Showing posts with label spyware. Show all posts
Showing posts with label spyware. Show all posts

More Scareware On Major News Sites
Monday, September 14, 2009

More reports are coming in of scareware coming from major news sites including The New York Times and the Philadelphia Inquirer.

As I mentioned in my previous alert about scareware via Newsweek, it's important to note that these scams can happen anywhere, anytime, even on the most reliable of sites. Please be careful, and bear in mind my recommendations on how to protect yourself from scareware.

Posted byTriona Guidry at 2:31 PM 0 comments  

Labels: , , , , , , , , , ,

Newsweek And Other Legit Sites May Contain Scareware
Tuesday, September 8, 2009

This article caught my attention recently, concerning a scareware scam that is being distributed via Newsweek's web site. I mention this one in particular because it's an example of how bad links sometimes come from good sites.

Scareware is when you receive a popup that insists there's something wrong with your computer. It's a scam to try to get you to click on a link, thus infecting your computer with viruses and possibly also ripping off your credit card. Don't expect your antivirus software to catch this stuff, it often sneaks through. I strongly encourage you to protect yourself through a combination of good computer security, free web site ratings software like McAfee SiteAdvisor or LinkExtend for Firefox, and plain old common sense.

Here are some of my previous articles which may help you out in this situation:

I'll be reprising my class on How To Protect From Cybercrime this November with the Cary Park District if you're looking for further help. See my class schedule for details and registration information.

Posted byTriona Guidry at 3:14 PM 0 comments  

Labels: , , , , , , , , , ,

AVG Antivirus Mistakenly Marks iTunes As Malware
Monday, July 27, 2009

A recent update for the Windows-based AVG antivirus program surprised users when it mistakenly identified several components of iTunes as a malware trojan called Small.BOG. This is called a false positive, when security software quarantines legitimate software.

If you run into this problem, the fix is to update AVG, then update iTunes. This technical bulletin from AVG provides more details.

Don't forget to subscribe to Tech Tips (free!) for the latest computer news plus bonus tips, tricks and product reviews.

Posted byTriona Guidry at 2:42 PM 0 comments  

Labels: , , , , , , ,

Emergency Microsoft Patches Issued Tomorrow

Microsoft is releasing a pair of out-of-sequence security patches tomorrow, to fix vulnerabilities in Internet Explorer and Visual Studio. It's unusual for Microsoft to stray from their regular Patch Tuesday cycle (the second Tuesday of the month). While the Visual Studio patch will affect a small percentage of computers, the Internet Explorer patch applies to any computer running Windows.

To make sure you get these updates, either turn Automatic Updates on (bearing in mind the pros and cons of doing so) or visit update.microsoft.com to check for these latest patches.

Software patches (also called updates) are fixes for bugs that could allow malicious software to enter your computer. By staying current on these patches, you improve your computer's defense.

Don't forget to subscribe to Tech Tips (free!) for the latest computer news plus bonus tips, tricks and product reviews.

Posted byTriona Guidry at 8:28 AM 0 comments  

Labels: , , , , , , , , , , , , ,

Most Dangerous Web Search Terms
Tuesday, July 14, 2009

A recent McAfee study (pdf) reveals that searching for certain keywords carries a greater risk of being infected with malware.

McAfee found maximum risks associated with the word, not surprisingly, "free". Studying the U.S. in particular, words associated with celebrities or song lyrics demonstrate how malware gloms onto recent headlines and trends. "Screensavers", "free music downloads" and "free ringtones" remain popular ways to lure you into clicking malicious links. And the keywords "search engine marketing" or "search engine optimization" have become increasingly linked to sites that deliver malware or scareware antivirus scams. In short, just because a link comes up when you search for a particular keyword doesn't mean that link is where you want to go.

I recommend free programs like McAfee SiteAdvisor or the even better LinkExtend for Firefox as plug-ins for your Web browser. These programs rank search results to give you a better idea of whether or not the links are malicious. But your safest bet is to type Web addresses manually, for example going directly to www.snopes.com instead of searching for it by keyword.

For bonus tips, tricks, and other computer help, subscribe to the free email version of Tech Tips.

