Bogus IRS Tax Notification Email – Don’t Be a Victim!

Despite the fact that I am a Canadian it seems the U.S. Government, by way of the Internal Revenue Service, wants to give me money for the second time in just a few months.

Back in February of this year, I received an email indicating I could expect a tax refund of $873.20, and just in the last few days I received an IRS Tax Notification email informing me that an additional $184.80 was mine if I just clicked on the enclosed email link.

Unfortunately, since I am a Canadian I will not be getting a refund from the IRS, but the cyber-criminals responsible for this email were hopeful that I would click on the enclosed link.

Clicking on the link would have redirected me to a spoof IRS page, comparable to the original site, and I would then have begun the process whereby the scammers would have stripped me of all the confidential information I was willing to provide. Information requested on the spoof IRS page includes; social security number, credit card and debit card numbers, postal address, and date of birth.

The financial and personal details entered are harvested by cyber-crooks who would then have used this information to commit identity and financial theft.

The reality is of course, the IRS doesn’t send out unsolicited emails asking for personal or financial information. Credit card numbers, ATM PIN numbers and additional financial information would never be required to enable you to find out the current status of your tax return, or your tax refund.

According to the IRS there are over 1600 IRS phishing sites operating, or online, at any given time in search of potential victims willing to hand over sensitive financial data. It’s easy to see that the emails I received are not isolated incidents. The IRS goes on to say that by their estimates, 1% of all spam email is an IRS phishing scam.

What makes this particular type of scam so potent is, the average person on receiving an email from an authoritative source, generally lowers their defenses. As well, giving the time of year, the timing is right. Be warned, IRS scam emails always ramp up before tax day and continue for some time afterwards.

You know what to do right? Follow the tips below to protect yourself against these threats:

• Your bank, the IRS, or any other legitimate organization will never ask you to divulge account information or passwords via email. Never give out this information, especially via email.
• Don’t open emails that come from un-trusted sources.
• Don’t run files that you receive via email without making sure of their origin.
• Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an un-trusted source, simply ignore them.
• Keep your computer protected. Install a security solution and keep it up-to-date. Also, before carrying out any kind of financial transaction on the Web, I recommend that you scan your computer with a second-opinion security solution, such as NanoScan at www.nanoscan.com.

Be kind to your friends, relatives and associates and let them know that these types of scams are now epidemic on the Internet. In that way, it raises the level of protection for all of us.

To help you fight back, the following information has been taken from the official IRS web site and provides instructions on how to assist the IRS in shutting down these schemes.

The good news is that you can help shut down these schemes and prevent others from being victimized. If you receive a suspicious e-mail that claims to come from the IRS, you can relay that e-mail to a new IRS mailbox, phishing@irs.gov.

Follow instructions in the link below for sending the bogus e-mail to ensure that it retains critical elements found in the original e-mail. The IRS can use the information, URLs and links in the suspicious e-mails you send to trace the hosting Web site and alert authorities to help shut down the fraudulent sites. Unfortunately, due to the expected volume, the IRS will not be able to acknowledge receipt or respond to you.

IRS reporting site: phishing@irs.gov

Don’t Download Advanced XP Fixer – Another Rogue Security App.

Rogue security software is software that uses malware, or malicious tools, to advertise or install itself. Unless you have had the bad experience of installing this type of malicious software, you may not be aware that such a class of software even exists. But it does.

Frequently, after installation on a system, an attempt is made to force users to pay for removal of nonexistent malware. Rogue software will often install and use a Trojan horse to download a trial version, or it will perform other actions on a machine that are detrimental including slowing down the computer drastically.

After installation of rogue security software, false positives; a fake or false malware detection warning in a computer scan, are the primary methods used to convince the unlucky user to purchase the product. After all, a dialogue box that states “WARNING! Your computer is infected with spyware! – Buy [XYZ] to remove it!” is a powerful motivator. Clicking on the OK button takes the user to the product download site.

Advanced XP Fixer (a clone of WinIFixer), is rogue anti-spyware software from Bakasoftware (Bakasoftware.com), which also operates under the name Pandora Software, that tricks users into installing the program and attempts to convince the user that the computer has been infected. Reportedly, Advanced XP Fixer can also be installed through Internet browser exploits, or by means of the Zlob or Vundo.Trojans.

