Do not download anything into your computer unless you are 100 percent sure of its sender or source.
Ensure that your operating system is always up-to-date. If you are running a Microsoft Windows operating system, this is essential.
Install reliable anti-virus software. It is also important that you download any updates frequently to catch all new Trojan Horses, viruses, and worms. Be sure that the anti-virus program that you choose can also scan e-mails and files downloaded through the internet.
Consider installing a firewall. A firewall is a system that prevents unauthorized use and access to your computer. A firewall is not going to eliminate your computer virus problems, but when used in conjunction with regular operating system updates and reliable anti-virus software, it can provide additional security and protection for your computer.
Nothing can guarantee the security of your computer 100 percent. However, you can continue to improve your computer's security and decrease the possibility of infection by consistently following these guidelines.
The Trojan can be tricky. Who hasn’t been online and had an advertisement pop up claiming to be able to rid your computer of some nasty virus? Or, even more frightening, you receive an email that claims to be alerting you to a new virus that can threaten your computer. The sender promises to quickly eradicate, or protect, your computer from viruses if you simply download their “free”, attached software into your computer. You may be skeptical but the software looks legitimate and the company sounds reputable. You proceed to take them up on their offer and download the software. In doing so, you have just potentially exposed yourself to a massive headache and your computer to a laundry list of ailments.
When a Trojan is activated, numerous things can happen. Some Trojans are more annoying than malicious. Some of the less annoying Trojans may choose to change your desktop settings or add silly desktop icons. The more serious Trojans can erase or overwrite data on your computer, corrupt files, spread other malware such as viruses, spy on the user of a computer and secretly report data like browsing habits to other people, log keystrokes to steal information such as passwords and credit card numbers, phish for bank account details (which can be used for criminal activities), and even install a backdoor into your computer system so that they can come and go as they please.
To increase your odds of not encountering a Trojan, follow these guidelines.
Remain diligent
Trojans can infect your computer through rogue websites, instant messaging, and emails with attachments. Do not download anything into your computer unless you are 100 percent sure of its sender or source.
Ensure that your operating system is always up-to-date. If you are running a Microsoft Windows operating system, this is essential.
Install reliable anti-virus software. It is also important that you download any updates frequently to catch all new Trojan Horses, viruses, and worms. Be sure that the anti-virus program that you choose can also scan e-mails and files downloaded through the internet.
Consider installing a firewall. A firewall is a system that prevents unauthorized use and access to your computer. A firewall is not going to eliminate your computer virus problems, but when used in conjunction with regular operating system updates and reliable anti-virus software, it can provide additional security and protection for your computer.
Nothing can guarantee the security of your computer 100 percent. However, you can continue to improve your computer's security and decrease the possibility of infection by consistently following these guidelines.
The Advancement of the Keylogger
A keylogger is a program that runs in your computer’s background secretly recording all your keystrokes. Once your keystrokes are logged, they are hidden away for later retrieval by the attacker. The attacker then carefully reviews the information in hopes of finding passwords or other information that would prove useful to them. For example, a keylogger can easily obtain confidential emails and reveal them to any interested outside party willing to pay for the information.
Keyloggers can be either software or hardware based. Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable. Hardware-based keyloggers are more complex and harder to detect. For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.
As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a user’s privacy for months, or even years, without being noticed. During that time frame, a keylogger can collect a lot of information about the user it is monitoring. A keylogger can potential obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more. All this collected information can be used to steal user’s personal documents, money, or even their identity.
A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:
Undetectable in the process list and invisible in operation
A kernel keylogger driver that captures keystrokes even when the user is logged off
A remote deployment wizard
The ability to create text snapshots of active applications
The ability to capture http post data (including log-ins/passwords)
The ability to timestamp record workstation usage
HTML and text log file export
Automatic e-mail log file delivery
All keyloggers are not used for illegal purposes. A variety of other uses have surfaced. Keyloggers have been used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web. Additionally, in December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.
Keyloggers can be either software or hardware based. Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable. Hardware-based keyloggers are more complex and harder to detect. For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.
As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a user’s privacy for months, or even years, without being noticed. During that time frame, a keylogger can collect a lot of information about the user it is monitoring. A keylogger can potential obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more. All this collected information can be used to steal user’s personal documents, money, or even their identity.
