Checkout Your Internet Risk Factor With OPSWAT’s Free Security Score

Not an imaginary conversation.

Me – How are you handling all the crazy new cyber threats currently being thrown at us on the Internet?

She – I’m cool! I’ve got the best Anti-virus program there is (her reference – the neighbourhood geek.)

Me – Good to hear that. So, what are you doing to take care of the rest?

She – What rest?

Rinse, wash and repeat this conversation a thousand times – and, the “rest” almost always becomes the new focus of attention. As it should – it’s here, in an often murky area (at least to a typical user), that, that user, runs a major risk of stumbling.

Security – both physical and electronic – isn’t about eliminating all risk – if it was, you and I (on the physical side), wouldn’t cross the road. Similarly, in Internet security, we can’t eliminate all the risks – short of unplugging the connection. Instead, a more realistic approach requires that we focus our attention on eliminating as many known risks as possible (just as we do in the physical world.)

In other words – we need to engage with the proactive side of Internet security rather than continuing to focus on the reactive side – the, “I’ve got the best Anti-virus program there is” side.

Luckily, there’s a terrific little application – OPSWAT’s Security Score – that in a matter of just a few seconds, evaluates and sets out the “rest” – and, should the application determine that a security issue needs to be addressed, helpful tips/hints are provided.

Regular readers may remember that I first reviewed this application several months ago, and while I agreed in principal with the concept, the execution (in my view), was not up to standard. OPSWAT has since revised and expanded the application in such a way, that Security Score should be considered a “must have” addition to a security toolbox. Particularly for those users who are less familiar with the ever changing cyber threat landscape.

Let me backtrack just a little and put up a graphic from the first run through with Security Score, in April. As you can see, the application teased out a score of 60/100. A less than impressive score for a security professional.

Good News:

The issues which prevented Security Score from digging into the system in order to provide an authentic result have been addressed and, are reflected in the following graphic – June 7, 2013.

The above graphic indicates an encryption raw score of zero which reflects the fact that I choose not to use Windows BitLocker.

However, as I wrote in my previous review – “I don’t do full disk encryption. I do however, encrypt selected files/folders (a much better choice for most users in my view), using what has long been considered the premier free encryption application available – TrueCrypt. Still, it’s good to see that the application addresses an issue which often escapes the notice of less experienced users.

Since application and operating system patches are often neglected by average users, a key component in Security Score measures the users adherence to a patch management routine.

Often not considered as part of a layered security approach, system/file backup is, in fact, a key element in any such process. You’ll note from the following graphic that Security Score has picked up on my use of a number of backup schemes including Google Drive…..

and Microsoft’s SkyDrive.

As the following graphic indicates, I’ve been marked down slightly on AV coverage since the application cannot be aware that I substitute full on-board AV scans with weekly scans using a Linux Live CD.

Given the conditions that we are now forced to deal with on the Internet – active PC monitoring with a view to insuring the security status of the machine is in good order is not just a preference or a recommendation – it’s an absolute necessity.

Sure, you can do all that this application does, manually. Choosing this route however, one could increase the risk of possible shortcomings in an otherwise acceptable security strategy. So, do yourself a favor and install OPSWAT’s Security Score. Better yet, introduce your friends/relatives/co-workers, to this neat freebie – we’ll all be the better for that.

Download at: OPSWAT

How OPSWAT calculates your security score:

OPSWAT’s score calculation is based on security industry and market research reports, over ten years of expertise in the security field, and feedback from leading security technology vendors on the relative importance of the categories and status of security software.

Webmasters Struggle With Hacked Sites – A Commtouch, StopBadware Report

I’m often asked why I host this Blog on WordPress.com – why I don’t self host, and maybe make a few dollars, while I’m at it, by running ads. So, I’ll start with the back-end first.

It’s not about money – far from it. I write this Blog to have a little bit of fun; to help keep my mind sharp (often a failing exercise    ) – and, to be part of a community which recognizes the need to educate computer users that the Internet is not all sweetness and light.

