Category Archives: Adware

The Tool Designed To Fool – We Don’t Want No Stinkin’ Toolbar! (Revisited)

In today’s Tech Thoughts Daily Net News column, you’ll find a link to Ed Bott’sHow Oracle installs deceptive software with Java updates. So, what’s new here? Not as much as you might think – unfortunately.

I first posted on the issue of unwanted Toolbars – or, PUPS (potentially unwanted programs) – in March 2010. Based on the indignation shown by the majority of commenters – it just might be worth another read.

—————————————————————————————————

MEMO TO: SNEAKY FREEWARE DEVELOPERS

imageYou give me your software for free as a marketing tool, with the hope of course, that I’ll upgrade to the commercial version of your application.

That’s cool, that’s smart, (it cost you nothing by the way) – nevertheless, I’m appreciative.

But you don’t stop with just the free use of your application, you piggyback a toolbar, or some other non-essential item, as part of the install package. Listen, I understand, you want to install a toolbar because you get paid by the toolbar developer. Even that’s OK – but you do it in such a sneaky way that it really pisses me off, and that’s not OK.

Worse, if I don’t like your application and uninstall it, you open your Internet site, following the uninstall, using my Internet Browser – even if I don’t give you permission by allowing the connection. In my view, that’s a form of hacking. You need to take a refresher course in ethics.

I’ve been around the Internet for a few decades, so it’s not often I get caught in your schemes to install unwanted software on my machines, but less experienced users are often caught in your carefully laid traps.

Here’s a sample of the outrage a typical user, who got trapped by unethical behavior, feels – a comment on my site left by an outraged reader, several days ago, following her installation of Miro.

I thought I’d give this a try, since I watch Hulu quite a bit, and I’m sooo angry I did. Miro installed Bing Search toolbar, which I didn’t want or agree to install (using firefox) and it wiped out all my default search engines for Firefox.

Now I’m trying to figure out how to get Firefox back to normal. Beware!!!!!!!! I don’t trust companies that install things without your consent or knowledge.

In this particular instance it’s true that the EULA covers this situation, but here’s the question. Why does an average user need to read a Eula in order to find an alternative installation solution?

An accusation of unethical behavior doesn’t begin to cover this case – sleazy; vulgar; dishonest; sordid; are much more appropriate.

You, the unethical developer, are not alone in attempting to profit by toolbar inclusion in freeware applications. More and more, high profile developers who offer a stripped down version of their commercial applications as freeware, are involving themselves in this highly questionable practice.

image

So here’s a question for the “ethical” freeware providers. How many toolbars do you think an average user needs? Ten? Twenty? Thirty………….. Just so you know, a Google search for “toolbar”, returns 167 Million results!

I can already hear your answer “ but the user can uncheck the appropriate box when installing the application”. Right! Unless you’re detached from the real world (and, you may well be), you’re more than aware that a typical user does not uncheck this box. Then, over time, the user is at a loss to explain why their machine has slowed to a crawl.

Could it be because your toolbar, along with twenty others, all installed in a furtive way, become active at startup – ya think!!

So, just stop with the crapware already. If you’re pissing me off, just consider what you’re doing to an average user.

17 Comments

Filed under Adware, Browser add-ons, Point of View

PandaLabs Second Quarter Security Landscape Report

imageIn a rather surprising statement, PandaLabs, in its 2011 Second Quarter Security Report, makes the point that there’s a challenging grey area between “Hacktivism” (LulzSec and Anonymous), and Criminality. Frankly, I don’t subscribe to this “blurry lines” view.

I see the issue in rather simpler terms – if security holes exist in critical systems which enterprise, or government, are either unwilling, or unable to address – ultimately creating a host of innocent victims – then I encourage LulzSec and Anonymous to continue their campaigns of outing non-responsive, and non-responsible organizations. I’m more than a little tired of being placed at risk due to organizational ineptness, or failure to adhere to common sense security practices.

Some key findings from Panda’s report (determined from data collected through Panda ActiveScan) include:

Every minute, 42 new malware strains were created.

image

Trojans constitute 70 percent of new malware followed by viruses (10 percent) and worms (8.53 percent). Surprisingly, Adware, which only represents 1.37 percent of all malware, accounted for more than 9 percent of all infections.

image

China, Thailand and Taiwan continue to lead infection rankings.

image

Top 10 least infected countries.

image

So, should these statistics hold any relevancy for you? Should you be preoccupied, or overly concerned, with these numbers? The answer, it seems to me, depends on how aware you are of the overallInternet security landscape, and where you fit into the following user groups.

