Hi folks,
Wanted to make sure you guys are aware of the various email scams that are out there. One of the nastier scams are “phishing” scams where the attacker will send an email that looks legitimate but is really just a ploy to get you to click on a link and/or give up valuable information about yourself.
An example – you’ll get an email from Citibank saying that there’s a problem with your account and that you need to log in to a web site to verify your user name/password or your account will be cut off. Except the email is not really from Citibank (looks like it is) and the link that you go to is really not Citibank’s (although it may look just like it and/or the address in your address bar). You give up your login and password; the bad guy has it and then drains your account.
Another example – you get an email for a free offer. You check the company out online and everything looks ok – so you click the link. Again the link is not to the actual web site but to a hacker site – again to capture information, or to install a program on your PC that logs your keystrokes. The hackers have gotten to a point where you just have to visit a web site and behind the scenes the programs are downloaded to your PC that captures your keystrokes and/or installs a backdoor on your computer so that they can retrieve the log. If they get lucky, they get the login and password you used to get on your banking site or the credit card information you used to buy something online.
The problem with computer security now is that hackers have found ways to exploit weakness in Windows where there is not a patch available yet or an update for your Anti-virus package. This doesn’t get a whole lot of press because if people actually understood how unsafe things are now, e-commerce would grind to a halt.
At the corporate level there are ways to enact multiple layers of security to protect against these attacks – but for the home you can do so for much less $$$.
What to do:
1) Don’t open any email where you didn’t know where it came from, and be careful of those that where you do know who the sender is. Don’t click on a link – instead type the link in your browser.
2) Don’t open those cute little video’s and such that people send around. Yes they are funny but it’s very easy for a hacker to embed a backdoor program in them to make your computer a zombie.
3) If you have kids and your personal computer is important, get a separate computer for them so they can mess up their own computer.
4) Make sure that your PC is as secure as possible. Run an anti-virus program (www.grisoft.com – AVG) that checks for updates on a daily basis. If you have broadband (Cable/DSL) – use a hardware firewall (Linksys for example) between your cable modem and your computer(s). Run a software firewall (like Zonealarm – www.zonealarm.com) on your PC. Use a spyware eliminating program like Ad Aware (www.lavasoftusa.com). A good link for overall PC security: http://www.pcmag.com/article2/0,1759,1618804,00.asp
(How many of you would actually click these links even though I said not to??? For the PC mag link, go to www.pcmag.com and search for Keep Your Friends Safe in their search bar)
It takes me 2 – 5 hours to clean up a computer that has been compromised; it should take you about 2 hours to set it up for security measures recommended in the PC mag article. It can cost you much more in terms of lost personal information or even identity theft. Please practice safe computing . . .
Feel free to forward this on to folks, but please delete my contact information . . . unless they are a big company . . . ;)
Good luck!
Chris
Chris Gardner, CSE
Security Practice Director
Network Solutions, Inc.
Converged and Secure Communications
W 574-271-0900 C 298-4238 F 271-7117
Offices in South Bend, Indianapolis and Chicago
This e-mail and attachments may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
|