ZenOK launch first free antivirus application….

Diego Gutierrez, Link Manager, at startup computer security provider ZEN OK, has submitted the following as a guest article.

This article is posted for informational purposes only. I have not tested this product for functionality, reliability, or any other “ility”.

ZEN OK is a breakthrough antivirus malware scanner that protects valuable pictures and documents stored on computers and laptops.

ZEN OK combines a major advance in data security design with ZEN OK’s legendary Online Backup Service, which automatically uploads all your pictures, music, spreadsheets and documents real-time to an military-grade secured server, far enough to keep them safe from fire, floods, earthquakes and other disasters. ZEN OK keeps your files up to date whenever you change a file or create a new one on your computer.

With ZEN OK, engineers invented a whole new category of patent pending data security products that lets you protect your data and computer with just one product.

ZENOK has applied its legendary expertise on data security to make ZEN OK the most secure data protection suite ever.

Hackers and criminals spread over 5000 new viruses every month; with just 20% of computers using up-to-date protection suites; data security has become an major issue. Several companies already filed bankruptcy after they lost their customer data. Protecting yourself can be expensive. But not anymore with ZEN OK’s legendary free of charge Antivirus suite…

ZEN OK is already available online for download from the ZEN OK Website (www.zenok.com).

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Think You’re Infected? Find Out – Run An Online Scanner From Your Browser

Today’s malware generally writes itself into multiple parts of the operating system, and in many cases it can hide it’s files, registry entries, running process and services, making the infection virtually invisible.

The installation of this type of malware can often lead to a critically disabled PC, or in the worst case scenario, allow hackers access to important personal and financial information.

There are plenty of good anti-malware products, but no one anti-malware tool is likely to identify and remove all of the millions of malware strains that infest the cyber world.

As part of the mix of security solutions, online scanners offer an extra layer of protection that’s required in the current Internet environment.

The following graphics illustrates a scan I ran on a Windows 7 system:

Online Scanner Benefits:

Generally fast and easy to use.

Threat signatures and heuristic detection algorithms are always up to date.

Provides deep scanning of archive files, runtime packed executables and email messages.

Can often detect malware that some AV solutions cannot detect.

Avoids conflicts with existing security software.

Acts as a double-check on the accuracy of your onboard AV solutions.

Disadvantages:

May have fewer scanning options than locally installed AV solutions.

Not all scanners disinfect, or remove found malware.

The following are Online Scanners that have developed a good reputation for accuracy; be sure to read the Terms of Use, or Privacy Statements carefully.

Panda ActiveScan 2

ActiveScan 2.0 is an advanced online scanner based on Collective Intelligence (scanning in-the-cloud) that detects malware that traditional security solutions cannot detect.

Make sure your antivirus is offering you proper protection.

Find hidden threats on your PC, such as rootkits, banker Trojans and malware designed to steal your identity.

Simple, online disinfection of all malware detected on your PC.

BitDefender Online Scanner

Free and effective malware cleanup directly from your browser

Incorporating the BitDefender award-winning scanning engines, BitDefender Online Scanner is an on-demand antivirus and antispyware tool that shows how safe your PC is. Accessible from your browser, it will scan and automatically clean the system memory, all files and drives’ boot sectors.

One major advantage of BitDefender Online Scanner is, you can use it without having to uninstall your existing data security product.

Symantec Security Check

The Symantec site offers two scans – a security checker and a virus scanner. Both use ActiveX, so you need to have Internet Explorer running.

The security scan checks that you’re running an anti-virus program and then looks for Windows vulnerabilities, hacker risks and Trojan horses.

The anti-virus checker performs a deep scan and takes a considerable amount of time to complete. It won’t remove any infections it finds, but will suggest actions that you can take.

Note: Does not disinfect.

The graphic below (taken from my test system), outlines the results of the “hacker check” portion, of the Symantec Security Check.

Trend Micro’s HouseCall

HouseCall can quickly identify and fix a wide range of threats including viruses, worms, Trojans, and spyware. It is now faster, more powerful and browser independent.