That’s the back-end – but, it’s the front-end that’s most important. WordPress does all the heavy lifting. All elements are taken care of: setup, upgrades, spam, backups, and site security. Site security might be last in the previous sentence but, it was the most important factor in my decision to use WordPress as my blogging platform.

Just a few of the security reasons:

Potential harmful activity is constantly monitored.

Blog PHP code can’t be modified.

Plugins can’t be uploaded.

JavaScript embed codes and CSS, are restricted.

I’m not suggesting that WordPress can’t, or won’t be hacked (nothing on the Internet is invulnerable to cyber criminals) – but, should sites hosted by WordPress.com fall to  the bad guys, those of us who rely on WP, will at least have a fighting chance to recover. This is not always the case for self-hosted sites.

Recent statistics indicate (surprise, surprise) – cybercriminals are increasing their targeting of websites for identity theft, virus distribution, and spamming. And, according to a newly released survey (Compromised Websites: An Owner’s Perspective), from Commtouch and StopBadware – in which webmasters were queried on their fight against hacking – almost half of the survey participants (who had been hacked), had no idea until they received a warning from their own computer’s protection technology.

More particularly, according to the Commtouch/StopBadware report – “about half of site owners discovered the hack when they attempted to visit their own site and received a browser or search engine warning.”  Not a very effective method of discovering one’s site has been hacked. As opposed to WP’s – “Potential harmful activity is constantly monitored.”

Highlights from analysis of the survey’s responses include:

Over 90% of respondents didn’t notice any strange activity, despite the fact that their sites were being abused to send spam, host phishing pages, or distribute malware.

Nearly two-thirds of the webmasters surveyed didn’t know how the compromise had happened.

Twenty six percent of site owners had not yet figured out how to resolve the problem at the time they completed the survey.

Forty percent of survey respondents changed their opinion of their web hosting provider following a compromise.

The report includes several examples of hacked websites, as well as the spam emails that may trick users into visiting these sites. In addition to analysis and quotes from site owners, the report provides tips to help webmasters prevent their sites from being compromised.

The following graphic illustrates why cyber criminals target web sites.

Courtesy – Commtouch

The full report is available for download (PDF format) at:

Commtouch

StopBadware

Five Simple Tips To Prevent Cybercrooks From Screwing You Over During The Holiday Season

Unless you’re related to the Grinch, the holiday season will hit town. Guest writer Liz Cornwell, from Australian software developer Auslogics, has some important and informative tips on how you can avoid potential dangers while shopping online this Holiday season – or, any time for that matter.

The holiday season is a time of year that is wonderful and special for everyone – it’s the time for having fun, being with your friends and family, giving and receiving presents, and even making dreams come true!

For me, giving presents is just as exciting as receiving them. And what fun it is to shop for gifts, knowing that they will bring happiness and joy to your loved ones!

I’m pretty sure that you will do at least some of your shopping online. It’s not a secret that online retailers offer great deals. But at the same time there is always a potential danger of your money getting stolen by shifty dealers, scammers, and spammers.

OK, so maybe some of you don’t mind giving a couple of hundred dollars to thieves. However, it would be much better to donate that money to charity.

If you want to protect yourself from online fraud, then read on! Here are five simple tips that will help you shop online safely.

1. Use a Secure PC

No matter how careful you are, there is no guarantee that your computer is not infected. Anyone who browses the Internet, visits social websites, and downloads software simply cannot be 100% sure that their PC is malware- and spyware-free. So, before you start shopping, check that your computer has comprehensive protection and run anti-virus and anti-spyware scans. Use reliable up-to-date software.

We recommend using Auslogics Antivirus – not only will it protect you against viruses, spyware, and other threats, but it also has a feature called Privacy Control. This feature is especially designed to prevent hackers from stealing your personal data, so shopping online will be more secure. Auslogics Antivirus has a free unlimited 30-day trial, which will keep you fully protected for the next month.

If you can, avoid shopping from public computers, or a PC that your kids use to play online games and chat with their friends. Those PCs are likely to be infested with spyware, so your private data can get stolen no matter how careful you are.

