Think BEFORE You Click! – How Hard Is That?

HARD, apparently.

I recently repeated a small experiment (for the third year in a row), with a group of “average computer user” friends, (12 this time around), and I was disappointed to see (once again), that the conditioned response issue to “just click” while surfing the web, was still there.

Still, I’m always hopeful that reinforcing the point that clicking haphazardly, without considering the consequences – the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information – would have had some impact. Apparently not.

But, I haven’t given up. I’m prepared to hammer them repeatedly until such time as I can make some progress. In the meantime, I expect that curiously browsing the web blissfully unaware of the considerable malware dangers, will continue to be the modus operandi for my friends.

They’re not alone in their “clicking haphazardly” bad habits. Many of us have learned to satisfy our curiosity simply by a mouse click here, and a mouse click there. Arguable, we have developed a conditioned response (without involving conscious thought), to – “just click”.

It can be argued, that our “just click” mindset poses the biggest risk to our online safety and security. In fact, security experts argue, that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly”, or opening the types of files that are clearly dangerous. However, this type of dangerous behavior continues despite the warnings.

Most visitors to this site are above average users (I’m assuming that you are too), so, I have a challenge for you.

Take every appropriate opportunity to inform your friends, your relatives, and associates, that “just clicking haphazardly” without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information.

Help them realize that “just clicking”, can expose them to:

• Trojan horse programs
• Back door and remote administration programs
• Denial of service attacks
• Being an intermediary for another attack
• Mobile code (Java, JavaScript, and ActiveX)
• Cross-site scripting
• Email spoofing
• Email-borne viruses
• Packet sniffing

They’ll be glad that you took an interest in their online safety. And, best of all, by doing this, you will have helped raise the level of security for all of us.

A point to ponder:

Since it’s proven to be difficult to get “buy-in” on this – “think before you click safety strategy” – I generally ask the question – do you buy lottery tickets? Not surprisingly, the answer is often – yes. The obvious next question is – why?

The answers generally run along these lines – I could win; somebody has to win;……. It doesn’t take much effort to point out that the odds of a malware infection caused by poor Internet surfing habits are ENORMOUSLY higher than winning the lottery and, that there’s a virtual certainty that poor habits will lead to a malware infection.

The last question I ask before I walk away shaking my head is – if you believe you have a chance of winning the lottery – despite the odds – why do you have a problem believing that you’re in danger on the Internet because of your behavior, despite the available stats that prove otherwise?

Way To Go WOT! – Now Protecting 30 Million Users

The Internet is one kickass place – survey after survey continue to show that cybercriminals are picking off unaware/undereducated users, as if they were shooting fish in a barrel.

It’s hardly surprising then, that an enormous industry (no, not big, not large – but, enormous) has developed, based on the principal that technology can act as a counterfoil  to the most nefarious cyber criminal schemes. Criminal schemes which are, after all, technology driven.

I’ll leave it to you to decide if this has been an effective solution.

No matter the side you come down on regarding this complex issue, dancing around naked (so to speak ) on the Internet – that is, without adequate Browser protection, is akin to fumbling and stumbling through the toughest neighborhood in your area – after dark.

Internet security starts with the Web Browser (it does not end there – but, one step at a time), and WOT (Web of Trust, which passed the 30 million user mark yesterday – January 9, 2011), substantially reduces the risk exposure that comes with wandering through the increasingly risky neighborhood that the Internet has become.

Based on the way that I surf the Web, there’s no contest as to which of the 17 add-ons I have installed on Firefox, is most important to my piece of mind. The hands down winner – the single most important add-on for my style of surfing is WOT (Web of Trust).

Sure, that’s a pretty bold statement – but, since I frequently hear from readers who, after installing WOT on their computer systems, feel reassured that they are safer than ever before, and who express a renewed sense of confidence, and  a new level of enthusiasm, while surfing the Internet, I’ll go with it.

If you’re not yet a WOT user, read the following in-depth review – you may reconsider.

What is WOT?

WOT, one of the most downloaded Firefox Add-ons at the Mozilla add-on site, (also compatible with Internet Explorer and Chrome), is a free Internet Browser resource which  investigates web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams – helping you avoid unsafe web sites.

For example, here’s a Google search in which WOT indicates which sites are safe. Notice the unsafe (red) sites, in the Google ads!