Full scan and custom scan options, in addition to Quick Scan.

Support for 64-bit and Windows 7.

ESET Online Scanner

ESET Online Scanner is a user friendly, free and powerful tool which you can use to remove malware from any PC utilizing only your web browser without having to install anti-virus software.

ESET Online Scanner uses the same ThreatSense technology and signatures as ESET Smart Security/ESET NOD32 Antivirus, and is always up-to-date.

Administrator privileges are required to run ESET Online Scanner.

Kaspersky

Kaspersky Online Virus Scanner is a free online virus scanner to find out if you have any viruses or spyware on your machine without having to uninstall your current antivirus software or install a new one.

Most importantly, you can see what viruses your current antivirus software let slip through.

Note: Does not disinfect.

It’s good practice to run an online scanner occasionally. It’s convenient, and it’s a good double-check that your onboard security solutions are effective.

If your onboard AV informs you that you’ve been infected, it’s always a good idea to run a secondary on board scanner for confirmation, followed by an online scan.

Antimalware applications are not immune from false positives. In fact, false positives are more common than many users realize. Here’s just one example – some AVs are notorious for seeing extractor files in application setup files as a Trojan.

So run an online scanner if you think you’ve been infected. You may think this is aggravating, and maybe it is, but it’s a better solution than having to rebuild your system because you’ve removed a critical file.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

How to Tune Up Your Anti-Malware Strategy With These Free Solutions

As highly regarded security guru Bruce Schneier says, “If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology”

Unfortunately, the average user continues to rely only on technology for protection. Recently, I setup a new computer system for a friend; an average user, and as I was tinkering with her system, one though kept bouncing around in my head. “What do I need to do to keep her protected on the Internet?”

I started with the usual things of course, including installing the following security applications.

PC Tools Firewall

– PC Tools Firewall is definitely worth considering as a new Firewall installation, or as a replacement for a current Firewall that is not meeting expectations.

Microsoft Security Essentials

– Easy to set up and run, particularly for new users. The interface is positively simple offering Quick Scan, Full Scan, or Custom Scan. Provides full real time protection against viruses, spyware, and other malicious software.

Avira AntiVir Personal

– Offers on demand scans for viruses, Trojans, backdoor programs, hoaxes, worms, dialers and other malicious programs. As well you can repair, delete, block, rename and quarantine programs, or files.

Firefox

– I then installed the most effective security add-ons, including NoScript, KeyScrambler, Adblock Plus and BetterPrivacy.

WOT

– Web of Trust, a browser add-on which offers Internet users active preventive protection against Web-based attacks, online scams, identify theft, and unreliable shopping sites.

Winpatrol

– This program uses a simple yet effective method of fighting all kinds of malicious programs.

GesWall

– An isolator which dynamically isolates Internet applications including Web Browsers, Chat Clients, Email Clients, and so on.

Malwarebytes’ Anti-Malware

– A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run, for both less experienced and expert users alike. This application was installed as a secondary on demand scanner.

SUPERAntiSpyware Free Edition

– SUPERAntiSpyware is also straightforward to setup, customize and run, for both less experienced and expert users alike. This application was installed as an additional secondary on demand scanner. This should not be considered overkill – there is no one single anti-malware application that is likely to catch everything. Better safe than sorry, and all that.

ThreatFire

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my own front line defenses.

So what could go wrong with this kind of armor against the pack of jackal-like cyber-criminals who prowl the Internet? The short answer is – plenty.

She still faces substantial risks while surfing the Internet regardless of the antispyware, antivirus, and the other Internet security applications I installed.

Malware evolves so rapidly today, that staying ahead of the curve has proven to be all but impossible for security software developers, despite their best efforts.

While it may be true that reputable Anti-malware software is often capable of detecting harmful and malicious attempts to compromise a computer, this is not always the case. Anti-malware programs that rely on a definition database (most anti-malware programs), can often be behind the curve in recognizing the newest threats.

