Tag Archives: identity

December 6, 2011 · 11:04 am

Five Simple Tips To Prevent Cybercrooks From Screwing You Over During The Holiday Season

Unless you’re related to the Grinch, the holiday season will hit town. Guest writer Liz Cornwell, from Australian software developer Auslogics, has some important and informative tips on how you can avoid potential dangers while shopping online this Holiday season – or, any time for that matter.

The holiday season is a time of year that is wonderful and special for everyone – it’s the time for having fun, being with your friends and family, giving and receiving presents, and even making dreams come true!

For me, giving presents is just as exciting as receiving them. And what fun it is to shop for gifts, knowing that they will bring happiness and joy to your loved ones!

I’m pretty sure that you will do at least some of your shopping online. It’s not a secret that online retailers offer great deals. But at the same time there is always a potential danger of your money getting stolen by shifty dealers, scammers, and spammers.

OK, so maybe some of you don’t mind giving a couple of hundred dollars to thieves. However, it would be much better to donate that money to charity.

If you want to protect yourself from online fraud, then read on! Here are five simple tips that will help you shop online safely.

1. Use a Secure PC

No matter how careful you are, there is no guarantee that your computer is not infected. Anyone who browses the Internet, visits social websites, and downloads software simply cannot be 100% sure that their PC is malware- and spyware-free. So, before you start shopping, check that your computer has comprehensive protection and run anti-virus and anti-spyware scans. Use reliable up-to-date software.

We recommend using Auslogics Antivirus – not only will it protect you against viruses, spyware, and other threats, but it also has a feature called Privacy Control. This feature is especially designed to prevent hackers from stealing your personal data, so shopping online will be more secure. Auslogics Antivirus has a free unlimited 30-day trial, which will keep you fully protected for the next month.

If you can, avoid shopping from public computers, or a PC that your kids use to play online games and chat with their friends. Those PCs are likely to be infested with spyware, so your private data can get stolen no matter how careful you are.

2. Always Shop From Trusted Sites

There are a lot of sites that offer amazing bargains. In fact, some of them are so amazing that they simply can’t be true! Well, most of the time they aren’t – a lot of websites only pretend to be shops. All they want is to steal your money. Remember, nobody is going to offer you a car for the price of a burger. Therefore, I strongly advise you not to use search engine shopping. Or if you do, check and double-check the website before entering any payment details.

Pay attention to:

security seals

shipping, return, and refund policies

use of secure connection (https://) when the website asks you to enter payment details

You can also research unfamiliar shops on sites like RipoffReport.

Never – ever buy anything advertised via emails from unknown senders and never click on any links in those emails either. Those emails are almost always a scam and links take you to websites that put viruses onto your system. And never shop at web-sites that ask you to wire money or send money orders.

3. Control Spam

If you’re concerned about getting spammed by online retailers, you can always either create a separate email address for shopping online, or create aliases. Here’s how it’s done using Gmail.

For example, your address is myemail@gmail.com and you are shopping at a website called greatoffer.com. So, when giving them your email address, type it as myemail+greatoffer@gmail.com. That way all future communication from that shop will be addressed to myemail+greatoffer@gmail.com.

So if they or someone from their network try to spam you, you will know it’s them and will be able to easily block them.

4. Pay With a Credit Card

Most of you will have several bank cards – some credit, some debit. Both can be used for online shopping, but it’s safer to use a credit card. Experts say credit cards give you less hassle when dealing with your bank, should unauthorized charges show up later on a monthly statement. Besides, you wouldn’t want to pay huge interest on your debit card overdraft, would you?

5. Think About Alternative Payment Methods

Did you know that you don’t necessarily have to use a credit/debit card when shopping online? There are plenty of other ways to pay for the goods you purchased – pre-paid credit cards, gift cards and certificates, and sometimes you can pay in cash upon delivery. Also there are websites like billmelater.com that allow you to shop online without having to enter your bank card details. Besides, online retailers actually encourage you to use a service like that by offering free shipping and an option to postpone your payment for up to 6 months.

These tips should help you shop online safely so that you don’t become yet another fraud victim. Enjoy your shopping and have a wonderful holiday season!

Regular readers are aware that I’m a big fan of Auslogics; a company which provides users with some of the best free applications on the Internet including, Auslogics Disk Defrag (recently reviewed here) – a “must have” addition to a serious computer user’s toolbox.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

12 Comments

Filed under Cyber Criminals, Cyber Shopping Tips, Don't Get Scammed, Don't Get Hacked, Guest Writers, Internet Safety, Safe Online Shopping Tips

Tagged as auslogics antivirus, Auslogics Blog, Auslogics Disk Defrag, Auslogics Task Manager, Bill Mullins, holiday shopping, identity, Identity Theft, Liz Cornwell, online fraud, Tech Thoughts, tips, victim

August 15, 2011 · 9:57 am

PC Tools Predicts New Breeds of Social Media Cyber Scams

PC Tools, the company which brings you PC Tools Firewall Plus (free), ThreatFire (free), and of course a complete line of award-winning commercial grade security offerings, is issuing this consumer alert advising the rollout of new social media sites and features, are leading to a fresh crop of online scams and threats.

