10-24-2006 12:44 AM
Each time you open a file, load a new program, or connect to the Internet, you are exposing your PC to other people and their work. You probably already know (or worse still, have experienced) that installing a legitimate program can have an adverse effect on your computer, causing it to slow down, generate errors or even crash because of conflicts with other programs or bad code. But there is a far more sinister side as well.
There are unscrupulous people out there who have written programs that try to gain access to your computer in an attempt to take it over. This can be for a variety of reasons. They might just want to cripple your system (their idea of fun) or play a prank. They are not targeting you personally but rather aiming to spread chaos and disruption. Other reasons for trying to gain access are for financial gain, or in order to steal your identity or damage your reputation or that of your company.
Here is a list of the most common methods hackers use to try to gain access to your computer system:
Dropping a destructive virus or worm on your system
Installing a joke program on your PC (such as a screensaver or a program that generates fake error messages)
Installing a program known as a backdoor so that your computer can be controlled by others.
Stealing the passwords you use for Internet banking, email accounts, or online stores you visit
Stealing files from your computer. Word processor documents, spreadsheets, databases, and files relating to financial applications are common targets for this kind of attack.
Altering your browser's home page or configuring it to visit alternative sites
Using your email account to send viruses or spam email to others
Using your Internet connection without your knowledge (a big problem if you are on a wireless network)
The term virus is a broad one indeed, used to describe any program or code that can replicate or copy itself. This in itself isn't particularly harmful, but as you will see, besides containing code for replication, they also contain code that is purposely written to cause damage. In this sense, viruses are rogue programs that attempt to get onto your machine and run in a variety of ways. They can get onto your machine covertly (such as over the Internet, by email, or on a disk, CD, DVD or USB memory stick) or you might be tricked into inadvertently downloading and installing them, thinking that they are genuinely useful applications.
Social engineering is becoming a common factor in many hoax, malicious, and fraud-related emails. It is also a popular mechanism for spreading viruses.
These emails pretend to be from a big company or organization in order to fool you into a false sense of security. Check the language for unspecific and vague elements, spelling and grammatical errors. Be especially cautious of any hyperlinks in emails as they may not point to the Web site of the company you expect, but rather to an identical looking copy of it. (It's better to manually type in the URL of companies you use, rather than click on a link in email.)
Here are a couple of examples:
Fraud Email Example 1:
You recent purchase at XYZ Auction House has not been cleared because of problem with your credit card detail. So that we can deliver your product to you please reply to this emails giving us your USERNAME, PASSWORD and credit card information.
Fraud Email Example 2:
We have had recent report of SPAM emails being sent from your computer. Please run the attached file so that we can scan YOUR machine for TROJANS. Failure to do these will result in SUSPENSIONS of your account!!!
Keeping Hackers And Viruses Off Your PC
There are three tools can help you keep viruses and hackers off your PC: Common sense, Antivirus protection, and Firewall protection.
Common Sense. The first line of defense when it comes to PC security is common sense, and it can protect you from most of the problems and security issues that plague computers today.
When was the last time you heard about a big, widespread virus in the news? Probably not long ago, since there seems to be one almost monthly now. You're told how the virus spread across the globe in a matter of hours and infected many hundreds of thousands of systems all around the world. You might have also heard that this or that is to blame for it and that something should be done.
Do you know what you weren't told? It was this: at each point that the virus or worm spread, someone, somewhere, ran the offending program (often attached in an email) in order for it to spread to the next victim. At each step of the way, more often than not people were fooled into running an application without knowing what it was. If everyone who got the virus initially had thought about whether they should run the program or open the file, the spread of the virus could have been prevented.
As mentioned earlier, virus creators are using what is known as social engineering to get their victims to run the attachments. They do this by making emails look like they come from colleagues or friends, as well as making the attachment appear to be a joke or images that you just have to see. Sometimes the emails are written to make them sound like they contain important work documents or something from your ISP, online store, or perhaps even more official than that -- the IRS.
Social engineering is a powerful tool, but it isn't perfect. Remember, the text of the email is usually a dead giveaway it's a trick. The signs to look for are badly worded text or clumsy wording that sounds far too overenthusiastic about the content. Also, a hacker who might be on the other side of the planet cannot possibly know what your friends or work colleagues sound like in email and, as such, cannot impersonate them.