You might be wondering just how many new malware threats circulate on the Internet – and here’s one answer. Over the last three months alone, PandaLabs has recorded five million new strains of malware.

On the face of it, it may appear that this huge number of new malware strains presents an insurmountable problem. But malware itself is only part of the problem.

The method used to deliver the malware – social engineering – that’s the most significant problem currently, for an average user. Social engineering, which relies on, and exploits our natural curiosity, is a sure winner for the bad guys.

Cyber-criminals are increasingly relying on this aspect of social engineering to create an opportunity designed to drop malicious code, including rootkits, password stealers, Trojan horses, and spam bots on our computers.

So the problem I found myself having to deal with was “If all these security applications I installed won’t offer her absolute protection against cyber-criminals, what, or who will?” The only plausible answer was – she must take on this responsibility herself. The inescapable fact is – she must become her own best protection. In my experience it’s the only strategy that works.

My friend, (just like most average users), had a need to believe, and desperately wanted to be able to trust, that the installed security applications would totally protect her on the Internet.

She, like the rest of us, needed to become convinced that a mild case of paranoia when using the Internet, was in her own best interest. Being suspicious, and untrusting while surfing the web, might not make her invulnerable to malware infections or worse, but it will certainly reduce her odds enormously.

It took considerable effort to finally convince her that mild paranoia would play an important role in preventing her from becoming a victim of cyber criminals.

Particularly, overcoming the instinctive human response (and we all have it), to just “click” while surfing the Internet. That instinctive response, would pose one of the biggest risks to her online safety and security.

Security experts argue (including me), that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly” or opening the types of files that are clearly dangerous.

At the end of the day, I finally managed to get her agreement that she would not engage in any of the following unsafe surfing practices.

Downloading files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.

Clicking links in instant messaging (IM) that have no context or are composed of only general text.

Downloading executable software from web sites without ensuring that the site is reputable.

Using an unsecured USB stick on public computers, or other computers that are used by more than one person.

Opening email attachments from unknown people.

Opening email attachments without first scanning them for viruses.

Opening email attachments that end in a file extension of .exe, .vbs, or .lnk.

Regular readers of this site are very familiar with the following recommended security strategy to protect their computer system, their money and their identity:

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all e-mail attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected. Most of all, understand that you are your own best protection.

Well known software developer Comodo Group, have developed a new Internet video series, Really Simple Security, published on a dedicated YouTube channel, that makes it easier than ever for an average user to become much more proactive in their own protection. This is a site that should be in everyone’s bookmarks.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Suspicious File? Scan it with VirusTotal’s 35 + AV’s

No matter what you’ve read or heard, there is no one solution that offers a 100% effectiveness rate for detecting viruses and malware. At the risk of sounding like the PC Guy on the recent Mac commercial, “trust me”. This is the primary reason that I recommend you occasionally have your system checked for infections by one, or more, free Online scanners.

If you’re worried about a specific file though, here’s an interesting twist on online scanners – you can have any specific computer file (files are restricted to a maximum of 10 megabytes), scanned for nasties by thirty five plus diverse online scanners, all in one go, through VirusTotal.

VirusTotal.com offers this amazing free virus and malware online scan service, to the Internet community, in the spirit of trying to keep us all safer on the increasingly more dangerous Internet.

To take advantage of this service, simply upload a file, that you’re uncertain of, to Virus Total, or as an alternative submit your suspicious file to Virus Total by email. What could be simpler?

The following graphics indicate just how efficient this free service is.

Received Files/Infected Files (Last 24 Hours) November 10, 2009:

This image shows the number of files that have been detected as infected (red) among the total number of files received within the last 24 hours (clean ones marked in blue).

Top 10 Infected Files (Last 24 Hours), November 10, 2009:

This image shows the list of the most-uploaded infected files received within the last 24 hours.