2. Always Shop From Trusted Sites

There are a lot of sites that offer amazing bargains. In fact, some of them are so amazing that they simply can’t be true! Well, most of the time they aren’t – a lot of websites only pretend to be shops. All they want is to steal your money. Remember, nobody is going to offer you a car for the price of a burger. Therefore, I strongly advise you not to use search engine shopping. Or if you do, check and double-check the website before entering any payment details.

Pay attention to:

• security seals
• shipping, return, and refund policies
• use of secure connection (https://) when the website asks you to enter payment details

You can also research unfamiliar shops on sites like RipoffReport.

Never – ever buy anything advertised via emails from unknown senders and never click on any links in those emails either. Those emails are almost always a scam and links take you to websites that put viruses onto your system. And never shop at web-sites that ask you to wire money or send money orders.

3. Control Spam

If you’re concerned about getting spammed by online retailers, you can always either create a separate email address for shopping online, or create aliases. Here’s how it’s done using Gmail.

For example, your address is myemail@gmail.com and you are shopping at a website called greatoffer.com. So, when giving them your email address, type it as myemail+greatoffer@gmail.com. That way all future communication from that shop will be addressed to myemail+greatoffer@gmail.com.

So if they or someone from their network try to spam you, you will know it’s them and will be able to easily block them.

4. Pay With a Credit Card

Most of you will have several bank cards – some credit, some debit. Both can be used for online shopping, but it’s safer to use a credit card. Experts say credit cards give you less hassle when dealing with your bank, should unauthorized charges show up later on a monthly statement. Besides, you wouldn’t want to pay huge interest on your debit card overdraft, would you?

5. Think About Alternative Payment Methods

Did you know that you don’t necessarily have to use a credit/debit card when shopping online? There are plenty of other ways to pay for the goods you purchased – pre-paid credit cards, gift cards and certificates, and sometimes you can pay in cash upon delivery. Also there are websites like billmelater.com that allow you to shop online without having to enter your bank card details. Besides, online retailers actually encourage you to use a service like that by offering free shipping and an option to postpone your payment for up to 6 months.

These tips should help you shop online safely so that you don’t become yet another fraud victim. Enjoy your shopping and have a wonderful holiday season!

Regular readers are aware that I’m a big fan of Auslogics; a company which provides users with some of the best free applications on the Internet including, Auslogics Disk Defrag (recently reviewed here) – a “must have” addition to a serious computer user’s toolbox.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Cybercrooks Gearing Up To Screw You Over During The Holiday Season

Five Simple Tips for Safe Online Shopping

Unless you’re related to the Grinch, the holiday season will hit town. Christmas commercials are already blasting the airwaves, despite the fact we’re barely past Halloween!

Guest writer Liz Cornwell, from software developer Auslogics, has some important and informative tips on how you can avoid potential dangers while shopping online this Holiday season – or, any time for that matter.

The holiday season is a time of year that is wonderful and special for everyone – it’s the time for having fun, being with your friends and family, giving and receiving presents, and even making dreams come true!

For me, giving presents is just as exciting as receiving them. And what fun it is to shop for gifts, knowing that they will bring happiness and joy to your loved ones!

I’m pretty sure that you will do at least some of your shopping online. It’s not a secret that online retailers offer great deals. But at the same time there is always a potential danger of your money getting stolen by shifty dealers, scammers, and spammers.

OK, so maybe some of you don’t mind giving a couple of hundred dollars to thieves. However, it would be much better to donate that money to charity.

If you want to protect yourself from online fraud, then read on! Here are five simple tips that will help you shop online safely.

1. Use a Secure PC

No matter how careful you are, there is no guarantee that your computer is not infected. Anyone who browses the Internet, visits social websites, and downloads software simply cannot be 100% sure that their PC is malware- and spyware-free. So, before you start shopping, check that your computer has comprehensive protection and run anti-virus and anti-spyware scans. Use reliable up-to-date software.

We recommend using Auslogics Antivirus – not only will it protect you against viruses, spyware, and other threats, but it also has a feature called Privacy Control. This feature is especially designed to prevent hackers from stealing your personal data, so shopping online will be more secure. Auslogics Antivirus has a free unlimited 30-day trial, which will keep you fully protected for the next month.

