|
|
 |
 |
SECURITY
Adware, Spyware, Phishing,
Identity Theft
|
This information is to help you avoid hackers and ID thieves that prey on millions of people every day, but it isn't all you need to know.
As technology changes these criminals will change their methods so you will need to stay up-to-date. To stay current you can frequent news such as Tech News and Virus News and other sources.
SPAM or unsoliticited e-mail is not by itself dangerous but attachments may contain viruses. The best protection is keeping anti-virus software up-to-date.
Most spammer get away but a few are caught, some even have to pay for their actions. In the EU it is easier to track down and sue spammers (ScotchSpam).
If you don't think you are a target for malicious adware, spyware, viruses, and phishing you are in denial.
Adware, Spyware & Phishing
The most frequent and worst cases of malicious software, called "malware" is associated with Microsoft products because they are the most commonly used. Millions of Windows users are switching web browsers because of security issues like spyware. Firefox is a popular alternative to Internet Explorer.
NEWS: Living with (or without) Internet Explorer 7.0
Having compatibility problems with IE7? Here's how to use IE6 as a backup or to uninstall IE7 completely -- Computerworld |
Windows users are also switching e-mail programs because of viruses. Eudora, one of the first email programs, and Thunderbird are less vunerable to viruses than Outlook.
Web-based e-mail like Yahoo mail has anti-virus protection and you can access your email from any computer with an Internet connection. Other web e-mail's are Hotmail and Google Mail.
Mozilla has a combo program called Mozilla Suite which contains both a web browser and email client.
Anti-virus software companies can only release updates to combat newly created viruses after they're released. Since Windows can allow software installation without notifying you some of these anti-virus/spyware programs can detect when software is trying to install itself.
Another place trouble can be found is in Office programs such as Word and Excel. These are malicious macros that can damage your files. Alternatives to Microsoft Office are web-based Office type suites such as ThinkFree and Zoho Virtual Office.
If you use Windows then keep current with updates posted at Microsoft.com and Microsoft security. Part of the problem is inherent with Windows so until they change how these programs are designed you will need to be vigilent and keep your anti-virus and anti-spyware software up-to-date. Microsoft Internet Explorer and Outlook have features that are connected with parts of the operating system so they can work with other programs (Back Office). This makes them more vulnerable to hackers.
On our Windows computers we use Spywareguard and ZoneAlarm. We have used BHODemon and firewall software. There are a number of products available for anti-virus, anti-spyware/adware, and firewall, but make sure you get them either directly from the developer or from a reliable source.
Because of security issues with Windows we use mostly Mac's for email and web browsing. But when Mac's share a Windows network the Mac could potentially pass-on an email virus without becoming infected.
Enterprise or corporate systems are especially vunerable. Corporate data can be protected in a number of ways and it's best to incorporate as many ways as possible. Always apply the lastest software and operating system updates and patches. Disable default browser and email settings such as AutoComplete on Internet Explorer. Clear stored forms and passwords from the computers cache stored by web browsers. Deploy anti-spyware, anti-virus, and a desktop firewall on every machine no matter how often used. Most anti-virus, anti-spyware companies offer firewall software.
Adware was first just annoying but recently has become as dangerous as spyware.
"Ad-aware" software is available at http://www.lavasoft.de
BHODemon is a guardian for your Internet Explorer browser: it protects you from unknown Browser Helper Objects (BHOs), by letting you enable/disable them individually. Most Adware are just irritating BHOs.
http://www.definitivesolutions.com/bhodemon.htm
Spyware is dangerous, keylogging (keyloging) which captures your keystrokes and passwords then sends the information to criminals. For example your ebay, credit card, or banking login and password. Be cautious of ads for Spyware and Adware removal programs unless you know the source.
