Tag Archives: spy tools

Think BEFORE You Click! – How Hard Is That?

imageHARD, apparently.

I recently repeated a small experiment (for the third year in a row), with a group of “average computer user” friends, (12 this time around), and I was disappointed to see (once again), that the conditioned response issue to “just click” while surfing the web, was still there.

Still, I’m always hopeful that reinforcing the point that clicking haphazardly, without considering the consequences – the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information – would have had some impact. Apparently not.

But, I haven’t given up. I’m prepared to hammer them repeatedly until such time as I can make some progress. In the meantime, I expect that curiously browsing the web blissfully unaware of the considerable malware dangers, will continue to be the modus operandi for my friends.

They’re not alone in their “clicking haphazardly” bad habits. Many of us have learned to satisfy our curiosity simply by a mouse click here, and a mouse click there. Arguable, we have developed a conditioned response (without involving conscious thought), to – “just click”.

It can be argued, that our “just click” mindset poses the biggest risk to our online safety and security. In fact, security experts argue, that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly”, or opening the types of files that are clearly dangerous. However, this type of dangerous behavior continues despite the warnings.

Most visitors to this site are above average users (I’m assuming that you are too), so, I have a challenge for you.

Take every appropriate opportunity to inform your friends, your relatives, and associates, that “just clicking haphazardly” without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information.

Help them realize that “just clicking”, can expose them to:

  • Trojan horse programs
  • Back door and remote administration programs
  • Denial of service attacks
  • Being an intermediary for another attack
  • Mobile code (Java, JavaScript, and ActiveX)
  • Cross-site scripting
  • Email spoofing
  • Email-borne viruses
  • Packet sniffing

They’ll be glad that you took an interest in their online safety. And, best of all, by doing this, you will have helped raise the level of security for all of us.

A point to ponder:

Since it’s proven to be difficult to get “buy-in” on this – “think before you click safety strategy” – I generally ask the question – do you buy lottery tickets? Not surprisingly, the answer is often – yes. The obvious next question is – why?

The answers generally run along these lines – I could win; somebody has to win;……. It doesn’t take much effort to point out that the odds of a malware infection caused by poor Internet surfing habits are ENORMOUSLY higher than winning the lottery and, that there’s a virtual certainty that poor habits will lead to a malware infection.

The last question I ask before I walk away shaking my head is – if you believe you have a chance of winning the lottery – despite the odds – why do you have a problem believing that you’re in danger on the Internet because of your behavior, despite the available stats that prove otherwise?

18 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Online Safety, Spyware - Adware Protection

Malware Avoidance Lesson Number One – Think BEFORE You Click!

I recently repeated a small experiment with a group of “average computer user” friends, (about 16, or so), and I was disappointed to see that the conditioned response issue to “just click” while surfing the web, was still there. This, despite my long battle to get them to modify their online behavior.

I assumed that endlessly reinforcing “clicking haphazardly, without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information”, would have had some impact. Apparently not.

But, I haven’t given up. It appears it will take even more repetition before progress can be made. In the meantime, I expect that curiously browsing the web blissfully unaware of the considerable malware dangers, will continue to be the modus operandi for my friends.

My friends are not alone in their “clicking haphazardly” bad habit. Many of us have learned to satisfy our curiosity simply by a mouse click here, and a mouse click there. Arguable, we have developed a conditioned response (without involving conscious thought), to – “just click”.

It’s now well established, that our conditioned human responses pose the biggest risk to our online safety and security. Our curiosity, coupled with our conditioned responses can often override our common sense, so it’s not unusual for people to open an email attachment, for example, despite knowing that the attachment could be a virus, or another form of malware.

Conditioned Response

Security experts argue that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly” or opening the types of files that are clearly dangerous. To this point however, this type of dangerous behavior continues despite the warnings.

Most visitors to this site are above average users (I’m assuming that you are too), so, I have a challenge for you.

Take every appropriate opportunity to inform your friends, your relatives, and associates, that “just clicking haphazardly” without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information.