Quick facts:

Free, independent service

Use of multiple antivirus engines

Real-time automatic updates of virus signatures

Detailed results from each antivirus engine

Real time global statistics

Keep in mind, this service is not a substitute for an appropriate local defense system, including a firewall (either software or hardware), and a sound and effective malware suite (including anti-virus and spyware).

It’s important to be aware that anti-malware programs, including online scanners that rely on a definition database to identify malware files, can often be behind the curve in recognizing the newest threats.

So in addition to the “normal” system protection you have installed locally, I recommend that you consider downloading and installing ThreatFire 4.5, free from PC Tools. This type of anti-malware application works side by side with your existing anti-malware tools, using heuristics, or behavioral analysis, to identify newer threats. Current reports indicate this application has a 90% + success rate in stopping malware in it’s tracks.

Upload your suspicious file/s to: Virus Total

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

7 Top Notch Online Malware Scanners

The one thing we know for sure about today’s malware is; it’s very smart. It’s so smart that it often recreates its own component parts even if it has been deleted. How smart is that?

Today’s malware generally writes itself into multiple parts of the operating system and in many cases it can hide it’s files, registry entries, running process and services, making the infection virtually invisible.

Experienced computer users’ have come to realize that the Internet is alive with predators intent on installing damaging programs, (Spyware, adware, viruses and Trojans), on vulnerable computer systems. However, the sad reality is, the majority of computer users are undereducated when it comes to recognizing the dangers and threats that the Internet poses to their computers, and to their personal privacy.

The installation of such malware invariable leads to a critically disabled PC, or in the worst case scenario, allows hackers access to important personal and financial information.

There are plenty of good anti-malware products, but no one anti-malware tool is likely to identify and remove all of the millions of rogue malware that infest the cyber world.

So to ensure maximum safety, it’s important to have layered defenses in the ongoing fight against malware. As part of the mix of security solutions, online scanners offer an extra layer of protection that’s required in the current Internet environment.

The following graphics illustrate a scan I ran on my personal Windows 7 system:

Online Scanner Benefits:

Generally fast and easy to use

Threat signatures and heuristic detection algorithms are always up to date

Provides deep scanning of archive files, runtime packed executables and email messages

Can detect malware that some AV solutions cannot detect

Avoids conflicts with existing security software

Acts as a double-check on the accuracy of your onboard AV solutions

Disadvantages

Fewer scanning options than locally installed AV solutions

Not all scanners disinfect or remove found malware

The following are Online Scanners that have developed a good reputation for accuracy; be sure to read the Terms of Use or Privacy Statements carefully.

Panda ActiveScan 2

Panda NanoScan

McAfee FreeScan

Symantec Security Check

Trend Micro’s HouseCall

ESET Online Scanner

Kaspersky

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

The Only Anti-Malware Strategy That Works

I just finished setting up a new computer system for a friend; an average user, and as I was tinkering with the system, one though kept bouncing around in my head. “What do I need to do to keep her protected on the Internet?”

I started with the usual things of course, including installing the following security applications.

PC Tools Firewall – PC Tools Firewall is definitely worth considering as a new Firewall installation, or as a replacement for a current Firewall that is not meeting expectations.

SUPERAntiSpyware Professional Edition – Thanks to Mike Duncan of SUPERAntiSpyware, I had a spare lifetime license.

Avira AntiVir Personal – Offers on demand scans for viruses, Trojans, backdoor programs, hoaxes, worms, dialers and other malicious programs. As well you can repair, delete, block, rename and quarantine programs, or files.

Firefox – I then installed the most effective security add-ons, including NoScript, KeyScrambler, Adblock Plus and BetterPrivacy.

WOT – Web of Trust, a browser add-on which offers Internet users active preventive protection against Web-based attacks, online scams, identify theft, and unreliable shopping sites.

Winpatrol – This program uses a simple yet effective method of fighting all kinds of malicious programs.

GesWall – An isolator which dynamically isolates Internet applications including Web Browsers, Chat Clients, Email Clients, and so on.