PC Tools Top Three Social Network Threat Predictions

Email alerts for “tagged” photos where YOU might appear online.

Social networks are developing increased intelligence for facial recognition to assist with tagging photos. When you’re tagged in a photo or at a location in your photo album, you can often expect an email or notification letting you know where to view it online. Watch out!

Cybercriminals may be using this as a tactic to get you to click on malicious links asking for information – possibly even prompting you to click on a link leading to a fake login and password entry form posing as your social network.

Online robots or “bots” on social networking sites will be more sophisticated

We believe within the next few months that social media “bots” will become more advanced, effectively creating human-looking profiles and personalities. Cybercriminals rely on bots because they are the fastest and most cost-effective way to spread malware, spyware and scams through social network sites.

Through these bots, criminals can auto-create bogus personalities on social networks, which can in turn link to fake companies that sell phony products – all to trick users into buying merchandise that isn’t real or spreading news that doesn’t actually exist.

An increase in fake invites to join “new” or “exclusive” social networks or social groups

New social networks are popping up every day, some of which are “invite only” making them more appealing. Cybercriminals could use this appeal as a method to lure users into clicking on fake invites for exclusive networks. Upon clicking on these invites, users could be asked to provide personal details such as name, login, password or birthdates which should not be released.

“If you’re looking to join the hottest new social network, be careful where you click – your personal life may be at risk,” said Mike Chen, Product Marketing Manager at PC Tools. “Cybercriminals are taking advantage of the buzz surrounding these new social networks and features by tricking unsuspecting users to divulge personal information or download malware.”

Chen added that today’s malware looks legitimate, but what may seem like a harmless email or link can actually result in a person’s stolen identity or credit card data theft. And according to Pew Research, 46% of internet users agree that “most people can be trusted” – a prime reason why cybercriminals are so successful at duping consumers.

About PC Tools:

With offices located in Australia, Ireland, United States, United Kingdom and the Ukraine. PC Tools is a fast-growing brand with dedicated Research and Development teams that ensure PC Tools maintains a competitive edge. With registered customers in over 180 countries and millions of downloads to date, PC Tools’ products continue to win awards and gain recommendations from respected reviewers and independent testing labs around the world.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

5 Comments

Filed under Cyber Crime, Cyber Criminals, Don't Get Scammed, Don't Get Hacked, Freeware, Internet Security Alerts, PC Tools, Safe Surfing, social networking, Windows Tips and Tools

Tagged as Bill Mullins, credit card, exclusive, identity, new, online robots, PC Tools, PC Tools Firewall Plus, social networks, stolen, tagged photos, Tech Thoughts, theft, ThreatFire, Top Three Social Network Threat Predictions

May 24, 2011 · 12:01 pm

Breadcrumbs Privacy Software 1.1.3.1 (Beta) Updated – Now With 64 Bit Support

Earlier this month, I ran a short test on Breadcrumbs Privacy Software (Beta) – Free Breadcrumbs Beta – Slaps Down Data Miners – which, according to the developer “……. automatically creates a Bogus Identity for you, thus preventing trackers from analyzing your real browsing information, leaving them with useless data.”

So, is this fair – is it OK to screw with so called “data miners”? Undoubtedly, you’ll make up your own mind on this – but, I won’t hesitate to state my opinion – “You’re damn right it is!”

Data miners, in an attempt to camouflage broad scale privacy intrusions, conveniently refer to their activities as predictive analytics, customer profiling, customer segmentation, predictive modeling, lifestyle clustering – yeah, right.

While predictive analytics, predictive modeling, etc. (you have to love how these guys paint privacy intrusions), may well be allowed under existing legislation – from a moral and ethical perspective, it’s reprehensible in my view.

Consider this – you’re cruising the Net and a tracker, or trackers, records every action you take, every motion you make –recording the type of sites you visit and revisit, time spent on sites, your shopping and spending habits, your political views, your marital status, and much more. All of this builds a profile of your browsing habits so that the data (your personal data), can be sold, bartered, and traded.

But don’t look for any sweeping legislative changes which will rein in these parasites any time soon. By and large, regulatory authorities have neither the moral courage, or the technical acumen (they simple fail to grasp the essence of the technology) necessary to enact appropriate consumer protection laws.

If you object to this type of intrusion into your privacy, then consider installing Breadcrumbs Privacy Software, and give these intrusive jerks the heave-ho. It may not be a perfect solution but, it’s a definite step in the right direction.