Posted byTriona Guidry at 9:18 AM 0 comments  

Labels: , , , , , , , , ,

Protect Yourself From Zombie Computers
Thursday, July 9, 2009

There's a lot of talk in the news about the recent cyber attacks on U.S. and South Korean servers. Computers in both countries were disrupted through what are called "denial of service" attacks, when hackers use infected computers called zombies to slow or crash target servers. Zombie computers are often owned by small businesses or consumers who are completely unaware they are infected. I've mentioned zombie computers before (here and here) but it's important to reiterate how you can protect yourself and others.

Your best protection is prevention. Be sure to run a reliable antivirus program like those below (beware of the fakes!) as well as anti-spyware software. Security suites offer a way to combine those protections with a firewall to block unwanted network probes. Regular software updates are also key to keeping your computer protected. You can learn more about these techniques in my article on cybercrime. I am teaching a class on How To Protect Yourself From Cybercrime on Monday July 20th from 9:30am-11:30am in Cary, Illinois (click here for more details and registration information).

Antivirus software for PCs:

Antispyware software for PCs:

Antivirus and anti-spyware software for Macs:

For bonus tips, tricks, and other computer help, subscribe to the free email version of Tech Tips.

Posted byTriona Guidry at 11:01 AM 0 comments  

Labels: , , , , , , , , , , , ,

FTC Slaps Fake "Win Antivirus" Scammers On Wrist
Tuesday, June 30, 2009

The FTC has agreed to settle with some of the scammers responsible for the repulsive "Win Antivirus" scam, in a decision that's effectively a slap on the wrist.

I doubt this will result in any kind of serious setback for the fake antivirus software industry. $116,000 is chump change for criminals who charge consumers $50 and up for these bogus products, which are known by various names including Win Antivirus, XP Antivirus, WinFixer, DriveCleaner, and ErrorSafe. Check out my previous entries here, here and here for more details on how insidious these programs can be.

There is more money still being made out there at your expense, so be sure the programs you're using are the real deal. I hope the FTC will continue to pursue and prosecute the miscreants responsible for such scams.

For bonus tips, tricks, and other computer help, subscribe to the free email version of Tech Tips.

Posted byTriona Guidry at 4:48 PM 0 comments  

Labels: , , , , , ,

Is Microsoft Security Essentials Worthwhile?
Tuesday, June 23, 2009

Microsoft has released a beta (test) version of its upcoming Security Essentials program, which is scheduled to be rolled out to consumers in September. Microsoft Security Essentials is, essentially, a stripped-down version of the ill-fated OneCare. The question is, will it do a better job of helping consumers protect their computers from viruses and spyware?

My guess is, not really. Sure it's free, but so are other programs with better reputations for removing the gunk from your computer. Even so, most free programs do not offer the complete protection of a full-fledged security suite. My fear is that the presence of Microsoft Security Essentials may lure some consumers into complacency, with the impression that their computers are adequately protected when they're not. I already see this with programs like Windows Defender and the monthly Microsoft Malicious Software Removal Tool, neither of which are suitable replacements for real security software.

Of additional concern, and the reason I'm mentioning this now even though the software's still beta, is that scammers will undoubtedly glom onto this just as they grab any popular headline in their attempts to con you into fake antivirus software. Just because something claims to be "that new software from Microsoft," don't believe it unless you're downloading from a bona fide site.

For bonus tips, tricks, and other computer help, subscribe to the free email version of Tech Tips.

Posted byTriona Guidry at 2:29 PM 0 comments  

Labels: , , , , , ,

Sears Settles Over Spyware On Consumer Computers
Monday, June 22, 2009

We all have to be careful what we install on our computers, even if it's from a reputable company. Sears has agreed to settle FTC charges concerning spyware on consumer computers.

The concern is over a research project Sears conducted in 2007 and 2008 called "My SHC Community." Select visitors to the sears.com and kmart.com sites were offered $10 to install a program that supposedly monitored online browsing. But, as reported by the FTC:

The FTC charges that the software would also monitor consumers’ online secure sessions – including sessions on third parties’ Web sites – and collect information transmitted in those sessions, such as the contents of shopping carts, online bank statements, drug prescription records, video rental records, library borrowing histories, and the sender, recipient, subject, and size for web-based e-mails. The software would also track some computer activities that were not related to the Internet. The proposed settlement calls for Sears to stop collecting data from the consumers who downloaded the software and to destroy all data it had previously collected.
Personally I think burying the real intent of software like this at the bottom of some license agreement is a nasty trick, and the FTC seems to agree. The settlement is subject to public comment through July 6, 2009, so if you'd like to speak your piece you can download this PDF from the FTC.