Take a look at what happens if, in fact, you do end up on an unsafe web site. WOT’s dropdown warning curtain blocks access to the site until you determine otherwise.

WOT operates in a unique fashion in order to offer active protection to the Internet user community. It stands out from the crowd of similar applications, by soliciting the opinions of users/members whose views on web site safety are incorporated into the overall site safety rating. According to WOT, the user community now has reputation data on over 35 million sites worldwide.

The shared information on a site’s reputation includes trustworthiness, vendor reliability, privacy, and child safety. As well, in order to achieve maximum security coverage, WOT uses thousands of trusted sources including phishing site listings, to keep users protected against rapidly spreading threats.

WOT integrates seamlessly with search engine results from popular search engines including Google, Yahoo, MSN and other popular sites, and provides impressive protection against Internet predators.

WOT recently added the top three web-based email services – Google Gmail, Windows Live Hotmail and Yahoo! Mail, to its free security protection. You can now feel more confident and secure, since WOT checks links embedded in your email, and warns you of dangerous web sites so that you can avoid spyware, spam, phishing, identity theft and other Internet scams; before you click on dangerous embedded links.

How WOT works:

The Browser add-on icon, displays a color rating for each site you visit, indicating whether a site is safe to use, should be used with caution, or avoided entirely.

Using traffic light colors, (green, yellow, and red), WOT leaves you in no doubt as to the safety rating of a web site. An impressive feature of WOT is the dropdown transparent warning curtain, shown earlier, triggered on visiting a dangerous site.

Recognizing that up to ten percent of Internet users are at a disadvantage however, due to colorblindness, and cannot rely on an Internet safety system based on color coding, the Web of Trust development team recently released an adaptive version of WOT. This version incorporates equivalent alternative information, through assistive or adaptive technology, for colorblind users.

This colorblind accessible application provides the same critical benefits to those individuals who have to contend with visual impairments, as it has to those of us who have come to rely on WOT as a major defense against the pervasive hazards we encounter on the Internet.

Quick facts – WOT checks the following on each web site visited:

Trustworthiness

Vendor reliability

Privacy

Child Safety

More quick facts:

Ratings for over 30 million websites

The WOT browser add-on is light and updates automatically

WOT rating icons appear beside search results in Google, Yahoo!, Wikipedia, Gmail, etc.

Settings can be customized to better protect your family

WOT Security Scorecard shows rating details and user comments

Works with Internet Explorer, Firefox and Chrome

Interface supports English, French, German, Spanish, Italian, Russian, Polish, Portuguese, Swedish and Finnish.

System requirements: Windows (all), Mac OS X, Linux

Download at: MyWot

Surf more securely by installing this browser add-on which will provide you with an in-depth site analysis based on real world results. Keep in mind however, that you are your own best protection. Stop · Think · Click.

NEW – Panda Cloud Antivirus 1.5 Released

Panda Cloud Antivirus 1.5, Panda Security’s newest release (June 20, 2011), of it’s popular cloud-based antimalware application, should be even more effective at keeping the bad guys at bay with it’s newest enhanced features.

New features include – improved scanning speeds, less CPU consumption, advanced configuration options for exclusions of files based on file extensions, and a new activity monitor which shows information such as scanned file details, and previous viruses detected.

Panda Security obviously pays attention to its users recommendations for improved product features, since a number of these new features were suggested by the user community.

Panda Cloud Antivirus is based on Collective Intelligence, a system for detecting and disinfecting viruses and other threats that feeds off the knowledge shared by millions of users. The computers that are part of the Panda Community – instantly share and benefit from all the information stored in the cloud.

Testing anti-malware applications takes considerable time in order to get to the heart of the matter – does an application work in the “real world?”

Will the application do what an average user expects – does it block malware effectively and efficiently? Particularly new, or emerging, malware threats.

Is the interface crafted in such a way that an average user doesn’t need to digest an instruction manual in order to navigate the application?

Is the application capable of providing adequate protection without stressing system resources?

I’ve been running Panda Cloud Antivirus, on a secondary system, since April 2009, and in this extensive testing, Panda Cloud Antivirus has met, or exceeded, all of these requirements. So, I’m looking forward to giving this new release a workout.

