Identity theft is an very real problem and you need to actively protect yourself from it!
 
If your identity is ever stolen, it can be used in Fraudulent or Criminal activities, to obtain a job where you end up liable for the taxes, to make purchases of products and services that you WILL end up having to pay for, can completely devastate and destroy your credit, and take literally many years for you get it all straightened out.
 
Never give out personal information on the phone, through Postal Services, through e-mail or over the Internet in any other way, unless you’ve initiated the contact and you are sure you know who you’re dealing with.
 
Identity thieves can be skilled liars, and may pose as representatives of banks, government agencies, owners of a company, and yes, they can even pose as Internet service providers (ISPs) to get you to reveal identifying information. Before you divulge any personal information, confirm that you’re dealing with a legitimate representative of a legitimate organization. Double check by calling customer service using the number on your account statement, listed in the telephone book, or obtained via a Telephone Operator.
 
Your computer can be a goldmine of personal information to an identity thief. Here are some points on how you can safeguard your computer and the personal information it stores:

· Update your virus protection software regularly. Computer viruses can have damaging effects, including introducing program code that causes your computer to send out files or other stored information.
 
· Regularly check for security repairs and patches you can download from your operating system’s Web site.
 
· Don’t download files from strangers or click on hyperlinks from people you don’t know, especially when it comes to e-mail where the e-mail contains an attachment. Clicking a link or opening a file could expose your system to a computer virus or a program that could hijack your modem like a Trojan.
 
· Use a firewall, especially if you have a high-speed or “always on” connection to the Internet. A firewall allows you to limit uninvited access to your computer. Without a firewall, hackers can enter your computer remotely from anywhere in the world and even take over your computer and access sensitive information without you even knowing it.
I recommend the use of ZoneAlarm free firewall which can be found at  http://www.zonealarm.com/store/content/company/products/znalm/freeDownload.jsp

· To guard the safety of your online transactions always be sure the Web site you are on uses a secure browser software that encrypts or scrambles information you send over the Internet. When you’re submitting information, the address of the Web page should start with “https://” (apposed to the normal surfing address of http://), and also look for the “lock” icon on the status bar. It’s a symbol that your information is secure during transmission.
 
· Try not to store financial information on your PC or laptop unless absolutely necessary. If you do, use a “strong” password that is a combination of letters (upper and lower case) and numbers.
 
· Avoid using an automatic login feature that saves your user name and password; and always log off when you’re finished working in a password protected entry area. If your PC or laptop ever gets stolen, the thief will have a hard time accessing sensitive information if they need to enter usernames and passwords to access something.
 
· Delete any personal information stored on your computer before you dispose of it. Use a “wipe” utility program, which overwrites the entire hard drive and makes the files unrecoverable.  Use Ccleaner available for free at http://www.filehippo.com/download_ccleaner/ and when installed select ‘Options’ then select ‘Settings.  Under the heading ‘Secure Deletion’ click the ‘Secure file deletion (Slower)’ radio button and change the setting to NSA (7 passes).
 
· Read Web site privacy policies. They should answer questions about the access to and accuracy, security, and control of personal information the site collects, as well as how sensitive information will be used, and whether it will be provided to third parties.
 
· Never provide personally identifiable information like a username and password, a government issued number that identifies you, financial details, e-mail addresses, phone numbers, or your home address in areas like chat rooms, forums, instant messengers, e-mail, or any other area over the Internet that gives others access to the information.

Remember, always back-up your system before making any changes.  If using ccleaner make sure you know your passwords.  I suggest you open a spreadheet or word processor, enter the site url, username and password and save it to floppy.  Do NOT save this information on your hard drive.

To your privacy and safer surfing

cotojo 

How prevalent is Spam?  According to Scott McAdams, OMA Public Affairs and Communications Department (www.oma.org):

“Studies show unsolicited or “junk” e-mail, known as spam, accounts for roughly half of all e-mail messages received. Although once regarded as little more than a nuisance, the prevalence of spam has increased to the point where many users have begun to express a general lack of confidence in the effectiveness of e-mail transmissions, and increased concern over the spread of computer viruses via unsolicited messages.”