When the program runs, a warning message appears indicating that the computer has been infected by malware. Subsequently, a screensaver launches which shows cockroaches eating the desktop.

As with all rogue security applications, Advanced XP Fixer was developed to mislead unaware computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application. If the full program fee is not paid, Advanced XP Fixer continues to display warning messages.

To complicate matters Advanced XP Fixer has the potential to reduce a computer’s performance by exploiting its resources, and may delete files and disable applications.

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

A good partial solution to this problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire 3, free from PC Tools. This type of program operates using heuristics, or behavioral analysis to identify newer threats.

As well, Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove a number of rogue security applications.

A further resource worth noting is the Bleeping Computer web site where help is available for many computer related problems, including the removal of rogue software.

There seems to be an epidemic of rogue security software on the Internet at the moment; much of it using social engineering to convince users’ to download an unsafe product. So you must be sure, that any security application you are considering installing on your computer is recognized as legitimate by industry experts. An excellent web site that will keep you in the loop, and advise you what products work and have a deserved reputation for quality performance, is Spyware Warrior.

Free Anti-Rootkits – Kernal Mode Trojan Protection

A rootkit is a malware program, or a combination of malware programs, designed to take low level control of a computer. In other words, system operations that are generally outside the control of the user. Frequently, they are Trojans or Keyloggers as well.

Techniques used to hide rootkits include concealing running processes from monitoring programs, and hiding files or system data from the operating system. In other words, the rootkit’ files and processes will be hidden in Explorer, Task Manager, and other detection tools.

It’s easy to see then, that if a malware threat uses rootkit technology to hide, it is going to be very difficult to find.

A number of major anti-malware companies though have developed free functional solutions to rootkits. Enter the Rootkit detector which will provide you with the tools to find and delete rootkits, and to help you uncover additional threats rootkits may be hiding.

Generally, rootkit detectors are capable of the following type of scans, although it is important to note that not all scan, or handle rootkits, in precisely the same way.

· hidden processes

· hidden threads

· hidden modules

· hidden services

· hidden files

· hidden Alternate Data Streams

· hidden registry keys

· drivers hooking SSDT

· drivers hooking IDT

· drivers hooking IRP calls

If you think you might have hidden malware on your system, I recommend that you run multiple rootkit detectors. Much like anti-spyware programs, no one program catches everything. To be safe, I use each of the free rootkit detectors listed below on my machines.

Microsoft Rootkit Revealer

Microsoft Rootkit Revealer is an advanced root kit detection utility. Its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. According to Microsoft, Rootkit Revealer successfully detects all persistent rootkits published at http://www.rootkit.com, including AFX, Vanquish and Hacker Defender.

Download here: www.download.com

IceSword

IceSword is a very powerful software application that will scan your computer for rootkits. It also displays hidden processes and resources on your system that you would be unlikely to find in any other Windows Explorer like program. Because of the amount of information presented in the application, please note that IceSword was designed for more advanced users.

Download here: www.majorgeeks.com

GMER

This freeware tool is essentially a combination of Sysinternals’ Rootkit Revealer and Process Explorer. The program can list running processes, modules and Windows services, in addition to scanning for the presence of rootkits.

Download here: www.gmer.net/files.php

Think You Have A Virus? – Some Solutions

You may, or you may not, have a virus so don’t panic. If your system has a virus then following the steps below will, in most cases, remove the infection from your system. But first, let’s start with the definition of a computer virus so that you know what you could be up against.

A virus is a computer program that can copy itself and infect a computer operating system without permission, or the knowledge of the user. The original virus may modify the copies, or the copies may modify themselves, making the virus more difficult to find.

Not all symptoms that mimic those of a virus infection are in fact produced by a virus. However, if your computer begins to act strangely, or if it is unable to do things it has always done in the past, it may be infected with a virus.

Symptoms including longer-than-normal program boot time, unpredictable program behavior, baffling changes in file sizes, inability to boot, may indicate that a virus is on your system. However, it is important to distinguish between virus symptoms and those that come from corrupted system files, which can look very similar.

Rule out more standard causes before suspecting a virus. In some cases software related problems, such as program execution errors and corrupted files, can create symptoms that appear to be virus-related. If you just installed new software for example, try uninstalling it and see if the problems disappear.

