PC Security !!!!

[dr911]

Hey All,

A little lesson on PC Security .

Computer attackers are more focused these days. They're targeting individual businesses, rather than spreading viruses around the world. These targeted attacks are much more dangerous.

Virus writers historically were hobbyists out to prove themselves. Worms and viruses were designed to spread as much as possible. Many made headlines.

In contrast, recent small-scale attacks seek to avoid attention. The motivation nowadays is to gain company information for profit.

Most of these attacks are launched through e-mail. They are sent to particular companies or even just one person. The focus allows hackers to research their victims thoroughly. Targeted messages can fool even cautious employees.

Many company Web sites have plenty of information for targeted attacks. The typical contact page lists names and e-mail addresses for departments like sales, support and human resources. The information can lend an air of trust or urgency to a harmful e-mail attachment.

I've already seen these attacks in my own inbox. The last was a résumé attachment that looked like a referral. The e-mail was well written. It included a position we have open. And it mentioned someone at the office as a referral.

The attached Word document was actually a Trojan horse. Fortunately, I spotted problems in the file's name. But future attacks will no doubt be even better crafted.

Antivirus programs aren't well suited to customized threats. They're designed to catch malware sent blindly to thousands of recipients.

Security firms analyze growing threats to determine virus signatures (identifying features). The signatures are released as updates to antivirus programs. Isolated attacks may remain undiscovered far longer than widespread threats. That's more time to siphon a company's employee or customer data.

Stop spies before they get in

To prevent targeted attacks from infiltrating your workplace, always be skeptical. Almost any e-mail message bearing attachments is suspect. Here are three telltale signs of a possible threat:

1. An unexpected e-mail attachment
Be wary of any e-mail attachment you never requested. And don't trust the return name or address. Those can be easily forged. Your best bet is to verify with the sender by phone.

2. Deceptive file names
It used to be that you could spot a trick e-mail by its poor grammar. Today, many attacks are professional and well written. But sometimes you can still catch deceptive attachments by the file name.

By default, Windows hides file extensions like .doc (Word) or .xls (Excel). This is good for simplicity, but bad for security. Viruses could bear names such as "memo.doc.exe." Windows hides the true file extension, leaving the appearance of a Word file.

You can force Windows to always show file extensions. Click Start>>Control Panel. Double-click Folder Options. Select the View tab. Clear the checkbox labeled "Hide extensions for known file types." Then click OK.

Be aware that inspecting file names is not a fail-safe method. A legitimate Word document could nevertheless include a harmful macro. However, a tricky file name should be your cue to avoid the attachment and delete the e-mail.

3. Embedded links
Though not as direct as attachments, links in e-mail can be just as harmful. A deceptive link could whisk you to a fake login or company IT support page. Even your workplace e-mail password opens the door to insider information and contacts for further attacks.

All of these problems can be addressed by verifying with the sender. Determine over the phone or via e-mail whether the person indeed sent the attachment or link.

Though e-mail is commonly used, it's not the only avenue of attack. Instant messaging (IM) also is used to trick employees into opening the company's network. Like e-mail, IM programs allow file attachments and links.

As with e-mail, verify any files or links sent your way. Don't ask over IM, as you may be dealing with an impostor. A quick phone call to the sender will suffice.

Let's All Be Safe !!!

[Will.Spencer]

There are also two backdoors in Adobe Acrobat .PDF files floating around now.

No one is safe.

[jumpenjuhosaphat]

Above all of the good tips you just gave, you also gave me two bits of information that I've been needing for a long time now. First, I hate that I can't see what the extension of a file is, I name and rename files so often, half the time by the time I get them uploaded to my server they are something like file.php.php. It drove me crazy, until now. Also, I never knew how to disable/enable double clicking. My wifes computer was a system one of our neighbors threw out, and ever since we picked it up, it's been on click once, and it drives me nuts. Oh, you didn't directly give me the last bit of info, I found it when I went in to change the settings in the folder options folder.

Thanks.

[crafterz]

Great tips dr911! People can benifit from this thread a lot. A lot fo people dont know all the dangers, or what precautions to take to protect themselves from all those dangers.

You have cleared a lot of thing up for anyone hoping for protection

[Lyte]

Great info Doc! Thanks for taking time to put that together.

Lyte

[dr911]

Thanks All,

I spent a lot of time researching this. Lyte..if you'd like,,,maybe worth a "sticky" . For all the newbies here. Also oldbies.....LOL !!

[Lyte]

She be stuck!

Lyte

[here_2_help]

Well done! That is a supurb idea! This is the type of thing that should be rewarded. The best way to secure yourself is to

1. follo the guide at the top of this page
2. don't have internet!

im assuming you all want your internet, so... go all for it man! GOOD ON YA MATE!