If you can, avoid shopping from public computers, or a PC that your kids use to play online games and chat with their friends. Those PCs are likely to be infested with spyware, so your private data can get stolen no matter how careful you are.

2. Always Shop From Trusted Sites

There are a lot of sites that offer amazing bargains. In fact, some of them are so amazing that they simply can’t be true! Well, most of the time they aren’t – a lot of websites only pretend to be shops. All they want is to steal your money. Remember, nobody is going to offer you a car for the price of a burger. Therefore, I strongly advise you not to use search engine shopping. Or if you do, check and double-check the website before entering any payment details.

Pay attention to:

• security seals
• shipping, return, and refund policies
• use of secure connection (https://) when the website asks you to enter payment details

You can also research unfamiliar shops on sites like RipoffReport.

Never-ever buy anything advertised via emails from unknown senders and never click on any links in those emails either. Those emails are almost always a scam and links take you to websites that put viruses onto your system. And never shop at web-sites that ask you to wire money or send money orders.

3. Control Spam

If you’re concerned about getting spammed by online retailers, you can always either create a separate email address for shopping online, or create aliases. Here’s how it’s done using Gmail.

For example, your address is myemail@gmail.com and you are shopping at a website called greatoffer.com. So, when giving them your email address, type it as myemail+greatoffer@gmail.com. That way all future communication from that shop will be addressed to myemail+greatoffer@gmail.com.

So if they or someone from their network try to spam you, you will know it’s them and will be able to easily block them.

4. Pay With a Credit Card

Most of you will have several bank cards – some credit, some debit. Both can be used for online shopping, but it’s safer to use a credit card. Experts say credit cards give you less hassle when dealing with your bank, should unauthorized charges show up later on a monthly statement. Besides, you wouldn’t want to pay huge interest on your debit card overdraft, would you?

5. Think About Alternative Payment Methods

Did you know that you don’t necessarily have to use a credit/debit card when shopping online? There are plenty of other ways to pay for the goods you purchased – pre-paid credit cards, gift cards and certificates, and sometimes you can pay in cash upon delivery. Also there are websites like billmelater.com that allow you to shop online without having to enter your bank card details. Besides, online retailers actually encourage you to use a service like that by offering free shipping and an option to postpone your payment for up to 6 months.

These tips should help you shop online safely so that you don’t become yet another fraud victim. Enjoy your shopping and have a wonderful holiday season!

Regular readers are aware that I’m a big fan of Auslogics; a company which provides users with some of the best free applications on the Internet including, Auslogics Disk Defrag (recently reviewed here) – a “must have” addition to a serious computer user’s toolbox.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Sex (ting) – Who’s Really Doing It? It’s NOT Just Teens!

Apparently, if we’re not thinking about sex, we’re talking about sex. If we’re not talking about sex, we’re engaged in sex. If we’re not engaged in sex, we’re thinking and talking and planning, on becoming engaged in sex. Whew – no wonder I’m so tired!

According to sexologists, anthropologists, psychologists and sociologists, (and other …ists, I’m sure), a common denominator amongst humans is the degree to which they think of sex.

Given that we all seem to have this supposed preoccupation with sex – is it any wonder then, that the Internet, and its associated connected devices, have become a common outlet for erotic fantasies.

The meshing of sex and tech, has generated a Pandora’s box of problems, and associated issues, that need to be resolved socially, legally, and morally.

One of these problematic issues, is the issue of sex, tech, and teens; more precisely – teenaged sexting.

It’s an issue that has been a focus of attention in the news recently (today in fact, on CNN) – at least here in North America.

And, in typical fashion in matters dealing with sexual issues, law enforcement officials, in many areas, have  abandoned common sense and regularly charge teenagers who exchange consensual nude photographs of themselves, with the production, dissemination, and possession of child pornography

So, is this just one more example of “officialdom’s” hysteria, and overreaction on sexually related issues? Or,  is sexting, particularly teen sexting, a real problem that requires the harsh application of punitive measures to eradicate?

The National Campaign to Prevent Teen and Unplanned Pregnancy,  weighed in on this issue in a recent survey; a survey which seems to indicate that teen sexting is a problem. You should be aware that additional independent statistics suggest; 28 per cent of parents are sexting fans.