If you regularly engage in any of the following activities, you have substantially increased the risk of your system problem being a computer virus.

• You download files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.

• You click links in instant messaging (IM) that have no context or are composed of only general text.

• You downloading executable software from web sites without ensuring that the site is reputable.

• Using your USB stick on public computers, or other computers that are used by more than one person.

• Opening email attachments from people you don’t know.

• You make a practice of opening email attachments without first scanning them for viruses.

• You open email attachments that end in a file extension of .exe, .vbs, or .lnk.

• You run your Windows computer as an administrator.

Next Steps:

Launch Task Manager by hitting Ctrl-Alt-Delete which will give you a list of all current running process. Be aware however, that many viruses are smart enough to bypass Task Manager.

A better solution here would be to use the free service, ProcessScanner, from ProcessLibrary.com, (a Microsoft Gold Certified Partner), which not only scans your Windows computer for all running processes, but in addition tells you what’s running, what each process is associated with, and most importantly, a risk analysis of each process. You may find the answer to the problem here. If not, then proceed to the next step.

In Windows XP, open the Control Panel, Administrative Tools, Services, which will give you a detailed description of the services Windows is running. If you find something that’s unfamiliar, or causes you concern, Google that service/services on the Internet.

Proceed then to select Run from the Start Menu, and type “msconfig” in the box. With this tool you not only see the services running, but most importantly, the programs that your system is launching at startup. Again, if you find something that’s unfamiliar, or causes you concern, Google it on the Internet.

There are a number of online virus scanners that are, in my view, better at detecting malware than locally installed applications. I recommend that you next scan your machine at Trend Micro Online Scanner, and in addition scan it again at Panda Online Scanner. In this situation two is definitely better than one.

Most cases of infection and compromise should be cleaned, and your machine returned to its previous condition, by employing the above methods. But unfortunately, this is not always the case and you’re then faced with performing a full reinstall of the operating system. Since there is always the risk of an un-repairable system, this reinforces the need to ensure you have a realistic backup policy in place.

Security risks on the Internet you need to be aware of.

• Trojan horse programs

• Back door and remote administration programs

• Denial of service

• Being an intermediary for another attack

• Unprotected Windows shares

• Mobile code (Java, JavaScript, and ActiveX)

• Cross-site scripting

• Email spoofing

• Email-borne viruses

• Hidden file extensions

• Chat clients

• Packet sniffing

Security Checklist: Actions you can take to protect your computer system.

• Don’t open unknown email attachments

• Don’t run programs of unknown origin

• Disable hidden filename extensions

• Keep all applications (including your operating system) patched

• Turn off your computer or disconnect from the network when not in use

• Disable Java, JavaScript, and ActiveX if possible

• Disable scripting features in email programs

• Make regular backups of critical data

• Make a boot disk in case your computer is damaged or compromised

• Turn off file and printer sharing on the computer.

• Install a personal firewall on the computer.

• Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.

• Ensure the anti-virus software scans all e-mail attachments.

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

The free software listed below, in my view, provides better than average malware protection.

avast! 4 Home Edition

www.avast.com

This anti virus app is a real fighter, scanning files on demand and on access, including email attachments. Let’s you know when it detects mal-ware through its shield function. An important feature is a boot-time scan option which removes mal-ware that can’t be removed any other way.

AVG Anti-Virus Free Edition

www.free.grisoft.com

Similarly, this program scans files on access, on demand, and on schedule. Scans email; incoming and outgoing. For those on Vista, your in luck, it’s Vista-ready. I have been using this application since its release and it now forms part of my front line defenses. I recommend this one highly.

SpyCatcher Express

www.tenebril.com

SpyCatcher does a good job of cleaning out spy-ware and at stopping further infestation. In my view however, it’s not as reliable as AVG Anti-Spyware.

Ad-Aware

www.lavasoftusa.com

In my view, Ad-Aware Free is the best free spyware and adware remover available. It does a relatively good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version; real-time protection is not included.

ThreatFire 3

www.threatfire.com

ThreatFire 3 blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. Highly recommend this one!

Comodo Firewall Pro

www.comodogroup.com

The definitive free firewall, Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I have been using this application for 6 months and I continue to feel very secure. It resists being forcibly terminated and it works as well, or better, than any firewall I’ve paid for. This is one I highly recommend. Amazing that it’s free!

