Methods include e-mails, picked up by a
site visit or direct IP address attacks (attacks on your
computer without any action on your part).
Nuisance Threats
Spam - stealing
your time and computer capacity with unwanted e-mails.
Email harvesting - stealing your address and selling
it to spammers
Hoaxes - e-mails
warning of a non-existent problem. Wastes time and internet
resources.
Adware -
advertising attached to a program. If it's malicious, it's
a virus or spyware.
Virus Threats
What is a Virus?
It's a small computer program that a malicious person (criminal)
has written that will damage your computer and either make
it inoperative and/or cause it to send e-mails to others
to propagate itself. You can "catch" it like
a biological virus from e-mails, removable media (USB
drives, floppies) or web sites. It can also be
put on your computer by a direct IP attack although this is
uncommon - criminals usually use that approach to steal your
identity or personal information.
Symantec -
Permit pop-ups, then click Go then Start under "Virus
Protection". Note that the first screen talks about
a Security Check but when you get there you
get a choice of a Security Check or a Virus
Scan. The only catches with the Virus Scan are
that it only works with Internet Explorer and
it does not fix any problems found. Note that it will
take perhaps an hour or more to run since it does a full
Virus scan of your computer. You must also be connected
for the time it takes. To remove an infection, go to Symantec and
find the virus (by name) in their data-base then follow
their instructions on how to remove it.
Panda
Active Scan - Internet Explorer only - not compatible
with Avast
Avast
scan and repair program for many common
worms
The most popoular browser is Internet Explorer - that
is one reason it is the most prone to the risk of attack.
The other reason is that it alone allows operation of Active-X
controls. These are downloadable programs that will run
on your computer. Useful if they are invited - really bad
if not. A much safer browser is Firefox although you need
to keep Internet Explorer available for the odd occasion
when you DO need to run an Active-X control. More
on the subject here.
3. Anti-Virus programs
Avast
Free Edition - requires registration to remain
active beyond 60 days. Does not stop spyware.
Norton
Anti-Virus (made by Symantec) Not recommended since
it is bloated, inefficient and slow. It also has a
hard time working properly with home networks.
If your computer is infected and the virus prevents you
from going to an Anti-Virus web site (like any of the above),
you'll have to modify a Windows file.
Details
here.
4. Firewalls
A firewall is software or hardware that prevents your
computer from receiving or sending (to an outside
person) anything that you have not requested. These
criminal programs are often spyware intended to steal
your identity but other types are possible. Some
software (like the Windows XP firewall) is one-way
only - that is, only manages incoming requests such
as occur via hackers scanning the internet for vulnerable
computers (direct IP attack). The illustration on
the right applies to these one-way firewalls.
Two
way firewalls also block outgoing requests not obviously
related to incoming requests as might occur with
a program planted on your computer via a Trojan.
This is a program that comes in to your computer
looking benign but which conceals a program that
sends data back to its originator.
The best Firewall by a large margin is a hardware
firewall. These are very simple devices that go between
your modem and computer and handle internet traffic.
If the traffic is valid, it will relay it to your computer.
Most routers come with a firewall so add a router to
your system even if you don't have a network! Unfortunately
this does not apply to dial-up users. More
on routers below.
Another solution is to use a Security package such
as that offered by Norton.
This adds a firewall to their Anti-Virus package. Similar
packages are available from McAfee and other Anti-Virus
vendors. If you have Vista, you can activate the built-in
Firewall for outgoing traffic but it's not recommended
because it's too complicated. [I would ask, if you
have effective incoming control, why is outgoing protection
needed?] There are also stand-alone Firewall vendors
such as Zone-Alarm -
any would be better than none.
Definition of Spyware
Spyware is a malicious program that is installed unknowingly
into your computer with the capability of capturing
stored information and Internet usage and sends it
back to its (the spyware's) originator. Spyware has
been known to collect confidential information such
as credit card details. Spyware is at the root of
cyber-identity theft. Also, some spyware turns your
computer into a zombie owned by the hacker and they
make it send spam to people.
There are a two types of Spy Ware:
Cookies
These are harmless. They are placed on your computer by web sites
that you visit. Their intent is usually to allow a site to know when you re-visit
them. You may want this since they can remember your login information, shopping
preferences etc. On the other hand, you may not want someone knowing that you
visited certain sites. You can stop all cookies by adjusting your browser.
For example in Internet Explorer, go to Tools>Internet Options>Privacy and
adjust the settings. Controlling Cookies on Firefox is much easier (more).
Tracking Spy-Ware The most common is the type that is often included with programs that
you have willingly installed. The installation program for the software not
only installs the program you want, but also installs additional tracking
software without your knowledge.
Some is relatively benign and simply wants to target their advertising better.
But another more malicious type installs a program that monitors key strokes
(e.g. bank account passwords) and sends them “home”.
This spyware is a type of virus and most current virus programs will stop
these.
Don’t install free programs unless you know they
are spyware free. (Those on this site were spyware free when posted). Especially
don’t install programs that install “neat toolbars”.
Google is clean, anything from Yahoo
or Microsoft is clean but otherwise make sure you are certain no one has
found a problem. A good way to find out is to do a web search for the name
of the toolbar and if you find lots of responses saying "how to remove
Search Miracle"
(or the toolbar you're checking), then others have had a problem.