Malwarebytes’ Anti-Malware – A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run, for both less experienced and expert users alike. This application was installed as a secondary on demand scanner.

So what could go wrong with this kind of armor against the pack of jackal-like cyber-criminals who prowl the Internet? The short answer is – plenty.

She still faces substantial risks while surfing the Internet regardless of the antispyware, antivirus, and the other Internet security applications I installed.

Malware evolves so rapidly today, that staying ahead of the curve has proven to be all but impossible for security software developers, despite their best efforts.

While it may be true that reputable Anti-malware software is often capable of detecting harmful and malicious attempts to compromise a computer, this is not always the case. Anti-malware programs that rely on a definition database (most anti-malware programs), can often be behind the curve in recognizing the newest threats.

You might be wondering just how many new malware threats circulate on the Internet – and here’s one answer. Over the last three months alone, PandaLabs has recorded five million new strains of malware.

On the face of it, it may appear that this huge number of new malware strains presents an insurmountable problem. But malware itself is only part of the problem.

The method used to deliver the malware – social engineering – that’s the most significant problem currently, for an average user. Social engineering, which relies on, and exploits our natural curiosity, is a sure winner for the bad guys.

Cyber-criminals are increasingly relying on this aspect of social engineering to create an opportunity designed to drop malicious code, including rootkits, password stealers, Trojan horses, and spam bots on our computers.

So the problem I found myself having to deal with was “If all these security applications I installed won’t offer her absolute protection against cyber-criminals, what, or who will?” The only plausible answer was – she must take on this responsibility herself. The inescapable fact is – she must become her own best protection. In my experience it’s the only strategy that works.

My friend, from a physiological perspective, had a need to believe, and desperately wanted to be able to trust, that the installed security applications would totally protect her on the Internet.

She, like the rest of us, needed to become convinced that a mild case of paranoia when using the Internet, was in her own best interest. Being paranoid, suspicious, and untrusting while surfing the web, might not make her invulnerable to malware infections or worse, but it will certainly reduce her odds enormously.

It took considerable effort to finally convince her that mild paranoia would play an important role in preventing her from becoming a victim of cyber criminals.

Particularly, overcoming the instinctive human response (and we all have it), to just “click” while surfing the Internet. That instinctive response, if she continued, would pose one of the biggest risks to her online safety and security.

Security experts argue (including me), that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly” or opening the types of files that are clearly dangerous.

At the end of the day I finally managed to get her agreement that she would not engage in any of the following unsafe surfing practices.

Downloading files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.

Clicking links in instant messaging (IM) that have no context or are composed of only general text.

Downloading executable software from web sites without ensuring that the site is reputable.

Using an unsecured USB stick on public computers, or other computers that are used by more than one person.

Opening email attachments from unknown people.

Opening email attachments without first scanning them for viruses.

Opening email attachments that end in a file extension of .exe, .vbs, or .lnk.

Regular readers of this site are very familiar with the following recommended security strategy to protect their computer system, their money and their identity:

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all e-mail attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected. Most of all, understand that you are your own best protection.

If you are unsure if you have adequate software based protection on your computer, then check out “The 35 Best Free Applications – Tried, Tested and Reliable! ”, on this site, and download free security software that is appropriate for your personal circumstances.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Paranoia on the Internet Pays Off

By chance, I met a very interesting cab driver today; one who was extremely computer competent and far more security conscious than the typical computer user I normally meet informally.

What struck me immediately, was Mike’s sense of paranoia surrounding his use of the computer on the Internet, which extended to the installation of software from unknown sources, including software from “friends”.

I must admit, it was very refreshing to have a discussion with a security conscious user, who was very aware of the security issues surrounding the use of computers.

So, is it paranoia if they really are after you? Well I can assure you, if you are connected to the Internet – they really are after you!

The Internet is a world that is full of cyber criminals, scam and fraud artists, and worse. A world that reeks of tainted search engine results, malware infected legitimate websites, drive-by downloads and bogus security software. Believe me, this is a very incomplete list!

