Network Security Warning ..... How to Protect Yourself On The Internet

[wayne_abx]

New Scam Targets Bank Customers

-wayne

[mktsurf]

Navigating the online land mines
Latest scams, hidden viruses make Net more treacherous
By Andrea Coombes, CBS.MarketWatch.com
Last Update: 6:08 PM ET July 21, 2004 [ Page 1 | 2 ]
E-mail it | Print | Alert | Reprint | RSS

SAN FRANCISCO (CBS.MW) -- These days, even veteran surfers are finding it difficult to avoid the latest Internet land mines.

From hidden viruses that commandeer PCs via trusted Web sites to next-generation phishing e-mails that plant information-gathering devices on your computer, the online world is beginning to feel more like a dangerous war zone than a fun place to surf.

Even those who study Internet commerce are a bit more nervous about the online experience. "I've always shopped online; I've certainly been more concerned in the past six months than I've ever been," said Bruce Cundiff, an analyst with Jupiter Research, echoing comments by other Internet experts.

These days, extra precautions are more important because it's not enough to avoid suspect Web sites or delete fraudulent e-mails purporting to be from your bank.

In the latest phishing (as in fishing for personal data), the spam e-mails contain code that installs a keyword logger on your computer, which then starts collecting personal data, even if you never clicked on the message but previewed it in the viewing pane.

Earlier variants of phishing, such as messages that mimicked bank e-mails, are "a classic con game," said Peter Cassidy, director of research programs of The Anti-Phishing Working Group, a consortium of companies working to eliminate such scams.

"People said, 'All you have to do is ignore those messages.' With the new stuff, it's a different thing. You have to filter the mail so it never makes it to your inbox," Cassidy added.

The scammers' aim is often personal financial data. "The end goal is to get something on your computer to download a key logger or a data miner that will deliver to the attacker your personal financial data, which can then be used to log into your bank account."

That's the same aim of hackers who've compromised some Web site pages, so visitors unwittingly download viruslike code that hijacks their PCs.

NetSec, an Internet security company, announced last month that 50 Web sites, many of them trusted names, had been hacked in this way, with untold numbers of home PCs infected.

"All you have to do is open up a Web page [and] this appended a program to it," said Chris O'Ferrell, chief security officer of NetSec. That program is then used to steal personal information.

NetSec would not release names of affected sites, and some experts say those Web destinations have already patched the problem.

"The scary thing about it is, who knows how long it was going until we discovered it?" O'Ferrell observed. "We know there was a lot of information being sent to servers over in Russia."

Harder to avoid

While most Internet users are now savvy enough to ignore the first-generation phishing messages, the Web site scams and latest e-mails are tougher to crack.

With the newest phishing messages, "if all you did was preview them in Microsoft Outlook ... it had already installed a Trojan horse to do key logging on your PC," said Bill Franklin, an investigator for the Anti-Phishing Working Group, and president of 0Spam.Net, a company that monitors e-mails for spam, viruses and phishing.

Trojan horses and system monitors wind into your computer and sit there collecting data. "It's going through all the files on the PC and trying to find any kind of access devices -- the equivalents of passwords, usernames, things that can unlock someone's identity," Franklin added.

Other spyware waits until you go to a bank or other financial institution site so it can then collect password keystrokes, he noted.

More than 500,000 instances of Trojan horses and system monitors were found in 1.5 million scans of customers' computers year to date, according to EarthLink and Webroot, which makes security software.

"I don't see it slowing down anytime soon. It's a problem that's growing like viruses did and just like spam has been," said Scott Mecredy, senior product manager at EarthLink. "We're dealing with a very savvy group of thieves that are motivated by economics. They stand to gain fairly substantially from their efforts."

Online street smarts

But consumers have their own weapons in this fight. For one, simple street smarts can help. If a Web site's pages seem to blink or look different, consider ending the transaction.

"Take note of how your normal banking procedures run," Cassidy said. "If a page has blinked and come back, you should be suspicious. You think you're on the bank site, but you're not. Be aware of how the system works."

Some phishing attacks come through instant messages now, so be sure you trust the sender before clicking on links or attachments received via an IM.

When surfing, if a Web site has misspellings or seems unprofessional, refrain from doing business there. "If these people don't have their act together enough to proofread their site, how good can their security be?" O'Ferrell said.

Also, when transmitting personal or financial data, look for the picture of the lock as the promise of an encrypted transmission.

Use credit cards rather than debit cards online, and consider the temporary account numbers offered by some credit card companies, including Citibank and MBNA. Once the transaction is over or a certain dollar limit is reached, that number no longer works.

The essentials

Online street smarts aren't enough. Consider the following steps as well to help protect yourself from harm:

* Install the latest patches and updates for your browser and operating system, and set your computer to run automatic updates. Often, experts say, home users are hit through vulnerabilities for which a patch was available.
* Use spyware-blocking software to prevent, for instance, system monitors.
* Keep antivirus software updated.
* Consider an outside screener for e-mail messages. For instance, 0Spam.Net charges $4.95 a month to individuals to scan all messages for spam, phishing and virus content.

To find out what might be on your computer already, EarthLink and Webroot offer a free spyware detection scan. See Webroot's Web site or go to EarthLink's page.