Installation:

Pay particular attention at the Install screen. Once again, you’ll be asked to accept a Toolbar and a change in your Homepage – annoying as hell. As well, on this screen, you can choose your language.

Panda is obviously convinced that the “more is less” GUI approach, is suitable for most users. Kudos – I couldn’t agree more.

The optimized scan screen.

Scan time: under 5 minutes – 19,873 files.

The settings menu is accessed via the tool icon – as shown at the “hand icon” in the above screen shot. I found this “hideaway” a little awkward.

Despite an abundance of settings you’ll find some settings are only available in the Pro version.

At less than $30 for the one year Pro Edition license, you might consider jumping up to this version. Frankly though, I’m no fan of one year licenses.

Not when one considers that a lifetime license for Malwarebytes’ Anti-Malware and SUPERAntiSpyware, both of which are outstanding applications, can be purchased for less than $30 – considerably less when on sale.

Fast facts:

Light – Only works where necessary. It’s so light you won’t even notice it.

Easy – Don’t worry about complicated decisions ever again. Panda Cloud Antivirus will make the best decisions for you to keep your PC protected.

Secure – Panda Cloud Antivirus is based on Collective Intelligence, a system that continuously collects and analyzes viruses and other threats gathered from the community of millions of Panda users around the world.

Free – No tricks! Panda Cloud Antivirus has a free version that protects you against viruses and malicious websites.

Note: Panda’s Collective Intelligence servers have analyzed 175,569,053  (and counting) viruses, and known goodware.

System requirements: Windows 7 32-bit, Windows 7 64-bit, Windows Vista 32-bit, Windows Vista 64-bit, Windows XP 32-bit,  Windows XP 64-bit.

Panda Cloud Antivirus is available in 20 languages.

Download at: Panda Security

Backed by more than two years experience running Panda Cloud Antivirus in various editions, I have no hesitation in recommending Panda Cloud Antivirus 1.5 as a front line antivirus application.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

SpywareBlaster – Still Worthwhile After All These Years

SpywareBlaster was one of the first free antimalware applications I installed on Windows 95; it’s been around that long. You might wonder if an application which was released when I was running a system with 6 MB of memory (versus 4 GB today), has value as an effective antimalware application – but it does. Perhaps less so if you’re a high level user, but for casual users, it can be an important addition to a layered security approach.

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on a system by disabling the CLSIDs (a method used by software applications to identify a file or other items), of spyware ActiveX controls.

SpywareBlaster, once installed, doesn’t use any services, or drivers, and does not use memory or processing time. You just open SpywareBlaster, set your protection, close it – you’re protected. SpywareBlaster continues to provide protection without the need for user interaction.

A secondary, but equally important function offered by SpywareBlaster is its ability to block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Mozilla Firefox, Netscape, Seamonkey, Flock and other browsers.

Since SpywareBlaster doesn’t scan for, or clean spyware, but as stated earlier, prevents installation only, you should use it in combination with your active malware protection applications.

SpywareBlaster is definitely low maintenance and the only thing you need to remember is to update the database, which contains information on known spyware Active-X controls, regularly. Automatic update is also available for an annual fee of $9.95 USD.

A bonus feature included with SpywareBlaster is – System Snapshot. You can take a snapshot of your computer in its clean state, and later revert to this state, undoing any changes made by spyware and browser hijackers that have infected your system despite the security in place. I recommend that you take advantage of this important feature – just in case.

Fast facts:

Prevent the installation of ActiveX-based spyware and other potentially unwanted programs.

Block spying / tracking via cookies.

Restrict the actions of potentially unwanted or dangerous web sites.

Unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

System requirements: Windows XP, Vista, Win 7 (32 bit and 64 bit).

Browser compatibility: Internet Explorer, Mozilla Firefox, Netscape, Seamonkey, Flock, K-Meleon, and browsers that use the IE engine.

Download at: Javacool Software

Need answers? Visit the SpywareBlaster Forum

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Valentine’s Day = Cyber Crooks And Malware Love

Love in Your Inbox – Malware on Your Computer

It’s only a few weeks until Valentine’s day, so it’s not to early to get ready for the deluge of  “I love you”, “Wish you were mine”, and of course the proverbial “Happy Valentine’s Day” emails.

Hopefully, you will have a Happy Valentine’s Day, but you won’t if you fall victim to the burst of spam that is aimed at lovers, at this time of year, every year. Much of it designed to drop malware on unsuspecting users machines.