  • Those who know.
  • Those who think they know.
  • Those who don’t know, that they don’t know.

Hopefully, you are in that small group who can confidently say – “I know”.

Broken record time:

I’ll risk sounding like a broken record, once again, and repeat what I’ve said here numerous times –

“Controlling malware intrusion, while surfing the Net, through the use of a  “virtual” environment rather than operating in a “real” environment, makes sense given the escalating level of cyber criminal activity on the Internet.”

BufferZone, is a particular effective and easy to use freeware virtualization application (perfect for casual users), which creates an isolated environment called the Virtual Zone, while you surf the Internet. You can read more about BufferZone, here.

About PandaLabs:

Since 1990, PandaLabs, Panda Security’s malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats.

To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda’s user community to automatically detect, analyze and classify the more than 73,000 new malware strains that appear every day.

This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage.

The full report (PDF), is available here.

Follow Panda on Twitter and Facebook.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Adware, Cyber Crime, Cyber Criminals, Don't Get Hacked, Internet Security Alerts, Malware Reports, Panda Security, PandaLabs, trojans, Windows Tips and Tools, worms

Malware Speaks! Please Listen

image

If malware could speak, what a tale his thoughts could tell.

If you could have a conversation with one, or more, of the scourges that infest the Internet, you might be surprised at what could be learned from such an imaginary conversation. It might go something like this:

I might be malware, but in most cases I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

Take my good buddy LOP, for example, he’s been away for awhile, but he recently came back from vacation and he’s now infecting unsuspecting computer users’ machines with renewed vigor. Since LOP is a shift changer, and is often incompletely recognized by many tools – particularly newer forms of the infection, he’s having a hell of a good time.

The people he works for (some might call them cybercrooks – well, actually everyone calls them cybercrooks), are experts at convincing you to install malicious code like LOP.

LOP is a pretty neat piece of malware (his employers are pretty smart fellows), since he’s been designed, amongst other things, to display ads from a range of advertisers through pop-up windows, banner ads and so on.

Oh, and he’ll automatically switch your Internet Explorer home page to his own search engine. One he particularly likes is http://www.mp3search.com. When searches are made with this engine, the results that you see will be advertising pages that LOP chooses to display.

(Sample misdirected search)

Here’s what WOT has to say about mp3search.com. Click on the graphic to expand the image.

image

Just in case you decide that LOP is no longer welcome on your computer (that happens all the time), he will connect, every so often, to a web page from which new malware files will be downloaded – making it much more difficult to delete all of the active malicious files on your system.

I should tell you that LOP is extremely hard to get rid of, and just in case you try, you’ll have to deal with over 200+ changes to your Registry Keys. And in case that’s not enough bad news, you should know that LOP will invite lots of his malware friends over, so that they can party on your system.

But LOP has even more tricks up his sleeve. He can  monitor your system’s processes, and can even play with your security applications making them ineffective.

Since he’s a sporty fellow, once he’s done that, he’ll launch a Keylogger to capture your key strokes and just for fun, he’ll go on to scan your email contact list so that he can bug your friends. Hmm, maybe they’ll soon to be your ex friends.

LOP is definitely a hard worker (which is why his employers like him so much), so in his spare time he’s going to look around your operating system for vulnerabilities. You see, he knows that most people, haven’t installed the latest operating system updates, nor have they updated their security applications, like their supposed to.

Even if they have taken care of updating their operating system, it’s almost certain that they haven’t updated installed productivity applications, and LOP knows just how vulnerable these applications can be.

So, think carefully before you offer LOP, or any of his malware friends, that invitation. Once invited in, LOP will settle in for a long, long visit.

Thanks for the chat, but I have to get going. There are lots of unaware Internet users’ waiting to invite me into their computers. I know that many Internet users’ are kind of “click crazy”; so why should LOP be the only one to have some fun!

Oh, by the way, unless you paid attention to what I said, I’ll probably drop by your machine soon. You have a good day now.

