Web Stuff and Whatnot

From a news story published by Media Buyer Planner, Advertising.com finally suffered a bit for its sneaky SpyBlast software. The SpyBlast program was promoted as a spyware stopper, yet it secretly installed pop-up ad generating software behind the scenese on a user’s computer. Certainly not surprising to hear of such treachery from the likes of Advertising.com and America Online (which owns Advertising.com), but a sad story none-the-less. As if people using AOL weren’t bombarded by enough pop-up ads and poor Internet software to begin with. Hopefully more of these unethical businesses will be cracked down on, but clearly there is still a long way to go for victory in the Spyware and Adware battle.

Filed under: Business, Computer Security by Eden Jaeger

For the sake of continuity, this is part six of the computer security series I have been writing.

Phishing is the newest term in the computer security world that I will be discussing in this series. Over the past year or so, phishing has entered the common vernacular, and has also become a common problem.

Phishing threats are typically seen in email. The most common tactic is for the scam artist to send a fraudulent email, usually purported to be from a financial institution or well known website such as Ebay. The email’s subject usually carries something to the effect of, “account will be suspended”, or “immediate action required”.

Probably the easiest way to identify a phishing attack is the request for personal information contained in the email. Remember, your bank or credit card company is never going to ask for your username, password, pin number, or social security number in an email.

Another common thread in phishing attacks is the use of poor spelling and grammar. A reputable business certainly isn’t going to send an email that hasn’t at least seen a spell check first.

Your best line of defense is to simply delete the suspicious email. Even if an email happens to sound fairly legitimate, you still shouldn’t respond to any of the links contained in it. You can always visit the Website yourself, by typing the address into your browser as usual, then log in to manage your account as needed.

The “From” address seen on the email you receive can easily be spoofed, so don’t assume that an email is actually from that person or business.

The links contained in an email can appear to be legitimate, such as “www.paypal.com”, but can easily redirect your browser to a malicious Website. Better not to follow email links at all, and instead navigate to the Website yourself.
Phishing is a problem that isn’t going away any time soon, and will probably get much worse over time. Organized crime has apparently latched onto phishing as a new line of business, so the odds are good that phishing attacks will become more difficult to spot, and more dangerous to computer users. My best advice is to scrutinize every email, and always err on the side of caution- don’t be afraid to delete email that you’re unsure of.

Phishing is a problem that isn’t going away any time soon, and will probably get much worse over time. Organized crime has apparently latched onto phishing as a new line of business, so the odds are good that phishing attacks will become more difficult to spot, and more dangerous to computer users. My best advice is to scrutinize every email, and always err on the side of caution- don’t be afraid to delete email that you’re unsure of.

If you would like to take action against phishing attacks, I would recommend starting at the Anti-Phishing Working Group’s website. You can report phishing attacks, view common phishing attacks, and learn about more ways to protect yourself from phishing.

Filed under: Computer Security by Eden Jaeger

Part five of the computer security series will cover some excellent anti-virus software packages.

Now that I have described computer viruses in general, I will discuss some software options for removing and preventing viruses. I’ll look at both free and paid software alternatives. This is by no means intended to be a comprehensive list, but I do believe using any of the programs listed here will take you a long way in securing your computer. Here’s a list of the programs I’ll cover:

• Trend Micro’s PC-cillin Security Suite
• McAfee’s Security Suite
• AVG Anti-Virus Free Edition

First of all, I’ll say that I currently use all of these products (not on the same system of course) so my opinions will be based directly on experience.

I listed Trend Micro’s PC-cillin first because it’s my favorite. It costs about $50, and I would say that it’s easily worth twice that price. The real-time virus scanning it provides is truly incredible. Just over a month ago I found my web browser under attack (after a mis-click on my part), and PC-cillin quarantined two viruses before they infected my system. Not only did it prevent that risk, but it showed a pop-up window detailing the issue that also gives you the option to instantly halt all Internet traffic on your system. Think of this as “pulling the plug”. This is an incredibly powerful security feature because no matter what kind of attack your system is under, without an active connection to the Internet, you’ll be safe.

I do have to say that the user interface and configuration menu aren’t quite as user friendly as McAfee’s, so you’ll probably have to spend a bit more time configuring your desired settings. The primary features are of course the Anti-Virus program, a Firewall, E-mail filtering, and a feature that you won’t find in the other programs- Wireless Network Intrusion Detection. The Wireless Network feature is quite handy- you’ll get a pop-up window if a new device tries to connect to your network. Overall, I think this Security Suite has it all.

Now for McAfee’s Security Suite. I would say this is an adequate security solution, but not nearly as robust as Trend Micro’s. I was running McAfee on both my laptop and a desktop, but pulled it from the laptop in favor of Trend Micro’s software. McAfee is still running on the desktop without any problems, but I don’t feel quite as secure with it. There’s nothing wrong with McAfee, but a virus did get through while I was running it, and it clearly isn’t as capable at stopping a virus as Trend Micro is.

McAfee also seemed to use up a larger amount of system resources, causing a slightly noticeable delay. The rich, friendly interface probably accounts for the heavier file size, but it is definitely user friendly and a breeze to configure. You can run some very simple wizards to get up and running quickly, or take the time to manually configure everything. Like Trend Micro, McAffee’s Security Suite offers an Anti-Virus program, a Firewall, Spam and Email filters, and McAfee’s Privacy Service. The Privacy Service is intended to make using the Internet more secure, and to prevent certain files on your computer from being accessed without your knowledge. I found Privacy Service to be decent, but definitely noticed some system hang-ups when using it, which eventually lead me to disable it.