Survey statistics:

15 Percent of teenagers who have sent or posted nude or seminude images of themselves say they have done so to someone they only knew online.

48 Percent of teenagers say they have received such messages.

71 Percent of teen girls and 67% of teen boys who have sent or posted sexually suggestive content say they have sent or posted this content to a boyfriend or girlfriend.

21 Percent of teenage girls and 39% of teen boys say they have sent such content to someone they wanted to date or hook up with.

44 Percent of both teen girls and teen boys say it is common for sexually suggestive text messages to get shared with people other than the intended recipient.

36 Percent of teen girls and 39 % of teen boys say it is common for nude or semi-nude photos to get shared with people other than the intended recipient.

51 Percent of teen girls say pressure from a guy is a reason girls send sexy messages or images; only 18 % of teen boys cited pressure from female counterparts as a reason.

66 Percent of teen girls and 60% of teen boys say they did so to be “fun or flirtatious”; their most common reason for sending sexy content.

52 Percent of teenage girls used sexting as a “sexy present” for their boyfriend.

44 Percent of both teen girls and teen boys say they sent sexually suggestive messages or images in response to such content they received.

40 Percent of teenage girls said they sent sexually suggestive messages or images as “a joke.”

34 Percent of teen girls say they sent or posted sexually suggestive content to “feel sexy.”

12 Percent of teen girls felt “pressured” to send sexually suggestive messages or images.

Apart from the legal issues, which can have grave lifetimes consequences, teenagers engaging in what they may consider harmless fun, run the risk of having to deal with the outcome of present day “harmless fun” in the future, which could impact their lives in ways not yet considered.

Think Before You Post, an online resource from The National Center for Missing and Exploited Children, designed specifically for teenagers, should really be a required component of everyone’s online education – not only teenagers.

The following tips are included on this online resource for teenagers to think about.

Use webcams or post photos online only with your parents’ and guardians’ knowledge and supervision.

Ask yourself if you would be embarrassed if your friends or family saw the pictures or video you post online. If the answer is yes, then you need to stop.

Be aware of what is in the camera’s field of vision and remember to turn the camera off when it is not in use. Checkout our recent article on web cam safety – “Big Brother” isn’t the only one watching you. “Uncle Nasty” is out there prowling the Internet too!”

Be careful about posting identity-revealing or sexually provocative photos. Don’t post photos of others — even your friends — without permission from your friends’ parents or guardians. Remember – once such images are posted you give up control of them and you can never get them back.

Recommended parental resources:

Text Ed – The LG Text Ed program will tackle pressing issues such as tween and teen sexting, managing children’s phone usage, the importance of self-esteem in a wireless world, recognizing potentially harmful and hurtful mobile phone behavior, and other concerns facing parents and their children.

Cyber Summer Safety Challenge for Kids & Teens – The Cyber Summer Safety Challenge was developed to get parents, teens and kids to start a dialogue about Internet safety, social networking, online threats and what they can do to protect themselves and their computers.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Shortened URLs – One More Thing To Worry About

I’ve always though that shortened URLs were one of the dumbest things to ever come down the Internet highway. Given the state of Internet security, who in their right mind would click on a link that looks like this – http://om.ly/2efrq, in an email (for example), as opposed to a link that looks like this – https://billmullins.wordpress.com/.

Anyone who clicks on a shortened URL, in my view, is surfing the Net with their eyes shut. I’m not suggesting that a legitimate looking link is any safer, but at least you should have some idea where it is you’re supposed to end up.

We shouldn’t be too surprised then, to see email spammers (who use every tactic available), take advantage of the obstrufication cause by shortened URLs. Shortened URLs are, in a real sense, hidden web addresses.

There’s little surprise then, that according to the July 2010 MessageLabs Intelligence Report, shortened URLs in spam, are fast becoming a sustained spamming tactic due to loop holes in CAPTCHA requirements for the tiny links, and free-of-charge URL shortening services.