Like clockwork, spammers and cyber crooks ramp up the volume of spam emails aimed at unsuspecting users, just prior to this day, culturally set aside as a “celebration of love”.

In previous years, starting just about this time, we saw abnormally high rates of this type of spam, and since cyber crooks are “opportunity driven”, we can expect much more of this type of cybercriminal activity this year.

Maybe you’re a very cool person who’s significant other is always sending you neat little packages in your email. Things like MP3 files, screensavers, cartoons, YouTube videos and the like. You get them so often, that you just automatically click on the email attachment without even thinking. If you are this type of person, here’s a word of advice – start thinking.

The hook, as it always is in this type of socially engineered email scam, is based on exploiting our emotions. The fact is, we are all pretty curious creatures and let’s face it, who doesn’t like surprises. I think it’s safe to say, we all find it difficult, if not irresistible, to peek at love notes received via email.

The unfortunate truth is, these spam emails often contain links that deliver advertisements, or worse redirect the victim to an unsafe site where malware can be installed on the victim’s computer.

Last year at this time, a friend, who is an astute and aware computer user, fell for one of these carefully crafted teasing emails. On opening the email, he was taken to a site which had pictures of hearts and puppies, and was then asked to choose which one was for him.

Fortunately, common sense prevailed and he backed out of this site. If he had clicked on this site, he would have begun the process of infecting his machine with a Trojan, which can connect to remote command and control sites.

Unfortunately, being smart is often NOT enough to protect yourself. Experienced users are on guard year round for these, and other types of scam/spam email.

You know what to do, right?

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar.

If they come from an untrusted source, simply ignore them, as they could take you to a web site designed to download malware onto your computer.

Cyber crooks have moved on from using just emails as a malware delivery vehicle. So, be on the lookout for fraudulent Valentine’s Day greetings in:

Instant Messenger applications.

Twitter

Facebook

Chat forums, etc.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

WOT (Web of Trust) – Is It The Most Important Browser Security Add-on You Need To Install?

It would be difficult for regular readers of this site not to be aware, that I write consistently on the importance of Internet Browser protection.

In fact, we’ve covered 20 or more Browser add-ons here in the past few weeks – from add-ons that add functionality, to those that promise to provide additional security.

All this coverage of Browser add-ons rattled my Brain somewhat, and got me thinking about the single most important add-on I have installed – the add-on I couldn’t do without.

Based on the way that I surf the Web, there was no contest. Of the 17 add-ons I have installed on Firefox, the hands down winner – the single most important add-on for my style of surfing is WOT (Web of Trust). I don’t think I’m alone in this assessment.

I frequently hear from readers who, after installing WOT on their computer systems, feel reassured that they are safer than ever before, and who express a renewed sense of confidence, and  a new level of enthusiasm, while surfing the Internet.

In fact, just under 6,000 Tech Thoughts readers have installed WOT in the last two years – according to today’s download stats.

And why not. Security starts with the Web Browser, and WOT substantially reduces the risk exposure, that comes with wandering through the increasingly risky neighborhood that the Internet has become.

What is WOT?

WOT, one of the most downloaded Firefox Add-ons at the Mozilla add-on site, (also compatible with Internet Explorer and Chrome), is a free Internet Browser resource which  investigates web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams – helping you avoid unsafe web sites.

For example, here’s a Google search in which WOT indicates which sites are safe. Notice the unsafe (red) sites, in the Google ads!

Take a look at what happens if, in fact, you do end up on an unsafe web site. WOT’s dropdown warning curtain blocks access to the site until you determine otherwise.

WOT operates in a unique fashion in order to offer active protection to the Internet user community. It stands out from the crowd of similar applications, by soliciting the opinions of users/members whose views on web site safety are incorporated into the overall site safety rating. According to WOT, the user community now has reputation data on over 30 million sites worldwide.

The shared information on a site’s reputation includes trustworthiness, vendor reliability, privacy, and child safety. As well, in order to achieve maximum security coverage, WOT uses thousands of trusted sources including phishing site listings, to keep users protected against rapidly spreading threats.

WOT integrates seamlessly with search engine results from popular search engines including Google, Yahoo, MSN and other popular sites, and provides impressive protection against Internet predators.