A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:
Undetectable in the process list and invisible in operation
A kernel keylogger driver that captures keystrokes even when the user is logged off
A remote deployment wizard
The ability to create text snapshots of active applications
The ability to capture http post data (including log-ins/passwords)
The ability to timestamp record workstation usage
HTML and text log file export
Automatic e-mail log file delivery
All keyloggers are not used for illegal purposes. A variety of other uses have surfaced. Keyloggers have been used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web. Additionally, in December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.
Surfing the Web Anonymously – Questions to Ask
When you surf the web it is possible to learn information about you even when you don't want to advertise who you are. This is true even if your system contains no virus or malware software. Specifically information that is easily available online includes your IP address, your country (and often more location information based on IP address), what computer system you are on, what browser you use, your browser history, and other information. It gets worse. People can get your computer's name and even find out your name if your machine supports programs like finger or identd. Also, cookies can track your habits as you move from machine to machine.
How do people get this basic information about you?
When you visit another web site, information about you can be retrieved. Basically, information is intercepted and used by others to track your Internet activities.
How do you stop this from happening?
First of all, it is possible to serf the web anonymously and thereby stop leaving a trail for others to find. Note that this is not fool-proof, but it makes it much harder for people to know who you are. There are products called anonymous proxy servers that help protect you. The anonymous proxy server replaces your Internet address for its own. This has the effect of hiding your IP address and making it much harder for people to track you.
How do I get an anonymous proxy server?
There are many vendors who sell anonymous proxy servers. There are also free proxy servers available to you. Two such products are ShadowSurf and Guardster. Guardster (http://www.guardster.com/) offers various services for anonymous and secure access to the web, some paid as well as a free service. ShadowSurf (http://www.shadowsurf.com/) ShadowSurf provides anonymous surfing at their site for free. Go to it and you will find a box to enter a URL that you want no one to track. There are many others, but here are two that are frequently used.
Another interesting product, given the recent news about the Google search engine filtering its findings for the Chinese government, is Anonymizer (http://www.anonymizer.com). This company, among others, recently (Feb 1st, 2006) pressed that it "is developing a new anti-censorship solution that will enable Chinese citizens to safely access the entire Internet filter-free" (http://www.anonymizer.com/consumer/media/press_releases/02012006.html).
Does an anonymous proxy server make you 100% safe?
No. Still, you are much better off if you use such technology.
What other things should I be concerned about when trying to keep my private information private?
Three other items come to mind when trying to keep your information private. First, you can use an encrypted connection to hide your surfing. This article does not go into detail on this, but search the web and you will find a lot of information on this. Secondly, delete cookies after each session. Third, you can configure your browser to remove JavaScript, Java, and active content. This actually leads to limitations, so you need to think about the cost/benefit of this course of action.
Anything else?
Wishing you happy and safe surfing!
How do people get this basic information about you?
When you visit another web site, information about you can be retrieved. Basically, information is intercepted and used by others to track your Internet activities.
How do you stop this from happening?
First of all, it is possible to serf the web anonymously and thereby stop leaving a trail for others to find. Note that this is not fool-proof, but it makes it much harder for people to know who you are. There are products called anonymous proxy servers that help protect you. The anonymous proxy server replaces your Internet address for its own. This has the effect of hiding your IP address and making it much harder for people to track you.
How do I get an anonymous proxy server?
There are many vendors who sell anonymous proxy servers. There are also free proxy servers available to you. Two such products are ShadowSurf and Guardster. Guardster (http://www.guardster.com/) offers various services for anonymous and secure access to the web, some paid as well as a free service. ShadowSurf (http://www.shadowsurf.com/) ShadowSurf provides anonymous surfing at their site for free. Go to it and you will find a box to enter a URL that you want no one to track. There are many others, but here are two that are frequently used.
Another interesting product, given the recent news about the Google search engine filtering its findings for the Chinese government, is Anonymizer (http://www.anonymizer.com). This company, among others, recently (Feb 1st, 2006) pressed that it "is developing a new anti-censorship solution that will enable Chinese citizens to safely access the entire Internet filter-free" (http://www.anonymizer.com/consumer/media/press_releases/02012006.html).
Does an anonymous proxy server make you 100% safe?
No. Still, you are much better off if you use such technology.
What other things should I be concerned about when trying to keep my private information private?
Three other items come to mind when trying to keep your information private. First, you can use an encrypted connection to hide your surfing. This article does not go into detail on this, but search the web and you will find a lot of information on this. Secondly, delete cookies after each session. Third, you can configure your browser to remove JavaScript, Java, and active content. This actually leads to limitations, so you need to think about the cost/benefit of this course of action.
Anything else?
Wishing you happy and safe surfing!
