• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Viruses Spyware and Spam, Oh My!
 

Viruses Spyware and Spam, Oh My!

on

  • 1,713 views

 

Statistics

Views

Total Views
1,713
Views on SlideShare
1,713
Embed Views
0

Actions

Likes
1
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Viruses Spyware and Spam, Oh My! Viruses Spyware and Spam, Oh My! Presentation Transcript

    • Viruses, Spyware and Spam … Oh, My! A Presentation By Joel May
    • What We’ll Talk About
      • How viruses and spyware get into your computer and what kinds of trouble they can cause
      • Where spam comes from and how to get as little as possible. Also, how to deal with the spam you do get
      • The things you can do every day to protect your computer
    • Just What Are These Things?
    • Just What Are These Things?
      • A virus is a program (or, perhaps, only a small bit of code) that typically attaches itself to some known or trusted program on your system and is executed when the trusted program runs
      Viruses
    • Just What Are These Things?
      • A worm is a program or piece of code attached to a trusted program that tries to copy itself over the network and imbed itself into other unsuspecting users’ systems.
      • A Trojan Horse is a program that allows a cracker a back door into your system. It has usually been planted in an innocuous place that may be hard to find.
      Worms and Trojan Horses
    • Just What Are These Things?
      • Spyware is an analysis and tracking program that has been placed on your computer without your knowledge or (sometimes) through deceit or obfuscation.
      • A relatively benign type attempts to report your activities to advertising providers’ web sites for storage and analysis. The advertising providers often sell this information to others
      • A much more virulent type may take the form of a keystroke logger, tracking every key stroke on your computer
      Spyware
    • Just What Are These Things?
      • Spam is nothing more than unsolicited, unwanted e-mail. At best it is a nuisance; at worst it can introduce viruses, worms, trojan horses and/or spyware into your system
      • It may also take the form of “phishing” - a semi-sophisticated form of identity theft – whereby you are asked for personal information by a seemingly respectable source
      Spam
    • Where Do They Come From?
    • Where Do They Come From?
      • Crackers create virus code as a hobby; just to show that they can do it. They seldom benefit personally from the activity
      • They embed the code in an e-mail attachment or a file designed to be downloaded from the Internet
      • If you open the attachment or execute the downloaded file, your system can (will?) become infected
      Viruses, Worms and Trojan Horses
    • Where Do They Come From?
      • Spyware is (most commonly) found embedded in a web page or (less commonly) piggy-backed on downloaded software
      • When you visit the web page or install the software, the spyware is automatically downloaded to your computer (much like a cookie)
      • There is no way to tell, in advance, which web sites or programs contain spyware
      • Spyware can also sneak into your computer if you use file-sharing services such as Kazaa, Morpheus or Grokster
      Spyware
    • Where Do They Come From?
      • All spyware are cookies, but not all cookies are spyware
      • Thus, there are good cookies and bad cookies
      • Good cookies remember things like your reading preferences, what you last bought on the site, etc.
      • Bad cookies report your browsing habits back to their owners, etc. These are called “tracking cookies.” They often come from third parties.
      • Your spyware programs should identify these and allow you to delete them
      Spyware vs. Cookies
    • Where Do They Come From? Spam
      • Spam is unwanted or potentially dangerous e-mail
      • It arrives in your e-mail programs inbox along with the rest of your e-mail
      • Spammers almost always use false names and false e-mail addresses, so it is difficult or impossible to trace the e-mail back to them
    • Where Do They Come From?
      • Types of Spam (Smart Computing, May 2007)
        • Scams (48%)
          • Advance Fee Scams
          • Body-part Scams
          • Other Sex, Health and Hair scams
          • Get Rich Quick scams
          • Loan Shark scams
        • Pornography (35%)
        • Gambling and Drugs (12%)
        • Viruses (2%)
        • Identify Theft (1%)
        • Benign (2%)
      Spam
    • Where Do They Come From?
      • I tracked the spam I received last yesterday (October 30 th ). During the 24 hour span, I received 122 pieces of spam.
      • 97 of them were screened out by my email provider, Comcast.net
      • 22 were identified by my spam filter, Spam Bully
      • 3 slipped through both screens and had to be removed manually
      Spam
    •  
    •  
    •  
    • What Can They Do To You?
    • What Can They Do To You?
      • Hijack your e-mail address book and send messages containing and (potentially) spreading the virus to people whose names are there
      • Cause your system to function erratically (reboot frequently, cause programs to open or close without your intervention, etc.)
      • Create bot networks, ad-hoc clusters of several thousands computers that, unbeknownst to the user, are being deployed toward some nefarious end.
      • At worst erase some or all of the information on your hard drive (very uncommon)
      Viruses
    • What Can They Do To You?
      • Hijack your home page, add sites to your Favorites list, launch unwanted browser windows
      • Send personal information about you that is contained in your computer to the advertising provider who planted it
      • By logging keystrokes it can accumulate information on your
        • Social Security Number
        • Credit Card Numbers
        • Bank Account Numbers
        • Passwords, etc.
        • In other words, Identify Theft
      Spyware
    • What Can They Do To You?
