Epidemic of Fake Anti-malware Products Threaten Internet Users

As many users are aware there is an epidemic of fraudulent anti-malware products which are targeting all internet users.  Some look extremely efficient in their ability to find malware traces on computers. They are delivered through various website links, pop-ups, drive-by downloads, email links etc, and in many cases, once the fake program has started to scan your machine you are infected, then it is a battle to get rid of this scourge.

Click Image for full article.

Related Posts:
Web of Trust
List of Known Malware
Fake Malware Removal

Click to join FreePCSecurity

Protect YOUR browsing with Web of Trust….Click Here

The Advancement of the Keylogger

A keylogger is a program that runs in your computer’s
background secretly recording all your keystrokes. Once
your keystrokes are logged, they are hidden away for later
retrieval by the attacker. The attacker then carefully
reviews the information in hopes of finding passwords or
other information that would prove useful to them.  For
example, a keylogger can easily obtain confidential emails
and reveal them to any interested outside party willing to
pay for the information. 

Keyloggers can be either software or hardware based.
Software-based keyloggers are easy to distribute and
infect, but at the same time are more easily detectable.
Hardware-based keyloggers are more complex and harder to
detect.  For all that you know, your keyboard could have a
keylogger chip attached and anything being typed is
recorded into a flash memory sitting inside your keyboard.
Keyloggers have become one of the most powerful
applications used for gathering information in a world
where encrypted traffic is becoming more and more common.

As keyloggers become more advanced, the ability to detect
them becomes more difficult. They can violate a user’s
privacy for months, or even years, without being noticed. 
During that time frame, a keylogger can collect a lot of
information about the user it is monitoring.  A keylogger
can potential obtain not only passwords and log-in names,
but credit card numbers, bank account details, contacts,
interests, web browsing habits, and much more.  All this
collected information can be used to steal user’s personal
documents, money, or even their identity. 

A keylogger might be as simple as an .exe and a .dll that
is placed in a computer and activated upon boot up via an
entry in the registry. Or, the more sophisticated
keyloggers, such as the Perfect Keylogger or ProBot
Activity Monitor have developed a full line of nasty
abilities including:

· Undetectable in the process list and invisible in
   operation
· A kernel keylogger driver that captures keystrokes even
  when the user is logged off
· A remote deployment wizard
· The ability to create text snapshots of active
  applications
· The ability to capture http post data (including log-
   ins/passwords)
· The ability to timestamp record workstation usage
· HTML and text log file export
· Automatic e-mail log file delivery

All keyloggers are not used for illegal purposes.  A
variety of other uses have surfaced.  Keyloggers have been
used to monitor web sites visited as a means of parental
control over children. They have been actively used to
prevent child pornography and avoid children coming in
contact with dangerous elements on the web.  Additionally,
in December, 2001, a federal court ruled that the FBI did
not need a special wiretap order to place a keystroke
logging device on a suspect’s computer. The judge allowed
the FBI to keep details of its key logging device secret
(citing national security concerns). The defendant in the
case, Nicodemo Scarfo Jr., indicted for gambling and loan-
sharking, used encryption to protect a file on his
computer. The FBI used the keystroke logging device to
capture Scarfo’s password and gain access to the needed file.

Protect Your PC and Privacy

You may think that you are reasonably safe as you surf the net, but windows has many gaping flaws that do not protect your privacy, and it it far too easy for a hacker to gain access to your privacy and others to harness your ISP etc.  There are some simple steps outlined below which will allow you to surf much safer, as well as guiding you through various tweaks to help you.

I have been using AVG free Anti-Virus for many years and install it as first choice on other peoples machines.  Get yours here: http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

Ad-Aware Personal remains the most popular anti-spyware product for computer users around the world, with nearly one million downloads every week.

http://www.lavasoft.de/products/ad-aware_se_personal.php
Also worth using is ZoneAlarm free firewall available from http://www.zonealarm.com/store/content/company/products/znalm/freeDownload.jsp

SpywareGuard, SpywareBlaster and MRU-Blaster available for free from http://www.javacoolsoftware.com/products.html

The only thing that I would actually PAY for is XoftSpy, and it is only a one off payment with lifetime updates, and a free scan so you can test it and see what it finds. 