In 2003, President Bush signed the  “Can Spam” bill, in December of 2003 which is the first national standards around bulk unsolicited commercial e-mail.  The bill, approved by the Senate by a vote of 97 to 0, prohibits senders of unsolicited commercial e-mail from using false return addresses to disguise their identity (spoofing) and the use of dictionaries to generate such mailers. In addition, it prohibits the use of misleading subject lines and requires that emails include and opt-out mechanism. The legislation also prohibits senders from harvesting addresses off Web sites. Violations constitute a misdemeanour crime subject to up to one year in jail. 

One major point that needs to be discussed about this: 

Spam is now coming from other countries in ever-greater numbers. These emails are harder to fight, because they come from outside our country’s laws and regulations.  Because the Internet opens borders and thinks globally, these laws are fine and good, but do not stop the problem.

So what do you do about this? 

Here are the top 5 Rules to do to protect from spam.

Number 1: 
Do what you can to avoid giving your email address out on
the net.  

There are products called “spam spiders” that search the Internet for email addresses to send email to.  If you are interested, do a search on “spam spider” and you will be amazed at what you get back.

Interestingly, there is a site, WebPoison.org, which is an open
source project geared to fight Internet “spambots” and “spam
spiders”, by giving them bogus HTML web pages, which contain bogus email addresses

A couple of suggestions for you: 

a) use form emails, which can hide addresses or also b) use addresses like sales@company.com instead of
your full address to help battle the problem. c) There are also
programs that encode your email, like jsGuard, which encodes your email address on web pages so that while spam spiders find it, it is difficult or impossible to read your email address.

Number 2: 
Get spam blocking software.  There are many programs out
there for this.  (go to www.cloudmark.com or www.mailwasher.net for example).  You may also buy a professional version.  Whatever you do, get the software. It will save you time.  The software is not foolproof, but they really do help.  You usually have to do some manual set up to block certain types of email.

Number 3:
Use the multiple email address approach.

There are a lot of free email addresses to be had.  If you must
subscribe to newsletters, then have a “back-up” email address. It would be like giving your cell phone number to your best friends and the business number to everyone else.

Number 4: 
Attachments from people you don’t know are BAD, BAD, BAD.

A common problem with spam is that they have attachments and attachments can have viruses.  Corporations often have filters that don’t let such things pass to you.  Personal email is far more “open country” for spammers. 

General rule of thumb:  if you do not know who is sending you something, DO NOT OPEN THE ATTACHMENT.  Secondly, look for services that offer filtering. Firewall vendors offer this type of service as well.

Number 5: 
Email services now have “bulk-mail” baskets.  If what you
use currently does not support this, think about moving to a new
vendor.  The concept is simple.  If you know someone, they can send you emails.  If you don’t know them, put them in the bulk email pile and then “choose” to allow them into your circle.  Spam Blocking software has this concept as well, but having extra layers seems critical these days, so it is worth looking into.

 Bob Matharoo has also written an interesting article on Spam,  check it out here

Every day new computer viruses are created to annoy us and to wreck havoc on our computer systems. Below are ten viruses currently cited as being the most prevalent in terms of being seen the most or in their ability to potentially cause damage. New viruses are created daily. This is by no means an all inclusive list. The best thing you can do is to remain vigilant, keep your anti-virus software updated, and stay aware of the current computer virus threats.

Virus: Trojan.Lodear
A Trojan horse that attempts to download remote files. It will
inject a .dll file into the EXPLORER.EXE process causing system
instability.

Virus: W32.Beagle.CO@mm
A mass-mailing worm that lowers security settings. It can delete
security-related registry sub keys and may block access to security-related websites.

Virus: Backdoor.Zagaban
A Trojan horse that allows the compromised computer to be used as a covert proxy and which may degrade network performance.

Virus: W32/Netsky-P
A mass-mailing worm which spreads by emailing itself to addresses produced from files on the local drives.

Virus: W32/Mytob-GH
A mass-mailing worm and IRC backdoor Trojan for the Windows
platform. Messages sent by this worm will have the subject chosen randomly from a list including titles such as: Notice of account limitation, Email Account Suspension, Security measures, Members Support, Important Notification.

Virus: W32/Mytob-EX
A mass-mailing worm and IRC backdoor Trojan similar in nature to W32-Mytob-GH. W32/Mytob-EX runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels. This virus spreads by sending itself to email attachments harvested from your email addresses.