Highlights from Symantec’s July 2010 MessageLabs Intelligence Report:

Spam: In July 2010, the global ratio of spam in email traffic from new and previously unknown bad sources was 88.9 percent (1 in 1.12 emails), a decrease of 0.4 percentage points since June.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 306.1 emails (0.327 percent) in July, a decrease of 0.04 percentage points since June. In July, 17.1 percent of email-borne malware contained links to malicious websites, an increase of .4 percentage points since June.

Endpoint Threats: Threats against endpoint devices such as laptops, PCs and servers may penetrate an organization in a number of ways, including drive-by attacks from compromised websites, Trojan horses and worms that spread by copying themselves to removable drives. Analysis of the most frequently blocked malware for the last month revealed that the Sality.AE virus was the most prevalent. Sality.AE spreads by infecting executable files and attempts to download potentially malicious files from the Internet.

Phishing: In July, phishing activity was 1 in 557.5 emails (0.179 percent) an increase of 0.02 percentage points since June. When judged as a proportion of all email-borne threats such as viruses and Trojans, the proportion of phishing emails had decreased by 3.2 percentage points to 60.2 percent of all email-borne malware and phishing threats combined.

Web security: Analysis of web security activity shows that 30.5 percent of malicious domains blocked were new in July, an increase of 0.2 percentage points since June. Additionally, 13.0% of all web-based malware blocked was new in July; an increase of 0.5 percentage points since last month. MessageLabs Intelligence also identified an average of 4,425 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, an increase of 176.9 percent since June.

The July 2010 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available at here.

About Message Labs Intelligence:

Symantec’s Message Labs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Idaho, Alabama, and South Carolina, You’re in the Spam Bulls Eye

If you live in Idaho, Alabama, or South Carolina, then Symantec Hosted Services, in its just released annual MessageLabs Intelligence special report ranking the most spammed U.S. states and territories, has bad news for you – you’re at the top of the target list for spam in the US.

The report reveals, that these three US states are targeted more often by spammers, leading to spam rates above the national US average of 89.3%. The report doesn’t offer an analysis as to why these three states are at the top of the pile, but I’m certainly curious.

Here’s a recap of the report:

Most spammed states/territories: The top spammed U.S. states are Idaho, Alabama, and South Carolina, with spam rates above 93 percent, well over the national average of 89.3 percent. These are followed by Indiana, Tennessee, Illinois, Utah, Washington, New Hampshire and North Carolina. Idaho tops the list for the second year in a row as the state/territory with the most spam.

Least spammed states/territories: The least spammed states/territories are Puerto Rico, Montana and Louisiana. Puerto Rico returns as the least spammed for the second consecutive year.

Most spammed U.S. industries: In the U.S., the most spammed industries are engineering, automotive and construction while the least spammed are finance, admin/business support services and public sector.

SMBs receive more spam than enterprises: Areas with greater populations of small-to-medium sized businesses (SMBs) are likely to receive the greatest proportion of spam. Similarly, the least spammed areas are often home to some of the largest companies.

In the report, MessageLabs Intelligence Senior Analyst, Paul Wood, had this to say on the true cost of spam –  “Spam isn’t just a simple annoyance to businesses, but a real threat that can consume resources and put valuable information at risk regardless of location …… even the most intricate scams are now widespread and the sheer size and power of today’s botnets are making possible what was once unthinkable.”

The MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed  global analysis, and tips on how to stamp out spam. The full report is available here.

AboutMessage Labs Intelligence:

Symantec’s Message Labs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Yahoo Instant Messenger Under Attack Again or Still?

A new variant of an old Yahoo Instant Messenger Worm spreading fast.

In business, when something works, why bother to reinvent the wheel. A little nip here; a little tuck there and hey – you’re still in business! No surprise then, when we see that cybercriminals subscribe to this business philosophy.

Programs such as MSN Messenger, Yahoo! Messenger, AIM, etc, are wildly popular with users who want real-time computer contact with each other, and so, they form a perfect attack vector for malware distribution.

Symantec, along with a number of other security providers, are warning users of Yahoo Instant Messenger specifically, they are being targeted by a new variant of an old IM Worm, identified by Symantec as W32.Yimfoca.