It is beyond dispute that the Internet now fits the criteria of a world that is not just perceived to be, but is in fact, personally threatening to uninformed or casual Internet users.

I’ve often felt that given the present dangers on the Internet, it’s unfortunate that we can’t buy paranoia at the local computer store, or that we can’t download it freely from the Internet.

Despite the best efforts of antispyware, antivirus, and other Internet security products, you still face substantial risks while surfing the Internet. Malware (a genetic term for all sorts of nasties), evolves so rapidly today, that staying ahead of the curve has proven to be all but impossible for security software developers.

While reputable Anti-malware software is often capable of detecting harmful and malicious attempts to compromise your computer, this is not always the case. Anti-malware programs that rely on a definition database (most anti-malware programs) can be behind the curve in recognizing the newest threats.

Some statistics suggest that a zero day malware threat (a threat so new that no viable protection against it yet exists), will only be caught 57% of the time by installed Anti-malware software. Personally, I believe that this figure is a gross exaggeration.

Given these conditions then, we all need to become infected with a mild case of paranoia when using the Internet. Being paranoid, suspicious, and untrusting while surfing the web, might not make you invulnerable to malware infections or worse, but it will certainly reduce the odds enormously.

The prime area where paranoia can play an important role in preventing you from becoming a victim of cyber criminals is in overcoming the instinctive human response to just “click” while surfing the Internet. That instinctive response poses one of the biggest risks to your online safety and security.

Curiosity, coupled with a conditioned response can often override self-discipline and common sense; so it’s not unusual for people to engage in some, or all, of the following unsafe surfing practices.

Downloading files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.

Clicking links in instant messaging (IM) that have no context or are composed of only general text.

Downloading executable software from web sites without ensuring that the site is reputable.

Using an unsecured USB stick on public computers, or other computers that are used by more than one person.

Opening email attachments from unknown people.

Opening email attachments without first scanning them for viruses.

Opening email attachments that end in a file extension of .exe, .vbs, or .lnk.

So it’s time for you to develop a case of healthy paranoia while surfing the Internet, and as a first step be actively aware of the following threats to your personal and computer security.

Trojan horse programs

Back door and remote administration programs

Denial of service

Being an intermediary for another attack

Unprotected Window shares

Mobile code (Java, JavaScript, and ActiveX)

Cross-site scripting

Email spoofing

Email-borne viruses

Hidden file extensions

Chat clients

Packet sniffing

Having developed this new sense of paranoia you will no doubt take the following actions to protect your computer system, your money and your identity:

Install an Internet Browser add-on such as WOT, which provides detailed test results on a site’s safety; protecting you from security threats including spyware, adware, spam, viruses, browser exploits, and online scams.

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all e-mail attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

If you are unsure if you have adequate software based protection on your computer, then check out “The 35 Best Free Applications – Tried, Tested and Reliable!”, on this site, and download free security software that is appropriate for your personal circumstances.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Computer and Internet Security – How Savvy Are You?

When you surf the Internet are you a savvy computer user? Are you aware of the dangers and pitfalls that wait for the typical unsuspecting user? How likely are you to be pounced on by the multitude of scam artists, schemers and cyber-crooks lurking in the shadows, just waiting for victims.

In any given week I speak with 100’s of typical Internet users who generally have the same behavior characteristics while surfing the Internet in that they:

Use a search engine to locate and generate information.

Despite the fact that cyber-crooks continue to be unrelenting in their chase to infect web search results, seeding malicious websites among the top results returned by these engines – the typical user I come into contact with, has little or no knowledge of current conditions and believes search engine output to be untainted, and free of potential harmful exposure to malware.

Sadly, current statistics indicate that web pages continue to be infected with malware at an ever increasing rate. Some estimates suggest that a legitimate website is infected every five seconds!

For a comprehensive article that discusses how “phishers” are currently infecting legitimate sites check out “More Than 80% Of Phishing Attacks Use Hijacked, Legitimate Websites”, on  the Dark Reading web site.