Spam Buster
Spam. Nobody likes it. Nobody wants it. No, we aren’t talking about the canned meat, but those unsolicited, unwanted, irrelevant, or even inappropriate messages that hit our email in mass quantities. While most mailboxes have some type of spam filtering software built into their system, they never seem to do a very good job of catching what you want them to catch, and letting through what you want them to let through. Therefore, it becomes increasingly important to turn to some type of additional spam filtering product. One such filtering system, designed for Outlook and Outlook Express users, is receiving rave reviews for its superior detection and low rate of false positives (i.e,. what you want to get through does).
Cloudmark Desktop, formerly known as SpamNet and SafetyBar, uses a unique community-based filtering process. This community-based filtering system relies on users to report any new spam. Within minutes of a spammer being reported, they are placed on a blacklist. At that point, no other member will receive that particular spam. Cloudmark also applies the same basic process to phishing email scams.
What is interesting is how Cloudmark creates a digital reputation model of reporting spam. Each user starts with a neutral reputation. A user’s reputation will rise if they are among the first to identify undesirable content. On the flip side of the coin, a user’s reputation falls when they falsely reports spam. The result is a system that is automated, highly scalable and resistant to tampering.
An added bonus is that because the software doesn’t depend upon the user to configure its settings, it installs in minutes and is easy to use. Cloudmark blocks over 98% of spam from reaching your inbox and boasts over one million users worldwide.
The cost of program is $39.95 for a one-year subscription. The subscription is renewable annually. For those wanting to test drive the product, a free 15-day trial period for either your Outlook or Outlook Express is available.
Cloudmark Desktop, formerly known as SpamNet and SafetyBar, uses a unique community-based filtering process. This community-based filtering system relies on users to report any new spam. Within minutes of a spammer being reported, they are placed on a blacklist. At that point, no other member will receive that particular spam. Cloudmark also applies the same basic process to phishing email scams.
What is interesting is how Cloudmark creates a digital reputation model of reporting spam. Each user starts with a neutral reputation. A user’s reputation will rise if they are among the first to identify undesirable content. On the flip side of the coin, a user’s reputation falls when they falsely reports spam. The result is a system that is automated, highly scalable and resistant to tampering.
An added bonus is that because the software doesn’t depend upon the user to configure its settings, it installs in minutes and is easy to use. Cloudmark blocks over 98% of spam from reaching your inbox and boasts over one million users worldwide.
The cost of program is $39.95 for a one-year subscription. The subscription is renewable annually. For those wanting to test drive the product, a free 15-day trial period for either your Outlook or Outlook Express is available.
Securing Your Computer System
Today, more and more people are using their computers for everything from communication to online banking and investing to shopping. As we do these things on a more regular basis, we open ourselves up to potential hackers, attackers and crackers. While some may be looking to phish your personal information and identity for resale, others simply just want to use your computer as a platform from which to attack other unknowing targets. Below are a few easy, cost-effective steps you can take to make your computer more secure.
Always make backups of important information and store in a safe place separate from your computer.
Update and patch your operating system, web browser and software frequently. If you have a Windows operating system, start by going to www.windowsupdate.microsoft.com and running the update wizard. This program will help you find the latest patches for your Windows computer. Also go to www.officeupdate.microsoft.com to locate possible patches for your Office programs.
Install a firewall. Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet. Consideration should be given to the benefits and differences between hardware and software based firewall programs.
Review your browser and email settings for optimum security. Why should you do this? Active-X and JavaScript are often used by hackers to plant malicious programs into your computers. While cookies are relatively harmless in terms of security concerns, they do still track your movements on the Internet to build a profile of you. At a minimum set your security setting for the “internet zone” to High, and your “trusted sites zone” to Medium Low.
Install antivirus software and set for automatic updates so that you receive the most current versions.
Do not open unknown email attachments. It is simply not enough that you may recognize the address from which it originates because many viruses can spread from a familiar address.
Do not run programs from unknown origins. Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes. They may contain a Trojans horse waiting to infect a computer.
Disable hidden filename extensions. By default, the Windows operating system is set to “hide file extensions for known file types”. Disable this option so that file extensions display in Windows. Some file extensions will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that do not belong.
Turn off your computer and disconnect from the network when not using the computer. A hacker can not attack your computer when you are disconnected from the network or the computer is off.
Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program. Obviously, you need to take this step before you experience a hostile breach of your system.
Always make backups of important information and store in a safe place separate from your computer.