It’s available at http://www.linkbrander.com/go/34613

Also check your PC for free at http://pcpitstop.com/

Without your knowledge or explicit permission, the Windows networking technology which connects your computer to the Internet may be offering some or all of your computer’s data to the entire world at this very moment!  You can check your open Ports, File Sharing etc for Free at http://www.grc.com/default.htm

Simply scroll down the page to *Hot Spots* and click on ShieldsUp.

Finally for now, I would also recommend the use of CCleaner (formerly Crap Cleaner) is a freeware system optimization and privacy tool. It removes unused and temporary files from your system – allowing Windows to run faster, more efficiently and giving you more hard disk space. The best part is that it’s fast! (normally taking less than a second to run) and Free.

Cleans the following:

• Internet Explorer Cache, History, Cookies, Index.dat.
• Recycle Bin, Temporary files and Log files.
• Recently opened URLs and files.
• Third-party application temp files and recent file lists (MRUs).
  Including: Firefox, Opera, Media Player, eMule, Kazaa, Google Toolbar, Netscape, Office XP, Nero, Adobe Acrobat, WinRAR, WinAce, WinZip and more…
• Advanced Registry scanner and cleaner to remove unused and old entries.
  Including File Extensions, ActiveX Controls, ClassIDs, ProgIDs, Uninstallers, Shared DLLs, Fonts, Help Files, Application Paths, Icons, Invalid Shortcuts and more… Backup for registry clean.
• Windows Startup tool.

http://www.filehippo.com/download_ccleaner/

Hope that some of this is of some use to you.
Have a good day all

http://www.linkbrander.com/go/35000
http://www.linkbrander.com/go/33862
http://www.linkbrander.com/go/33863

Any problems then feel free to leave a comment and I will get back to you asap.

Securing Your Computer System

Today, more and more people are using their computers for
everything from communication to online banking and
investing to shopping.  As we do these things on a more
regular basis, we open ourselves up to potential hackers,
attackers and crackers.  While some may be looking to phish
your personal information and identity for resale, others
simply just want to use your computer as a platform from
which to attack other unknowing targets.  Below are a few
easy, cost-effective steps you can take to make your
computer more secure.

1. Always make backups of important information and store
in a safe place separate from your computer.

2. Update and patch your operating system, web browser and
software frequently.  If you have a Windows operating
system, start by going to www.windowsupdate.microsoft.com
and running the update wizard.  This program will help you
find the latest patches for your Windows computer.  Also go
to www.officeupdate.microsoft.com to locate possible
patches for your Office programs.

3. Install a firewall.  Without a good firewall, viruses,
worms, Trojans, malware and adware can all easily access
your computer from the Internet.  Consideration should be
given to the benefits and differences between hardware and
software based firewall programs.

4. Review your browser and email settings for optimum
security.  Why should you do this?  Active-X and JavaScript
are often used by hackers to plant malicious programs into
your computers.  While cookies are relatively harmless in
terms of security concerns, they do still track your
movements on the Internet to build a profile of you.  At a
minimum set your security setting for the “internet zone”
to High, and your “trusted sites zone” to Medium Low.

5. Install antivirus software and set for automatic
updates so that you receive the most current versions.

6. Do not open unknown email attachments.  It is simply
not enough that you may recognize the address from which it
originates because many viruses can spread from a familiar
address. 

7. Do not run programs from unknown origins.  Also, do not
send these types of programs to friends and coworkers
because they contain funny or amusing stories or jokes.
They may contain a Trojans horse waiting to infect a
computer.