Spybot S&D
For protection against ad-serving software, Trojan horses, and other means of tracking your surfing habits, get Spybot. (donate please)
http://www.safer-networking.org/en/download/
SpywareGuard
A real-time protection solution against spyware - detect browser hijacking attempts and more as they are happening. (donate please)
http://www.javacoolsoftware.com/spywareguard.html
SpywareBlaster
Keep spyware from installing in the first place!
http://www.javacoolsoftware.com/spywareblaster.html
ZoneAlarm
Monitors outgoing connections (keylogger protection), bare bones version is free
http://www.zonelabs.com/
Anti-virus companies were slow to respond to spyware but are now offering anti-intrusion software which include anti-virus and anti-spyware. For personal or small business users check out mcafee.com, symantec.com, zonelabs.com, and our choice- bitdefender.com
You can visit here for more spyware info:
http://www.spywareinfo.com
http://www.spywarewarrior.com
http://www.webroot.com/resources/spywareinfo/threats.html
http://grc.com/optout.htm
Apple vs Microsoft vs Linux:
Apple Mac users have yet to fear the invasion of spyware and viruses that plague Windows users. Mac OS X is rated the safest by London-based mi2g Intelligence Unit. But since it's better to be safe check out AV software for Mac like ClamXav, VirusBarrier, Norton AV and McAfee Virex.
LATEST:
"Windows regains mantle of most vulnerable OS" according too mi2g.
Windows OS vs Linux OS security information: 1 - 2 - 3
EPIC (Electronic Privacy Information Center) has Tools for Protecting Online Privacy
Criminals are developing more advanced methods of capturing your information. Sunbelt Software Inc., a security tools developer, recently found a keylogger program installed itself in a way most antivirus software could not block. If you encounter spyware, adware, viruses you can get help on the many online forums at computerworld, pcworld, macworld, slashdot
To protect your email from prying eyes with encryption you can use PGP, the personal-security product from pgp.com. With PGP you can also encrypt AIM and iChat sessions
"Phishing" or "Web Spoofing"
Phishing attacks usually involve deceptive e-mail that appears to come from a popular commercial site. The email explains that the recipient has an account problem, or some other reason to visit the commercial site and log in. However, the link in the email sends the user to a malicious "spoof" site that collects user information such as account names, passwords, and credit card numbers. Once your user information is collected by a "spoof:" site, criminals may log into your account or cause other damage. The good guys at Stanford University have developed another cool product (Windows IE): SpoofGuard.
Search Safely
Lots of information on search safety and general Internet security at siteadvisor.com
Password Hashing
Users tend to use a single password at many different web sites. By now there are several reported cases where attackers breaks into a low security site to retrieve thousands of username/password pairs and directly try them one by one at a high security e-commerce site such as eBay. As expected, this attack is remarkably effective. PwdHash is an browser extension (Firefox Windows, Mac, Linux; Windows IE) that transparently converts a user's password into a domain-specific password. Let's hope that the browser companies include this 'type' of protection in future versions.
Covering Your Tracks
In addition to people trying to get access to your computer there is the issue of people getting information about where you've been and what you've done on the Internet. There are a few programs that act as plug-ins for Firefox and some for Safari to hide your identity from those who might want your information.
When you surf the Web, you leave a trail of information. Your browser sends out your data, including your IP address, Web browser version, computer operating system, and the Web page from which your click originated to Web servers.
To surf privately, try two free programs, Tor and Privoxy, both available from tor.eff.org - and work with Firefox and Safari.
FoxyProxy is an advanced proxy management tool that completely replaces Firefox's proxy configuration, it also automatically sets up Tor and lets you configure and switch between proxies. Also Torbutton extension allows you to turn Tor (and Privoxy) on and off by clicking on a button in the Firefox status bar.
TrackMeNot protects against search data profiling by issuing randomized queries to popular search-engines with fake data.
Another interesting approach to privacy is offered by VaporStream with their "confidential and recordless" communication service.
Secure Delete Your Data
Most people are aware that they need to "clean" a computer hard drive if they sell, donate or get rid of their computer. But how many people "clean" their information off their cell phone?