Go to Spyware
Guide and run the “Online Spyware Scan” (Internet
Explorer only – accept the Installation). This site also has a
list of spyware, categories, companies involved, and products that deal
with spyware etc. Cobourg Internet has not tested all of these products
so cannot be responsible for their use. However, the Online Scan is recommended.
Download and regularly (monthly) use Spy Ware detection
and removal tool Spybot.
The latest version of Spybot is 1.5 - if you are upgrading from an earlier
version, uninstall the previous version first. Note that the number of
items scanned should be upwards of 110,000, if that is not true, you may
need an update or go to Mode>Advanced>Settings and look
at Ignore Products. All boxes should be unchecked. When you install
SpyBot, you will be asked whether you want to install SDHelper and/or Tea
Timer. These provide a degree of protection in real time (between scans)
but they use too much RAM and CPU processor
capacity and are not worth the trouble.
Microsoft has released their own anti-spyware program
called Defender - see below.
Cobourg Internet recommends that you use this as well as Spybot.
For best protection, either use an Anti-Virus Program
which includes good Spyware detection or use a separate Spyware scanner
like CounterSpy.
Note that after a trial period, it is not free. (I currently use Counterspy
and Avast together).
If you are concerned about managing cookies, either use Firefox browser
or for Internet Explorer, use Cookie
Manager to specify which cookies are acceptable. For stopping initial
installation of spyware, Firefox does not allow the most common source ActiveX
Controls. If you use it see our discussion
on scripts.
Microsoft has also released a program to look for Spyware - originally called
Microsoft Anti-Spyware it has now been renamed Windows Defender. It
is similar to SpyBot in functionality and works quite well - Download it here.
If you have an earlier version than 1593, uninstall it first - do not install
the latest version over the top. I recommend its use but note that you must have
a legal copy of Windows XP or 2000 for this to work. Vista includes
Defender in it.
If you would like to get yet more information on Spyware detectors, the Spyware
Warrior has a large amount of data and conducts regular tests.
Phishing
Is the process of "phishing" for people
who are trusting enough to give their personal banking
passwords etc to an unknown person on the Internet.
Of course they think they do know the company asking
for info but that's the scam.
The way it works, a spoofed website is typically
made to look like a well known, branded site (like
ebay.com or bmo.com) with a slightly different or confusing
URL. The attacker then tries to trick people into going
to the spoofed site by sending out fake email messages
or posting links in public places - hoping that some
percentage of users won't notice the incorrect URL
and give away important information. The URL displayed
on the link is different from the one you end up at.
The only sure defence is to know that banks and financial
institutions don't do this sort of thing. So ignore
it - delete the e-mail. If you are really concerned,
phone the bank you believe has sent the message and
ask them!
Other ways that are suggested, such as using the latest
version of Firefox (2.0) or Internet Explorer (7) are
not good enough. And refusing to do banking or Financial
transactions on the Internet does not solve the problem
- you can still get an e-mail from "your bank" asking
for (e.g.) your Account number and ATM PIN number.
The ONLY answer is to know that Financial
institutions never send you an email asking for confidential
info - if you get an email that appears to break this
rule - delete it.
Since Phishing is a form of an Internet Hoax, if you
have not done so already, see our discussion of
Hoaxes.
Routers & Networks
If you have a high speed connection, as discussed above, a reliable way to get
excellent protection from direct IP address attacks is to install a hardware
firewall.
Do this by installing a Router between the computer and the high speed modem
which then provides Network Address Translation. This means that
anyone trying to hack your computer only gets into the dumb (as in really dumb)
router. I recommend D-Link's model DI-704 Router (for wired connections)
which is available from Staples for
about $70 (+taxes). Wireless routers generally also include a firewall. A
router also provides for connecting multiple Computers to each other (using
Cat-5 cable) as well as to the high speed modem. If you have a hardware firewall,
a software firewall provides very little extra protection but why not leave
it on - two "walls" to
get through must be more protection than one! One software firewall and one
hardware firewall are compatible with each other and will work OK on the
same system. Multiple software firewalls on one computer may have a problem.
Ad Ware Adware programs display advertising content on your computer without
your consent or direct knowledge. Often times this in the form of popup
windows that just drive you crazy. Pure Adware is not a risk and just
an annoyance. But sometimes it also includes spyware. In either case,
it uses up bandwidth and memory and can slow your computer to a
crawl.
In general, there are two kinds of Ad Ware:
Software that includes ads – generally harmless – this
is the price you often have to pay to get free software.
Ads that come uninvited. The most common are pop-ups.
Block pop-ups by using Windows XP Service Pack 2 which includes a pop-up
blocker or use the Google tool-bar pop-up blocker option. Other ads arrive
in the middle of programs that you installed and maybe you read the fine
print which said it was there or maybe they forgot to tell you. Examples
include: Kazaa, Grokster, Limewire, CometCursor, BonziBuddy, Alexa, RealJukebox
and others. If a program is free and seems worthwhile, it could easily
include ads. In some cases that can be lived with and in other cases it
cannot. These sometimes continue after you've left the site or uninstalled
the program.
If you run SpyBot, you will generally catch these as well. Be sure to also
download and use Microsoft's Defender program. Counterspy also will catch malicious adware.
The most common way that the worst AdWare is delivered is using the ActiveX
controls in Internet Explorer. A good preventative measure is
to disable ActiveX in Internet Explorer (details
here) or to use Firefox which does not use it. More.