Fast facts:

Create your bogus identity – Breadcrumbs bogus Identity feature automatically creates a Bogus Identity for you, thus preventing trackers from analyzing your real browsing information, leaving them with useless data. Read more

The Do Not Track Me stamp – Once enabled, the Do Not Track Me stamp identifies you as a Breadcrumbs Protected User. It tells trackers that you do not wish to be tracked, and also lets them know that they will be fooled by your Bogus Identity in case they decide to track you anyway. Read more

Watchers Analytics – Breadcrumbs Watchers Analytics feature enables you to see who is watching you online. It’s an easy way to block ads and prevent trackers from tracking you across the Internet. Read more

Installation is simple and the application settings are limited, but effective. Click on the graphic to expand to original.

The dashboard will give you the opportunity to “watch the watchers” and block selectively. Click on the graphic to expand to original.

The most interesting feature of Breadcrumbs is the promise that it will build a “‘bogus identity” which will mislead watchers. Click on the graphic to expand to original.

According to the developer –

“In order for the feature to work it first needs to “learn the user” then it will synthesize what bogus data should be added in order to mask your real data and identity (so give it a few more hours/days). All of the learning process is encrypted and is done on the client-side, hence no one can see or use it but the software (and in the future you).”

In the following screen capture the expandable “Page Watcher” panel is shown – (shown expanded). This feature is selectable under “settings”. Click on the graphic to expand to original.

Current Version: 1.1.3.1 (Beta) – release date: May 24, 2011.

Changes in this version:

Bug fixes.

Better performance (CPU + RAM)

64 bit support.

Enhanced security to the automated Bogus browser.

Tray notifier which notifies when privacy protection analysis ended, and when a new software version is available.

Added the option to turn watchers blocking on and off through the Watchers Analytics Panel in your browser, this feature is very helpful in cases you are not sure if the page is not loaded correctly because a watcher is blocked (so you can just turn blocking off and see if that is the problem) – the panel appears in red in case blocking is turned off.

System Requirements: Windows XP, Vista and Win 7. Microsoft .NET Framework 3.5 SP1 or above. (Breadcrumbs installer will alert you in case .NET Framework installation is needed)

Supported Web Browsers: Internet Explorer 7 or above. (including IE9). Firefox 3.6 or above. (including FF4). Google Chrome.

Download at: Developer’s site (Breadcrumb Solutions)

Breadcrumbs Usage and Demo: Video 2:26

I often hear from people who feel that since the information being mined is anonymous, no real invasion of privacy is taking place. While that may have been the case previously, that’s not the case currently.

Consider reading – Privacy: reidentification a growing risk.

Browser fingerprinting (a method used to identify you specifically) – Consider taking the Panopticlick test which analyses your browser to see how unique it is based on the information it will share with sites it visits.

My test results:

Your browser fingerprint appears to be unique among the 1,546,722 tested so far. Currently, we estimate that your browser has a fingerprint that conveys at least 20.56 bits of identifying information.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under 64 Bit Software, Beta Software, Browsers, downloads, Freeware, Interconnectivity, Privacy, Software, Surveillance, Windows Tips and Tools

Tagged as 64 bit, Analytics, beta, Bill Mullins, bogus, Breadcrumbs Privacy Software 1.1.3.1, create, data, Do Not Track Me, download, identity, protected, stamp, support, Tech Thoughts, Updated, useless, user, Watchers

November 9, 2010 · 9:59 am

Cybercrooks Gearing Up To Screw You Over During The Holiday Season

Five Simple Tips for Safe Online Shopping

Unless you’re related to the Grinch, the holiday season will hit town. Christmas commercials are already blasting the airwaves, despite the fact we’re barely past Halloween!

Guest writer Liz Cornwell, from software developer Auslogics, has some important and informative tips on how you can avoid potential dangers while shopping online this Holiday season – or, any time for that matter.

For me, giving presents is just as exciting as receiving them. And what fun it is to shop for gifts, knowing that they will bring happiness and joy to your loved ones!

OK, so maybe some of you don’t mind giving a couple of hundred dollars to thieves. However, it would be much better to donate that money to charity.

If you want to protect yourself from online fraud, then read on! Here are five simple tips that will help you shop online safely.

1. Use a Secure PC

No matter how careful you are, there is no guarantee that your computer is not infected. Anyone who browses the Internet, visits social websites, and downloads software simply cannot be 100% sure that their PC is malware- and spyware-free. So, before you start shopping, check that your computer has comprehensive protection and run anti-virus and anti-spyware scans. Use reliable up-to-date software.

We recommend using Auslogics Antivirus – not only will it protect you against viruses, spyware, and other threats, but it also has a feature called Privacy Control. This feature is especially designed to prevent hackers from stealing your personal data, so shopping online will be more secure. Auslogics Antivirus has a free unlimited 30-day trial, which will keep you fully protected for the next month.