This is an edited and revised copy of an article originally posted here July 14, 2009.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Comments Off on Malware Speaks! Please Listen

Filed under Adware, cybercrime, Don't Get Scammed, Don't Get Hacked, Humor, Internet Safety, Internet Security Alerts, Online Safety, System Security, WOT (Web of Trust)

We Don’t Want No Stinkin’ Toolbar!

Memo to: Sneaky Freeware Developers

image You give me your software for free as a marketing tool, with the hope of course, that I’ll upgrade to the commercial version of your application. That’s cool, that’s smart, (it cost you nothing, by the way), nevertheless, I’m appreciative.

But you don’t stop with just the free use of your application, you piggyback a toolbar, or some other non-essential item, as part of the install package. Listen, I understand, you want to install a toolbar because you get paid by the toolbar developer. Even that’s OK – but you do it in such a sneaky way that it really pisses me off, and that’s not OK.

Worse, if I don’t like your application and uninstall it, you open your Internet site, following the uninstall, using my Internet Browser – even if I don’t give you permission by allowing the connection. In my view, that’s a form of hacking. You need to take a refresher course in ethics.

Now, I’m a big boy and I’ve been around the Internet horn for a few decades, so it’s not often I get caught up in your schemes to install unwanted software on my machines, but less experienced users are often caught in your carefully laid traps.

Here’s a sample of the outrage a typical user, who got trapped by unethical behavior, feels – a comment on my site left by an outraged reader, several days ago, following her installation of Miro.

I thought I’d give this a try, since I watch Hulu quite a bit, and I’m sooo angry I did. Miro installed Bing Search toolbar, which I didn’t want or agree to install (using firefox) and it wiped out all my default search engines for Firefox.

Now I’m trying to figure out how to get Firefox back to normal. Beware!!!!!!!! I don’t trust companies that install things without your consent or knowledge.

In this particular instance it’s true that the EULA covers this situation, but here’s the question. Why does an average user need to read a Eula in order to find an alternative installation solution?

An accusation of unethical behavior doesn’t begin to cover this case – sleazy; vulgar; dishonorable; sordid; are much more appropriate.

You, the unethical developer, are not alone in attempting to profit by toolbar inclusion in freeware applications. More and more, high profile developers who offer a stripped down version of their commercial applications as freeware, are involving themselves in this highly questionable practice.

image

So here’s a question for the “ethical” freeware providers. How many toolbars do you think an average user needs? Ten? Twenty? Thirty………….. Just so you know, a Google search for “toolbar”, returns 167 Million results!

I can already hear your answer “ but the user can uncheck the appropriate box when installing the application”. Right! Unless you’re detached from the real world, you’re more than aware that a typical user does not uncheck this box. Then, over time, the user is at a loss to explain why their machine has slowed to a crawl.

Could it be because your toolbar, along with twenty others, all installed in a furtive way, become active at startup – ya think!!

So, just stop with the crapware already. If you’re pissing me off, just consider what you’re doing to an average user. Like it or not, there’s a lesson here. In the long run, your behavior will cost you – big time.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

31 Comments

Filed under Adware, Bill's Rants, Browser add-ons, Don't Get Scammed, Freeware, Personal Perspective, Slow Computer, Software, Windows Tips and Tools

Invasive Web Sites – Flash Cookies Revisited

imageI first wrote on the issue of Flash Cookies back in September 2009, (LSO (Flash Cookies) – A Serious Attack on Your Privacy), and since then, if my own experience with these obnoxious web trackers is any indication, these “privacy invaders”, have multiplied like a virus.

Just like you I suspect, I have a list of particular sites that I visit nearly every day. In my case, that amounts to roughly 30 different sites. In my initial investigation of Flash Cookies, these 30 or so sites, left a total of 7 Flash Cookies. That total has now increased to 13 for these same sites – not quite a 100% increase, but close enough.

image Crafty business learned long ago that names and the connotations that surround names are important. It just wouldn’t do, for example, to call a piece of computer spyware – “spyware”, or “tracker”, or “privacy invader”. Doing so, would be sure to upset the unwitting victim.

So, instead of “tracker”, why not call the item a “cookie”? Good name, good connotations – happy memories of arriving home from school to a plate of cookies and a glass of milk.