Help them realize that “just clicking”, can expose them to:

  • Trojan horse programs
  • Back door and remote administration programs
  • Denial of service attacks
  • Being an intermediary for another attack
  • Mobile code (Java, JavaScript, and ActiveX)
  • Cross-site scripting
  • Email spoofing
  • Email-borne viruses
  • Packet sniffing

You can do them an additional favor, by pointing them to  Comodo’s YouTube channel, Really Simple Security, where they can learn the basics of Internet security in a  constructive, yet lighthearted way.

They’ll be glad that you took an interest in their online safety. And, best of all, by doing this, you will have helped raise the level of security for all of us.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

16 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Interconnectivity, Online Safety, Personal Perspective, Safe Surfing

Computer Settings Hijacked? Hijack Them Back With Free HijackThis

HijackThis is a free utility from Trend Micro, which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs.

This application has a well deserved reputation for being aggressive in tracking down unauthorized changes that have been made to your system/applications.

The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, and a log file (if you choose to do so), with the results of the scan.

image

Because of the heuristic methods used by HijackThis, the results of the scan can be confusing/intimidating, to those who are not advanced users.

On the other hand, the strength of this program lies in the large community of users who participate in online forums, where experts (voluntarily and for free), will interpret HijackThis scan results for you, and then provide you with the information you need to clean any infection.

This screen capture shows a partial scan result on my test machine.

image

The latest version (2.0.4), adds potent tools to the Configuration window, including a process manager and hosts file editor, to help you remove dangerous infections, and an ADS Spy tool which scans alternate data streams which  browser hijackers can, and will use, to evade antispyware applications.

The following screen capture shows a Configuration – Hosts File Manager request being implemented but, you’ll also notice one of my antimalware tools, ThreatFire, has prohibited hosts files from being opened as a safety precaution against a malware penetration.

This is one reason I so strongly recommend ThreatFire as supplementary malware protection. In this case, I allowed the process to continue.

image

Despite the fact that you may only need this small application infrequently, it deserves a place in your anti-malware toolbox.

System requirements: Windows 7, Vista, XP, 2000, Me, 98.

Note: The continued use of Windows 2000, Me, or 98, is not recommended.

Software requirements: Internet Explorer, Firefox.

Download at: Trend Micro

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

14 Comments

Filed under Anti-Malware Tools, cybercrime, Don't Get Hacked, Free Anti-malware Software, Freeware, Malware Removal, Manual Malware Removal, Software, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Email “Non Delivery Report” Spam Up 2000% – Panda Labs

image When it comes to criminal creativity, I find it difficult to think of a group that’s more creative than spammers. Not only do these cyber criminals develop new and creative ways to bilk unaware computer users out of their money, but they regularly roll out time tested older spam scams.

Rolling back, this time, for another shot at the unaware user, is that old familiar spam scam – the NDR, an email “non-delivery report”. Personally, I have noticed a major increase in this annoying spam in the last few weeks.

image

PandaLabs recently reported on a 2000 percent increase in the amount of NDR spam messages in circulation – compared to the number of samples detected between January and June of this year. Twenty percent of global spam monitored by Panda Security now uses this technique.

According to Panda “These messages are usually legitimate, but this mail server function is being exploited by spammers to distribute spam, using the sender’s real name. The spam content is usually sent as an attachment to the fake non-delivery notice. Although in most cases users have not sent the supposedly undelivered email, they still become curious and open it”.

Curiosity is an issue we have covered on this site repeatedly. Let me give you this from the article “Want to Avoid Malware on the Internet? – Think BEFORE You Click” “….it may well be our conditioned human responses that pose the biggest risk to our online safety and security. Our curiosity, coupled with our conditioned responses can often override our common sense, so it’s not unusual for people to open an email attachment, for example, despite knowing that the attachment could be a virus or other form of malware”.

I handle hundred of emails every day, and in all the years I have been on the Internet and using email, I can recall only two non-delivery reports that were legitimate.

