| Senior
Join Date: Nov 2005 Location: Northern Arizona
Posts: 653
Rep Power: 3  |  Windows - Security & Malware Preventions
Article # 7
Written By : DR911
I hang out mostly in the "Windows NT - 2000 - XP" discussion group and I see a LOT of people making posts about malware infections (and some of them subsequently get moved to the Security forum). HiJackThis logs are a common post. It is apparent to me that a lot of people just don't follow best practices when it comes to security.
So, with that in mind, let me suggest that these people are doing one or more of the following:
1. Surfing the web and clicking on unknown links UNPROTECTED.
2. Clicking on links in Instant Messaging programs.
3. Opening suspicious Email attachments.
4. Having emails automatically open - in OE this is known as the "Preview Pane".
5. Opening Emails from people they don't know.
6. Leaving your "personal"email address (I'll explain what I mean by "personal") on the web.
Now I'll address each of these items in detail:
1. SURFING THE WEB AND CLICKING ON UNKNOWN LINKS UNPROTECTED.
I'm NOT suggesting that you stop surfing the web, just that you have malware protection software running (e.g. anti virus, anti -spyware, firewall) when you do.
Ideally you want to have "real-time" protection with your anti-spyware software and "on-access" protection with your anti virus software, and run "on-demand" scans at least monthly. And make sure your definitions are up to date. If they're NOT, your malware protection software won't protect you from the latest threats.
If you Google a lot, then you're probably going to be clicking on a lot of unknown links. And even "known" links can sometimes be disguised and be phishing scams (which is a whole 'nother topic and not the subject of this post).
Some categories of links that most often carry malware are: porn sites (more on that in a bit), stock advice sites, and "free" downloads sites.
Porn sites - I'm not suggesting that users voluntarily go to porn sites (though some do), but some of the names of these sites are misleading. For example, someone wishing to visit the Whitehouse site may think the URL would be "Whitehouse.com". But "Whitehouse.com" is actually a porn site. What is really the Whitehouse web site is "Whitehouse.gov".
Porn sites will frequently hijack your browser home page, inundate you with pop-ups every time you run your browser, and embed malware so deep in your Registry that it's hard to get out.
Stock advice sites - There are a lot of legitimate stock advice sites, like Thomson, Morningstar, and The Wall Street Journal, but a lot of stock advice sites are just plain nasty.
For example, stock message boards, like the ones that Yahoo maintains, can be breeding grounds not only for pump-and-dump schemes, but links that contain malware. It's a good idea NOT to click on links on these message boards - no matter how "good" the poster (who will likely be a stranger) says the stock advice is.
Free download sites - There is a lot of good free software out there, like Spybot, ZoneAlarm, AVG, and Ad-Aware. But unless you are sure about the safety of the software you are downloading, it's a good idea NOT to download it. That's because a lot of "free" software is supported by adware and spyware that's included with it, unknown to the user. And, believe it or not, a lot of "free" so-called anti spyware software actually contains spyware itself.
Free download sites - There is a lot of good free software out there, like Spybot, ZoneAlarm, AVG, and Ad-Aware. But unless you are sure about the safety of the software you are downloading, it's a good idea NOT to download it. That's because a lot of "free" software is supported by adware and spyware that's included with it, unknown to the user. And, believe it or not, a lot of "free" so-called anti spyware software actually contains spyware itself.
2. CLICKING ON LINKS IN INSTANT MESSAGING PROGRAMS
I'm not suggesting here that you stop using Instant Messaging programs, like AIM, or Yahoo, or ICQ. But I AM suggesting that you refrain from clicking on links in the messages. Even if the link is from a friend who says, "Click on the link and look at the pic, it's pretty cool" - DON'T!!! That link could very well download a Trojan at the same time it's downloading that "cool" picture.
IM's are notorious for spreading malware, so make sure and run all your security software when you run your IM program.
I have a friend who runs ICQ, and at least once a month he gets infected with some malware he got in an IM. We've reinstalled his OS several times because we've been unable to remove the malware (maybe next time I'll send him to the Security forum here). One of these times I'll probably just say, "NO, I'm not coming over because you did what I repeatedly told you NOT to do!!"