WOT recently added the top three web-based email services – Google Gmail, Windows Live Hotmail and Yahoo! Mail, to its free security protection. You can now feel more confident and secure, since WOT checks links embedded in your email, and warns you of dangerous web sites so that you can avoid spyware, spam, phishing, identity theft and other Internet scams; before you click on dangerous embedded links.

How WOT works:

The Browser add-on icon, displays a color rating for each site you visit, indicating whether a site is safe to use, should be used with caution, or avoided entirely.

Using traffic light colors, (green, yellow, and red), WOT leaves you in no doubt as to the safety rating of a web site. An impressive feature of WOT is the dropdown transparent warning curtain, shown earlier, triggered on visiting a dangerous site.

Recognizing that up to ten percent of Internet users are at a disadvantage however, due to colorblindness, and cannot rely on an Internet safety system based on color coding, the Web of Trust development team recently released an adaptive version of WOT. This version incorporates equivalent alternative information, through assistive or adaptive technology, for colorblind users.

This colorblind accessible application provides the same critical benefits to those individuals who have to contend with visual impairments, as it has to those of us who have come to rely on WOT as a major defense against the pervasive hazards we encounter on the Internet.

Quick facts – WOT checks the following on each web site visited:

Trustworthiness

Vendor reliability

Privacy

Child Safety

More quick facts:

Ratings for over 30 million websites

The WOT browser add-on is light and updates automatically

WOT rating icons appear beside search results in Google, Yahoo!, Wikipedia, Gmail, etc.

Settings can be customized to better protect your family

WOT Security Scorecard shows rating details and user comments

Works with Internet Explorer, Firefox and Chrome

Interface supports English, French, German, Spanish, Italian, Russian, Polish, Portuguese, Swedish and Finnish.

System requirements: Windows (all), Mac OS X, Linux

Download at: MyWot

Surf more securely by installing this browser add-on which will provide you with an in-depth site analysis based on real world results. Keep in mind however, that you are your own best protection. Stop · Think · Click.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Malware Avoidance Lesson Number One – Think BEFORE You Click!

I recently repeated a small experiment with a group of “average computer user” friends, (about 16, or so), and I was disappointed to see that the conditioned response issue to “just click” while surfing the web, was still there. This, despite my long battle to get them to modify their online behavior.

I assumed that endlessly reinforcing “clicking haphazardly, without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information”, would have had some impact. Apparently not.

But, I haven’t given up. It appears it will take even more repetition before progress can be made. In the meantime, I expect that curiously browsing the web blissfully unaware of the considerable malware dangers, will continue to be the modus operandi for my friends.

My friends are not alone in their “clicking haphazardly” bad habit. Many of us have learned to satisfy our curiosity simply by a mouse click here, and a mouse click there. Arguable, we have developed a conditioned response (without involving conscious thought), to – “just click”.

It’s now well established, that our conditioned human responses pose the biggest risk to our online safety and security. Our curiosity, coupled with our conditioned responses can often override our common sense, so it’s not unusual for people to open an email attachment, for example, despite knowing that the attachment could be a virus, or another form of malware.

Security experts argue that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly” or opening the types of files that are clearly dangerous. To this point however, this type of dangerous behavior continues despite the warnings.

Most visitors to this site are above average users (I’m assuming that you are too), so, I have a challenge for you.

Take every appropriate opportunity to inform your friends, your relatives, and associates, that “just clicking haphazardly” without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information.

Help them realize that “just clicking”, can expose them to:

• Trojan horse programs
• Back door and remote administration programs
• Denial of service attacks
• Being an intermediary for another attack
• Mobile code (Java, JavaScript, and ActiveX)
• Cross-site scripting
• Email spoofing
• Email-borne viruses
• Packet sniffing

You can do them an additional favor, by pointing them to  Comodo’s YouTube channel, Really Simple Security, where they can learn the basics of Internet security in a  constructive, yet lighthearted way.

They’ll be glad that you took an interest in their online safety. And, best of all, by doing this, you will have helped raise the level of security for all of us.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Do We Need to “Fix” the Internet?

Each time that you connect to the Internet you are unfortunately, wandering through a raucous neighborhood which has a reputation for being jam-packed with predators.

These predators are intent on stealing your money and personal information, installing damaging programs on your computer, or misleading you with an online scam.