Some argue that switching software applications can help. "Hackers are writing code for the most popular Web applications," O'Ferrell said, such as Windows and Internet Explorer. "If you run some other browsers like Mozilla ... you will be unaffected by the majority of vulnerabilities."

The Internet Fraud Complaint Center, run by the FBI and the National White Collar Crime Center, details new online frauds and hoaxes, and lets consumers file complaints. Go to the Internet Fraud Complaint Center Web site.

The U.S. Computer Emergency Readiness Team, a partnership between the Homeland Security Department and the private sector, has information on some of the latest viruses and threats, and on how consumers can protect themselves. Go to the US-CERT Web site.

There's probably no way to avoid some risk, no matter where you go online or off. "There is risk to life," said Cassidy, an avid shopper of books online.

"The only thing you can do is update your browsers, update your antivirus and hope fo

[PCBruiser]

Just a quick warning ... AVG has had 4 or maybe even 5 critical updates today for new virii and worms. You should all check that your virus definitions are up-to-date, regardless of which AV program you use.

[wayne_abx]

Quote:

Originally Posted by PCBruiser

Just a quick warning ... AVG has had 4 or maybe even 5 critical updates today for new virii and worms. You should all check that your virus definitions are up-to-date, regardless of which AV program you use.

I had two calles today regarding Win98 and XP both running AVG (FREE) (AVG 6.0.729)

Win98;
NETSKY.P
BAGLE
AVG detected both, then Healed. Upon starting in the GUI, AVG re-detected both, Healed NETSKY.P but this time locked the system down when (locked-up) when Healing BAGLE. Had to go into Safe Mode then un-install AVG to get back into windows. Had to use Tm House Call to remove both the Worms. (new retail AV has been installed)

XP;
NETSKY.P
AVG detected NETSKY.P, Healed. Upon restarting AVG again detected NETSKY.P Healed again then restarted, NETSKY.P had been detected again.
House Call removed the problem, AVG not detecting the Worm after restart. (Owner giving AVG second chance)

The confidents in AVG has been tarnished (IMO) since this isn't the first time I came across this issue Both times, these Worms have got through but was detected (to late), The cleaning (Healing) process needs correcting. I am hoping these issues gets resolved

-wayne

[PCBruiser]

Are you using the free or paid versions. I am using the paid network one for my entire LAN, and that seems to get updated almost daily with new definitions. Considering the threat, you might consider the paid version of something, where I think the vendors take particular care to update things more quickly.

[wayne_abx]

Quote:

Originally Posted by PCBruiser

Are you using the free or paid versions. I am using the paid network one for my entire LAN, and that seems to get updated almost daily with new definitions. Considering the threat, you might consider the paid version of something, where I think the vendors take particular care to update things more quickly.

AVG (FREE) (AVG 6.0.729)

These arn't on my network or any network other then Broadband services nor are they my systems

-wayne

[Goldenfarmb]

PCB, what AV do you use? OR which one do you have the most confidence in? I've been snooping around here for a while and am teetering on nod32 or AVG.

Suggestions??

[PCBruiser]

I have the paid network version of AVG - 5 licenses for my server and other systems on my LAN. I went to that recently after getting rid of Norton. I do like the way AVG works, but haven't yet had any virus issues since installing it, so is it "more effective" than others? Who knows? All I can justify my decision on is that it doesn't take up resources like Norton, and that I haven't had any infections. But, I never had a successful one with Norton either. And the cost was reasonable - $150 for 2 years for the 5 licenses, which isn't bad given the numerous updates they provide - almost daily, and today 4 or 5 of them.

[wayne_abx]

Quote:

Originally Posted by Goldenfarmb

PCB, what AV do you use? OR which one do you have the most confidence in? I've been snooping around here for a while and am teetering on nod32 or AVG.

Suggestions??

NOD32 would be a good choice, I needed outgoing email scan is the reason I chose Tm PC-cillin 04 over NOD32.

In all fareness to AVG, a number of installs I've intalled using AVG have been working flawless. Don't give up on AVG because of a couple of issues I have encountered. Try the FREE addition.

-wayne

[sammy2066]

i just ran the GRC ShieldsUp Test .....

i got 4 green ports ...... and all others are blue .....

and it failed the TrueStealth Analysis .....

now thats good or bad?

[SupDawg]

Quote:

Originally Posted by sammy2066

i just ran the GRC ShieldsUp Test .....

i got 4 green ports ...... and all others are blue .....

and it failed the TrueStealth Analysis .....

now thats good or bad?

What kind of firewall are you running.

[Tuzzi]

Interesting and valuable thread.

I am in the process of getting a Laptop, and creating a wireless network in my home. I will also be keeping my PC.

What would you guys recommend for a good router for a wired, and wireless environment? Thanks

[sammy2066]

Quote:

Originally Posted by SupDawg

What kind of firewall are you running.

ZA security suite .... latest ....

[SupDawg]

Quote:

Originally Posted by Tuzzi

Interesting and valuable thread.

I am in the process of getting a Laptop, and creating a wireless network in my home. I will also be keeping my PC.

What would you guys recommend for a good router for a wired, and wireless environment? Thanks

What's your budget, and how important is secrurity to you?

[sammy2066]

how do i stealth all those closed ports?