(Graphics courtesy of Symantec)

If you are a Yahoo Instant Messenger user, you need to be particularly cautious, at the moment, in saving what appears to be a JPG or GIF file, but in fact could easily be this malicious executable.

This threat drops a worm which will lead to the attacker taking control of the victim’s computer. Additionally, the Worm is programmed to attack those in the victim’s contact list.

Given the frequency with which instant messaging is used to distribute malware (recent statistics indicate almost 50% of worms use this method to spread), the following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

As with any other application you use on the Internet, having the knowledge that allows you to use it safely, and being aware of current threats, will make for a more positive experience when using these wildly popular applications.

Sensible tips for users to get the most out of these programs, securely and responsibly.

You need to be alert to the dangers in clicking on links or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files or links are genuine. Remember, if you click on those links or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Revealing confidential or personal information in these types of conversations can make you an easy target for Internet predators. For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however, do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs. The risk here goes beyond malware, as sadly, they could come into contact with undesirable, or even dangerous individuals.

Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software to help you do this.

Click here: “Keep Your Kids Safe With Free Parental Control Bar”.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Free Cerberus Security Guard 3.7 – Increase PC Security/Change System Settings

Every running service on your computer can be an unnecessary security vulnerability. If a service is not required for authorized users and system functionality, it may well be to your advantage to turn it off.

If you’re a Techie, or a highly skilled computer user, it’s very likely that you have the knowledge and skill to make adjustments to virtually all of your operating system manually, using the Services option of Administrative Tools to attain maximum performance.

But a novice, casual, or even an intermediate computer user, will often need a software tool to help determine which services and system components can be safely modified.

Fortunately, there are a number of free tools available that will help any computer user, novice or not, to determine which services or system components can be safely modified.

Cerberus Security Guard, a free application from Best Security Tips, will allow a user to increase system security by disabling or optimizing selected services and system components from a central console. As well, modifications can be made to the operations of Internet Explorer, FireFox/Mozilla, and Media Player.

Since adjusting service settings incorrectly has the potential to create some rather nasty problems, the program offers both a Backup and a Restore function.

An additional advantage in optimizing services and system components is it can often lead to improvements in system performance and boot time; although it’s fair to say that in the Tech community there is some disagreement as to whether this is an accurate statement.

If you decide to install this small application you can determine for yourself if you’ve had an improvement in system performance.

There were a number of things on installation that bothered me – I don’t like applications that configure themselves to auto start on boot; this one did. Since I have WinPatrol installed, it was easy to disallow auto start.

Finally, this is one more application that offers to install a so called “Security Toolbar” – automatic rejection.

Quick facts:

Manage Windows security and privacy settings

Central console to make adjustments

Modify Internet Explorer, FireFox/Mozilla, and Media Player

Backup and Restore function

System Requirements: Windows 2000, XP, Vista, Microsoft .NET Framework

Download at: Download.com

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Sexting is NOT Sexy

The iPhone App Store likes to say, that they have “Apps for Everything”. So, while doing some research on iPhone apps a few days ago, I wasn’t at all surprised to see a so called “safe sexting app” called, appropriately enough – “Safe Sexting”.

The application allows users to cover their “naughty bits” using selectable boxes – Small Box, Large Box, Head Box, and as one pundit put it a “teasing semi-transparent Red Silk”.

Now, I’m no moralist, since I do subscribe to the French philosophy – Chacun son goû (each to his or her own taste) . But come on here – the use of this application is an invitation to an accident. And there will be accidents.

What kind of a company would develop an application that supposedly takes the sting out of an activity that is generally regarded as unsafe, illegal, and could have lifelong consequences – like a criminal conviction for possessing/distributing child pornography?

If Apple has an ounce of common sense, they will pull this application just as they did with the infamous “Baby Shaker” application. It should be noted however, that it took considerable pressure from child protection groups before Apple relented, and put the boots to this app.

Sexting is an issue that continues to be addressed regularly in the news, and it seems like an appropriate time to repost an earlier article:

Sexting – A Real Problem or An Overreaction?