Posted byTriona Guidry at 11:30 AM 0 comments  

Labels: , ,

Symantec, McAfee Penalized For Antivirus Auto-Renewals
Thursday, June 11, 2009

If you've ever wondered if you're being forced into antivirus auto-renewals, you're not alone. New York Attorney General Andrew Cuomo's office has reached a settlement with Symantec and McAfee over their automatic software renewal practices.

I think this is great news for consumers and businesses. There has been too much confusion over auto-renewals. Some people are not aware that purchasing antivirus software via credit card typically signs you up for auto-renewal. Others have struggled to cancel their auto-renewals thanks to aggressive policies on the part of vendors like Symantec and McAfee. When purchasing antivirus products online, I frequently find myself disabling the auto-renew option only to find it re-enabled before I reach the checkout. While I applaud Symantec and McAfee's attempts to make sure people are up-to-date on their antivirus, forced auto-renewal is not the solution.

This is also a good time to remind folks that it's better to upgrade your antivirus software each year instead of simply paying for another year's subscription. While I'm still recommending other antivirus programs over Norton, those of you who do use Symantec and McAfee products can hope that your next auto-renew process will be more user-friendly.

From the press release:

Attorney General Andrew M. Cuomo today announced a settlement with computer security software vendors Symantec (NYSE: SYMC) and McAfee (NYSE: MFE) after the companies renewed customers’ software subscriptions without the customers’ knowledge or authorization. Under the Attorney General’s settlement, both companies will make detailed disclosures to consumers about subscription terms and renewal, and each will pay $375,000 in penalties and costs.

“Companies cannot play hide the ball when it comes to the fees consumers are being charged. Consumers have a right to know what they are paying, especially when they are unwittingly agreeing to renewal fees that will not appear on their credit card bill for months. Symantec and McAfee - two of the nation’s largest vendors of computer security software - will now have to be clear and up-front with their customers when it comes to renewal fees. In other words, no more hide the ball with renewal fees.”

Posted byTriona Guidry at 9:42 AM 1 comments  

Labels: , , , , , ,

How To Spot Bad Web Links
Friday, May 15, 2009

Computer security specialists, myself included, recommend that you avoid clicking on bad web links. But how can you tell a bad link from a good one? Even if you're going after legitimate software it may be difficult to tell the difference. To demonstrate, I've pulled screenshots from the downloads for two of my most-recommended security tools, the free AVG anti-virus program and the free Spybot anti-spyware program.

The first hurdle comes when you search for these products. As you can see from this screenshot of a search for Spybot, it's hard to tell which link to click.

The key is to look for the words "sponsored links" or "sponsored ads". These are links, often phony, which come up when certain keywords are typed. There are plenty of bad or questionable links associated with the keyword "Spybot." This is the same vicious technique hackers use to get you to click on bad links when you're searching for hot topics like "swine flu" or "virus removal." It's black-hat search optimization, and the big search engines like Google and Yahoo aren't going to protect you. They don't care if the keywords link to malicious sites as long as they're getting paid for the ads.

Let's assume you've navigated yourself to the correct page to download Spybot. Even here, there's a catch. Most software is downloaded from aggregate "mirror" sites, in this case CNet. These sites have keyword-based advertisements too, not all of them good. In this screenshot I've highlighted the ads in red, the correct Spybot download links in green. It's like an obstacle course!

The AVG examples demonstrate the same thing. Assuming you've gotten yourself to the correct download page, you've got more bad links to avoid. Sometimes the positioning is such that the bad link looks like the good one. In this case, the words in blue, "Ad Feedback," show you which parts of the page are ads. If you mentally divide the page up into regions you can see where the ads are versus where the content is.


For more tech tips, tricks and techniques, subscribe to Tech Tips.

Posted byTriona Guidry at 5:27 AM 0 comments  

Labels: , , , , ,

Profiting From Cybercrime

How much money is actually made from computer crime? Do companies lose money fighting against it? I've gathered some numbers to illustrate the burgeoning black market of cybercrime.