If you can, avoid shopping from public computers, or a PC that your kids use to play online games and chat with their friends. Those PCs are likely to be infested with spyware, so your private data can get stolen no matter how careful you are.

2. Always Shop From Trusted Sites

There are a lot of sites that offer amazing bargains. In fact, some of them are so amazing that they simply can’t be true! Well, most of the time they aren’t – a lot of websites only pretend to be shops. All they want is to steal your money. Remember, nobody is going to offer you a car for the price of a burger. Therefore, I strongly advise you not to use search engine shopping. Or if you do, check and double-check the website before entering any payment details.

Pay attention to:

security seals

shipping, return, and refund policies

use of secure connection (https://) when the website asks you to enter payment details

You can also research unfamiliar shops on sites like RipoffReport.

Never-ever buy anything advertised via emails from unknown senders and never click on any links in those emails either. Those emails are almost always a scam and links take you to websites that put viruses onto your system. And never shop at web-sites that ask you to wire money or send money orders.

3. Control Spam

If you’re concerned about getting spammed by online retailers, you can always either create a separate email address for shopping online, or create aliases. Here’s how it’s done using Gmail.

For example, your address is myemail@gmail.com and you are shopping at a website called greatoffer.com. So, when giving them your email address, type it as myemail+greatoffer@gmail.com. That way all future communication from that shop will be addressed to myemail+greatoffer@gmail.com.

So if they or someone from their network try to spam you, you will know it’s them and will be able to easily block them.

4. Pay With a Credit Card

Most of you will have several bank cards – some credit, some debit. Both can be used for online shopping, but it’s safer to use a credit card. Experts say credit cards give you less hassle when dealing with your bank, should unauthorized charges show up later on a monthly statement. Besides, you wouldn’t want to pay huge interest on your debit card overdraft, would you?

5. Think About Alternative Payment Methods

Did you know that you don’t necessarily have to use a credit/debit card when shopping online? There are plenty of other ways to pay for the goods you purchased – pre-paid credit cards, gift cards and certificates, and sometimes you can pay in cash upon delivery. Also there are websites like billmelater.com that allow you to shop online without having to enter your bank card details. Besides, online retailers actually encourage you to use a service like that by offering free shipping and an option to postpone your payment for up to 6 months.

These tips should help you shop online safely so that you don’t become yet another fraud victim. Enjoy your shopping and have a wonderful holiday season!

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

9 Comments

Filed under Auslogics, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, internet scams, Online Safety, Safe Online Shopping Tips

Tagged as auslogics antivirus, Auslogics Blog, Auslogics Disk Defrag, Auslogics Task Manager, Bill Mullins, holiday shopping, identity, Identity Theft, Liz Cornwell, online fraud, tips, victim

May 16, 2010 · 1:56 pm

Do We Need to “Fix” the Internet?

Each time that you connect to the Internet you are unfortunately, wandering through a raucous neighborhood which has a reputation for being jam-packed with predators.

These predators are intent on stealing your money and personal information, installing damaging programs on your computer, or misleading you with an online scam.

Cyber-crooks are relentless in their pursuit of your money, and it’s all about the money. In the worst case scenario, your identity and your financial security can be severely compromised.

Recently, Symantec reported that 51% of all the viruses, Trojans and other forms of malware it has ever seen were logged during 2009, and Symantec has been in the security business since before the Internet was launched.

Each day, when I boot up my home machine, Immunet Protect, advises me that it is protecting me against 12 Million threats. Today for example (May 16, 2010, the number is 12,866,263. That number is truly mind blowing.

Note: Later in the day, following a re-boot, I noticed that the protection level had risen to 12,876,095 – 10,000 additional threats had been identified.

Various Internet security companies report having to deal with up to as many as 40,000 new versions of malware daily. Here’s the math; one new malware program every four seconds!

Anti malware developer Comodo, looks at these numbers in a way that we can more easily relate to, in its instructive video – Did you Know? Dangers on the Web.

“Did you know that the amount of new malware discovered daily approximates the number of words a person speaks daily?

Or, the amount of money lost by US Consumers due to malware over the past 2 years would have paid the tuition of over one million US College Students?”

Seen in this way, cybercrime takes on a whole new dimension.

Since additional sophisticated threats are constantly being developed, or are currently being deployed, some observers are of the opinion that the Internet is essentially broken.

If you think this is an exaggeration, check this out and then you decide.

Tainted search engine results: Internet security gurus have known for some time that we cannot rely on Internet search engine output to be untainted, and free of potential harmful exposure to malware.

Cyber-crooks continue to be unrelenting in their chase to infect web search results, seeding malicious websites among the top results returned by these engines.

When a potential victim visits one of these sites, the chances of downloading malicious code onto the computer by exploiting existing vulnerabilities, is extremely high.