While it’s unlikely that opening a spam email non-delivery report will lead to system damage, or an infection, the one thing I will guarantee you is this – you will get a LOT more spam/scam email. It goes without saying, that the more spam you receive, the more likely it is that at some point, you will suffer a malware attack.

So do yourself a favor, if you receive a non-delivery report, simply ignore it. Of course, be guided by your own experience level in handling potential threats.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Don't Get Scammed, Don't Get Hacked, Email, email scams, Malware Advisories, Online Safety, Panda Security, PandaLabs, Windows Tips and Tools

Want to Avoid Malware on the Internet? – Think BEFORE You Click

Paranoia 6 I ran a little experiment with a group of “average computer user” friends recently, and while there were no great surprises, the conditioned response to “just click” while surfing the web issue, is still there – despite my long battle to get them to modify this behavior.

You would think that endlessly repeating “just clicking haphazardly, without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information” would have some impact.

Apparently, it will take even more repetition before progress can be made. In the meantime, curiously browsing the web blissfully unaware of the considerable malware dangers, will continue to be the modus operandi for my friends.

The web is the success it has become at least partially due to the fact that it can satisfy our curiosity about almost anything we can think of. My friends are not alone in their “clicking haphazardly” bad habit. Many of us have learned to satisfy our curiosity simply by a mouse click here, and a mouse click there. Arguable, we have developed a conditioned response to “just click”.

Knowing this, cyber crooks are now exploiting our natural curiosity more and more, by focusing on this aspect of social engineering to create an opportunity designed to drop malicious code, including rootkits, password stealers, Trojan horses, and spam bots on our computers.

So in a real sense then, it may well be our conditioned human responses that pose the biggest risk to our online safety and security. Our curiosity, coupled with our conditioned responses can often override our common sense, so it’s not unusual for people to open an email attachment, for example, despite knowing that the attachment could be a virus, or other form of malware.

Conditioned Response

Security experts argue that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly” or opening the types of files that are clearly dangerous. To this point however, this type of dangerous behavior continues despite the warnings.

As part of the Tech community I am aware that many fellow Techies choose not to run anti-malware software, but instead they rely on their own experiences, and common sense, to avoid malware infections. They are well aware of the hidden dangers on the Internet and have overcome that natural tendency to “just click”.

Be kind to your friends, relatives, and associates and let them know that “just clicking haphazardly” without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information.

The following are security risks on the Internet that “just clicking”, can expose you to:

  • Trojan horse programs
  • Back door and remote administration programs
  • Denial of service attacks
  • Being an intermediary for another attack
  • Mobile code (Java, JavaScript, and ActiveX)
  • Cross-site scripting
  • Email spoofing
  • Email-borne viruses
  • Packet sniffing

1 Comment

Filed under Don't Get Hacked, Interconnectivity, Internet Safety, Malware Advisories, Safe Surfing, trojans, Viruses, Windows Tips and Tools, worms

Common Sense Tips to Avoid Malware Infections

The Internet is a huge resource for those of us who are curious. It provides us with the vehicle we need to satisfy our nosiness, our inquisitiveness, as well as our curiosity.

Using the Internet we can snoop, probe, pry; and question, or confirm, virtually any statement, fact or opinion. We now have access to a quantity, and quality (some might dispute the quality), of information as never before.

Many of us have learned to satisfy this curiosity, or search for knowledge, by a mouse click here, and a mouse click there. In a sense, a lot of of us have developed a conditioned response to “just click”.

Knowing we are all pretty curious creatures, cyber-crooks are now exploiting our natural curiosity relying, more and more, on this aspect of social engineering to create an opportunity designed to drop malicious code, including rootkits, password stealers, Trojan horses, and spam bots on our computers. (See “Rogue Security Software on the Rise – What You Need to Know Now!” on this site.)

So in a real sense, it may well be our instinctive responses that pose the biggest risk to our online safety and security. Our curiosity coupled with our conditioned responses can often override our common sense, so it’s not unusual that many people will open an email attachment without knowing if the attachment contains a virus, or another form of malware.