Antivirus Software. This is the best defense against computer viruses. Back in the days when there were only a handful of viruses and no Internet, it was quite easy to keep an eye open for the various nasties that were about. Now, with tens of thousands of viruses and about a hundred new ones appearing monthly, every computer needs a robust solution that can deliver program updates.
An antivirus program works by checking files for suspicious code. It can detect suspicious code in one of two ways. The antivirus program contains complex algorithms to search for any suspicious code. Or, the antivirus programs also contain a vast database of known viruses that they check against.
Modern antivirus software scans for viruses that come in via the Internet, email, on disks, and CD/DVD discs, or over a network. They can check inside compressed files (such as ZIP files) for viruses too. Add to this that they can usually remove viruses from infected host files (executables, word processor files, and so on) often without damaging the host file itself. If you don't have an anti-virus solution on your PC, get one now!
Firewalls. A firewall is software or hardware that sifts through data being passed between the Internet and a PC (or PCs on a network), and it examines the data being transferred to and from the PC. Hardware firewalls are common in a corporate environment but not in the small office or home. Software firewalls are far more common on SOHO (small office, home office) and home PCs. This is a program that is installed on the PC and controls access to it from outside as well as preventing other programs from connecting without your permission. Again, if your PC or network is not protected by a firewall, get one! Your PC is open to attack and intrusion without it.
- What defenses do you have in place to protect yourself against viruses and hackers?
- Have you had any problems in the past with hackers or viruses?
11-07-2006 05:38 PM
There are two particularly nasty fake antispyware applications currently being installed on user's PCs (either with or without their consent). These are called VirusBurst and SpywareQuake. These are either installed by users who have been duped into thinking that they are reputable programs or they can be installed using Trojans and backdoors.
The idea behind a fake antispyware program is simple. It consists of two parts - a free scanner and a paid for spyware remover. The truth is that the free scanner is just junk and tells users that they have dangerous spyware installed that can be removed for a fee. Users pay the fee and the scam is complete.
I've had hundreds of emails about these two bits of malware and this prompted me to create removal instructions for both - if you are affected by one of these (or know someone who is), feel free to directed them to this page.
- The COMPLETE Spyware Quake/SpywareQuake removal guide
- How to remove VirusBurst / Virus Burst / Virusburst - The easy way!
Barnes and Noble Book Club Moderator
11-24-2006 02:00 PM - edited 11-24-2006 02:00 PM
Carnegie Mellon University has published a paper (PDF file) which describes an interesting method that allows for better security when entering usernames and passwords on public computer. The fear is that the public computer will be fitted with a software or hardware keylogger which would collect everything typed.
Here's the meat of the paper:
At first our task may seem impossible: if the keylogger sees everything how can we hide the password from it? Rather than hide the password our approach is to embed it in a sequence of random characters. So we seek a way of entering random keys so that they will be seen by the keylogger, but will not affect normal login. The trick lies in the fact that keyloggers employ very low level OS calls. The keylogger sees everything, but it doesn&rsquot understand what it sees. The browser also sees everything, but it doesn&rsquot use everything that it sees: it does not know what to do with keys that are typed anywhere other than the text entry fields, and lets them fall on the floor. The keylogger has no easy way to determine which keys are used by the browser and which fall on the floor. It is very easy to record all of the keys or mouse events (this is true both for Windows and Linux based systems). It is also very easy to determine which application had focus at the time of the event (e.g. this key went to the browser). But it is very hard to determine what the application did with those events.
Between successive keys of the password we will enter random keys. In the spirit of chaffing and winnowing, the string that the keylogger receives will contain the password, but embedded in so much random junk that discovering it is infeasible.
Allow me to clarify. Let's say that you're logging in to your website account from a public computer. You open up the website in a web browser and navigate to the login page. Then you'd click in the username textbox and type one or two characters of your username, then click somewhere else in the browser window that's neutral, such as the status bar or a blank portion of the page (but not on something active like a link or button) and type a few characters. Then back to the textbox and type another character of two, click somewhere else neutral and type some more junk. Repeat until you username is entered and then repeat the process for the password.
This isn't 100% guaranteed (if you want guarantees, don't use a public PC), but it does offer a increased protection.
Message Edited by BN_Admin on 11-26-2006 03:00 AM
Barnes and Noble Book Club Moderator