Trust the information they discover while online to be reliable and credible.

Rogue security software developers, for example, rely on the innate level of trust that typical Internet users’ have developed, to convince users’ to download this type of malicious software.

The vast majority of typical Internet users I speak with are not aware that such a class of software even exists. But it does; and regrettably, it is now widespread.

A rogue security application is an application, usually found on free download and adult websites, or it can be installed from rogue security software websites, using Trojans or manipulating Internet browser security holes.

After the installation of rogue security software the program launches fake or false malware detection warnings. Rogue security applications, and there seems to be an epidemic of them on the Internet currently, are developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.

Some types of rogue security software have the potential to collect private and personal information from an infected machine which could include passwords, credit card details, and other sensitive information.

Communicate with family and friends by email.

The worldwide Internet population is now estimated to be 1.08 billion users, so the ability to communicate with family and friends has increased dramatically.

Unfortunately however, cyber-crooks are well aware of the opportunities such a large number of unaware potential victims present for illicit monetary gain.

Incredible as it seems, billions (that’s right billions), of spam email messages are generated every hour through so called botnets; zombie computers controlled by cyber-criminals.

The IC³ (Internet Crime Complaint Center) recently stated that these types of attacks against Internet users are occurring with such frequency, that the situation can be called nothing short of “alarming”.

Yet, the majority of typical users, that I meet, are unaware of the very real dangers that spam emails hold for their safety, security and identity protection.

Email scams work because the cyber-crooks responsible use social engineering as the hook; in other words they exploit our curiosity. The fact is, we are all pretty curious creatures and let’s face it, who doesn’t like sensational email topics.

Sensational news alerts, for example, continue be one of the methods cyber-crooks have selected to capture users’ attention, rather than emails offering pharmaceuticals, expensive watches, or other knockoff products.

As I have pointed out in the past on this Blog, the following are actions you can take to protect your computer system, your money and your identity:

Install an Internet Browser add-on such as McAfee SiteAdvisor, which provides detailed test results on a site’s safety; protecting you from security threats including spyware, adware, spam, viruses, browser exploits, and online scams.

Don’t open unknown email attachments.

Don’t run programs of unknown origin.

Disable hidden filename extensions.

Keep all applications (including your operating system) patched.

Turn off your computer or disconnect from the network when not in use.

Disable Java, JavaScript, and ActiveX if possible.

Disable scripting features in email programs.

Make regular backups of critical data.

Make a boot disk in case your computer is damaged or compromised.

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.

Ensure the anti-virus software scans all e-mail attachments.

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

Finally, a major step you can take to in prevent yourself from becoming a victim of cyber-criminals is to overcome the instinctive response to just “click” while surfing the Internet. That instinctive response poses one of the biggest risks to your online safety and security.

Stop – Think – Click

Paranoia – Your Best Internet Security Tool

Is it paranoia if they really are after you? I can assure you, if you are connected to the Internet – they really are after you!

The Internet is a world that is full of cyber criminals, scam and fraud artists, and worse. A world that reeks of tainted search engine results, malware infected legitimate websites, drive-by downloads and bogus security software. Believe me, this is a very incomplete list!

It is beyond dispute that the Internet now fits the criteria of a world that is not just perceived to be, but is in fact, personally threatening to uninformed or casual Internet users.

I’ve often felt that given the present dangers on the Internet, it’s unfortunate that we can’t buy paranoia at the local computer store, or that we can’t download it freely from the Internet.

Despite the best efforts of antispyware, antivirus, and other Internet security products, you still face substantial risks while surfing the Internet. Malware (a genetic term for all sorts of nasties), evolves so rapidly today, that staying ahead of the curve has proven to be all but impossible for security software developers.

While reputable Anti-malware software is often capable of detecting harmful and malicious attempts to compromise your computer, this is not always the case. Anti-malware programs that rely on a definition database (most anti-malware programs) can be behind the curve in recognizing the newest threats.