ZoneAlarm

www.zonelabs.com

The free version of ZoneAlarm lacks the features of ZoneAlarm Pro’s firewall. Its program control asks you regularly whether to allow programs; for some this can get to be intrusive and annoying. But it’s been around forever it seems, and it can’t be shut down, or out, by mal-ware.

WinPatrol

www.winpatrol.com

Do you want to get a better understanding of what programs are being added to your computer? Then WinPatrol is the program for you. With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.

Sandboxie

www.sandboxie.com

Surfing the Internet without using Sandboxie is, to me, like jumping out of an airplane without a parachute. Deadly! This application creates a “Sandboxed” protected environment on your machine within which you browse the net. Data that is written to your hard drive is simply eliminated, (or not, your choice), when the sandbox is closed. Utilizing this application allows you to surf the web without the risk of infecting your system with mal-ware or other nasties. This is another security application I have been using for over 10 months and it has yet to let me down.

Snoop Free Privacy Shield

www.snoopfree.com

Snoop Free Privacy Shield is a powerful application that guards your keyboard, screen and open windows from all spy software. I have been using this application for quite some time, and I have been amazed at the number of programs that have requested access to my keyboard and screen. Particularly, programs that I am in the process of installing. If you’re serious about privacy, this is a must have addition to your security toolbox.

Free Disk Heal – Fix Your Drives/Files/Folders

While it’s true that most anti-virus applications will remove an executable virus file from your system, depending on the infection, it is not uncommon that it will be unable to reverse the damage already done.

In many cases the user will be left to deal with the following problems.

Drive inaccessibility

Task Manager inaccessibility

Folder Options inaccessibility

Registry Editor inaccessibility

It’s not necessary to be a Techno Geek to deal with these types of problems; there are a number of manual methods to resolve these issues. But for the casual or new computer user, the solution may be outside their technical abilities. Fortunately, there is a free solution that is new user friendly.

Disk Heal is a free Windows NT, 2000, XP and Vista utility that may be able to restore the condition of your Hard Drive, or a USB Flash Drive, after it has been being infected by a virus.

This free application is a very useful tool that has a host of additional capabilities, including recovering hidden files and performing system tweaks; all can be accessed with just one click.

As you’re building your toolbox of system utilities, this is a good application to add. None of us are immune to a virus infection, and at some point you’ll be glad you had this little tool ready to go.

Quick facts:

• Fixes disk problems
• Fixes task manager inaccessibility
• Fixes folder options inaccessibility
• Fixes registry editor inaccessibility
• Recovers hidden files and folders
• Changes the default icon of any drive, external, internal, or a partition
• Security and system tweaks

Download at: Download.com

The Perversion of a Technology – Hi-Tech Spousal Abuse

The U.S. Office on Violence Against Women (OVW) defines domestic violence as a pattern of abusive behavior in any relationship that is used by one partner to gain or maintain power and control over another intimate partner. Domestic violence can take many forms, including physical abuse, sexual abuse, emotional, economic, and psychological abuse.

This article is gender neutral; clearly both men and women can be victims of domestic violence and abusive behavior.

Most of us would agree that new technology is, in most cases, neutral. It is how we implement technology that establishes its value, and impacts any ethical questions that surrounds its use. It is clear that virtually all technologies, if used improperly, can be used to cause damage.

Over the past few months I have reviewed several computer monitoring and keylogger products which I must admit, I had not considered could be misused as an aid in spousal abuse until it was brought to my attention. I suppose I shouldn’t have been quite as surprised as I was; after all many of these products are advertised as a method to detect a cheating spouse.

Curious about this, I Googled “cheating spouse” and I was surprised to see over 900,000 hits. More surprising was the number of hits on “keyloggers for cheating spouse”; over 95,000.

Probing further, I discovered that this type of technology is now pervasive in spousal abuse. According to Anna Stepanov, manager of the Anti-Spyware program at McAfee Avert Labs, “Using spyware for surveillance in cases of domestic abuse is a serious matter.”

Stepanov, who is also the author of a report entitled Spyware: A Morphing Campaign, which describes current spyware trends that includes domestic abuse states, “Monitoring a victim’s online, cell phone, or general computing activity is of more value than ever in controlling or hurting a victim.”