Equally as important, from a business perspective, is the need to convince the victim that the questionable item has value, is constructive, and will make their Internet experience a smoother ride. But don’t believe it.

Cookies are there for the benefit of advertisers; not the web site visitor – plain and simple. Keep in mind, that it’s critically important to advertisers to generate advertising that is specific to the web site visitor at the time of the visit – not later, but right then. And cookies are the tool that facilitates this happening.

Luckily, today’s Internet browsers can be set to allow full user control over cookies including accepting, rejecting, or wiping private data which includes wiping cookies. That is, until recently.

It appears that a user’s decision to control cookies in this way is simply not acceptable to advertisers and certain web sites, and so we now have the Flash Cookie (LSO) – Local Shared Objects.

There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings.

If you think this practice is restricted to shady web sites, you’d be wrong. Of the top 100 web sites, 50+ use Flash Cookies. So I was not particularly surprised, when I found some of my favorite sites involved in this invasive practice.

Quick LSO facts:

Never expire

Can store up to 100 KB of information compared to a text cookie’s 4 KB.

Internet browsers are not aware of those cookies.

LSO’s usually cannot be removed by browsers.

Using Flash they can access and store highly specific personal and technical information (system, user name, files,…).

Can send the stored information to the appropriate server, without user’s permission.

Flash applications do not need to be visible.

There is no easy way to tell which flash-cookie sites are tracking you.

Shared folders allow cross-browser tracking – LSO’s work in every flash-enabled application

No user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.

Many domains and tracking companies make extensive use of flash-cookies.

Without a doubt, you need to control these highly invasive objects, and if you are a Firefox user there is a solution – BetterPrivacy – a free Firefox add-on.

From the BetterPrivacy page:

“Better Privacy serves to protect against not deletable, long-term cookies, a new generation of ‘Super-Cookie’, which silently conquered the internet.

This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.

This add-on was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them – since browsers are unable to do that for you”.

image

Note: The small “G” in the above graphic, lets me know that GeSWall, part of my layered anti-malware defense, is working correctly.

Download at: Mozilla

Simple HTTP cookies can be subject to attack by cyber criminals, so it won’t be long before flash cookies will be subject to the same manipulation. Better you should learn how to control them now – not later.

Privacy, in all areas of our life is under constant attack, but that shouldn’t mean that we give up. We need to learn to fight back with every tool that’s available.

I have tried to write this article in a non-technical way, to make it easy for the average computer user to understand. For a more detailed breakdown on flash cookies, and the danger they represent to personal privacy, checkout The Electronic Privacy Information Center.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

10 Comments

Filed under Adware, Browser add-ons, downloads, Firefox Add-ons, Freeware, Interconnectivity, Online Safety, Privacy, Software, Spyware - Adware Protection, Surveillance, Windows Tips and Tools

If Malware Could Speak – What a Tale it Would Tell!

If malware could speak, you could have an illuminating conversation with one, or more, of the scourges that infest the Internet.

You might be surprised at what could be learned from such an imaginary conversation. It might go something like this –

I might be malware, but in most cases I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

Take my good buddy LOP, for example, he’s been away for awhile, but he recently came back from vacation and he’s now infecting unsuspecting computer users’ machines with renewed vigor.

He will accept your invitation, to infect your system if, for example, you download and install either of two rogue Peer to Peer (P2P) applications currently making the rounds on the Internet. BitRoll-5.0.0.0, and Torrent101-4.5.0, are two programs that are used to exchange P2P files that he likes to piggyback on. There are many more than that of course.

The people he works for (some might call them cyber-crooks – well, actually everyone calls them cyber-crooks), are experts at using false/rogue applications to install malicious code like LOP.

LOP is a pretty neat piece of malware (his employers are pretty smart fellows), since he’s been designed, amongst other things, to display ads from a range of advertisers through pop-up windows, banner ads and so on.

Oh, and he’ll automatically switch your Internet Explorer home page to his own search engine. One he particularly likes is http://www.mp3search.com. When searches are made with this engine, the results that you see will be advertising pages that LOP chooses to display.

(Sample misdirected search)

Just in case you decide that LOP is no longer welcome on your computer (that happens all the time), he will connect, every so often, to a web page from which new malware files will be downloaded  making it much more difficult to delete all of the active malicious files on your system.