3. OPENING SUSPICIOUS EMAIL ATTACHMENTS.
Many viruses are sent in email attachments. If the attachment has a .scr, .exe, or .dll extension, then it's likely malware. There are other suspicious extensions, but I can't remember what they are right now.
If you insist on opening an attachment, store it first to a folder named something like "Email attachments to scan", and then scan it with your anti virus software BEFORE opening it.
Even if the attachment is from a friend, scan it FIRST. And definitely DON'T open an attachment from someone you don't know - delete the entire email.
4. HAVING EMAILS AUTOMATICALLY OPEN.
In Outlook Express (OE), this is known as the "Preview Pane". DISABLE it by going to "View>Layout" and unchecking "Show preview pane". The word "preview" is misleading, because it makes you think that it's only a snippet, like a preview of a film. BUT IT'S NOT!!! This "Preview Pane" will actually open the entire email, and thus download any viruses that may come with it. And the OE preview pane is enabled by default, and so also is the setting in "Tools>Options>Read" to automatically download all emails viewed in the preview pane.
This is particularly dangerous when you get an email from a stranger and want to delete it first. If it's opened in the preview pane, it already too late to delete it - the damage has been done.
I'm not familiar with other email programs, like Eudora, but they probably have something similar to a preview pane. DISABLE IT!!!
5. OPENING EMAILS FROM PEOPLE YOU DON'T KNOW.
You'll have to suppress the temptation to know what this is about - especially if the title of the email peaks your curiosity. If you don't know the person, DON'T open it - delete it. If it's from someone you know or it's something important, they'll likely call you on the phone.
People you don't know can get your email address from a number of places, not the least of which are those "Forwarded" joke emails you get from your "Auntie" that contain all the addresses of everybody on the forward list.
6. LEAVING YOUR "PERSONAL" EMAIL ADDRESS ON THE WEB.
Leaving your "personal" email address on the web can make you vulnerable not only to spam, but also to malware.
A lot of spam AND MALWARE (but not all) comes from "harvesting" programs that spammers AND MALICIOUS mailers use to "harvest" email addresses left on Internet pages. Some spammers can also harvest addresses from "Forwarded" emails.
So, to eliminate the Internet page source of spam and malware via your "personal" email address, there are three things you can do:
1) NEVER leave your "personal" email address on the Internet.
Now there are some sites that absolutely INSIST that you leave an email address - like when joining discussion groups, when making a purchase, setting up your profile for your Health Insurance web site, Online banking, etc.
For that requirement, see point #3.
2) On discussion group postings, always "munge" your email address if you want to post it. "Munge" means to disguise it.
For example, one of my email addresses (see point #3 for why I have more than one) is whoever [at] gmail.com. Notice that I typed out "at" instead of using the @ symbol. That's "munging". Most harvesters look for the @ symbol to get email addresses, so if you leave out the @ symbol by typing "at", the harvesters will not identify it.
However, spammers are getting more sophisticated tools, and harvesters may now look for "at" when it's typed out - which is why I put it in brackets too. But then they may look for "at" in brackets too - it's a real cat-and-mouse game.
THIS IS THE TIP THAT'S MOST IMPORTANT
Get an Internet Email account - such as Yahoo, Gmail (Google), or Hotmail (Microsoft) IN ADDITION to your ISP's Email account (I call that one your "personal" email). Most of them are free.
For Internet stuff, leave your Internet email address. That way, even if spammers figure out a way to harvest your munged address, spam will only be delivered to your Internet Email address.
It's like having two snail mailboxes. One is for junk mail only, and the other is for "personal" stuff, like correspondence from family or friends and bills.
Which brings me to another point on this "two email" strategy. Give your uncontaminated "personal" email address to trusted family members and friends ONLY.
OK . . . time to end this lengthy post.
My final point is this: Anti-malware programs WON'T always provide 100% protection - there is no such thing as "100% protection", unless of course you throw your computer in the trash.
The ultimate source of protection is your own common sense!!
More To Come !!!
__________________
May Your Wishes Come True !!
DR911
Goverment Grant & Loan Infomation
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
|
Linear Mode