Security experts agree that a significant number of malware infections could be avoided if users stopped opening the types of files that are clearly dangerous. Up to now however, this type of dangerous behavior continues, despite the warnings.

As part of the Tech community I am aware that many Techies do not look to anti-malware solution software for total protection, but instead, they rely on their own experiences and common sense to avoid malware infections. Techies are well aware of the hidden dangers on the Internet, and they have overcome that natural tendency to “just click”.

Modify your instinctive behavior:

Before you click, stop and consider the potential consequences. In the final analysis, you are the best line of defense against malware infecting your computer.

If you are in the habit of downloading files from the Internet you should avoid possibly destructive files with extensions such as .exe, .scr, .lnk, .bat, .vbs, .dll, .bin, and .cmd, unless you are familiar with the download site, and trust it to be free of potential dangers.

Be kind to your friends, relatives, and associates and let them know that “just clicking haphazardly” without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information.

Think like a Techie and be aware of the following security risks on the Internet:

Trojan horse programs

Back door and remote administration programs

Denial of service

Being an intermediary for another attack

Unprotected Window shares

Mobile code (Java, JavaScript, and ActiveX)

Cross-site scripting

Email spoofing

Email-borne viruses

Hidden file extensions

Chat clients

Packet sniffing

Act like a Techie and review the following actions you can take to protect your Internet connected computer system:

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.

Ensure the anti-virus software scans all e-mail attachments.

If you are unsure if your current anti-malware applications offer adequate protection, then checkout “The 35 Best Free Applications – Tried, Tested and Reliable”, on this site.

For additional information on Online fraud, checkout Online Fraud – How to avoid being a participant… at What’s On My PC.

5 Comments

Filed under Don't Get Hacked, Freeware, Interconnectivity, Internet Safety, internet scams, Malware Advisories, Online Safety, Rogue Software, Safe Surfing, Software, Spyware - Adware Protection, System Security, Windows Tips and Tools

Free HijackThis – A Powerful Anti-Malware Tool

Given the extreme state of the Internet today, and all of it’s accompanying dangers, computer users’ need all the help we can get to keep our machines free of spyware/Trojans/viruses/hijackers ……. Just fill in the blanks.

HijackThis is a free utility by Trend Micro which heuristically scans your computer to find settings that may have been changed by homepage hijackers, spyware, other malware, or even unwanted programs.

This application has a well deserved reputation for being aggressive in tracking down unauthorized changes that have been made to your system/applications.

The program doesn’t target specific programs, but instead it analyses registry and file settings, and then targets the methods used by cyber-crooks. After you scan your computer, HijackThis creates a report, or log file, with the results of the scan.

Because of the heuristic methods used by HijackThis, the results of the scan can be confusing/intimidating, to those who are not advanced users. On the other hand, the strength of this program lies in the large community of users who participate in online forums, where experts (voluntarily and for free), will interpret HijackThis scan results for you, and then provide you with the information you need to clean any infection.

The latest version (2.0.2), adds potent tools to the Configuration window including, a process manager and hosts file editor to help you remove dangerous infections, and an ADS Spy tool which scans alternate data streams, that browser hijackers can, and will use, to evade antispyware applications.

Despite the fact that you may only need this small application infrequently, it deserves a place in your anti-malware toolbox.

To get a real feel for how powerful this small application is, checkout the great tutorial on using HijackThis, at BleepingComputer.com.

System requirements: Windows Vista, XP, 2000, Me, 98

Software requirements: Internet Explorer, FireFox

Download at: Download.com

To read a great article on the current state of other free security tools hop on over to Techwalker, and checkout my friend Mark’s article on
Online Security Tools Revisited.

Comments Off on Free HijackThis – A Powerful Anti-Malware Tool

Filed under Anti-Malware Tools, Diagnostic Software, Freeware, Geek Software and Tools, Home Page Hijacking, Manual Malware Removal, Software, Spyware - Adware Protection, System File Protection, System Security, System Utilities, trojans, Utilities, Viruses, Windows Tips and Tools