|
1
|
- A Presentation
- to the Pennswood Computer Group
- By Joel May
|
|
2
|
- How viruses and spyware get into your computer and what kinds of trouble
they can cause
- Where spam comes from and how to get as little as possible. Also, how to deal with the spam you do
get
- The things you can do every day to protect your computer
|
|
3
|
|
|
4
|
- A virus is a program (or, perhaps, only a small bit of code) that
typically attaches itself to some known or trusted program on your
system and is executed when the trusted program runs
|
|
5
|
- A worm is a program or piece of code attached to a trusted program that
tries to copy itself over the network and imbed itself into other
unsuspecting users’ systems.
- A Trojan Horse is a program that allows a cracker a back door into your
system. It has usually been
planted in an innocuous place that may be hard to find.
|
|
6
|
- Spyware is an analysis and tracking program that has been placed on your
computer without your knowledge or (sometimes) through deceit or
obfuscation.
- A relatively benign type attempts to report your activities to
advertising providers’ web sites for storage and analysis. The advertising providers often sell
this information to others
- A much more virulent type may take the form of a keystroke logger,
tracking every key stroke on your computer
|
|
7
|
- Spam is nothing more than unsolicited, unwanted e-mail. At best it is a nuisance; at worst it
can introduce viruses, worms, trojan horses and/or spyware into your
system
- It may also take the form of “phishing” - a semi-sophisticated form of
identity theft – whereby you are asked for personal information by a
seemingly respectable source
|
|
8
|
|
|
9
|
- Crackers create virus code as a hobby; just to show that they can do
it. They seldom benefit
personally from the activity
- They embed the code in an e-mail attachment or a file designed to be
downloaded from the Internet
- If you open the attachment or execute the downloaded file, your system
can (will?) become infected
|
|
10
|
- Spyware is (most commonly) found embedded in a web page or (less
commonly) piggy-backed on downloaded software
- When you visit the web page or install the software, the spyware is
automatically downloaded to your computer (much like a cookie)
- There is no way to tell, in advance, which web sites or programs contain
spyware
- Spyware can also sneak into your computer if you use file-sharing
services such as Kazaa, Morpheus or Grokster
|
|
11
|
- All spyware are cookies, but not all cookies are spyware
- Thus, there are good cookies and bad cookies
- Good cookies remember things like your reading preferences, what you
last bought on the site, etc.
- Bad cookies report your browsing habits back to their owners, etc. These
are called “tracking cookies.” They often come from third parties.
- Your spyware programs should identify these and allow you to delete them
|
|
12
|
|
|
13
|
- Types of Spam (Smart Computing, May 2007)
- Scams (48%)
- Advance Fee Scams
- Body-part Scams
- Other Sex, Health and Hair scams
- Get Rich Quick scams
- Loan Shark scams
- Pornography (35%)
- Gambling and Drugs (12%)
- Viruses (2%)
- Identify Theft (1%)
- Benign (2%)
|
|
14
|
- I tracked the spam I received last yesterday (October 30th). During the 24 hour span, I received
122 pieces of spam.
- 97 of them were screened out by my email provider, Comcast.net
- 22 were identified by my spam filter, Spam Bully
- 3 slipped through both screens and had to be removed manually
|
|
15
|
|
|
16
|
|
|
17
|
|
|
18
|
|
|
19
|
- Hijack your e-mail address book and send messages containing and
(potentially) spreading the virus to people whose names are there
- Cause your system to function erratically (reboot frequently, cause
programs to open or close without your intervention, etc.)
- Create bot networks, ad-hoc clusters of several thousands computers
that, unbeknownst to the user, are being deployed toward some nefarious
end.
- At worst erase some or all of the information on your hard drive (very
uncommon)
|
|
20
|
- Hijack your home page, add sites to your Favorites list, launch unwanted
browser windows
- Send personal information about you that is contained in your computer
to the advertising provider who planted it
- By logging keystrokes it can accumulate information on your
- Social Security Number
- Credit Card Numbers
- Bank Account Numbers
- Passwords, etc.