Cyber-crooks are relentless in their pursuit of your money, and it’s all about the money. In the worst case scenario, your identity and your financial security can be severely compromised.

Recently, Symantec reported that 51% of all the viruses, Trojans and other forms of malware it has ever seen were logged during 2009, and Symantec has been in the security business since before the Internet was launched.

Each day, when I boot up my home machine, Immunet Protect, advises me that it is protecting me against 12 Million threats. Today for example (May 16, 2010, the number is 12,866,263. That number is truly mind blowing.

Note: Later in the day, following a re-boot, I noticed that the protection level had risen to 12,876,095 – 10,000 additional threats had been identified.

Various Internet security companies report having to deal with up to as many as 40,000 new versions of malware daily. Here’s the math; one new malware program every four seconds!

Anti malware developer Comodo, looks at these numbers in a way that we can more easily relate to, in its instructive video – Did you Know? Dangers on the Web.

“Did you know that the amount of new malware discovered daily approximates the number of words a person speaks daily?

Or, the amount of money lost by US Consumers due to malware over the past 2 years would have paid the tuition of over one million US College Students?”

Seen in this way, cybercrime takes on a whole new dimension.

Since additional sophisticated threats are constantly being developed, or are currently being deployed, some observers are of the opinion that the Internet is essentially broken.

If you think this is an exaggeration, check this out and then you decide.

Tainted search engine results: Internet security gurus have known for some time that we cannot rely on Internet search engine output to be untainted, and free of potential harmful exposure to malware.

Cyber-crooks continue to be unrelenting in their chase to infect web search results, seeding malicious websites among the top results returned by these engines.

When a potential victim visits one of these sites, the chances of downloading malicious code onto the computer by exploiting existing vulnerabilities, is extremely high.

Infected legitimate websites: According to security solution provider  Kaspersky, the rate of infected legitimate web sites, in 2006, was one in every 20,000. In 2009, one in every 150 legitimate was infected by malware, according to Kaspersky.

Drive-by downloads: Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and craftier recently.

If you’re unfamiliar with the term, drive-by download, they are essentially programs that automatically download and install on your computer without your knowledge.

This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on a deceptive popup window. Often, more than one program is downloaded; for example, file sharing with tracking spyware is very common. It’s important to remember that this can take place without warning, or your approval.

Rogue software: A rogue security application (scareware), is an application usually found on free download and adult websites, or it can be installed from rogue security software websites, using Trojans or, manipulating Internet browser security holes.

After the installation of rogue security software the program launches fake or false malware detection warnings. Rogue security applications, and there seems to be an epidemic of them on the Internet currently, are developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.

Even if the full program fee is paid, rogue software continues to run as a background process incessantly reporting those fake or false malware detection warnings. Over time, this type of software will essentially destroy the victim’s computer operating system, making the machine unusable.

Email scams: Email scams work because the Cyber-crooks responsible use social engineering as the hook; in other words they exploit our curiosity. The fact is, we are all pretty curious creatures and let’s face it, who doesn’t like surprise emails? I think it’s safe to say, we all love to receive good news emails.

It seems that more and more these days, I get phishing emails in my inboxes all designed to trick me into revealing financial information that can be used to steal my money.

If you’re unfamiliar with phishing, it is defined as the act of tricking unsuspecting Internet users into revealing sensitive or private information. In a phishing attack, the attacker creates a set of circumstances where the potential victims are convinced that they are dealing with an authorized party. It relies for its success on the principle that asking a large number of people for this information, will always deceive at least some of those people.

A personal example of how this works is as follows. According to a recent email (similar in form and content to 20+ I receive each month), my online banking privileges with Bank of America had been blocked due to security concerns. This looked like an official email and the enclosed link made it simple to get this problem solved with just a mouse click. What could be easier than that?

Clicking on the link would have redirected me to a spoof page, comparable to the original site, and I would then have begun the process whereby the scammers would have stripped me of all the confidential information I was willing to provide.

My financial and personal details, had I entered them, would then have been harvested by the cyber-crooks behind this fraudulent scheme who would then have used this information to commit identity and financial theft.

These types of attacks against financial institutions, and consumers, are occurring with such frequency that the IC³ (Internet Crime Complaint Center), has called the situation “alarming”, so you need to be extremely vigilant.

