More people today are using computers to communicate, shop, invest and do online banking.
We expose ourselves to hackers, attackers, crackers, and others by doing these things often. Some may try to steal your identity and personal information, while others just want to use it as a tool to attack unknowing targets.
In this article we will cover some threats faced by your personal computer and how to effectively protect your personal computer from these threats.
The topics covered in this article are:
Protecting Your Computer's System.
Here are some easy and cost-effective ways to make your computer safer.
Take regular backups of your most important information and keep them safe away from your computer.
Regularly update and patch your operating systems, web browser, or software.
If you use a Windows operating system, start by going to Microsoft Windows Update portal and running the update wizard. This program allows you to find the most recent patches for your Windows operating system. Another resource is Microsoft Office Update portal to locate possible patches for your Office programs.
Make sure you have a firewall. A firewall is essential to protect your computer from viruses, trojans, malware, and other threats. It is important to consider the differences and benefits of software-based and hardware firewall programs.
For maximum security, review your browser settings and email settings. Why is this is a good suggestion? Because hackers use Active-X or JavaScript to install malicious programs on your computer. Cookies are not considered to be a security risk. However, they can track your Internet movements and create a profile about you. It is recommended that security settings for the Internet zone be set to High, and your trusted sites zone to Medium-Low.
Set up automatic updates and install anti-virus software, so you always have the latest versions.
Unknown email attachments should not be opened as viruses can spread from these attachments. It doesn’t matter if you recognize the email address it came from or not.
Never run programs originating from unknown sources. These programs are often hidden behind what looks like jokes, breaking news, or amusing stories, tempting you to forward them to family and friends, thereby contributing to the spread. These programs may contain Trojan horses that can infect computers.
Disable hidden filename extension. Windows defaults to hiding file extensions for certain file types. This option can be disabled to display file extensions in Windows. While some file extensions will remain hidden by default, you’ll be more likely to see file extensions that are not related.
It is best to turn off your computer when not being used. If your computer is not connected to the Internet or you are off it, hackers cannot access it.
Make a bootable disk to protect your computer from being damaged or compromised by malicious programs. This step is necessary before your computer is subject to hostile intrusion.
Fighting Spam
How common is Spam you wonder? Scott McAdams, OMA Public Affairs and Communications Department (www.oma.org), says that Spam is prevalent.
Studies show that spam email is responsible for approximately half of all emails received. Spam was once considered to be a nuisance, but it is now a major problem.
Many users are now concerned about spamming and have expressed a lack of confidence in email transmissions.
President Bush signed the “Can Spam” bill in December 2003. This was the first national standard for bulk unsolicited commercial mail. Senate approved the bill by 97 votes to 0. It prohibits unsolicited commercial email senders from using false return addresses to conceal their identity (spoofing) and the use of dictionaries to create such mailers.
It also prohibits misleading subject lines and requires that email include an opt-out option. It also prohibits sender companies from taking addresses from other Web sites.
Violations can lead to up to one year imprisonment.
Another major issue that must be addressed is that Spam is coming from other countries in increasing numbers. Because these emails come from countries other than our own, it is more difficult to combat them. These laws are good, but they don’t stop the problem because the Internet is global and opens borders.
What can you do?
These are the top five rules to prevent spamming:
Number 1: Avoid exposing your email address on the Internet.
Spam spiders are software that searches the Internet to find email addresses to send emails to. You can search for “spam spider” to see what results you receive. WebPoison.org is an open-source project that aims to combat Internet spammers and spam spiders. It gives them fake HTML web pages which contain fake email addresses.
Here are a few suggestions:
Form emails can be used to hide addresses.
Use addresses such as sales@company.com rather than your actual email address.
Some programs encode your emails, such as jsGuard which encodes the email address of web pages to make it difficult for spam spiders to read.
Number 2: Install spam blocking software.
There are many programs out there for this. (Go to www.cloudmark.com or www.mailwasher.net for example). You can also choose to buy a professional version. Whatever you do, get the software. It will save you time. The software is not foolproof, but they do help. You usually have to do some manual setup to block certain types of emails.
This is possible with many software programs. For example, check out www.cloudmark.com and www.mailwasher.net. A professional version is also available. No matter what, you should get the software. It will save your time. Although the software isn’t foolproof, it can save you time. To block certain email types, you will usually need to set up manual settings.
Number 3: Use multiple email addresses.
There are many free email addresses. A “backup” email address is necessary if you need to subscribe to newsletters. This would be similar to giving your business number to all your friends and your cell number to your closest friends.
Number 4: Attachments from people you don’t know are bad.