Cindy Southworth, technology director at the National Network to End Domestic Violence commenting on this issue has stated “With spyware, if the victim is thinking about leaving, all that is captured. If the victim looks for plane tickets, shelters, a new apartment, it all shows up in the computer logs.”

Since spyware is now an issue in domestic abuse the agency cautions those in an abusive relationship not to use their home computer for these kinds of tasks.

All of this has now been compounded by the news that the misuse of GPS technology by abusive individuals is now rampant. GPS can be used to track a victim by transmitting coordinates that result in the generation of a web page that maps the victim’s location.

The U.S. National Network to End Domestic Violence suggests the following to computer users, to reduce the impact of this type of abuse.

Internet Safety Tips

• If you are in danger, please try to use a safer computer that someone abusive does not have direct or remote hacking access to.
• If you think your activities are being monitored, they probably are. Abusive people are often controlling and want to know your every move. You don’t need to be a computer programmer or have special skills to monitor someone’s computer and Internet activities – anyone can do it and there are many ways to monitor with programs like Spyware, keystroke loggers and hacking tools.
• It is not possible to delete or clear all the “footprints” of your computer or online activities. If you are being monitored, it may be dangerous to change your computer behaviors such as suddenly deleting your entire Internet history if that is not your regular habit.
• If you think you may be monitored on your home computer, be careful how you use your computer since an abuser might become suspicious. You may want to keep using the monitored computer for normal activities, such as looking up the weather or recipes. Use a safer computer to research an escape plan, look for new jobs or apartments, bus tickets, or ask for help.
• Email and Instant/Text Messaging (IM) are not safe or confidential ways to talk to someone about the danger or abuse in your life. If possible, please call a hotline instead. If you use email or IM, please use a safer computer and an account your abuser does not know about.
• Computers can store a lot of private information about what you look at via the Internet, the emails and instant messages you send, internet-based phone and IP-TTY calls you make, web-based purchases and banking, and many other activities. It might be safer to use a computer in a public library, at a community technology center (CTC), at a trusted friend’s house, or an Internet Café.

The Internet Super Highway – Are You Licensed to Drive?

Car drivers must be educated and licensed in order to drive a car. This legal requirement of course, does not stop drunk drivers from getting into a car and killing someone. And it certainly does not eliminate our exposure to the speeders, tailgaters, and the road ragers that seem to plague our highways. Licensing then, doesn’t seem to eliminate the risks we face on the road.

So would requiring a license to use the Internet make it a safer place for all of us? Would requiring a license from the Department of Computer Literacy, protect us from the ever increasing exposure we all face to Trojans, Spyware, Virus’, Phishing Scams, Identity Theft, ….. the list goes on.

I’m being facetious of course. Unfortunately however, these dangers on the Internet are not, in a sense, unlike the dangers and risks we face while driving a car on our streets and highways.

Unlike the need to be educated and practiced, in order to qualify for a driver’s license; to access the Internet all that is required is a modem attached to a computer. There’s no need to prove qualifications. There’s no need to prove an awareness of the very real dangers that the Internet presents.

Being involved in computer security, I am amazed and frankly frustrated, at the lack of knowledge exhibited by many typical computer users, and most importantly, the lack of knowledge concerning the need to secure their machines against the ever increasing risks previously noted, on the Internet. I’m not talking about unintelligent people here. I am talking about people who are intelligent in every other aspect of life, but who view computers like cavemen who saw fire for the first time.

The problem, it seems, is multifaceted. Part of the problem, in my view, is simply fear. People do not understand computers, so they are afraid of them in a sense. Secondly, people generally, are simply not interested in learning about computers sufficiently to make the fear go away. The question is, of course, should they need to know anything other than how to turn on a computer and a minimum knowledge of the applications they use? Well maybe not.

Many computer experts agree that it is primarily flawed computer software and not just inadequate user knowledge that is the biggest contributor to the proliferation of unsecured computer systems and cyber-crime, on the Internet.

It seems to me then, what is needed as a good first step, are machines that are designed with outwardly simple, but internally sophisticated operating systems, secure and easy to use for the majority of users; where no user interaction is required to maintain the security of the system.