Infected legitimate websites: According to security solution provider Kaspersky, the rate of infected legitimate web sites, in 2006, was one in every 20,000. In 2009, one in every 150 legitimate was infected by malware, according to Kaspersky.

Drive-by downloads: Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and craftier recently.

If you’re unfamiliar with the term, drive-by download, they are essentially programs that automatically download and install on your computer without your knowledge.

This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on a deceptive popup window. Often, more than one program is downloaded; for example, file sharing with tracking spyware is very common. It’s important to remember that this can take place without warning, or your approval.

Rogue software: A rogue security application (scareware), is an application usually found on free download and adult websites, or it can be installed from rogue security software websites, using Trojans or, manipulating Internet browser security holes.

After the installation of rogue security software the program launches fake or false malware detection warnings. Rogue security applications, and there seems to be an epidemic of them on the Internet currently, are developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.

Even if the full program fee is paid, rogue software continues to run as a background process incessantly reporting those fake or false malware detection warnings. Over time, this type of software will essentially destroy the victim’s computer operating system, making the machine unusable.

Email scams: Email scams work because the Cyber-crooks responsible use social engineering as the hook; in other words they exploit our curiosity. The fact is, we are all pretty curious creatures and let’s face it, who doesn’t like surprise emails? I think it’s safe to say, we all love to receive good news emails.

It seems that more and more these days, I get phishing emails in my inboxes all designed to trick me into revealing financial information that can be used to steal my money.

If you’re unfamiliar with phishing, it is defined as the act of tricking unsuspecting Internet users into revealing sensitive or private information. In a phishing attack, the attacker creates a set of circumstances where the potential victims are convinced that they are dealing with an authorized party. It relies for its success on the principle that asking a large number of people for this information, will always deceive at least some of those people.

A personal example of how this works is as follows. According to a recent email (similar in form and content to 20+ I receive each month), my online banking privileges with Bank of America had been blocked due to security concerns. This looked like an official email and the enclosed link made it simple to get this problem solved with just a mouse click. What could be easier than that?

Clicking on the link would have redirected me to a spoof page, comparable to the original site, and I would then have begun the process whereby the scammers would have stripped me of all the confidential information I was willing to provide.

My financial and personal details, had I entered them, would then have been harvested by the cyber-crooks behind this fraudulent scheme who would then have used this information to commit identity and financial theft.

These types of attacks against financial institutions, and consumers, are occurring with such frequency that the IC³ (Internet Crime Complaint Center), has called the situation “alarming”, so you need to be extremely vigilant.

This is by no means an exhaustive list of the dangers we are exposed to on the Internet. There are many more technical reasons why the Internet is becoming progressively more dangerous which are outside the scope of this article.

So what do you think? Is the Internet broken – do we need to fix it, and if so, how can we do that?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

20 Comments

Filed under Comodo, cybercrime, Don't Get Scammed, Don't Get Hacked, Internet Safety, internet scams, Internet Security Alerts, Malware Advisories, Online Safety, Phishing, Rogue Software, spam, Symantec, trojans, Viruses, Windows Tips and Tools, worms

Tagged as Bill Mullins, control, criminals, cyber, dangers, Email, fraud, identity, internet, malicious, malware, online, Phishing, risks, scam, scams, security, Software, spam, Tech Thoughts, threats

February 12, 2010 · 10:54 am

How to Tune Up Your Anti-Malware Strategy With These Free Solutions

As highly regarded security guru Bruce Schneier says, “If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology”

Unfortunately, the average user continues to rely only on technology for protection. Recently, I setup a new computer system for a friend; an average user, and as I was tinkering with her system, one though kept bouncing around in my head. “What do I need to do to keep her protected on the Internet?”

I started with the usual things of course, including installing the following security applications.

PC Tools Firewall

– PC Tools Firewall is definitely worth considering as a new Firewall installation, or as a replacement for a current Firewall that is not meeting expectations.

Microsoft Security Essentials

– Easy to set up and run, particularly for new users. The interface is positively simple offering Quick Scan, Full Scan, or Custom Scan. Provides full real time protection against viruses, spyware, and other malicious software.

Avira AntiVir Personal

– Offers on demand scans for viruses, Trojans, backdoor programs, hoaxes, worms, dialers and other malicious programs. As well you can repair, delete, block, rename and quarantine programs, or files.

Firefox

– I then installed the most effective security add-ons, including NoScript, KeyScrambler, Adblock Plus and BetterPrivacy.

WOT

– Web of Trust, a browser add-on which offers Internet users active preventive protection against Web-based attacks, online scams, identify theft, and unreliable shopping sites.

Winpatrol

– This program uses a simple yet effective method of fighting all kinds of malicious programs.

GesWall

– An isolator which dynamically isolates Internet applications including Web Browsers, Chat Clients, Email Clients, and so on.