- In other words, Identify Theft
|
|
21
|
- Most spam is not harmful, only annoying
- Some may contain attachments that can carry viruses
- The most dangerous are those that are “phishing” for personal
information
|
|
22
|
- ----- Original Message -----
- From: <support@citibank.com>
- To: <joelmay@yahoo.com>
- Sent: Wednesday, March 31, 2004 16:31
- Subject: Verify your E-mail with Citibank
- Dear Citibank Member,
This email was sent by the Citibank server to verify your
E-mail
address. You must complete this process by clicking on the
link
below and entering in the small window your Citibank ATM/Debit
Card number and PIN that you use on ATM.
This is done for your protection - because some of our
members
no longer have access to their email addresses and we must
verify it.
To verify your E-mail address and access your bank account,
click on the link below:
https://web.da-us.citibank.com/signin/citifi/scripts/email_verify.jsp
---------------------------------------
Thank you for using Citibank
---------------------------------------
|
|
23
|
|
|
24
|
- A Firewall (or two)
- An Anti-Virus Utility
- Several Spyware Detectors
- A Spam Filter
- Vigilance
- Common Sense
|
|
25
|
- There are two kinds:
- Hardware (often built into routers used on networks)
- Software
- Zone Alarm (http://zonelabs.com)
- Outpost (http://www.agniturn.com)
- Comodo (http://www.personalfirewall.trustix.com/)
- Windows XP has a built-in one way (inbound only) firewall
- Windows Vista has a built-in one that is quite effective
|
|
26
|
- They provide a “wall” around your computer
- Inbound protection: If a previously unknown remote computer seeks to
access yours, the firewall will notify you and ask if you want to allow
the access
- Outbound Protection: If a program on your computer wants to access the
Internet, it seeks permission
- You can grant permission for one-time only
- You can grant permanent permission
- You can refuse permission for one-time only
- You can refuse permission permanently
|
|
27
|
- In other words, with a full-featured firewall and the necessary
vigilance on your part, no information can get into or out of your
computer without your express permission
- You can test to see how well your firewall is working at https://grc.com/x/ne.dif?bh0bkyd2
|
|
28
|
- When a firewall utility notifies you that there is unexpected activity
(either in-coming or out-going)
- Carefully read the message on the screen
- If the access requested is something you want to have happen, approve
it
- If you don’t want the proposed activity to occur or you don’t
understand the message, don’t let the activity continue
|
|
29
|
- Use Windows Update
- Watch Startup Processes
- Watch File Extensions
- Use Anti-Virus Software
- Keep Virus Definitions Up-to-date
- Never Open Questionable E-mail Attachments
- Don’t Automatically Preview E-mail
|
|
30
|
- Microsoft regularly makes available software updates to the Windows
operating systems designed to repair or block security leaks
- You can configure your computer to download these updates automatically
- Control Panel > System > Automatic Updates
- Check “Keep my computer up to date”
- Or you can perform the updates manually
- http://windowsupdate.microsoft.com
|
|
31
|
- If you use Microsoft Office you should also check
- http://office.microsoft.com/officeupdate/
|
|
32
|
- A virus may insert a program command into the startup process of your
computer so that it runs whenever you turn your computer on or reboot
- Use MSCONFIG (from the RUN dialog on the Start menu), click on the
Startup tab and look for unfamiliar entries
- If you don’t know what to do about an entry, check http://www.answersthatwork.com
to find out more about it
|
|
33
|
- File Extensions are the two, three or four letter “tags” that appear
after the period (.) in the file name
- Why should you care?