Spam can contain attachments that could be infected with viruses. Many filters in corporations won’t allow such attachments to pass. Spammers are far more likely to be able to access personal email than corporate email. It is a good rule of thumb to not open attachments if you don’t know the sender. Second, filtering services are a good option. Firewall vendors also offer this type of service.
Number 5: Email services now offer bulk-mail baskets
If your current email provider does not provide this feature, you may want to consider switching to a different vendor. It’s simple. You can receive emails from people you know. You can also add them to your bulk email list and “choose” to include them in your circle. Spam Blocking software uses this idea, but it seems important to have extra layers.
Spyware & Adware
Spyware, Adware, and other malware are not only a growing nuisance for computer users all over the world but also a booming business.
Webroot Software, Inc. estimates that the online distribution of spyware and Adware advertisements has risen to a staggering $2 billion.
These programs require a skilled eradicator to respond aggressively to their aggressive advertising and spying techniques. Sunbelt Software is one such company. They are a leader in Anti-Spyware and Anti-Spam, Network Security, System Management Tools, and have been on the cutting-edge of anti-spyware programming ever since 1994.
You might ask:
“Why do you feel like someone is watching me?”
According to the National Cyber Security Alliance (NCSA), spyware infects over 90% of all computers today. These silent, malicious programs can bypass anti-virus software and firewalls without the user being aware.
It can be embedded into a computer and cause problems with the performance of the system. Additionally, it may also collect your personal information. Spyware programs, unlike viruses or worms, do not self-replicate.
Where does it come from?
Spyware can usually originate in one of three ways. The most common method is when a user accidentally or unknowingly installs spyware. The program is downloaded to the user’s computer.
Once downloaded, the spyware program starts collecting data. This data can be used by the spyware author for their personal use or sold to third parties. Many P2P file-sharing programs are dangerous. These programs are known for downloading spyware-laden software.
A user should always read the licensing agreement of a downloadable program. The software publisher may warn users that spyware programs will be installed with their requested program.
We don’t always have the time to read all the fine print.
Some agreements might include an “opt-out box” that allows the user to prevent the spyware being downloaded. Before you sign off on the download, make sure to read the entire document.
Spyware can also access your computer by tricking and manipulating security features to stop unwanted installation. The Internet Explorer Web browser is not designed to allow sites to initiate unwanted downloads. The user must click on a link to initiate a downloaded. These links could be misleading.
A pop-up that looks like a Windows dialog box might appear on your screen. The pop-up message may ask you if you would like to optimize your Internet access. However, no matter what button you press, the download of the spyware program will begin. This spyware path is now a bit more complex with the newer versions of Internet Explorer.
Some spyware programs infect systems by attacking security holes in Web browsers or other software. A spyware author can control the pages that the user visits and then force them to install the spyware program.
What can spyware programs do?
Spyware programs are capable of performing a variety of malicious tasks. While some of the spyware programs are annoying, others can be quite aggressive.
Spyware can:
- Monitor your keystrokes.
- Scan files that are located on your hard disk.
- Snoop through the applications on your desktop.
- Install other spyware programs on your computer.
- Access and read your cookies.
- Steal your personal information such credit card numbers, social security numbers, passwords etc.
- Change the default settings of your web browser’s home page.
- Mutate to a second-generation spyware, making it harder to eradicate.
- Make your computer run slower.
- Send annoying pop-up ads.
- Add advertising links on web pages where the author is not paid. Instead, the payment goes to the spyware programmer who changed the settings of the original affiliate.
- Provides the user no uninstall option. It places itself in unexpected or concealed places on your computer, making it difficult for you to locate and remove.
Spyware examples
Here are some examples of Spyware programs that you might have seen:
(Please note: Researchers may give names to spyware programs but they might not match the names used by the spyware-writers.
1) CoolWebSearch is a collection of programs that can be installed through the “holes” in Internet Explorer. These programs redirect traffic to ads on coolwebsearch.com. This spyware nuisance displays popup ads and rewrites search engine results. It also alters the computer host file to allow the Domain Name System to lookup preselected websites.
2) Internet Optimizer (a/k/a DiFuCa), likes to redirect Internet Explorer error pages into advertisements. A page of advertisements will appear if the user follows a broken link or enters incorrect URLs.
3) 180 Solutions provides detailed information about your Web site visits to advertisers. It can also modify HTTP requests to affiliate advertisements linked from a website. The 180 Solutions Company makes an unearned income from the click-through ads they have altered.
4) HuntBar (also known as WinTools or Adware.Websearch) is distributed by Traffic Syndicate. It is downloaded via ActiveX drive-by download at affiliate websites, or through advertisements from other spyware programs. This is a prime example of how spyware can install additional spyware. These programs can add toolbars and track Web browsing habits to Internet Explorer. They also display ads.