Malwarebytes’ Anti-Malware

– A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run, for both less experienced and expert users alike. This application was installed as a secondary on demand scanner.

SUPERAntiSpyware Free Edition

– SUPERAntiSpyware is also straightforward to setup, customize and run, for both less experienced and expert users alike. This application was installed as an additional secondary on demand scanner. This should not be considered overkill – there is no one single anti-malware application that is likely to catch everything. Better safe than sorry, and all that.

ThreatFire

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my own front line defenses.

So what could go wrong with this kind of armor against the pack of jackal-like cyber-criminals who prowl the Internet? The short answer is – plenty.

She still faces substantial risks while surfing the Internet regardless of the antispyware, antivirus, and the other Internet security applications I installed.

Malware evolves so rapidly today, that staying ahead of the curve has proven to be all but impossible for security software developers, despite their best efforts.

While it may be true that reputable Anti-malware software is often capable of detecting harmful and malicious attempts to compromise a computer, this is not always the case. Anti-malware programs that rely on a definition database (most anti-malware programs), can often be behind the curve in recognizing the newest threats.

You might be wondering just how many new malware threats circulate on the Internet – and here’s one answer. Over the last three months alone, PandaLabs has recorded five million new strains of malware.

On the face of it, it may appear that this huge number of new malware strains presents an insurmountable problem. But malware itself is only part of the problem.

The method used to deliver the malware – social engineering – that’s the most significant problem currently, for an average user. Social engineering, which relies on, and exploits our natural curiosity, is a sure winner for the bad guys.

Cyber-criminals are increasingly relying on this aspect of social engineering to create an opportunity designed to drop malicious code, including rootkits, password stealers, Trojan horses, and spam bots on our computers.

So the problem I found myself having to deal with was “If all these security applications I installed won’t offer her absolute protection against cyber-criminals, what, or who will?” The only plausible answer was – she must take on this responsibility herself. The inescapable fact is – she must become her own best protection. In my experience it’s the only strategy that works.

My friend, (just like most average users), had a need to believe, and desperately wanted to be able to trust, that the installed security applications would totally protect her on the Internet.

She, like the rest of us, needed to become convinced that a mild case of paranoia when using the Internet, was in her own best interest. Being suspicious, and untrusting while surfing the web, might not make her invulnerable to malware infections or worse, but it will certainly reduce her odds enormously.

It took considerable effort to finally convince her that mild paranoia would play an important role in preventing her from becoming a victim of cyber criminals.

Particularly, overcoming the instinctive human response (and we all have it), to just “click” while surfing the Internet. That instinctive response, would pose one of the biggest risks to her online safety and security.

Security experts argue (including me), that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly” or opening the types of files that are clearly dangerous.

At the end of the day, I finally managed to get her agreement that she would not engage in any of the following unsafe surfing practices.

Downloading files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.

Clicking links in instant messaging (IM) that have no context or are composed of only general text.

Downloading executable software from web sites without ensuring that the site is reputable.

Using an unsecured USB stick on public computers, or other computers that are used by more than one person.

Opening email attachments from unknown people.

Opening email attachments without first scanning them for viruses.

Opening email attachments that end in a file extension of .exe, .vbs, or .lnk.

Regular readers of this site are very familiar with the following recommended security strategy to protect their computer system, their money and their identity:

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all e-mail attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected. Most of all, understand that you are your own best protection.

Well known software developer Comodo Group, have developed a new Internet video series, Really Simple Security, published on a dedicated YouTube channel, that makes it easier than ever for an average user to become much more proactive in their own protection. This is a site that should be in everyone’s bookmarks.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

25 Comments

Filed under Anti-Malware Tools, Antivirus Applications, Comodo, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Free Anti-malware Software, Free Firewalls, Freeware, Microsoft, PC Tools, Software, System Security, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Tagged as anti-virus, application, Bill Mullins, computer, download, files, free, identity, infection, internet, mal-ware, money, online, protect, scanner, security, Software, system, virus

December 22, 2009 · 10:06 am

Dangers on the Internet – A Lighter Look

This guest article, which began as a comment from JR Bombadila, is a finely crafted satirical parody on the effects of the constant bombardment of bad news on Internet users, and was originally posted earlier this year.

It may well leave you questioning the “fear factor” as a motivating influence in securing Internet linked computers against the “bad guys”.

I must admit, I enjoyed reading this comment enormously, and I promise you, you are in for an unusual reading adventure in which the writer takes the “malware fear game”, to its logical conclusion.

Read on ……..

I must thank Bill Mullins for illuminating the dangers of the Internet. I only became meaningfully aware of them when I switched from dial-up to high-speed on my “new” computer.

Though I cannot brag I slew the Jabberwock, the Bandersnatch of Paranoia is dead, and the flaming eyes shall wiffle towards me no more, nor shall I heed its burble.