According to sexologists, anthropologists, psychologists and sociologists, a common denominator amongst humans is the degree to which they think of sex.

Apparently, if we’re not thinking about sex, we’re talking about sex. If we’re not talking about sex, we’re engaged in sex. If we’re not engaged in sex, we’re thinking and talking and planning on becoming engaged in sex. Whew – no wonder I’m so tired all the time!

Given that we all seem to have this supposed preoccupation with sex – is it any wonder then that the Internet, and its associated connected devices, have become a common outlet for erotic fantasies.

Sex and tech, it seems, have come together, and that has generated a Pandora’s box of problems and issues that need to be resolved socially, legally, and morally.

One of these  problematic issues, is the issue of sex, tech, and teens; more precisely – teenaged sexting.

If you are the parent of a teenager, it would be difficult not to be aware of sexting – the practice of sending suggestive photos and videos via text message.

It’s an issue that has been a focus of attention in the news recently – at least here in North America.

So is teen sexting a real problem, or is it an example of adult hysteria and overreaction?

Consider the following points:

The sad reality is, contrary to the myth that we have raised, or are raising a “tech savvy” generation – the majority of teenagers, are undereducated when it comes to recognizing the dangers, and threats, that the Internet poses to their personal privacy and safety.

Recent survey results released by the The National Campaign to Prevent Teen and Unplanned Pregnancy seem to indicate that teen sexting is a problem, and not just an overreaction.

Survey statistics:

15 Percent of teenagers who have sent or posted nude or seminude images of themselves say they have done so to someone they only knew online.

48 Percent of teenagers say they have received such messages.

71 Percent of teen girls and 67% of teen guys who have sent or posted sexually suggestive content say they have sent or posted this content to a boyfriend or girlfriend.

21 Percent of teenage girls and 39% of teen boys say they have sent such content to someone they wanted to date or hook up with.

44 Percent of both teen girls and teen boys say it is common for sexually suggestive text messages to get shared with people other than the intended recipient.

36 Percent of teen girls and 39 % of teen boys say it is common for nude or semi-nude photos to get shared with people other than the intended recipient.

51 Percent of teen girls say pressure from a guy is a reason girls send sexy messages or images; only 18 % of teen boys cited pressure from female counterparts as a reason.

66 Percent of teen girls and 60% of teen boys say they did so to be “fun or flirtatious”; their most common reason for sending sexy content.

52 Percent of teenage girls used sexting as a “sexy present” for their boyfriend.

44 Percent of both teen girls and teen boys say they sent sexually suggestive messages or images in response to such content they received.

40 Percent of teenage girls said they sent sexually suggestive messages or images as “a joke.”

34 Percent of teen girls say they sent or posted sexually suggestive content to “feel sexy.”

12 Percent of teen girls felt “pressured” to send sexually suggestive messages or images.

So what’s a concerned parent to do? As a good starting point you should consider pointing your child to Think Before You Post, an online resource from The National Center for Missing and Exploited Children.

The following tips are included on this online resource for your teenager to think about.

Caution:

Use webcams or post photos online only with your parents’ and guardians’ knowledge and supervision.

Ask yourself if you would be embarrassed if your friends or family saw the pictures or video you post online. If the answer is yes, then you need to stop.

Be aware of what is in the camera’s field of vision and remember to turn the camera off when it is not in use.

Be careful about posting identity-revealing or sexually provocative photos. Don’t post photos of others — even your friends — without permission from your friends’ parents or guardians. Remember – once such images are posted you give up control of them and you can never get them back.

What to report:

Anyone you don’t know who asks you for personal information, photos or videos.

Unsolicited obscene material from people or companies you don’t know.

Misleading URLs on the Internet that point you to sites containing harmful materials rather than what you were looking for.

Anyone who wants to send you photos or videos containing obscene content of individuals 18 and younger. (The possession, manufacturing, or distributing of child pornography is illegal.)

Online enticement for offline sexual activities. (No one should be making sexual invitations to you online – and it’s an especially serious crime for adults to do it.)

If any of the above happens to you or a friend, tell an adult you trust and report it to the National Center for Missing & Exploited Children’s CyberTipline.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.