I should tell you that LOP is extremely hard to get rid of, and just in case you try,you’ll have to deal with over 200+ changes to your Registry Keys. And in case that’s not enough bad news, you should know that LOP will invite lots of his other malware friends over, so that they can party on your system.

But LOP has even more tricks up his sleeve. He can  monitor your system’s processes, and can even play with your security applications making them ineffective.

Since he’s a sporty fellow, once he’s done that, he’ll launch a keylogger to capture your key strokes and just for fun, he’ll go on to scan your email address book so that he can bug your friends. Hmm, maybe they’ll become your ex friends.

LOP is definitely a hard worker (which is why his employers like him so much), so in his spare time he’s going to look around your operating system for vulnerabilities. You see, he knows that like most people, you probably haven’t installed the latest operating system updates, nor have you updated your security applications, like you’re supposed to.

Even if you have taken care of these critical areas, it’s almost certain you haven’t updated your installed productivity applications, and LOP knows just how vulnerable these applications can be.

So think carefully before you offer LOP, or any of his malware friends, that invitation. Once invited in, LOP will settle in for a long, long visit.

Thanks for the chat, but I have to get going. There are lots of unaware Internet users’ waiting to invite me into their computers. I know that many Internet users’ are kind of “click crazy”; so why should LOP be the only one to have some fun!

Oh, by the way, unless you paid attention to what I said, I’ll probably drop by your machine soon.

You have a good day now.

Elsewhere on this Blog you can read “The Best Free Spyware, Virus, and Browser Protection”, an article on free anti-malware programs, including anti-virus software, and you can download those that suit your needs.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Comments Off on If Malware Could Speak – What a Tale it Would Tell!

Filed under Adware, Anti-Malware Tools, Don't Get Hacked, Freeware, Interconnectivity, Malware Advisories, Online Safety, Rogue Software, trojans, Viruses, Windows Tips and Tools

I’m a Pop-up Download and I Gotcha!

Being unaware can cause havoc on your computer.

image Your Firewall and Security Applications provide the ultimate in protection while you’re surfing the web, right? Well in a sense, they do.

Paradoxically, it’s because current anti-malware solutions are much more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently. The latest twist on this is the so called “pop-up download”.

If you’re unfamiliar with the term, “drive-by download”, they are essentially programs that are automatically downloaded and installed on your computer without your knowledge. This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on the newest threat, a deceptive popup window – the so called “pop-up download”.

For example, when visiting a site, a user might receive a pop-up box that appears as an offer to download an application. The user is then asked to accept the download despite the fact no application name is offered.

Unfortunately, a typical computer user is generally undereducated in the Internet safety issues that apply in this type of scenario. Clicking “yes”, will lead to the automatic installation of an application – in many cases, an unknown application.

Popups 2

Often, more than one program is downloaded. For example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval.

Apparently, there are now some legitimate application developers who are using this “pop-up download” method to distribute, or advertise their product. Just last night, I had an advertising popup appear on my screen from PC Tools ThreatFire, something that has not happened in the 2 years I have been using this application. Needless to say I was shocked, offended and extremely annoyed.

For more information on how to prevent popups from occurring at the Browser level, checkout “How to block ads (updated), ” at Tech – for Everyone.

Additional steps you can take to ensure you are protected, or to reduce the chances you will become a victim?

The following are actions (familiar to regular readers of this site), that you can take to protect your computer system:

  • When surfing the web – Stop. Think. Click
  • Don’t open unknown email attachments
  • Don’t run programs of unknown origin
  • Disable hidden filename extensions
  • Keep all applications (including your operating system) patched
  • Turn off your computer or disconnect from the network when not in use
  • Disable Java, JavaScript, and ActiveX if possible
  • Disable scripting features in email programs
  • Make regular backups of critical data
  • Make a boot disk in case your computer is damaged or compromised
  • Turn off file and printer sharing on your computer.
  • Install a personal firewall on your computer.
  • Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
  • Ensure the anti-virus software scans all email attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

I recommend that you ensure that the current anti- malware applications, which you depend on to protect your system, are up to the task by reading “The 35 Best Free Applications” on this site.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!”, you can read it on this site.