The first rays of light had cracked through my utter and blissful ignorance of the multitudinous dangers all about me only a few months ago when a real, living flesh and blood person told me that his identity had been stolen. A world shattering realization: the virtual world is real, it had struck my world.

The orcs have at last found the gateway into our world. They have arrived. Over the last seven months, I have gradually emerged from that dark cave into the light of full blown paranoia. Here follows the story of my enlightenment. May you be similarly blessed.

Pars Prima

So there I was, the very brain child of Ignorance herself when I first entered the high speed world and deftly flew through the virtual ether world fleeter than feather-footed Hermes.

Ten years late arrived and freshly equipped with technology already outdated, I had finally pulled the trigger and entered the world of high-speed. But that is my modus operandi: wait until it’s cheap and outdated.

On that day and in my self-gratulatory mood for finally keeping up with the times, though still barely able to see the tail end of the pack, my mind was mostly at peace, somewhat confident that I had taken the sure steps to secure my identity, having paid homage to the credit gods, Equifax, Experian and Transunion.

I was lazily, blissfully surfing in ether-paradise but a few minutes when lightening struck: I felt the awakening that haunts me still. It was the Verizon god come to rescue me from my slumber. It spoke: “you are in great peril, soon to be hacked, an unmourned corpse for birds and dogs.”

With uncustomary, docile alacrity, I cried a quick thanks be to the Verizon god and immediately downloaded the savior, Verizon’s own virus-Trojan-malware-adware-root whatcha-call it security suite, and dutifully gave the appropriate tithes to pay for this great god’s protection, a pittance for its saving my virtual identity.

After the hour-or-so-long download, I sighed in relief that I and my virtual I were safe. Or so it seemed. For, deny it as I tried, I couldn’t not notice that my matrix-link that had been quick as mercury had become slow as lead, now running at half speed of my old machine. Thus, entered paranoia: as if economic, politic and moral collapses were not enough to stagger the frame of this Atlas.

After a few googles, I learned that my computer was probably attacked within the first ten minutes of being linked in; not only that but it was infected every ten or so minutes thereafter. I was a virtual leper or worse: unprotected, my very immune system could be compromised. I performed all the rites that the Verizon god had instructed. Thanks be to Verizon, safe. Right? My link’s protected, isn’t it? Enter Worry bird.

My link-up was still slow, slow even when not linked in: my just reward for not keeping up with the Jones. I would crawl long penance before I received again my wings. “Blessed be the virtual gods,” I might have cried out, but no. That wisdom comes only after suffering in long self-inflicted, self-pitying crawling. Thus it began, and there I was in the middle of a dark wood, unable to get out, truly unable to move, shameful to tell:

No time to further investigate and ameliorate the crisis, I cling to the unreasonable hope that nothing is really wrong. Back up my files and despair that the back ups too were food for vultures. Come back later when I have time. Come back later. Come back later. And all the while sleepless nights and a nagging conscience that I have let down the virtual gods and not only them: I have consigned my children to a life of poverty, a father reckless of his own identity. And all the while I was building up courage to face the hundred eyed, hundred armed monster and all the time I put it off and put it off with fingers crossed.

I could not dispel that nagging thought: my identity had been stolen by every pencil-necked criminal in the vast virtual world of geeks gone bad. Tum-tum, I meanwhile rested, unthinkingly worse than Hamlet, and did nothing: a wretched coward.

Days passed, weeks, months, even a new year. Then at last having imbibed enough courage, inspirited, I turned to face the manxome foe. It was a foe like none dreamed of. Oh horror, horror, horror! Unutterable. ALL the virtual wizards of all the virtual world asked: “Are you paranoid yet?” And all shouted at me with one accord: “Not paranoid enough!” And so it goes. Even Gandalf was terrified. From whom should I have courage? But, good fortune, the spirits had not quite worn off, my bravery had not yet left.

Pars Secunda

The unvirtual truth was that my computer began to almost freeze and crash and my backups were not that good. I could procrastinate no longer.

Aware enough to be afraid and yet ignorant enough to still have hope, I learned that the Verizon god is only one, and a weak one at that (and costly), in a pantheon of gods besieged by a much greater army of demons.

I proceeded to acquire and install all the best recommended virus immunizations, adware assassins, spy-killers, fire-walls, adamantine-walls, every best known defense I could find.

Then came the full revelation. It turns out that my problem all along was that I did not have sufficient memory to run my anti-viral arsenal. In my slovenly insobriety I had ignorantly assumed that my computer actually had enough memory to work the minimal tasks I put it to. But no, if one wants to defend his castle, he must pay the guards, and clearly I did not have sufficient resources to feed these eating machines.