According to a recent report from security firm Finjan, fake antivirus software can bring in an average of $10,800 a day in profits. At $50 per user that's a lot of people being scammed, not to mention left vulnerable to viruses. Respondents to the Computer Security Institute's 2008 security assessment report that the removal of zombie or "bot" computers from their networks cost an average of $345,600 last year. The Business Software Alliance reports that piracy cost the software industry $50 billion in 2008.

Researchers investigating the Storm worm found that spam remains highly profitable. Storm advertises, among other things, pharmaceuticals, netting a potential $7,000 to $9,500 during the height of its spam campaign. This extrapolates to $3.5 million a year in revenue, with 3,500 to 8,500 newly infected computers every day.

Don't be part of these statistics. Keep your protections up to date, and subscribe to Tech Tips for the latest computer news.

Posted byTriona Guidry at 5:24 AM 0 comments  

Labels: , , , ,

Windows XP Attacks Abound: Time To Upgrade To Vista
Thursday, May 14, 2009

I'm seeing a rash of seriously infected Windows XP computers. The technical term for these computers would be toasty. Fake antivirus, insidious spyware, you name it, these computers have it, and the vast majority of them are quite well protected from a Windows XP standpoint.

It's sad to say, but our decisions to upgrade have become less about whether we need it for productivity and more about whether our computers can remain functional against the continual onslaught of cyber-attacks. Remember, Windows XP is 8 years old. These attacks are sneaking through despite our best defenses. Windows Vista is no panacea, but its improvements in security offer better protection.

If your computer doesn't meet the system recommendations for Vista--the real recs, not Microsoft's bare-minimum--an upgrade to Vista equals either an upgrade in hardware or possibly a new computer. Bearing in mind that Windows 7 is slated to come out around the 2009 holiday season, this means your Windows XP days are numbered. The good news is that your software should, for the most part, be compatible. The bad news, if you don't care for the Vista interface, is that you'll finally have to bite that bullet. If you're not sure what to do, I'm always happy to evaluate your computers at my next service visit.

Posted byTriona Guidry at 6:59 AM 0 comments  

Labels: , , ,

Does Conficker Infect Macs?
Tuesday, March 31, 2009

Another question about Conficker I've been asked a lot lately. Short answer: no.

More specifically, not unless you are running Windows on your Mac (through Apple Boot Camp or a virtual environment like Parallels). However, I do recommend antivirus software for Macs. Click here to see my suggestions for both Mac and PC antivirus solutions, and don't forget to subscribe to Tech Tips for computer help for both Macs and PCs.

Posted byTriona Guidry at 2:42 PM 1 comments  

Labels: , , , , , ,

Conficker Virus April 1 Deadline
Monday, March 30, 2009

Lots of people have asked me about the Conficker virus and its April 1, 2009 deadline. The short version is, make sure you have your latest antivirus updates and Microsoft patches.

Conficker aka Downadup has been around for months (you can find my other entries about it here, here and here). Like other viruses it works by installing a core piece of itself, then downloading so-called "payloads" that enable other abilities. Hackers test variants of the virus by unleashing them on an unwitting world, in this case Conficker A, Conficker B, and Conficker C, the latest and most aggressive. On April 1st, researchers predict Conficker C will download its payload, this one possibly with far-reaching consequences. But it's hard to tell if this is media hype or real danger.

Your best protection is prevention. Even if you think you're okay, a scan with a Conficker detection tool wouldn't be amiss. And be sure to subscribe to the email version of Tech Tips for the latest computer news.

ADDENDUM: Scammers are poisoning search results, so if you try to do a web search for instructions to remove Conficker you may wind up at malicious web sites. Be sure to obtain removal tools only from legitimate sites like Microsoft's. When in doubt, type the address manually into your address bar instead of clicking on a link.

Posted byTriona Guidry at 4:08 PM 0 comments  

Labels: , , , , , ,

Update Adobe Flash Player
Monday, March 2, 2009

Another day, another exploit for your computer. Today it's Adobe (formerly Macromedia) Flash Player, used by just about everyone to view video on Web pages. You may have it without realizing, as it is often automatically installed by various sites and programs.

Why is this update important? If you don't have the latest version, your computer could be attacked by viruses simply by viewing an infected Web page. "Trustworthy" sites are often infected, so your only protection is updated software, good antivirus, and a little computer security savvy.

Download the latest Flash Player today, and stay tuned to Tech Tips for the latest computer news.