2 Comments

Filed under Adware, Don't Get Hacked, Freeware, Interconnectivity, Internet Safety, Malware Advisories, System Security, Windows Tips and Tools

The Enemy is at the Gate – Common Sense Tips for Internet and System Security

commonsense 3 So what can you add to your computer’s Firewall, Security Applications, and Browser security add-ons to ensure you have the best protection available while you’re surfing the web?

Well, how about something that’s free, and readily available. Something called “Common Sense”.

Common sense: sound and prudent judgment based on a simple perception of the situation or facts. Merriam-Webster’s Online Dictionary

Common Sense Tip #1 – Given the virtual epidemic of malware currently circulating on the Internet, don’t run, or install programs, of unknown origin.

Internet users’ continue to be bombarded with rogue security software which has reached epidemic proportions. There seems to be no end to the release of new rogue security software threats. Rogue software will often install and use a Trojan horse to download a trial version, or it will perform other actions on a machine that are detrimental such as slowing down the computer drastically.

Download applications, particularly free programs, only from verifiably safe sites (sites that guarantee malware free downloads), such as Download.com, MajorGeeks, Softpedia, and the like.

There are many more safe download sites available, but be sure you investigate the site thoroughly before you download anything. Googling the site, while not always entirely reliable, is a good place to start. A recommendation from friends as to a site’s safety is often a more appropriate choice.

Common Sense Tip #2 – Don’t open emails that come from untrusted sources. It’s been estimated that 96% of emails are spam. While not all spam is unsafe, common sense dictates that you treat it as if it is.

Much of the spam emails I’ve seen lately are crafted around spicy, scandalous, and salacious stories. This is generally a dead giveaway that you are dealing with a risky email.

Here’s a recent email from my inbox – “Who to blame in world crisis?‎ – Ivanka Trump sunbathing pics http://www.000000.com”. Common sense tells me there is a major disconnect between the heading of this email (Who to blame in world crisis?) and sunbathing pics of Ivanka Trump. There is no doubt that this is a dodgy email. By the way her name is Ivana, not Ivanka.

Common Sense Tip #3 – Don’t run files that you receive via email without making sure of their origin. If the link has been sent to you in a forwarded email from a friend, be particularly cautious. Forwarded emails are notorious for containing dangerous elements, and links.

Common Sense Tip #4 – Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a web designed to download malware onto your computer.

Common Sense Tip #5 – If you do not use a web based email service then be sure your anti-virus software scans all incoming e-mail and attachments.

Common Sense Tip #6 – Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

adeona with locks

If you are unsure if your software based protection is up to the task then checkout the following recommended free downloads that will help you manage and protect your computer system.

These applications have been well tested over the years for reliability and functionality, and all have developed a strong, loyal following.

AVG Anti-Virus Free Edition

AVG Anti-Virus Free 8.0 now incorporates protection against spyware through a new combined anti-virus and anti-spyware engine as well as a “safe-searching component” which has been incorporated into the new AVG Internet Security Toolbar. This program scans files on access, on demand, and on schedule and scans email incoming and outgoing. For those on Vista, you’re in luck, it’s Vista-ready

Spyware Doctor Starter Edition

Spyware Doctor Starter Edition from PC Tools is an excellent choice, as a secondary line of defense. This free version of the award winning program, with its easy to use interface, is used by millions of people worldwide to protect their computers; it’s reported there are a million+ additional downloads every week. Be aware however, there is no real-time protection offered with this version and this is the reason I recommend this application as a secondary scanner only.

Spyware Terminator

Having tested virtually all of the major anti-spyware applications over the past year or more, I’ve settled, for now, on Spyware Terminator primarily due to its strong real-time protection against spyware, adware, Trojans, key-loggers, home page hijackers and other malware threats. Spyware Terminator excels in strong active protection against know and unknown threats. If anything, I find it perhaps a little overly aggressive. On the other hand, better this than the alternative.

Comodo Firewall Pro

Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I have been using this application for 10 months and I continue to feel very secure. It resists being forcibly terminated and it works as well, or better, than any firewall I’ve paid for. This is one I highly recommend. Amazing that it’s free!

HiJackFree

If you are an experienced/advanced computer user and you’re looking for a program to strengthen your anti-malware resources, then HiJackFree is one that’s worth taking a look at. This free application, from EMSI Software, offers a potent layer of additional protection to add to your major anti-malware programs. The program operates as a detailed system analysis tool that can help you in the detection and removal of Hijackers, Spyware, Adware, Trojans, Worms, and other malware. It doesn’t offer live protection but instead, it examines your system, determines if it’s been infected, and then allows you to eradicate the malware.