Update and patch your operating system, web browser and software frequently. If you have a Windows operating system, start by going to www.windowsupdate.microsoft.com and running the update wizard. This program will help you find the latest patches for your Windows computer. Also go to www.officeupdate.microsoft.com to locate possible patches for your Office programs.
Install a firewall. Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet. Consideration should be given to the benefits and differences between hardware and software based firewall programs.
Review your browser and email settings for optimum security. Why should you do this? Active-X and JavaScript are often used by hackers to plant malicious programs into your computers. While cookies are relatively harmless in terms of security concerns, they do still track your movements on the Internet to build a profile of you. At a minimum set your security setting for the “internet zone” to High, and your “trusted sites zone” to Medium Low.
Install antivirus software and set for automatic updates so that you receive the most current versions.
Do not open unknown email attachments. It is simply not enough that you may recognize the address from which it originates because many viruses can spread from a familiar address.
Do not run programs from unknown origins. Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes. They may contain a Trojans horse waiting to infect a computer.
Disable hidden filename extensions. By default, the Windows operating system is set to “hide file extensions for known file types”. Disable this option so that file extensions display in Windows. Some file extensions will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that do not belong.
Turn off your computer and disconnect from the network when not using the computer. A hacker can not attack your computer when you are disconnected from the network or the computer is off.
Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program. Obviously, you need to take this step before you experience a hostile breach of your system.
Protection You Can Afford
There are numerous ways you can lose the information on your computer. Your child decides to play Chopin on your keyboard, a power surge, lightening, a virus, or even simple equipment failure. Therefore, backing up the contents of your hard drive is an absolute MUST. By regularly making backup copies of your files and storing them in a separate location, you can typically get some, if not all, of your information back in the event your computer crashes.
While a regular backup to floppy, CD, or zip drive will save your files, wouldn’t it be great if you could create an exact copy (a drive image) of your hard disk? That means backups of all your files, programs, and user settings. This would definitely save you time when it came to reloading. Acronis may be able to help.
Acronis True Image 9.0 is a robust disk-imaging utility software that copies the entire contents of your hard drive including data and operating system files, personalized settings, and more, onto another disk or disk partition. Its layout is easy to use and navigate. It also includes wizards which can walk you through both backing up and restoring your computer. Highlighted features include:
1-Secure Zone — allows you to save data to a special hidden partition located on your hard drive which would eliminate the need to purchase an extra hard drive.
2-PC Cloning — you can upgrade to a new system disk without needing to reinstall the operating system and applications, or configure user settings.
3-Acronis Snap Restore - lightening-speed restore of your PC from an image. You can start working in seconds while your system is still being restored.
Acronis provides a free test-drive of its product and a 30-day money back guarantee. When you are ready to purchase, you can either download for $49.99, or if you so desire, order a boxed version for $59.99. With Acronis True Image Home 9.0, you can rest easy that your family pictures, personal documents, tax returns, resumes, and other important information will not be lost forever.
While a regular backup to floppy, CD, or zip drive will save your files, wouldn’t it be great if you could create an exact copy (a drive image) of your hard disk? That means backups of all your files, programs, and user settings. This would definitely save you time when it came to reloading. Acronis may be able to help.
Acronis True Image 9.0 is a robust disk-imaging utility software that copies the entire contents of your hard drive including data and operating system files, personalized settings, and more, onto another disk or disk partition. Its layout is easy to use and navigate. It also includes wizards which can walk you through both backing up and restoring your computer. Highlighted features include:
1-Secure Zone — allows you to save data to a special hidden partition located on your hard drive which would eliminate the need to purchase an extra hard drive.
2-PC Cloning — you can upgrade to a new system disk without needing to reinstall the operating system and applications, or configure user settings.
3-Acronis Snap Restore - lightening-speed restore of your PC from an image. You can start working in seconds while your system is still being restored.
Acronis provides a free test-drive of its product and a 30-day money back guarantee. When you are ready to purchase, you can either download for $49.99, or if you so desire, order a boxed version for $59.99. With Acronis True Image Home 9.0, you can rest easy that your family pictures, personal documents, tax returns, resumes, and other important information will not be lost forever.
How many spyware items are infecting your computer?
I just had, by mistake, a plug-in called Intelligent Explorer attach to my browser. What a nightmare! I have another article on this topic, but this brings home a point. Spyware or adware items are continually infecting computers. Most computers have no protection from them. Most frightening is the frequency of them. From the InfosecWriters web site, "According to a 2004 survey by America Online and the National Cyber Security Alliance, 91% of users questioned were familiar with the term spyware. Only 53% believed their computers were infected, but a scan found that 80% of their PCs had some type of spyware installed on them." It goes on to say, "...The average number of spyware components per computer was 93 with one computer having well over a thousand."