Virus: W32/Mytob-AS, Mytob-BE, Mytob-C, and Mytob-ER
This family of worm variations possesses similar characteristics in terms of what they can do. They are mass-mailing worms with backdoor functionality that can be controlled through the Internet Relay Chat (IRC) network. Additionally, they can spread through email and through various operating system vulnerabilities such as the LSASS (MS04-011).

Virus: Zafi-D
A mass mailing worm and a peer-to-peer worm which copies itself to the Windows system folder with the filename Norton Update.exe. It can then create a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension.

W32/Zafi-D copies itself to folders with names containing share,
upload, or music as ICQ 2005a new!.exe or winamp 5.7 ew!.exe.
W32/Zafi-D will also display a fake error message box with the
caption “CRC: 04F6Bh” and the text “Error in packed file!”.

Virus: W32/Netsky-D
A mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the LSASS (MS04-011) exploit.

Virus: W32/Zafi-B
A peer-to-peer (P2P) and email worm that will copy itself to the
Windows system folder as a randomly named EXE file. This worm will test for the presence of an internet connection by attempting to connect to www.google.com or  www.microsoft.com. A bilingual, worm with an attached Hungarian political text message box which translates to “We demand that the government accommodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime. Jun. 2004, Pécs (SNAF Team)”

Who hasn’t received an email directing them to visit a
familiar website where they are being asked to update their
personal information?  The website needs you to verify or
update your passwords, credit card numbers, social security
number, or even your bank account number.  You recognize
the business name as one that you’ve conducted business
with in the past.  So, you click on the convenient “take me
there” link and proceed to provide all the information they
have requested.  Unfortunately, you find out much later
that the website is bogus.  It was created with the sole
intent to steal your personal information.  You, my friend,
have just been “phished”.

Phishing (pronounced as “fishing”) is defined as the act
of sending an email to a recipient falsely claiming to have
an established, legitimate business.  The intent of the
phisher is to scam the recipient into surrendering their
private information, and ultimately steal your identity.

It is not at easy as you think to spot an email phishing
for information.  At first glance, the email may look like
it is from a legitimate company. The “From” field of the e-
mail may have the .com address of the company mentioned in
the e-mail.  The clickable link even appears to take you to
the company’s website, when in fact, it is a fake website
built to replicate the legitimate site.

Many of these people are professional criminals.  They
have spent a lot of time in creating emails that look
authentic.  Users need to review all emails requesting
personal information carefully.  When reviewing your email
remember that the “From Field” can be easily changed by the
sender.  While it may look like it is coming from a .com
you do business with, looks can be deceiving.  Also keep in
mind that the phisher will go all out in trying to make
their email look as legitimate as possible.  They will even
copy logos or images from the official site to use in their
emails.  Finally, they like to include a clickable link
that the recipient can follow to conveniently update their
information.
A great way to check the legitimacy of the link is to
point at the link with your mouse. Then, look in the bottom
left hand screen of your computer.  The actual website
address to which you are being directed will show up for
you to view.  It is a very quick and easy way to check if
you are being directed to a legitimate site.

Finally, follow the golden rule.  Never, ever, click the
links within the text of the e-mail, and always delete the
e-mail immediately. Once you have deleted the e-mail, empty
the trash box in your e-mail accounts as well. If you are
truly concerned that you are missing an important notice
regarding one of your accounts, then type the full URL
address of the website into your browser.  At least then
you can be confident that you are, in fact, being directed
to the true and legitimate website.

Spyware is one of the fastest-growing internet threats.  According to the National Cyber Security Alliance, spyware infects more than 90% of all PCs today.  These unobtrusive, malicious programs are designed to silently bypass firewalls and anti-virus software without the user’s knowledge.  Once embedded in a computer, it can wreak havoc on the system’s performance while gathering your personal information.  Fortunately, unlike viruses and worms, spyware programs do not usually self-replicate. 

Where does it come from?

Typically, spyware originates in three ways.  The first and most common way is when the user installs it.  In this scenario, spyware is embedded, attached, or bundled with a freeware or shareware program without the user’s knowledge.  The user downloads the program to their computer.  Once downloaded, the spyware program goes to work collecting data for the spyware author’s personal use or to sell to a third-party.  Beware of many P2P file-sharing programs.  They are notorious for downloads that posses spyware programs.