Posted byTriona Guidry at 4:43 AM 0 comments  

Labels: , , , , , , , ,

Antivirus 2010: A New Low In Fake Antivirus
Tuesday, February 24, 2009

From the malcontents who bring us fake antivirus software comes "Antivirus 2010," a Windows scam so sneaky it puts its predecessors to shame. It looks horrifyingly realistic (see screenshots) and it goes all-out in pretending to be legit:

  • Mimics Windows' own Security Center with warnings to register the fake software

  • Mimics Internet Explorer errors to imply you need the fake software before you can visit web sites

  • Mimics Windows startup screens to imply you can't start your computer without registering the fake software

  • Creates phony errors in Windows to imply your computer is unusable without the fake software

  • Pretends to find and fix problems that aren't present on your computer

  • Offers a realistic-looking web site for download and registration
and the topper, in case you try to Google it to see if it's real:

  • Redirects your machine to fake web sites with fake reviews extolling the fake software!
Antivirus 2010 is showing up everywhere from sponsored Google links to MySpace comments, so be sure you're running legitimate antivirus programs and don't forget to subscribe to Tech Tips for the latest computer news.

Posted byTriona Guidry at 4:30 PM 0 comments  

Labels: , , , , , , ,

Fake Antivirus On Macs
Wednesday, January 28, 2009

It had to happen. Macs are the latest target of fake antivirus software scams.

For some time I've been warning PC users about scareware scams: warnings claiming that your computer is infected and you must buy "Insert Name" antivirus software or you're doomed. Please don't fall for these tricks. There are perfectly good antivirus programs out there that don't advertise via the electronic equivalent of unwanted solicitors.

My current recommendations on Mac antivirus programs are:

And so you PC users don't feel left out:

I evaluate antivirus software on a continual basis, but you'll always find my recommendations here on the Tech Tips blog (under Windows and Mac in the sidebar).

Posted byTriona Guidry at 5:42 PM 1 comments  

Labels: , , , , , , ,

Viruses And USB Flash Drives
Monday, January 26, 2009

One of the nasty things about the Conficker virus (10 million PCs and counting) is its multiple methods of infection, including the way it infiltrates USB flash and network drives.

Imagine you get a flash drive from a friend, plug it in, and get the following message. Look closely. It seems like normal Windows, right? Wrong. If you pick the first choice ("publisher not specified") you just infected yourself with Conficker.

This is the virus using a real Windows window to confuse you. Keep an eye out for any change, however small, to the usual things your computer does. In this case the virus inserts itself before the normal Windows options, knowing that most people simply click the first link without looking. You can disable Autoplay to avoid this particular trick, but there will be others.

Another nasty thing about Conficker is the second shoe it may be about to drop. Researchers say they expect Conficker to download and install a second payload that may do more to your computer than simply infect it. So patch your computer, keep that antivirus software current, and stay tuned to Tech Tips for more news.

Posted byTriona Guidry at 1:08 PM 0 comments  

Labels: , , , , , , ,

Don't Renew Your Antivirus Software
Thursday, January 15, 2009

Am I serious? Yes, I am advising you not to renew your antivirus software.

There's a difference between renewing and upgrading to the latest version. Many antivirus programs allow you to purchase another year's worth of updates without upgrading the software, but it's not worth the slight savings. Upgraded software gives better protection.

Antivirus programs use a combination of definitions and heuristics. Definitions look for known virus code. Heuristics look for virus-like behavior, meaning they can detect both known and unknown viruses. When your antivirus software updates itself each day, it's getting new definitions to protect against newly released viruses. But it doesn't make sense to wait for a new virus to come out, write new definitions and send them out to millions of machines. With computers these days, by the time you do that it's already too late. What's needed is software with better heuristics. The newest antivirus programs have the latest heuristics available to consumers, so you are better off paying that little bit extra to upgrade instead of simply renewing for another year of definitions.

While we're talking about not renewing your antivirus software, if you Windows users are still running Norton, save yourself a headache and move to something else when your subscription expires. The 2009 versions are better but still memory hogs compared to Trend Micro, the free AVG and others (look under Windows Users in the Tech Tips blog sidebar).

In February I'll teach you how to Break The Internet Explorer Habit. Don't forget to subscribe to the email version of Tech Tips for the latest computer news.

Posted byTriona Guidry at 6:48 AM 0 comments  

Labels: , , , , , , ,

Subscribe to: Posts (Atom)