What is Spyware?
Butte College (www.bctv.butte.edu/support/spyware.html) offers this definition:
“The term ‘spyware’ is broadly defined as any program that gets into your computer without permission and hides in the background while it makes unwanted changes to your user experience.
Spyware is generally not designed to damage your computer. The damage it does is more a by-product of its main mission, which is to serve you targeted advertisements or make your browser display certain sites or search results.
At present, most spyware targets only the Windows operating system (Internet Explorer).”
To be fair, spyware can be harmless, for example tracking cookies don’t do much. While such things infringe on your privacy, they don't really harm anything. Others, however, are extremely dangerous.
So what do you do about it?
No spyware program seems to do everything, but there are a lot of goods solutions out there that can help. Here is a list of some of the top Spyware tools to look at:
1) Try Ad-Aware 6.0 Professional from LavaSoft (there is also a free version with less functionality)
2) Spybot Search & Destroy from PepiMK Software
3) Xoftspy form Pareto Logic
5) Spyware Guard from Javacool Software is a free program
4) Pest Patrol (now part of Computer Associates by acquisition)
5) McAfee Anti-Spyware
One thing is for certain: you do need to take spyware seriously. For some reason, too many people out there think anti-virus solutions are the end-all solution. They are not.
And, when all else fails?
Finally, as drastic as it seems, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.
What is Spyware?
Butte College (www.bctv.butte.edu/support/spyware.html) offers this definition:
“The term ‘spyware’ is broadly defined as any program that gets into your computer without permission and hides in the background while it makes unwanted changes to your user experience.
Spyware is generally not designed to damage your computer. The damage it does is more a by-product of its main mission, which is to serve you targeted advertisements or make your browser display certain sites or search results.
At present, most spyware targets only the Windows operating system (Internet Explorer).”
To be fair, spyware can be harmless, for example tracking cookies don’t do much. While such things infringe on your privacy, they don't really harm anything. Others, however, are extremely dangerous.
So what do you do about it?
No spyware program seems to do everything, but there are a lot of goods solutions out there that can help. Here is a list of some of the top Spyware tools to look at:
1) Try Ad-Aware 6.0 Professional from LavaSoft (there is also a free version with less functionality)
2) Spybot Search & Destroy from PepiMK Software
3) Xoftspy form Pareto Logic
5) Spyware Guard from Javacool Software is a free program
4) Pest Patrol (now part of Computer Associates by acquisition)
5) McAfee Anti-Spyware
One thing is for certain: you do need to take spyware seriously. For some reason, too many people out there think anti-virus solutions are the end-all solution. They are not.
And, when all else fails?
Finally, as drastic as it seems, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.
Finding the Security Suite that meets your needs
Before proceeding to read this article, it is important that we state something up front. It is essential for the reader to understand and appreciate that there is no such thing as a secure operating system or web browser. While the use of security suites and other complementing products can significantly reduce your risks, they are not magic wands that you can wave to eliminate 100% of your risk. Any product claiming they can do this should be viewed with great skepticism.
With that being said, let’s talk computer security and security suites. There are numerous ways in which the security of your computer can be breached. The most common threats come from worms, viruses, Trojans, phishing, hackers and crackers. Potential security breaches can come in the form of downloading unfamiliar email attachments, being monitored by spyware, maliciously attacked by malware, or probed through port scanning.
Dshield.org (www.dshield.org), a non-profit company, functions as a “dominating attach correlation engine with worldwide coverage”. In short, they work with people and companies to track, among other things, port scanning violations. Port scanning involves a person (referred to as a hacker or cracker) who attempts to break into you computer through the open ports in your system. Once an open port is located, the individual attempts to collect your personal data or install a malware program into you computer. On average, Dshield.org logs over 1.1 billion reported attempts of port scanning each month. What is even scarier is that this is just based on their program participants. You can imagine how many more incidents are occurring each month to the general population of computer users.
In short, if you have a Windows-based operating system and an unpatched PC, you will be attacked or infected in a little over 2 hours. When looked at in these terms, securing your computer becomes a mission.
Here are a few easy steps you can take to immediately protect your computer.
1. Don’t run unfamiliar programs on your computer.
It sounds like common sense, but many of the most prominent attacks have involved spyware and email attachment worms such as Bagle and Netsky. If you don’t recognize the sender, don’t download its attachments.