- Some types of files are potentially dangerous and some are not
|
|
34
|
|
|
35
|
- If your computer doesn’t display these extensions
- In Windows Vista, XP and 2000
- Run Windows Explorer, open the Tools Menu and choose Folder Options
- Click on the View tab and remove the check mark on “Hide file
extensions for known file types” by clicking on it
- In Windows 98 and ME
- You’ll find the Folder Options in the View Menu rather than the Tools
Menu
|
|
36
|
|
|
37
|
|
|
38
|
- Some of the most popular are
- Norton Antivirus (http://www.symantec.com) $49.95
- McAfee Viruscan (http://www.mcafee.com) $34.95
- Kaspersky Anti-Virus (http://www.kaspersky.com) $49.95
|
|
39
|
- These typically provide for updating of the virus definitions for one
year following purchase
- After that, you must renew your subscription or buy a new edition of the
software
|
|
40
|
- The Anti-virus software is typically (by default) set to scan all of
your files and all incoming e-mail constantly
- If it detects a virus, it will offer to delete the file containing it or
to quarantine the file
- Try deleting first. If that
doesn’t work, try quarantining (this instructs the software to attempt
to put a barrier between the virus code and the rest of your computer)
|
|
41
|
- These are like dictionaries of viruses
- If a new virus has been release since the last edition of the
dictionary, it will not be recognized by your anti-virus software
- Thus, it is important to keep the definitions up to date
- The software can be configured to do this automatically on a
pre-determined schedule, or you can do it manually
|
|
42
|
- Never open e-mail attachments received from someone you know without
checking for viruses first
- Never open e-mail attachments received from someone you don’t know under
ANY circumstances
|
|
43
|
- Some recent viruses can infect your system when you simply look at the
contents of the e-mail message
- To turn off the Preview screen in Outlook Express
- Open the View menu and choose Layout
- In the lower half of the dialog box, click on “Show Preview Pane” to
remove the check mark
- NOTE: You can’t do this in AOL
|
|
44
|
- Viruses always come from outside your computer, either by
|
|
45
|
- Never open a file or an e-mail attachment unless you are ABSOLUTELY SURE
it does not contain a virus
- Always run a virus check before opening it
|
|
46
|
- There is really very little you can do to prevent your computer from
being infected with spyware
- Practice Safe Browsing
- Use real-time spyware blockers (only partially effective)
- Avoid free file-sharing programs (Kazaa, Grokster, Morpheus)
- Many spyware programs are hidden in pop-up ads. Either block them or don’t click on
them
|
|
47
|
- Before you download any program, browser tool bar, or an ActiveX
application, enter its name in your favorite search engine (or go to http://find.pcworld.com/42942)
to find out if it’s spyware
|
|
48
|
- Anti-Spyware Software
- Ad-Aware (http://www.lavasoftuse.com) Free; Plus version $26.95
- Spybot Search and Destroy (http://www.safer-networking.com) Donation
- Spy Sweeper (http://www.webroot.com) $29.95
- McAfee Internet Security 2004 (http://www.mcafee.com) $69.95
- Norton Internet Security Tool (http://www.symantec.com) $69.95
|
|
49
|
- As with Anti-Virus software, these programs can only detect spyware that
they know about
- So it is important to keep the definition files up-to-date (weekly?)
|
|
50
|
- Deletion or Quarantine
- When a spyware program is discovered, try deleting it first. If this is not possible, try to
quarantine it
|
|
51
|
- Some spyware programs embed themselves so deeply in your computer (files
and registry) that none of the anti-spyware programs can remove them
- (or, the program reports that they are removed, but when you reboot,
they reappear)
- Key-loggers are the most notorious in this respect
- If this happens to you, you can try CWShredder (http://www.spywareinfo.com)
|
|
52
|
- Be aware of where you are surfing
- Don’t click on pop-ups
- Run anti-spyware software on a regular basis and keep the definition
files updated
|
|
53
|
- Many ISPs provide spam-blocking services, but they are notorious for
being too arbitrary
- Legislation has been proposed (and adopted in CA and UT) which uses a
sort of “caller-ID” approach, requiring spammers to give their true
addresses
|
|
54
|
- If you are receiving lots of spam at your current email address, you
have little choice but to change addresses.