Ad-Aware

Ad-Aware Free is good free spyware and adware remover. It does a good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version; real-time protection is not included.

ThreatFire

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. Highly recommend this one!

Web of Trust (WOT)

WOT is a free Internet Browser add-on (my personal favorite), that has established an impressive 4.5/5.0 star user rating on CNET. WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

SnoopFree Privacy Shield

SnoopFree Privacy Shield is a powerful application that guards your keyboard, screen and open windows from all spy software. I have been using this application for quite some time, and I have been amazed at the number of programs that have requested access to my keyboard and screen. In particular, programs that I am in the process of installing. If you’re serious about privacy, this is a must have addition to your security toolbox.

5 Comments

Filed under Adware, Anti-Malware Tools, Antivirus Applications, Browser add-ons, Don't Get Hacked, Firefox Add-ons, Freeware, Interconnectivity, Internet Safety Tools, Software, Spyware - Adware Protection, System File Protection, System Security, Windows Tips and Tools

Pop-up Downloads – They Get You Coming and Going

Being unaware can cause havoc on your computer.

dumb5 Your Firewall and Security Applications provide the ultimate in protection while you’re surfing the web, right? Well in a sense, they do.

Paradoxically, it’s because current anti-malware solutions are much more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently. The latest twist on this is the so called “pop-up download”.

If you’re unfamiliar with the term, “drive-by download”, they are essentially programs that are automatically downloaded and installed on your computer without your knowledge. This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on the newest threat, a deceptive popup window – the so called “pop-up download”.

For example, when visiting a site, a user might receive a pop-up box that appears as an offer to download an application. The user is then asked to accept the download despite the fact no application name is offered.

Unfortunately, a typical computer user is generally undereducated in the Internet safety issues that apply in this type of scenario. Clicking “yes”, will lead to the automatic installation of an application – an unknown application.

Popups 2

Often, more than one program is downloaded. For example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval. Apparently, there are some legitimate application developers who are using this “pop-up download” method to distribute their product.

I find it galling that more so called Internet security analysts have not taken a harder line on this deceptive marketing technique. Is it any wonder the economy is in the tank, when for 20+ years the economy has been based on fraud, and deceptive and illegal practices? When are we going to learn to speak out against this type of nonsense?

What can you do to ensure you are protected, or to reduce the chances you will become a victim?

The following are actions (familiar to regular readers of this site), that you can take to protect your computer system:

  • When surfing the web – Stop. Think. Click
  • Don’t open unknown email attachments
  • Don’t run programs of unknown origin
  • Disable hidden filename extensions
  • Keep all applications (including your operating system) patched
  • Turn off your computer or disconnect from the network when not in use
  • Disable Java, JavaScript, and ActiveX if possible
  • Disable scripting features in email programs
  • Make regular backups of critical data
  • Make a boot disk in case your computer is damaged or compromised
  • Turn off file and printer sharing on your computer.
  • Install a personal firewall on your computer.
  • Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
  • Ensure the anti-virus software scans all email attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

I recommend that you ensure that the current anti- malware applications, which you depend on to protect your system, are up to the task by reading “The 35 Best Free Applications” on this site.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!”, you can read it on this site.

4 Comments

Filed under Adware, Don't Get Hacked, Interconnectivity, Internet Safety, internet scams, Malware Advisories, Online Safety, Rogue Software, Spyware - Adware Protection, System Security, Windows Tips and Tools

Porn Surfing? – Free Software to Protect Your Computer

Why You Need Protection

porn_industry 3 Online pornography is enormously popular. So popular that the pornography industry has revenues larger than the revenues of the top technology companies combined.

That’s right, the combined revenues of Microsoft, Google, Amazon, eBay, Yahoo!, Apple, Netflix and EarthLink.

Three essential factors have impacted the popularity of Internet pornography:

  • Easy Internet access
  • The anonymity the Internet provides
  • Cost effectiveness

Experienced computer users however, are generally aware that pornographic web sites are notorious for spyware, viruses, browser exploits, and phishing attacks, on insufficiently protected computers.