2. Don’t allow unrestricted physical access to your computer.
If you have sensitive or proprietary information on your computer, allowing other employees or family members to use your computer can lead to potential breaches in your computer’s security.
3. Don’t use weak passwords.
Use passwords which are difficult for someone to figure out. People frequently use the names of children, pets, anniversary dates, or birthdays. Because there seems to be a password needed for everything, it is not uncommon to see many people using the same password for everything. Big mistake! The use of only one password provides a hacker with easy access to a smorgasbord of personal information. If you have to write your passwords down, it is best not to leave them on a post-it, attached to the screen of your computer. You may chuckle at the absurdity, but it happens more than you think.
4. Don’t forget to regularly patch your operating system and other applications.
Many industry experts believe that most network security attacks would be stopped if computer users would just keep their computers updated with patches and security fixes. Too often, we forget to do this on a regular basis. Remember that every day, new viruses, worms and Trojans are being created and distributed. They are looking for the weaknesses in your computer system. Having outdated software is basically the same as holding the door open and inviting them in for a visit.
5. Don’t forget to make regular backups of important data
Always keep a copy of important files on removable media such as floppy/ZIP disks or recordable CD-ROM disks. Store the backups in a location separate from the computer.
In most cases, Windows desktop and screen-saver passwords provides adequate protection for normal security concerns. However, if you feel more comfortable taking additional security measures consider obtaining a comprehensive security suite.
Selecting a Antivirus Software
The next question is how do you pick the best product for your needs? You start by asking yourself a series of questions. Do you need password protection for individual files, your desktop, a network, or to block someone’s access to the Internet? Is your computer used only by you or do multiple users have access to the computer? How many users in total do you expect on your computer? What are your system requirements? How much do you want to spend?
Once you are able to answer these questions, you can begin to research which security suite will best meet your needs. Product reviews and user statements provide a great starting point. PCMagaine (www.pcmag.com), Zdnet.com (www.zdnet.com), and Consumer Reports (www.consumerreports.org) are just a few informative sites that offer research on various computer software products.
There are numerous security suites available on the market. Take the time to choose the one that meets your specific needs. As a starting point, we’ve listed a couple of the more popular programs:
1. Kaspersky Personal Security Suite
Description: A comprehensive protection program package designed to guard against worms, viruses, spyware, adware and other malicious programs. The program offers five pre-defined security levels and is convenient for mobile users. System requirements: Window 98/2000/XP; Internet Explore 5.0 or higher, Memory: minimum of 64 MB RAM, 100 MB free on hard drive.
2. Shield Deluxe 2005
Description: This program provides protection from viruses, adware, spyware, and privacy threats while using very low system resources. Additionally, the maker, PC Security Shield offers ongoing free technical support. System requirements: Windows 98 or higher, WinNT, WinXP, WinME; Internet Explorer 5.1 or higher, Memory: 32MB ram or higher, 65 MB free disk space.
With that being said, let’s talk computer security and security suites. There are numerous ways in which the security of your computer can be breached. The most common threats come from worms, viruses, Trojans, phishing, hackers and crackers. Potential security breaches can come in the form of downloading unfamiliar email attachments, being monitored by spyware, maliciously attacked by malware, or probed through port scanning.
Dshield.org (www.dshield.org), a non-profit company, functions as a “dominating attach correlation engine with worldwide coverage”. In short, they work with people and companies to track, among other things, port scanning violations. Port scanning involves a person (referred to as a hacker or cracker) who attempts to break into you computer through the open ports in your system. Once an open port is located, the individual attempts to collect your personal data or install a malware program into you computer. On average, Dshield.org logs over 1.1 billion reported attempts of port scanning each month. What is even scarier is that this is just based on their program participants. You can imagine how many more incidents are occurring each month to the general population of computer users.
In short, if you have a Windows-based operating system and an unpatched PC, you will be attacked or infected in a little over 2 hours. When looked at in these terms, securing your computer becomes a mission.
Here are a few easy steps you can take to immediately protect your computer.
1. Don’t run unfamiliar programs on your computer.
It sounds like common sense, but many of the most prominent attacks have involved spyware and email attachment worms such as Bagle and Netsky. If you don’t recognize the sender, don’t download its attachments.
2. Don’t allow unrestricted physical access to your computer.
If you have sensitive or proprietary information on your computer, allowing other employees or family members to use your computer can lead to potential breaches in your computer’s security.