We now live in the age of the “Interconnectedness of All Things” in which we are beginning to see the development and availability of large numbers of Internet connected devices. There is no doubt that this will lend new strength to computer-aided crime and in this new political environment we now live in, perhaps even terrorists.

Unless we develop a rational approach to the underlying security issues surrounding the Internet, and insist software companies’ stop rushing out new products with little regard for security, hackers will continue to flourish and successful attacks on computers over the internet will continue to proliferate.

There are steps that you can take to decrease the likelihood you will be the victim of a successful attack on your computer. If you reduce your exposure to successful attacks on your machine, then downstream you are helping to protect my machine and those of others.

The following is a brief guide to the basic security issues you should be aware of on the Internet, followed by a guide to some of the steps you can take to secure your computer for Internet usage.

Security risks on the Internet you need to be aware of.

• Trojan horse programs
• Back door and remote administration programs
• Denial of service
• Being an intermediary for another attack
• Unprotected Window shares
• Mobile code (Java, JavaScript, and ActiveX)
• Cross-site scripting
• Email spoofing
• Email-borne viruses
• Hidden file extensions
• Chat clients
• Packet sniffing

Security Checklist: Actions you can take to protect your computer system.

• Don’t open unknown email attachments
• Don’t run programs of unknown origin
• Disable hidden filename extensions
• Keep all applications (including your operating system) patched
• Turn off your computer or disconnect from the network when not in use
• Disable Java, JavaScript, and ActiveX if possible
• Disable scripting features in email programs
• Make regular backups of critical data
• Make a boot disk in case your computer is damaged or compromised
• Turn off file and printer sharing on the computer.
• Install a personal firewall on the computer.
• Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.
• Ensure the anti-virus software scans all e-mail attachments.

The following tutorials are offered free of charge on CNET, one of the most widely respected sites on the Internet. If you are unfamiliar with basic computer security issues, I highly recommend that you visit this site.

Quick Tutorials

In these interactive slideshows, CNET’s experts take you step by step through PC security best practices.

• Erase Data on an Old PC
• Eliminate Spyware for Free on your Windows PC

Online Courses

Join the discussion about spam, spyware and virus control with others in free online classrooms.

• PC Protection 101
• Combat Spam and Phishing
• Combating Spyware and Adware

Quick Tips

• How not to get hacked
• How to use Ad-Aware
• Wi-Fi security on the road
• Protect your home network with your old PC

Drive-by Downloads – The Paradox Created by Firewalls/Security Applications

Your Firewall and Security Applications provide the ultimate in protection while you’re surfing the web, right? Well in a sense they do.

Paradoxically, it’s because current anti-malware solutions are much more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently.

More than three million unique URLs on over 180,000 websites are automatically installing malware via drive-by downloads, according to recent statements by the Google Anti-Malware Team. Google has not been alone in noticing this trend by criminal hackers using these techniques. IBM noted recently, that criminals are directly attacking web browsers in order to steal identities, gain access to online accounts and conduct other illicit activities.

If you’re unfamiliar with the term, drive-by download, they are essentially programs that automatically download and installed on your computer without your knowledge. This action can occur while visiting an infected web site, as previously noted, opening an infected HTML email, or by clicking on a deceptive popup window. Often more than one program is downloaded, for example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval.

What can you do to ensure you are protected, or to reduce the chances you will become a victim?

The following are actions you can take to protect your computer system:

• When surfing the web: Stop. Think. Click
• Don’t open unknown email attachments
• Don’t run programs of unknown origin
• Disable hidden filename extensions
• Keep all applications (including your operating system) patched
• Turn off your computer or disconnect from the network when not in use
• Disable Java, JavaScript, and ActiveX if possible
• Disable scripting features in email programs
• Make regular backups of critical data
• Make a boot disk in case your computer is damaged or compromised
• Turn off file and printer sharing on the computer.
• Install a personal firewall on the computer.
• Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
• Ensure the anti-virus software scans all e-mail attachments
• Install McAfee Site Advisor, WOT, or a similar browser add-on

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!” you can read it here.

Web of Trust (WOT) – Adaptive Technology for Colorblind Users

According to the American Foundation for the Blind, visually impaired people work in virtually every sector of our economy, and are just as likely as the general population to use computers and the Internet.

Colorblindness, a particular type of visual impairment, affects approximately two percent of women and eight percent of men. People who are visually impaired in this way then, have great difficulty with color-based distinctions.