8. Disable hidden filename extensions.  By default, the
Windows operating system is set to “hide file extensions
for known file types”.  Disable this option so that file
extensions display in Windows.  Some file extensions will,
by default, continue to remain hidden, but you are more
likely to see any unusual file extensions that do not
belong.

9. Turn off your computer and disconnect from the network
when not using the computer.  A hacker can not attack your
computer when you are disconnected from the network or the
computer is off.

10. Consider making a boot disk on a floppy disk in case
your computer is damaged or compromised by a malicious
program.  Obviously, you need to take this step before you
experience a hostile breach of your system. 

To your safety and security online

cotojo

Fighting Spam

How prevalent is Spam?  According to Scott McAdams, OMA Public Affairs and Communications Department (www.oma.org):

“Studies show unsolicited or “junk” e-mail, known as spam, accounts for roughly half of all e-mail messages received. Although once regarded as little more than a nuisance, the prevalence of spam has increased to the point where many users have begun to express a general lack of confidence in the effectiveness of e-mail transmissions, and increased concern over the spread of computer viruses via unsolicited messages.”

In 2003, President Bush signed the  “Can Spam” bill, in December of 2003 which is the first national standards around bulk unsolicited commercial e-mail.  The bill, approved by the Senate by a vote of 97 to 0, prohibits senders of unsolicited commercial e-mail from using false return addresses to disguise their identity (spoofing) and the use of dictionaries to generate such mailers. In addition, it prohibits the use of misleading subject lines and requires that emails include and opt-out mechanism. The legislation also prohibits senders from harvesting addresses off Web sites. Violations constitute a misdemeanour crime subject to up to one year in jail. 

One major point that needs to be discussed about this: 

Spam is now coming from other countries in ever-greater numbers. These emails are harder to fight, because they come from outside our country’s laws and regulations.  Because the Internet opens borders and thinks globally, these laws are fine and good, but do not stop the problem.

So what do you do about this? 

Here are the top 5 Rules to do to protect from spam.

Number 1: 
Do what you can to avoid giving your email address out on
the net.  

There are products called “spam spiders” that search the Internet for email addresses to send email to.  If you are interested, do a search on “spam spider” and you will be amazed at what you get back.

Interestingly, there is a site, WebPoison.org, which is an open
source project geared to fight Internet “spambots” and “spam
spiders”, by giving them bogus HTML web pages, which contain bogus email addresses

A couple of suggestions for you: 

a) use form emails, which can hide addresses or also b) use addresses like sales@company.com instead of
your full address to help battle the problem. c) There are also
programs that encode your email, like jsGuard, which encodes your email address on web pages so that while spam spiders find it, it is difficult or impossible to read your email address.

Number 2: 
Get spam blocking software.  There are many programs out
there for this.  (go to www.cloudmark.com or www.mailwasher.net for example).  You may also buy a professional version.  Whatever you do, get the software. It will save you time.  The software is not foolproof, but they really do help.  You usually have to do some manual set up to block certain types of email.

Number 3:
Use the multiple email address approach.

There are a lot of free email addresses to be had.  If you must
subscribe to newsletters, then have a “back-up” email address. It would be like giving your cell phone number to your best friends and the business number to everyone else.

Number 4: 
Attachments from people you don’t know are BAD, BAD, BAD.

A common problem with spam is that they have attachments and attachments can have viruses.  Corporations often have filters that don’t let such things pass to you.  Personal email is far more “open country” for spammers. 

General rule of thumb:  if you do not know who is sending you something, DO NOT OPEN THE ATTACHMENT.  Secondly, look for services that offer filtering. Firewall vendors offer this type of service as well.

Number 5: 
Email services now have “bulk-mail” baskets.  If what you
use currently does not support this, think about moving to a new
vendor.  The concept is simple.  If you know someone, they can send you emails.  If you don’t know them, put them in the bulk email pile and then “choose” to allow them into your circle.  Spam Blocking software has this concept as well, but having extra layers seems critical these days, so it is worth looking into.

 Bob Matharoo has also written an interesting article on Spam,  check it out here