How can I combat spyware?
There are some important steps you can take in order to stop spyware from infecting computers. First, you should invest in a commercial anti-spyware software program. There are many on the market, including standalone software such as Lavasoft Ad-Aware and Windows Antispyware. You can also get anti-spyware software in an anti-virus package.
Companies such as Symantec, Sophos, and McAfee offer this type of option. Anti-spyware software can be used to combat spyware. It provides real-time protection and scanning as well as the ability to remove any spyware programs. Like most programs, you should update your anti-virus software regularly.
The spyware problem is often caused by the Internet Explorer (IE). Spyware programs love to attach themselves to IE’s functionality. Spyware loves to penetrate the weaknesses of IE.
Many users have moved to non-IE browsers because of this. If you want to keep using Internet Explorer, make sure to install security patches and only download programs from trusted sources. This will reduce the chances of spyware infiltration.
And What If All Else Failed?
Did you notice that I used “when” instead of “if”? Spyware is on the rise and affects more than 90% of computers. That’s 9 out 10 people like you! The only way to protect your data is to back it up and reinstall the operating system completely.
Phishing and Identity Theft.
Have you ever received an email asking for your personal information and directing you to visit a website? You will need to update or verify your passwords, credit cards numbers, social security numbers, and even your bank account number. The business name is one you know from past transactions.
You click the “take me there!” link, and you can then provide all the requested information. The website is fake, as you discover later. It was designed to steal your personal data.
My friend, you have just been “phished”
Phishing, pronounced as “fishing,” is the act of sending an email to someone pretending to be a legitimate business. Phishers are trying to trick the recipient into giving their personal information and steal your identity.
It’s not as easy as it seems to identify an email that is phishing for information. The email may appear legitimate at first glance. The.com address may be included in the “From” field. Even though the clickable link appears to lead you to the company’s site, it is actually a fake site that attempts to duplicate the real one.
Many of these individuals are professional criminals. They are experts at making their emails look authentic. All emails that request personal information should be carefully reviewed by users. The “From Field” in an email can be changed by the sender. Although it might appear that it is from a.com, it can still be misleading.
Keep in mind, however, that phishers will do everything to make their email appear legitimate. They will copy logos and images from official sites and embed them in their emails. They also like to include a link that recipients can click to update their information.
You can use your mouse to point at the link to verify its legitimacy. Next, take a look at the bottom left screen of your computer. You will be able to see the actual website address you are being directed to. This is an easy and quick way to verify that you are not being directed to a fake website.
The golden rule is to never click on links in an email text unless you are absolutely sure of its authenticity. Always delete it immediately. After you have deleted an email, make sure to empty your trash folder in all of your email accounts. If you are concerned about missing important information regarding an account, you can type the website’s URL address directly into your browser. You can then be sure that you’re being directed to the correct and legitimate website.
Keyloggers.
Keyloggers are programs that run in the background of your computer and secretly record all your keystrokes. The attacker can later retrieve keystrokes that have been logged. In order to find passwords and other useful information, the attacker reviews the data carefully.
A keylogger, for example, can quickly obtain confidential emails and then reveal them to anyone who is willing to pay.
Keyloggers can either be software or hardware-based.
Software-based keyloggers can be distributed and infected easily, but they are also easier to detect.
Harder to detect and more complicated are hardware-based keyloggers. You may not be aware that your keyboard may have a keylogger chip attached to it. Anything you type is stored in flash memory inside the keyboard. In an age of encrypted traffic, keyloggers are one of the most powerful tools for gathering information.
The ability to detect keyloggers becomes harder as they become more sophisticated. Keyloggers can infringe on a user’s privacy for many months or even years without them being noticed.
A keylogger can gather a lot of information about the user that it monitors during this time. Keyloggers can potentially obtain passwords and log-in details as well as credit card numbers, bank account details, and contacts. They may also be able to access information about your interests, web browsing habits, and other data. This information could be used to steal money or identity, as well as personal documents.
One keylogger could be as simple as a .exe or .dll file that is installed on a computer. It activates upon startup via a registry entry. The more advanced keyloggers like the Perfect Keylogger and ProBot Activity Monitor can have a whole range of malicious abilities, including:
- Being undetectable in the operation list and invisible in the process list
- A kernel keylogger driver which can capture keystrokes even when the user is not logged in.
- A remote deployment wizard.
- The ability to create text snaps from active applications.
- Capability to capture http post data (including log ins/passwords).
- The ability to timestamp & record workstation usage
Exporting HTML and text log files. - Automatic email log file delivery.