Web of Trust (WOT) a popular Internet Browser application has taken the lead in addressing this issue. This free Internet Browser resource which has established an impressive 4.5/5.0 star user rating on CNET, tests web sites for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams. WOT which integrates with search engine results from popular search engines including Google, Yahoo, MSN and other popular sites, provides impressive protection against Internet predators and helps users’ avoid unsafe web sites.

The Browser add-on’s icon, normally displays a color rating for each site you visit, indicating whether a site is safe to use, should be used with caution, or avoided entirely. Using traffic light colors, (green, yellow, and red), WOT leaves you in no doubt as to the safety rating of a web site.

Recognizing that up to ten percent of Internet users are at a disadvantage however, due to colorblindness, and cannot rely on an Internet safety system based on color coding, the Web of Trust development team has just released their latest version of WOT. This latest version incorporates equivalent alternative information, through assistive or adaptive technology, for colorblind users.

Esa Suurio, CEO of Against Intuition Inc. referring to WOT’s development of this accessible application stated in part “Our goal is to make the Internet a safer place for everyone, so it was essential for us to make the extra effort.”

This colorblind accessible application will provide the same critical benefits to those individuals who have to contend with visual impairments, as it has to those of us who have come to rely on WOT as a major defense against the pervasive hazards we encounter on the Internet.

If you are challenged by colorblindness, or you know someone who is, then installing this browser add-on will increase Internet safety substantially by providing an in-depth site analysis based on real world results.

WOT is designed to work with Internet Explorer and FireFox; the user interface supports English, French, German, Spanish, Italian, Russian, Polish, Portuguese, Swedish and Finnish.

WOT can be downloaded at: MyWot

Demos:

A WOT demo video shows how WOT works in practice:

Watch the video on the colorblind accessible version:

Free Photo Editing "Plus" – SerifSoftware’s PhotoPlus 6

SerifSoftware puts an interesting and unusual twist to the usual “try this application for free for 30 days” we are all pretty familiar with.

Serif releases older versions of their current software for download at no cost, to hopefully entice at least some users to upgrade to current versions of their popular software.

Despite the slightly dated appearance of SerifSoftware’s PhotoPlus 6, this is not an ‘old’ program that’s been revived just for give-away. PhotoPlus is still an amazing photo editing application that enables you to fix and enhance digital photos, create bitmap graphics and even web animations.

With PhotoPlus, you can easily adjust brightness and contrast, color balance, remove red-eye and make numerous other image editing adjustments and enhancements.

And here’s the “Plus” – You’ll find a large number of tools for creating web-savvy images. As well, a collection of web animation tools will help you import and export GIF files. You can even let PhotoPlus do all the hard work and create animations for you.

Image slicing tools are another web feature that are surprising in a free package. With these tools you can sub-divide an image into invisible segments, each of which can then be given a hyperlink and popup window. Alternatively, you can add hotspots to your web page.

Because of its simple layout, this is an easy program to pick up and work with, especially for those with little or no previous experience.

Quick Facts:

Creative Tools – Enhance your images with easy-to-use creative tools, such as paintbrush, airbrush, clone, smudge and erase – adjustable brush settings include size, shape, softness and fade.

Layer Effects – Apply bevels and drop shadows to create sophisticated-looking text and images. Use the layer manager to add to and enhance images without affecting the originals.

Digital Darkroom – Adjust brightness, contrast, sharpness, color hue, saturation, remove red-eye and more. Enhance, repair and tweak your photos for great results.

Deform Tool – The versatile Deform tool lets you rotate, resize, skew, reshape and add perspective to any selection or layer.

Text – Add editable, deformable text to your images and further enhance your text with drop shadows and bevel effects.

Animation – Create your own animated GIFs.

Web Images – Divide images into individual sections that can be clicked on to link to other web pages and websites, just like text hyperlinks. PhotoPlus 6 creates all the HTML code ensuring your images appear properly.

Export Optimizer – Simultaneously view up to four previews that display the relationship between image file size and quality, making it easy to decide how to save and export images for every purpose.

QuickShapes – Add ready-made, customizable QuickShapes to your images. Choose from a range including speech bubbles, starbursts and spirals.

Download at: SerifSoftware