Look in your computer or cell phone manual for how to secure delete your personal information. If you can't find it then you can call the manufacturer. Some companies have the information on their web site.
Also the National Institute of Standards and Technology (NIST) - Computer Security Division - offers guidelines for sanitizing media (disk drives). Good to do before you sell/trade/dispose of that old computer or hard drive. PDF article.
| “I’m the creeper! Catch me if you can!” taunted a rogue program called Creeper, written by Bob Thomas, of the BBN (Bulletin Board Network), in 1971. His creation has the dubious honor of being the first worm that spread through many of the early global networks. (more at infoworld.com) |
Identity Theft Protection & Consumer Tips
Check washing.
Did you know that most inks can be washed off of a check you write? Criminals use sophisticated methods to “clean” checks which they then can cash. They also use devices to copy your signature. TIP: use Gel ink. Most major pen companies like Bic sell a pen with gel ink. In most cases gel ink cannot be successfully washed off the check.
Mail theft.
Did you know that most mail theft occurs right out of your mailbox? The most common is when people put outgoing mail in their box and raise the “outgoing mail” flag, which becomes a flag for criminals. TIP: drop your outgoing mail in Post Office mail boxes like you find on street corners or at the Post Office.
Of course incoming mail can also be stolen from your mail box. TIP: get a locking mailbox. Also use the services below to remove yourself from mailing lists.
Stop pre-approved offers:
If you want to remove your name from lists for pre-approved offers of credit or insurance obtained from these four consumer credit reporting companies, you will need to contact them. Once you provide your information, your name will be removed from eligibility for pre-approved offer lists provided by all four companies. The information you provide is confidential and will only be used to process your request.
Go to this website www.optoutprescreen.com or you can also complete this process by phone by dialing 888-5-OPT-OUT (888-567-8688). The four companies are Equifax, Experian, Innovis, TransUnion
Keep Track Of Your Credit:
A recent amendment to the federal Fair Credit Reporting Act (FCRA) requires each of the nationwide consumer reporting companies to provide you with a free copy of your credit report, at your request, once every 12 months. Three companies have set up a website and toll-free number www.annualcreditreport.com, or call 877-322-8228 or mail Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281
Stop telemarketers - Do Not Call List
You can register online at www.donotcall.gov or call toll-free, 1-888-382-1222 (TTY 1-866-290-4236), from the number you wish to register. Registration is free. Although annoying most telemarketers are not a security threat.
For other information on Consumer Protection check out this federal government website
www.pueblo.gsa.gov/cfocus/cfprivacy02/focus.htm
Online phone directories – get off the online lists
If your number is listed in the local phone book it is likely on one or more of the online directories. Unfortunately there is no single source for removing numbers, you will have to contact each directory. If you are on the Federal Do Not Call list telemarketers must not call even if you are listed in your phone book or an online directory.
Here are some online phone directories:
AnyWho
Google
WhitePages
Yahoo People Search
Shred for Safety
Most office supply stores sell shredders. Today you can get a good cross-shredder for under $100 which will even do credit cards. Cross shredding is better than straight since it makes it much more difficult to assemble the bits of paper into a readable document.
Once shredded there are a couple of things you can do to make it even safer. You can put the shredded paper in a large plastic garbage bag, fill it with water, punch a few holes in the bottom and let it water your garden or lawn for a couple days. What will be left will definitely be difficult to piece together. We also sometimes keep the shreddings in a big plastic bag and later burn the shreddings (only where legal).
Help for the Interactive Phone Maze (not a security issue)
Paul English created a Cheat Sheet to help you quickly get to a human when you are trying to call a company for service. Even with this, good luck. gethuman.com
OLD NEWS:
|
- TOP OF PAGE -
L a p t o p  C a s e s
Leather, Ballistic Nylon
Briefcases, Suitcases, Backpacks
Computer Sleves, Purse Cases, Rolling Cases
|
|
|
|