Keyloggers are not always used for illegal purposes. There are many other uses. Keyloggers can be used to monitor websites visited by children as a way of parental control. They are actively used to prevent child pornography and keep children from contacting harmful elements on the Internet.
What are Intrusion Detection Systems?
An intrusion Detection System, or IDS, is a vital part of any security strategy. What is an Intrusion Detection System? CERIAS (The Center for Education and Research in Information Assurance and Security) defines it as follows:
“The purpose and function of an intrusion detection (or IDS), is to detect unauthorized use or misuse of a computer network. Intrusion detection systems can be thought of as burglar alarms for computers. They sound alarms and can sometimes take corrective actions if an intruder is detected.
Many intrusion detection systems have been created, but most fall under one of two categories: misuse detection or anomaly detection.
Anomaly detectors can detect behavior that is not consistent with normal system usage. Misuse detectors search for behavior that matches an attack scenario. This list contains links to sites that provide information about intrusion detection.
(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/)
Network intrusion detection system (NIDS) is a subcategory of intrusion detection equipment. These systems look for suspicious activity and monitor packets over the network wire. While a network intrusion detection system can monitor multiple computers simultaneously over a network wire, other intrusion detection devices may only monitor one.
Who is breaking into your system?
A common misconception is that outsiders are responsible for hacking into your system and causing havoc. For corporate workers, the reality is that security breaches can often be caused by insiders.
How can intruders get into your system?
Direct physical access to the machine is the most straightforward way to hack into a computer system. It is difficult to stop someone who has physical access to the machine.
A low privilege level account can take advantage of security holes in the system to gain higher-level privileges.
Even if physical access to the machine is not present, there are many ways to access a system. Remote intrusions are becoming more prevalent and are more complicated to combat.
How can one stop intrusions?
You can find many freeware/shareware intrusion detection systems as well as commercial intrusion detectors.
Open Source Intrusion Detection Systems
Here are some open-source intrusion detection systems.
1) AIDE (http://sourceforge.net/projects/aide) – Self-described as “AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It performs the same functions as semi-free Tripwire.
2) File System Saint (http://sourceforge.net/projects/fss) – Self-described as, “File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use.”
3) Snort (www.snort.org – Self-described, “Snort(r),” is an open-source network intrusion detection and prevention system that uses a rule-driven language. This language combines the advantages of signature, protocol, and anomaly-based inspection methods. Snort has been downloaded millions of times and is now the standard in the industry.
Commercial Intrusion Detection Systems
Here are a few commercial intrusion detection systems that you might be interested in:
1) Tripwire
2) Touch Technology Inc (POLYCENTER Security Intrusion Detector).
3) Internet Security Systems (Real Secure Server Sensor).
4) eEye Digital Security (SecureIIS Website Protection)
http://www.eeye.com
Online Privacy.
It is possible to find information about yourself online, even if you do not want to advertise who you really are publicly. Even if you don’t have any malware or viruses, this is possible.
If your computer supports programs such as finger and identd, people can find your computer’s name. Cookies can also track your movements from one machine to the next.
How can people find this basic information?
Information about you can be obtained from other websites when you visit them. Information can be retrieved from other websites and used to track your Internet activities.
How can you stop this?
It is possible to surf the web anonymously, and thus stop others from finding your tracks. This is not foolproof but it makes it harder for others to find you. Anonym proxy servers are available to help you protect yourself. An anonymous proxy server takes over your Internet address and replaces it with its own. This will hide your IP address, making it harder for others to track you.
How can I obtain an anonymous proxy server?
Many vendors sell anonymous proxy servers. You can also get free proxy servers. ShadowSurf is one such product, as well as Guardster. Guardster (http://www.guardster.com/) which offers various services for secure and anonymous access to the Internet.
Is anonymity guaranteed by proxy servers?
No. However, it can significantly enhance your anonymity.
What are other concerns I should be aware of when keeping my private information private and secure?
There are three other options available to you if you want to keep your data private. To hide your surfing, you can use an encrypted link. Although this article is not intended to cover this in detail, you can search the Internet for more information. Second, you can delete cookies after each session. You can also configure your browser to delete JavaScript, Java and active content. This can lead to limitations so consider the cost/benefit.
Computer Viruses & Anti-Viruses
Each day, new computer viruses are being created. It is important to be vigilant, keep your antivirus software up-to-date, and remain aware of current computer virus threats. Here are ten of the most common viruses in terms both of their potential damage and visibility. This is not a complete list.
Virus: Trojan.Lodear
Trojan horse that attempts remote file downloads. It will infect the EXPLORER.EXE process with a.dll file, causing system instability.