The user of a downloadable program should pay extra attention to the accompanying licensing agreement.  Often the software publisher will warn the user that a spyware program will be installed along with the requested program.  Unfortunately, we do not always take the time to read the fine print.  Some agreements may provide special “opt-out” boxes that the user can click to stop the spyware from being included in the download.  Be sure to review the document before signing off on the download.

Another way that spyware can access your computer is by tricking you into manipulating the security features designed to prevent any unwanted installations.  The Internet Explorer Web browser was designed not to allow websites to start any unwanted downloads.  That is why the user has to initiate a download by clicking on a link.  These links can prove deceptive.  For example, a pop-up modeled after a standard Windows dialog box, may appear on your screen.  The message may ask you if you would like to optimize your internet access.  It provides yes or no answer buttons, but, no matter which button you push, a download containing the spyware program will commence. Newer versions of Internet Explorer are now making this spyware pathway a little more difficult.

Finally, some spyware applications infect a system by attacking security holes in the Web browser or other software.  When the user navigates a webpage controlled by a spyware author, the page contains code designed to attack the browser, and force the installation of the spyware program.

What can spyware programs do?

Spyware programs can accomplish a multitude of malicious tasks.  Some of their deeds are simply annoying for the user; others can become downright aggressive in nature.

Spyware can:

1.            Monitor your keystrokes for reporting purposes.

2.            Scan files located on your hard drive.

3.            Snoop through applications on our desktop.

4.            Install other spyware programs into your computer.

5.            Read your cookies.

6.            Steal credit card numbers, passwords, and other personal information.

7.            Change the default settings on your home page web browser.

8.            Mutate into a second generation of spyware thus making it more

         difficult to eradicate.

9.            Cause your computer to run slower.

10.        Deliver annoying pop up advertisements.

11.        Add advertising links to web pages for which the author does not get paid.  Instead, payment is directed to the spyware programmer that changed the original affiliate’s settings.

12.        Provide the user with no uninstall option and places itself in unexpected or hidden places within your computer making it difficult to remove.

Spyware Examples

Here are a few examples of commonly seen spyware programs.  Please note that while researchers will often give names to spyware programs, they may not match the names the spyware-writers use. 

CoolWebSearch, a group of programs, that install through “holes” found in Internet Explorer. These programs direct traffic to advertisements on Web sites including coolwebsearch.com. This spyware nuisance displays pop-up ads, rewrites search engine results, and alters the computer host file to direct the Domain Name System (DNS) to lookup preselected sites. 

Internet Optimizer (a/k/a DyFuCa), likes to redirect Internet Explorer error pages to advertisements. When the user follows the broken link or enters an erroneous URL, a page of advertisements pop up.

180 Solutions reports extensive information to advertisers about the Web sites which you visit.  It also alters HTTP requests for affiliate advertisements linked from a Web site.  Therefore the 180 Solutions Company makes an unearned profit off of the click through advertisements they’ve altered.

HuntBar (a/k/a WinTools) or Adware.Websearch, is distributed by Traffic Syndicate and is installed by ActiveX drive-by downloading at affiliate websites or by advertisements displayed by other spyware programs.  It’s a prime example of how spyware can install more spyware.   These programs will add toolbars to Internet Explorer, track Web browsing behavior, and display advertisements.

How can I prevent spyware?

There are a couple things you can do to prevent spyware from infecting your computer system.  First, invest in a reliable commercial anti-spyware program.

I recommend you follow this link  http://www.linkbrander.com/go/34613 and read more and you can also scan your PC for free. There are several others on the market including stand alone software packages such as Lavasoft’s Ad-Aware available for free at http://www.lavasoft.de/products/ad-aware_se_personal.php or Windows Antispyware.  Other options provide the anti-spyware software as part of an anti-virus package.  This type of option is offered by companies such as Sophos, Symantec, and McAfee. Anti-spyware programs can combat spyware by providing real-time protection, scanning, and removal of any found spyware software.   As with most programs, update your anti virus software frequently. 

As discussed, the Internet Explorer (IE) is often a contributor to the spyware problem because spyware programs like to attach themselves to its functionality.  Spyware enjoys penetrating the IE’s weaknesses.  Because of this, many users have switched to non-IE browsers.  However, if you prefer to stick with Internet Explorer, be sure to update the security patches regularly, and only download programs from reputable sources.  This will help reduce your chances of a spyware infiltration.

And, when all else fails?

Finally, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.