This is by no means an exhaustive list of the dangers we are exposed to on the Internet. There are many more technical reasons why the Internet is becoming progressively more dangerous which are outside the scope of this article.

So what do you think? Is the Internet broken – do we need to fix it, and if so, how can we do that?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Download SpywareBlaster – It’s Old But Still Gold!

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on your system by disabling the CLSIDs (a system used by software applications to identify a file or other item), of spyware ActiveX controls.

SpywareBlaster, once installed, does not run in the background and yet continues to provide protection without the need for user interaction.

A secondary but equally important function offered by SpywareBlaster, is its ability to block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Mozilla Firefox, Netscape, Seamonkey, Flock and other browsers.

Since SpywareBlaster doesn’t scan for, or clean spyware, but as stated earlier, prevents installation only, you should use it in combination with your active malware protection applications.

SpywareBlaster is definitely low maintenance and the only thing you need to remember is to update the database, which contains information on known spyware Active-X controls, regularly. Automatic update is also available for an annual fee of $9.95 USD.

SpywareBlaster also includes a System Snapshot feature with which you can take a snapshot of your computer in its clean state, and later revert to this state, undoing any changes made by spyware and browser hijackers that have infected your system despite the security in place. I recommend that you take advantage of this important feature.

This is an important security protection tool to install on your system; particularly if your browser uses Active-X.

SpywareBlaster provides protection for your favorite web browser(s):

Internet Explorer

Mozilla Firefox

Netscape

Seamonkey

Flock

K-Meleon

and browsers that use the IE engine, including:

AOL web browser

Avant Browser

Slim Browser

Maxthon (formerly MyIE2)

Crazy Browser

GreenBrowser

System requirements: Windows 98, ME, NT, 2000, XP, Vista, 7.

Latest release: April 13, 2010

Download at: Javacool Software

Need answers? Visit the SpywareBlaster Forum

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

An Anti-malware Test – Common Sense Wins

I’ve just finished an anti-malware test that lasted for just over a year. For this test, I took a test machine, running Windows XP Professional, which I did not shut down, or reboot, for 373 days.

For 373 days, the machine was continuously wired to the Internet and each day, was used for active surfing and general computer use, including email, downloading applications, and so on.

During the test period, the installed anti-malware applications were patched and updated, as was the operating system. Common sense; right?

However, I did not run a single anti-malware scan of any description, since not doing so, was part of the objective of the test.

The overall purpose of the test was to determine if common sense plays a role in protecting a computer user against viruses, adware, spyware, hackers, spam,  phishing, and other Internet frauds.

Let me be clear, this test is in no way scientific, but instead, is a rather simple test on the importance of common sense in using a computer attached to the Internet.

Installed Anti-malware applications:

ZoneAlarm Firewall (free edition)

Spyware Terminator (free edition)

Avira Antivirus (free edition)

ThreatFire (free edition)

SnoopFree Privacy Shield (freeware)

WinPatrol (free edition)

Firefox – not strictly an anti-malware application, but…..

WOT

During this very extensive test run, the machine showed no indication of a malware infection; at least by normal observation (since I didn’t run any scans), – no system slowdown; no unusual disk use; no unusual Internet activity; no security application warnings.

In addition to practicing common sense in terms of not visiting the class of web sites that are known to be dangerous – porn sites; salacious news site; Facebook; MySpace; and so on, I absolutely adhered to the following.

I did not:

Download files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.

Click links in instant messaging (IM) that had no context, or were composed of only general text.

Download executable software from web sites without ensuring that the site was reputable.

Open email, or email attachments, from unknown people.

Open email attachments without first scanning them for viruses.

Open email attachments that ended in a file extension of .exe, .vbs, or .lnk.

Visit any site not shown as safe by WOT.

After 373 days (the end of the test period), I then ran multiple scans using the onboard security applications. The end result – not a single incidence of infection, malware, or an unwanted application.

It’s clear, at least to me, that by using common sense and updating both applications and the operating system, not visiting the class of web sites known to be unsafe, not clicking haphazardly and opening the types of files that are clearly dangerous, and being aware of the hidden dangers on the Internet, the dividends were measurable.

This was a long boring test, but it proved to me, that using common sense reduces the substantial risks we all face while surfing the Internet, regardless of the antispyware, antivirus, and the other Internet security applications installed.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.