Virus: W32.Beagle.CO@mm
It is a mass-mailing virus that lowers security settings. It can delete security-related registry keys and block access to security related websites.
Virus: Backdoor.Zagaban
Trojan horse, which allows compromised computers to be used as covert proxy servers and may cause network performance degradation.
Virus: W32/Netsky – P
Mass-mailing worm that sends email to all addresses found on local drives.
Virus: W32/Mytob GH
IRC backdoor Trojan and mass-mailing trojan for Windows. This worm will randomly select the subject of messages sent to it. It can choose from titles like: Email account suspension, Notice of account limitation, Security measures, Members support, Important Notification.
Virus: Mytob-EX/W32
is a mass-mailing worm that also acts as an IRC backdoor Trojan. W32/Mytob EX runs in the background. It provides a backdoor server that allows remote intruders to gain control of the computer via IRC channels. This virus spreads via email attachments that are sent to your email addresses.
Virus: W32/Mytob–AS, Mytob–BE, Mytob–C, and Mytob–ER
These worm varieties share similar capabilities. They can be controlled via the Internet Relay Chat network (IRC). They can also spread via email and other operating system vulnerabilities, such as the LSASS(MS04-011).
Virus: Zafi-D
It is a mass-mailing worm as well as a peer to peer worm that copies itself to the Windows folder with the filename Norton Update.exe. It can create files in the Windows system directory with filenames containing 8 random characters and a DLL Extension. W32/Zafid copies itself to folders containing music, upload, and share such as ICQ 2005a!.exe or Winamp 5.7 new!.exe. W32/Zafi -D will also display an error message box that looks fake with the caption “CRC 04F6Bh” and the text “Error within packed file!” “.
Virus: W32/Netsky D
A mass-mailing virus with IRC backdoor functionality that can infect other people.
Virus: W32/Zafi-B
Peer-to-peer (P2P), and email worm thath will create a random EXE file in the Windows system folder. This worm attempts to connect to either www.google.com/www.microsoft.com to verify that an Internet connection exists. This worm is bilingual and comes with a Hungarian political message box. It reads: “We demand the government accommodates homeless people, tightens the penal code, and VOTES for the DEATH PENALTY in order to reduce the growing crime.”
Trojan Horse
The Trojan Horse is a term we have all heard. But what exactly does it mean? Trojan Horses are destructive programs disguised as harmless applications. Trojan Horses are not able to replicate themselves like viruses, but they can still be damaging.
Trojans can be very tricky. You may receive an email alerting you about a virus that could threaten your computer. If you just download the attached software, the sender will quickly wipe out or protect your computer from viruses. Although you may be skeptical, the software appears legitimate, and the company seems trustworthy. You accept their offer and then download the software resulting in the installation and activation of the trojan payload.
Many things can occur when a Trojan is activated. Some Trojans can be more problematic than others. Some Trojans are less dangerous and may conduct minor activities like changing your desktop settings or adding desktop icons. The more dangerous Trojans can overwrite or corrupt your computer’s data, spread malware, and spy on you. They can also log keystrokes to steal passwords and credit card numbers and phish for your bank account details.
These guidelines will help you reduce the chances of being bitten by a Trojan.
1) Remain diligent.
Trojans can infect your computer via rogue websites and instant messaging. You should never download any file to your computer without being 100% sure who it came from.
2) Make sure your operating system is up-to-date.
This is especially important if you use Microsoft Windows.
3) Reliable anti-virus software should be installed.
To keep your computer safe from viruses and Trojan horses, it is crucial to update your anti-virus software regularly. Make sure the anti-virus software you select can scan files and emails downloaded from the Internet.
4) Install a firewall.
A firewall is a security system that blocks unauthorized access to your computer. Although it won’t solve your computer virus problems completely, a firewall can be used to provide extra security and protection when combined with reliable anti-virus software and regular updates to your operating system.
Conclusion
There is no way to guarantee 100% security for your computer. These guidelines can help you improve the security of your computer and reduce the risk of infection.
The future direction of the industry is uncertain and all those involved are facing a constantly changing market. It takes a lot of work to fix viruses. Malicious programs are becoming more sophisticated and the number is growing. Many companies might not have the resources necessary to counter the destructive efforts of those who are truly determined to cause havoc.
Many virus companies receive hundreds of new samples every day! The new viruses are becoming smarter in that they are quick to spread and can hide from their victims. They are also smart enough to move about in a system and rename themselves to make it difficult to eradicate them.
Interested in kickstarting your career in Cybersecurity no matter your educational background or experience? Click Here to find out.