Some statistics suggest that a zero day malware threat (a threat so new that no viable protection against it yet exists), will only be caught 57% of the time by installed Anti-malware software. Personally, I believe that this figure is a gross exaggeration.

Given these conditions then, we all need to become infected with a mild case of paranoia when using the Internet. Being paranoid, suspicious, and untrusting while surfing the web, might not make you invulnerable to malware infections or worse, but it will certainly reduce the odds enormously.

The prime area where paranoia can play an important role in preventing you from becoming a victim of cyber criminals is in overcoming the instinctive human response to just “click” while surfing the Internet. That instinctive response poses one of the biggest risks to your online safety and security.

Curiosity, coupled with a conditioned response can often override self-discipline and common sense; so it’s not unusual for people to engage in some, or all, of the following unsafe surfing practices.

Downloading files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.

Clicking links in instant messaging (IM) that have no context or are composed of only general text.

Downloading executable software from web sites without ensuring that the site is reputable.

Using an unsecured USB stick on public computers, or other computers that are used by more than one person.

Opening email attachments from unknown people.

Opening email attachments without first scanning them for viruses.

Opening email attachments that end in a file extension of .exe, .vbs, or .lnk.

So it’s time for you to develop a case of healthy paranoia while surfing the Internet, and as a first step be actively aware of the following threats to your personal and computer security.

Trojan horse programs

Back door and remote administration programs

Denial of service

Being an intermediary for another attack

Unprotected Window shares

Mobile code (Java, JavaScript, and ActiveX)

Cross-site scripting

Email spoofing

Email-borne viruses

Hidden file extensions

Chat clients

Packet sniffing

Having developed this new sense of paranoia you will no doubt take the following actions to protect your computer system, your money and your identity:

Install an Internet Browser add-on such as McAfee SiteAdvisor, which provides detailed test results on a site’s safety; protecting you from security threats including spyware, adware, spam, viruses, browser exploits, and online scams.

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all e-mail attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

If you are unsure if you have adequate software based protection on your computer, then check out “The 35 Best Free Applications – Tried, Tested and Reliable!”, on this site, and download free security software that is appropriate for your personal circumstances.

Online Malware Scanners – An Extra Layer of Protection

The one thing we know for sure about today’s malware is; it’s very smart. It’s so smart that it often recreates its own component parts even if it has been deleted. How smart is that?

Today’s malware generally writes itself into multiple parts of the operating system and in many cases it can hide it’s files, registry entries, running process and services, making the infection virtually invisible.

Experienced computer users’ have come to realize that the Internet is alive with predators intent on installing damaging programs, (Spyware, adware, viruses and Trojans), on vulnerable computer systems. However, the sad reality is, the majority of computer users are undereducated when it comes to recognizing the dangers and threats that the Internet poses to their computers, and to their personal privacy.

The installation of such malware invariable leads to a critically disabled PC, or in the worst case scenario, allows hackers access to important personal and financial information.

There are plenty of good anti-malware products, but no one anti-malware tool is likely to identify and remove all of the millions of rogue malware that infest the cyber world.

So to ensure maximum safety, it’s important to have layered defenses in the ongoing fight against malware. As part of the mix of security solutions, online scanners offer an extra layer of protection that’s required in the current Internet environment.

Online Scanner Benefits:

Generally fast and easy to use

Threat signatures and heuristic detection algorithms are always up to date

Provides deep scanning of archive files, runtime packed executables and email messages

Can detect malware that some AV solutions cannot detect

Avoids conflicts with existing security software

Acts as a double-check on the accuracy of your onboard AV solutions

Disadvantages

Fewer scanning options than locally installed AV solutions

Not all scanners disinfect or remove found malware

The following are Online Scanners that have developed a good reputation for accuracy; be sure to read the Terms of Use or Privacy Statements carefully.

Panda NanoScan

McAfee FreeScan

Symantec Security Check

Panda Security

Trend Micro’s HouseCall

ESET Online Scanner

Kaspersky