Don’t want to spend the money? No problem. If you’re a home user, AVG’s Free Home Edition will be sufficient. I installed this on a client’s computer that had no virus protection, and as soon as I ran the virus scanner it had found multiple viruses and removed them easily. Obviously, you won’t get the power and features offered by the paid products listed above, but if you’re on a budget, you can’t go wrong with this program.

Bottom line- whether you choose one of these Anti-Virus programs, or any other Anti-Virus program you prefer, make sure you’re using an Anti-Virus program. It’s an absolutely critical part of securing your computer.

Filed under: Computer Security by Eden Jaeger

This is part four of my computer security series (a series that will one day be put together as a comprehensive guide).

So far we have talked about spyware and adware, but now we’ll delve into their more malicious cousins- computer viruses. A technical definition, from Wikipedia, defines a computer virus as, “a program that can replicate itself by making (possibly modified) copies of itself.” Basically, a virus is an unwanted program that somehow infects your computer. Once a virus is installed on your computer, it’s free to manipulate your files or cause severe damage. The results of a virus can range from simply causing an annoyance to complete loss of all the data on your computer. There are several ways a virus can reach your computer, and preventing that from happening is your first line of defense. Several possible methods of infection are listed below:

• You install a program that is infected with a virus
• A virus infects your network (home or office, wired or wireless) and is passed to your computer
• Email: either by opening an attachment or even just viewing an email in an email client such as Microsoft Outlook
• Browsing the Internet: unscrupulous Websites could transfer a virus to your computer (only a real-time virus scanner can stand a chance at stopping this)
• File Sharing Networks: highly dangerous and likely to spread viruses prolifically

So how do you protect your computer from viruses? I would start by avoiding the danger areas listed above. Of course you can’t avoid using email, but there are some safe email procedures you can follow. Don’t open attachments you don’t recognize (even from a friendly email address), and definitely not from unrecognized email addresses. You may have heard not to open “.exe” files (executable programs), but other file extensions can be just as dangerous. If you aren’t expecting to receive an attachment, or if you’re unsure about an attachment for any reason, I believe it’s best to just delete the email.

An anti-virus program is essential. If you don’t use one, you can assume that you will get a virus one day. Buy one! Don’t hesitate. The cost will seem irrelevant if your computer gets infected and you lose all or most of your data. Go buy one now!

Be very careful when visiting unknown Websites. Don’t click anything that seems even just a bit suspicious. Make sure you have a real-time virus scanner running (I recommend Trend Micro’s PC-cillin).

Use File Sharing Networks (such as LimeWire, BearShare, or Kazaa) at your own risk. If you don’t have a good virus scanner running, and things like editing the Windows’ registry sound scary to you, you probably should not visit these sites at all.

Buy a Mac! Of course, a Mac is not 100% secure, but it is much closer to that number than any Windows OS will ever be. Once you use one, you will most likely fall in love with the interface anyway. (Disclaimer: I’m writing this on a great little Windows XP system that I use every day. I also own a Mac though and the next new system I buy will be a Mac).

Following these guidelines is a good start, but a computer without effective anti-virus software is still an easy target. In my next article, I will review some specific anti-virus programs.

Filed under: Computer Security by Eden Jaeger

Now that you have an idea of what spyware is, and how it gets on your computer, we can talk about how to get rid of it, and how to find it on your computer. I’ll talk about some tools that can be used to scan your system for the existence of spyware, and hopefully remove it completely.

The first tool I’ll recommend is Spybot Search and Destroy. The best thing about Spybot is that it’s free. They do give you the option to donate some funds, which you should think about once you get it running and see how effective it is. Spybot is quick to download and easy to use. Once you’ve downloaded and installed it you should check for updates and run a scan right away. After that, I would recommend scanning your system at least once a week, and after you install any new software. Be sure to check for updates regularly as well.

Next up is Ad-Aware by Lavasoft. Don’t be confused by the name, Ad-Aware isn’t focused only on adware. Ad-Aware will remove many types of spyware, adware, or other malicious programs. I would say Ad-Aware is a bit more robust than Spybot, but it seems that you really need both of them to be sure you’re finding as many nasty programs as possible. As mentioned before for Spybot, you should run Ad-Aware at least weekly, and after installing new software on your system. I use the professional version (sells for about $50), but the free personal edition is robust enough for most users.

Finally, I was going to review Microsoft’s new AntiSpyware tool, but gave up on downloading it when I had to click several buttons to get through the “Validate your copy of Windows” screens. After going through several new pages, I was prompted with yet another button that said, “Click here so we can scan your system and decide if we think we should let you use the software you paid for”. Okay, I paraphrased that a bit, but it seems that Microsoft’s attitude is that we’re all software thieves who should not be trusted. Now if they had just thought ahead and actually included some spyware software to begin with we wouldn’t have to waste our time trying to download it from them. Coming from Microsoft, I wouldn’t have expected it to work very well anyway, so for now I would recommend sticking with Spybot and Ad-Aware. I guess I didn’t realize how little I trust Microsoft until now (kind of like Wal-Mart and McDonalds). Oops! Don’t want to get off topic!

Filed under: Computer Security by Eden Jaeger