The credibility of this view is emphasized by Esa Suurio, CEO of Against Intuition Inc., the company that supports Web of Trust, {see Like Porno Sites? – They LOVE You!), on this site, who concluded following a recent survey “Visiting the red light district of the Internet makes the user vulnerable to spyware, viruses and leakage of confidential information which can cause significant damage.”

Pornography is what it is; I am not a member of the Morality Police, and I hold no religious or political views on the availability of pornography on the Internet; except of course, pornography which is clearly illegal, or morally reprehensible.

porn_industry 4

My main concern with pornographic Websites is focused instead, on the primary/secondary use that many of these sites are designed for – as a vehicle for the distribution of potentially harmful malware applications that can be surreptitiously dropped onto unwitting visitors computers.

The potential for damage to both computers and users is enormous, considering the confidential/financial data that can be stolen by keyloggers, tracking cookies, and other common forms of malware used by porn sites.

Unethical porno sites have a reputation for some, or all, of the following behavior:

Pop-up windows that are difficult, or impossible to close. Tip: Pressing the Control key and the W key simultaneously, will generally close pop-ups.

Browser hijacking.

Dropping spyware, viruses, Trojans, and rogue applications.

Requiring the installation of a plug-in or codec – a favorite method of malware insertion.

Be particularly cautious of so called “free three-day trial memberships”. These schemes are notorious for fraud and credit card scams. Just try to take advantage of a “free three-day trial memberships”, without providing credit card details.

Before surfing porn web sites:

Install the latest operating system updates, and patches, on your computer. This step is just common sense in all circumstances. Unpatched systems will be attacked!

Unethical porn sites can drop malicious code which will exploit vulnerabilities in your browser or operating system. Just visiting these sites can infect, or damage your system.

Ensure you are using the latest version of your Internet Browser – known security holes in older Browser versions will be exploited.

Consider switching your Browser – Experienced computer users tend to use FireFox as their principal Internet Browser, since the security add-ons which are available, offer substantial protection from exploits. No Browser however, is totally secure against exploits.

Turn off JavaScript in your Browser.

Install effective ant-malware solutions on your computer.

The following free anti-malware and system protection applications offer effective protection.

This list is not exhaustive. For more information and additional free anti-malware and system protection applications, read “The 35 Best Free Applications – Tried, Tested and Reliable!” on this site.

Firewall: Comodo Firewall Pro

The definitive free firewall in my view; Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet.

Internet Browser protection: Web of Trust (WOT)

WOT is a free Internet Browser add-on (my personal favorite), that has established an impressive 4.5/5.0 star user rating on CNET. WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

porno sites 4 google

(Click pic for larger)

In this Google search for “hot porno sites”, notice that WOT indicates that out of the 6 sites illustrated, 2 are dangerous, 2 should be viewed with caution, 1 is an unknown quantity, and only 1 is safe.

Anti-virus: Avira AntiVir PersonalEdition Classic

This anti-virus program offers comprehensive protection with an easy to use interface. In the time that I have been testing Avira, I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program. I highly recommend this one.

Anti-spyware: Spyware Terminator

Having tested virtually all of the major anti-spyware applications over the past year or more, I’ve settled, for now, on Spyware Terminator primarily due to its strong real-time protection against spyware, adware, Trojans, key-loggers, home page hijackers and other malware threats. Spyware Terminator excels in strong active protection against know and unknown threats.

Adware remover: Ad-Aware

Many software reviewers consider Ad-Aware Free as the best free adware remover available. It does a relatively good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version is real-time protection is not included.

Zero-day malware protection: ThreatFire

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior.

How much information can a web site collect about you?

In my experience, most people are shocked at the amount of information that a web site is capable of collecting from a simple visit.

If you are interested in seeing just how much information your Internet Browser gives away about you and your computer system when you visit a web site, then checkout BrowserSpy.dk.

8 Comments

Filed under Adware, Anti-Malware Tools, Antivirus Applications, Browser add-ons, Don't Get Hacked, Firefox, Free Security Programs, Freeware, Interconnectivity, Internet Safety Tools, Malware Advisories, Online Safety, Rogue Software, Safe Surfing, Software, Spyware - Adware Protection, System Security, trojans, Viruses, Windows Tips and Tools, worms