- Gmail (mail.google.com)
- Yahoo (overview.mail.yahoo.com)
- Hotmail (get.live.com/mail/overview)
|
|
55
|
- Prevention:
- Don’t give your e-mail address to anyone you don’t want to hear from
again
- Use a false or self-destructing e-mail address when registering on web
sites
- Spam Gourmet (http://www.spamgourmet.com) free
|
|
56
|
- Prevention (Contd):
- Watch out for those checkboxes
- Don’t post your e-mail address on a web site
- www.spam-proof-email-generator.com
- Don’t ever unsubscribe from spam
- Use a spam filter
|
|
57
|
- There are many software programs available for blocking spam at the
level of the individual user:
|
|
58
|
- There are many software programs available for blocking spam at the
level of the individual user:
|
|
59
|
- There are many software programs available for blocking spam at the
level of the individual user:
|
|
60
|
- Spam Filtering Software:
- Spam Inspector (http://www.giantcompany.com) $29.95
- Spam Eater (http://www.regnow.com) $24.95
- Qurb (http://www.qurb.com) $29.95
- EmailProtect (http://www.contentwatch.com) $29.99
- MailFrontier (http://wwwmailfrontier.com) $29.95
- ChoiceMail One (http://www.digiportal.com) $39.95
- Spam Bully (http://www.spambully.com) $29.95
- Mailwasher (http://www.mailwasher.net) Donation; Pro version $37.00
|
|
61
|
- Don’t give your e-mail address to anyone you don’t want to hear from
again
- Delete all questionable messages without reading them or opening
attachments
- Remember that AOL, eBay, your bank or credit card company and other web
sites related to your money will NEVER send out requests for passwords,
PINs, or other sensitive information via e-mail
|
|
62
|
|
|
63
|
- In Real Time:
- Sygate Firewall (www.sygate.com) Free
- Hardware Firewall (router on home network)
- AVG Anti Virus (www.grisoft.com) Free
- Spyware Doctor (www.pctools.com) $29.95/year
- WinPatrol (www.winpatrol.com) $29.95
- McAfee Site Advisor (www.siteadvisor.jp) Free
- Windows Update
- (start>control
panel>security center>updates: ON)
|
|
64
|
- Daily:
- Advanced WindowsCare (www.iobit.com) Free
- Acronis True Image Backup (www.acronis.com) $49.99
|
|
65
|
- Weekly:
- CCleaner (www.ccleaner.com) Free
- PCP Optimize (www.pcpitstop.com) Free
- Spybot Search and Destroy
- (www.safer-networking.com)
Donation
- AdAware (www.lavasoftusa.com) Free
- Spyware Doctor (www.pctools.com) $29.95/year
- AVG Anti Virus (www.grisoft.com) Free
- Registry Mechanic (www.pctolls.com) $29.95
- Chkdsk (start>run>type “cmd”>type “chkdsk c: /f)
|
|
66
|
- Monthly:
- Disk Defragmenter
- (Start>All
Programs>Accessories>System Tools>Defrag)
- Secunia Software Inspector
- (Secunia.com/soft_inspector/)
Free
- Annually:
- Open the case
- Vacuum out the dust
- Check the cables
|
|
67
|
- Keep Windows up to date
- Check start-up processes
- Use anti-virus and anti–spyware security programs
- Keep all security programs up to date
- Surf safely
- Don’t give out your address indiscriminately
- Be wary of attachments
- Don’t answer spam
|
|
68
|
- Google has teamed up with AARP to launch a new video series that
provides helpful, easy-to-understand tips on how to stay safe online
- It includes pointers on how to set privacy controls in online
photo-sharing sites, configure firewalls to protect your computer,
select safe and secure passwords for your online accounts, shop safely
online, and avoid phishing scams.
- http://snipurl.com/aarptips
|
|
69
|
|
|
70
|
|
Notes