As consequence, I only ran a half dozen or more different Trojan assassins. The rest would have to wait until I could purchase the resources necessary to feed my army. However, the real revelation from the great wizards, who are remarkably like the Oz variety, is that even though I detected not a single nasty on my machine, that is only a sure sign that there is something really nasty and deep down rooting into the very core of my virtual being.

One must run at least ten to twenty different of these mercenary-Trojan-assassins in order to rest not assured, but at least relatively more at ease. And there’s the additional problem that the one program I hastily downloaded in order to determine what kind of RAM I need to feed my troops could itself be a Trojan horse. Apparently WOT is not fool proof.

Moreover, I made a-grievous-nother mistake: I began to think. How can I be sure I am safe? I was now also informed and know that the majority of sites that advertise as security services are actually nothing but pirate outfits; that there are more bad guys than good guys; that the bad guys can pose as good guys and vote themselves good guys on WOT; that perhaps maybe WOT and FireFox and even Avast are the most brilliant spies of all, the inner circle of assassins that secretly direct the whole apparent warfare in Matrix.

In short, who is to guard the guards? Thus, goes my dizzying intellect, my German mind having spent too long a time in uffish thought, in this matter far superior to the mind of a Sicilian “when death is on the line” though doomed to the same fate.

But there’s no need to recount the whole whirling dervish of my thoughts. Suffice it to say, it is just the sort of stuff, when it gets in a head of mine takes a life of its own, an uber-monster, the very stuff of the Krell monster. And like monsters dreamt up on forbidden planets, it is unconquerable.

The conclusion was obvious: I can only trust myself. But what hope for a digital ignoramus and neophyte like myself to outmine the millions who have long ago already figured out a way to undermine any infantile attempt of mine. I must rule it out altogether, consign myself to defeat, await my pending doom.

Pars Tertia

But the noggin didn’t rest there. Unsatisfied, we have found a solution. At first, I thought it might suffice simply to unlink myself. Shut down all possible credit and bank account hijackings and unplug. However, I know better. They are too smart and that is trusting in futile hope.

The Ethernet gods will be avenged, and besides I already had witnessed the invasion. The orcs have arrived, the virtual world did strike the real world. And the only way I might be unscathed is to trust in the gods, but I’ve already disconnected from them; so, that too is futile hope.

The only solution is through more uffish thought: how to deliver the snicker-snack? That is the question. I cannot use my internet or computer savy since I have none, so I must use my real calculator, Jeeves’ like, and come up with a brilliant ‘fix’ that only Jeeves could. What would Jeeves do?

I thought. I could completely remove myself from the virtual world: shut down my bank account altogether, destroy all credit cards, wipe out my virtual self, in a sense commit virtual hara-kiri to avoid my own real destruction. It would work. For a time. Then all my other better-founded conspiracy theories rushed back into my head at once, and I knew it was but a short-lived solution.

The real solution is a preemptive strike. The bad guy pencil-necks want to steal my identity. It was not enough to lose my identity, destroy it, change it, become a new virtual me, even utterly obliterate or make meaningless the virtual me. I had to make it impotent, harmless, a virtual eunuch, and somehow render the theft of my virtual me harmless (at least to me), also an excellent revenge on my would be other me’s. But how to do it?

I decided we would completely unplug, pull out, leave not only the virtual world but all worlds possibly affected by the virtual world. We would follow the example of Lot (though my daughters will not). My children shall be raised after the customs of those in the world of Mad Max. If you want to contact me, you cannot: we have no virtual address, or real for that matter and it would be foolish of me to tell.

Let Jabber gurgle all he wants. The Bandersnatch is slain! And I can chortle away.

In all seriousness, thanks for all your help, Bill.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Don't Get Scammed, Don't Get Hacked, Interconnectivity, Internet Paranoia, Just for Laughs, Living Life, System Security, Viruses, worms, WOT (Web of Trust)

Tagged as account, Avast, bank, Bill Mullins, computer, credit, Firefox, identity, internet, JR Bombadil, preemptive strike, satire, stolen, trojan, virtual world, WOT

December 8, 2009 · 9:58 am

’Tis the Season for Jolly Cybercrooks – Five Simple Tips for Safe Online Shopping

Guest writer Liz Cornwell, of Auslogics’ Blog, has some important and informative tips, on how you can avoid potential dangers while shopping online.

The holiday season has arrived for many people from different countries and cultures of the world. This time of year is wonderful and special for everyone – it’s the time for having fun, being with your friends and family, giving and receiving presents, and even making dreams come true!

For me, giving presents is just as exciting as receiving them. And what fun it is to shop for gifts, knowing that they will bring happiness and joy to your loved ones!

OK, so maybe some of you don’t mind giving a couple of hundred dollars to thieves. However, it would be much better to donate that money to charity.

If you want to protect yourself from online fraud, then read on! Here are five simple tips that will help you shop online safely.