3. Don’t use weak passwords.
Use passwords which are difficult for someone to figure out. People frequently use the names of children, pets, anniversary dates, or birthdays. Because there seems to be a password needed for everything, it is not uncommon to see many people using the same password for everything. Big mistake! The use of only one password provides a hacker with easy access to a smorgasbord of personal information. If you have to write your passwords down, it is best not to leave them on a post-it, attached to the screen of your computer. You may chuckle at the absurdity, but it happens more than you think.
4. Don’t forget to regularly patch your operating system and other applications.
Many industry experts believe that most network security attacks would be stopped if computer users would just keep their computers updated with patches and security fixes. Too often, we forget to do this on a regular basis. Remember that every day, new viruses, worms and Trojans are being created and distributed. They are looking for the weaknesses in your computer system. Having outdated software is basically the same as holding the door open and inviting them in for a visit.
5. Don’t forget to make regular backups of important data
Always keep a copy of important files on removable media such as floppy/ZIP disks or recordable CD-ROM disks. Store the backups in a location separate from the computer.
In most cases, Windows desktop and screen-saver passwords provides adequate protection for normal security concerns. However, if you feel more comfortable taking additional security measures consider obtaining a comprehensive security suite.
Selecting a Antivirus Software
The next question is how do you pick the best product for your needs? You start by asking yourself a series of questions. Do you need password protection for individual files, your desktop, a network, or to block someone’s access to the Internet? Is your computer used only by you or do multiple users have access to the computer? How many users in total do you expect on your computer? What are your system requirements? How much do you want to spend?
Once you are able to answer these questions, you can begin to research which security suite will best meet your needs. Product reviews and user statements provide a great starting point. PCMagaine (www.pcmag.com), Zdnet.com (www.zdnet.com), and Consumer Reports (www.consumerreports.org) are just a few informative sites that offer research on various computer software products.
There are numerous security suites available on the market. Take the time to choose the one that meets your specific needs. As a starting point, we’ve listed a couple of the more popular programs:
1. Kaspersky Personal Security Suite
Description: A comprehensive protection program package designed to guard against worms, viruses, spyware, adware and other malicious programs. The program offers five pre-defined security levels and is convenient for mobile users. System requirements: Window 98/2000/XP; Internet Explore 5.0 or higher, Memory: minimum of 64 MB RAM, 100 MB free on hard drive.
2. Shield Deluxe 2005
Description: This program provides protection from viruses, adware, spyware, and privacy threats while using very low system resources. Additionally, the maker, PC Security Shield offers ongoing free technical support. System requirements: Windows 98 or higher, WinNT, WinXP, WinME; Internet Explorer 5.1 or higher, Memory: 32MB ram or higher, 65 MB free disk space.
Fighting Spam
How prevalent is Spam? According to Scott McAdams, OMA Public Affairs and Communications Department (www.oma.org):
“Studies show unsolicited or “junk” e-mail, known as spam, accounts for roughly half of all e-mail messages received. Although once regarded as little more than a nuisance, the prevalence of spam has increased to the point where many users have begun to express a general lack of confidence in the effectiveness of e-mail transmissions, and increased concern over the spread of computer viruses via unsolicited messages.”
In 2003, President Bush signed the “Can Spam” bill, in December of 2003 which is the first national standards around bulk unsolicited commercial e-mail. The bill, approved by the Senate by a vote of 97 to 0, prohibits senders of unsolicited commercial e-mail from using false return addresses to disguise their identity (spoofing) and the use of dictionaries to generate such mailers. In addition, it prohibits the use of misleading subject lines and requires that emails include and opt-out mechanism. The legislation also prohibits senders from harvesting addresses off Web sites. Violations constitute a misdemeanor crime subject to up to one year in jail.
One major point that needs to be discussed about this: spam is now coming from other countries in ever-greater numbers. These emails are harder to fight, because they come from outside our country’s laws and regulations. Because the Internet opens borders and thinks globally, these laws are fine and good, but do not stop the problem.
So what do you do about this? Her are the top 5 Rules to do to protect from spam.
Number 1: Do what you can to avoid having your email address out on the net.
There are products called “spam spiders” that search the Internet for email addresses to send email to. If you are interested, do a search on “spam spider” and you will be amazed at what you get back. Interestingly, there is a site, WebPoison.org, which is an open source project geared to fight Internet "spambots" and "spam spiders", by giving them bogus HTML web pages, which contain bogus email addresses
A couple suggestions for you: a) use form emails, which can hide addresses or also b) use addresses like sales@company.com instead of your full address to help battle the problem. c) There are also programs that encode your email, like jsGuard, which encodes your email address on web pages so that while spam spiders find it difficult or impossible to read your email address.
Number 2: Get spam blocking software. There are many programs out there for this. (go to www.cloudmark.com or www.mailwasher.net for example). You may also buy a professional version. Whatever you do, get the software. It will save you time. The software is not foolproof, but they really do help. You usually have to do some manual set up to block certain types of email.
Number 3: Use the multiple email address approach.
There are a lot of free email addresses to be had. If you must subscribe to newsletters, then have a “back-up” email address. It would be like giving your sell phone number to your best friends and the business number to everyone else.
Number 4: Attachments from people you don’t know are BAD, BAD, BAD.
A common problem with spam is that they have attachments and attachments can have viruses. Corporations often have filters that don’t let such things pass to you. Personal email is far more “open country” for spamers. General rule of thumb: if you do not know who is sending you something, DO NOT OPEN THE ATTACHMENT. Secondly, look for services that offer filtering. Firewall vendors offer this type of service as well.
Number 5: Email services now have “bulk-mail” baskets. If what you use currently does not support this, think about moving to a new vender. The concept is simple. If you know someone, they can send you emails. If you don’t know them, put them in the bulk email pile and then “choose” to allow them into your circle. Spam Blocking software has this concept as well, but having extra layers seems critical these days, so it is worth looking into.
“Studies show unsolicited or “junk” e-mail, known as spam, accounts for roughly half of all e-mail messages received. Although once regarded as little more than a nuisance, the prevalence of spam has increased to the point where many users have begun to express a general lack of confidence in the effectiveness of e-mail transmissions, and increased concern over the spread of computer viruses via unsolicited messages.”
In 2003, President Bush signed the “Can Spam” bill, in December of 2003 which is the first national standards around bulk unsolicited commercial e-mail. The bill, approved by the Senate by a vote of 97 to 0, prohibits senders of unsolicited commercial e-mail from using false return addresses to disguise their identity (spoofing) and the use of dictionaries to generate such mailers. In addition, it prohibits the use of misleading subject lines and requires that emails include and opt-out mechanism. The legislation also prohibits senders from harvesting addresses off Web sites. Violations constitute a misdemeanor crime subject to up to one year in jail.
One major point that needs to be discussed about this: spam is now coming from other countries in ever-greater numbers. These emails are harder to fight, because they come from outside our country’s laws and regulations. Because the Internet opens borders and thinks globally, these laws are fine and good, but do not stop the problem.
So what do you do about this? Her are the top 5 Rules to do to protect from spam.
Number 1: Do what you can to avoid having your email address out on the net.
There are products called “spam spiders” that search the Internet for email addresses to send email to. If you are interested, do a search on “spam spider” and you will be amazed at what you get back. Interestingly, there is a site, WebPoison.org, which is an open source project geared to fight Internet "spambots" and "spam spiders", by giving them bogus HTML web pages, which contain bogus email addresses
A couple suggestions for you: a) use form emails, which can hide addresses or also b) use addresses like sales@company.com instead of your full address to help battle the problem. c) There are also programs that encode your email, like jsGuard, which encodes your email address on web pages so that while spam spiders find it difficult or impossible to read your email address.
Number 2: Get spam blocking software. There are many programs out there for this. (go to www.cloudmark.com or www.mailwasher.net for example). You may also buy a professional version. Whatever you do, get the software. It will save you time. The software is not foolproof, but they really do help. You usually have to do some manual set up to block certain types of email.
Number 3: Use the multiple email address approach.
There are a lot of free email addresses to be had. If you must subscribe to newsletters, then have a “back-up” email address. It would be like giving your sell phone number to your best friends and the business number to everyone else.
Number 4: Attachments from people you don’t know are BAD, BAD, BAD.
A common problem with spam is that they have attachments and attachments can have viruses. Corporations often have filters that don’t let such things pass to you. Personal email is far more “open country” for spamers. General rule of thumb: if you do not know who is sending you something, DO NOT OPEN THE ATTACHMENT. Secondly, look for services that offer filtering. Firewall vendors offer this type of service as well.
Number 5: Email services now have “bulk-mail” baskets. If what you use currently does not support this, think about moving to a new vender. The concept is simple. If you know someone, they can send you emails. If you don’t know them, put them in the bulk email pile and then “choose” to allow them into your circle. Spam Blocking software has this concept as well, but having extra layers seems critical these days, so it is worth looking into.
Subscribe to:
Posts (Atom)