      • Most spam is not harmful, only annoying
      • Some may contain attachments that can carry viruses
      • The most dangerous are those that are “phishing” for personal information
      Spam
      • ----- Original Message -----
      • From: <support@citibank.com>
      • To: <joelmay@yahoo.com>
      • Sent: Wednesday, March 31, 2004 16:31
      • Subject: Verify your E-mail with Citibank
      • Dear Citibank Member, This email was sent by the Citibank server to verify your E-mail address. You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM. This is done for your protection - because some of our members no longer have access to their email addresses and we must verify it. To verify your E-mail address and access your bank account, click on the link below: https://web.da-us.citibank.com/signin/citifi/scripts/email_verify.jsp --------------------------------------- Thank you for using Citibank ---------------------------------------
    • What Can You Do About Them?
    • What Can You Do About Them?
      • A Firewall (or two)
      • An Anti-Virus Utility
      • Several Spyware Detectors
      • A Spam Filter
      • Vigilance
      • Common Sense
      You Need Six Things to Defeat Them
    • What Can You Do About Them?
      • There are two kinds:
        • Hardware (often built into routers used on networks)
        • Software
          • Zone Alarm (http://zonelabs.com)
          • Outpost (http://www.agniturn.com)
          • Comodo (http://www.personalfirewall.trustix.com/)
          • Windows XP has a built-in one way (inbound only) firewall
          • Windows Vista has a built-in one that is quite effective
      Firewalls
    • What Can You Do About Them?
      • They provide a “wall” around your computer
      • Inbound protection: If a previously unknown remote computer seeks to access yours, the firewall will notify you and ask if you want to allow the access
      • Outbound Protection: If a program on your computer wants to access the Internet, it seeks permission
        • You can grant permission for one-time only
        • You can grant permanent permission
        • You can refuse permission for one-time only
        • You can refuse permission permanently
      Firewalls
    • What Can You Do About Them?
      • In other words, with a full-featured firewall and the necessary vigilance on your part, no information can get into or out of your computer without your express permission
      • You can test to see how well your firewall is working at https://grc.com/x/ne.dif?bh0bkyd2
      Firewalls
    • What Can You Do About Them?
      • When a firewall utility notifies you that there is unexpected activity (either in-coming or out-going)
        • Carefully read the message on the screen
        • If the access requested is something you want to have happen, approve it
        • If you don’t want the proposed activity to occur or you don’t understand the message, don’t let the activity continue
      Firewalls – The Common Sense Dimension
    • What Can You Do About Them?
      • Use Windows Update
      • Watch Startup Processes
      • Watch File Extensions
      • Use Anti-Virus Software
      • Keep Virus Definitions Up-to-date
      • Never Open Questionable E-mail Attachments
      • Don’t Automatically Preview E-mail
      Viruses
    • What Can You Do About Them?
      • Microsoft regularly makes available software updates to the Windows operating systems designed to repair or block security leaks
      • You can configure your computer to download these updates automatically
        • Control Panel > System > Automatic Updates
        • Check “Keep my computer up to date”
      • Or you can perform the updates manually
        • http://windowsupdate.microsoft.com
      Viruses – Use Windows Update
    • What Can You Do About Them?
      • If you use Microsoft Office you should also check
        • http://office.microsoft.com/officeupdate/
      Viruses – Use Windows Update
    • What Can You Do About Them?
      • A virus may insert a program command into the startup process of your computer so that it runs whenever you turn your computer on or reboot
      • Use MSCONFIG (from the RUN dialog on the Start menu), click on the Startup tab and look for unfamiliar entries
      • If you don’t know what to do about an entry, check http://www.answersthatwork.com to find out more about it
      Viruses – Watch Startup Processes
    • What Can You Do About Them?
      • File Extensions are the two, three or four letter “tags” that appear after the period (.) in the file name
      • Why should you care?
      • Some types of files are potentially dangerous and some are not
      Viruses – Watch File Extensions
    • What Can You Do About Them? Viruses – Watch File Extensions You need to watch out for .exe .com .bat .bas .chm .cm .cpl .pif .reg .scr .hlp .sct .shs .inf .mdb .vb .vbe .vbs .wsf .wsh And some other, less common ones as well
    • What Can You Do About Them?
      • If your computer doesn’t display these extensions
        • In Windows Vista, XP and 2000
          • Run Windows Explorer, open the Tools Menu and choose Folder Options
          • Click on the View tab and remove the check mark on “Hide file extensions for known file types” by clicking on it
        • In Windows 98 and ME
          • You’ll find the Folder Options in the View Menu rather than the Tools Menu
      Viruses – Watch File Extensions
    • What Can You Do About Them? Viruses – Watch File Extensions Step 1: Step 2:
    • What Can You Do About Them? Viruses – Watch File Extensions Step 3: Step 4:
    • What Can You Do About Them?
      • Some of the most popular are
        • Norton Antivirus (http://www.symantec.com) $49.95
        • McAfee Viruscan (http://www.mcafee.com) $34.95
        • Kaspersky Anti-Virus (http://www.kaspersky.com) $49.95
      Viruses – Always Use Anti-Virus Software But ONLY ONE
          • AVG 6.0 (http://www.grisoft.com) Free
          • AntiVir Personal Edition (http://www.free-av.com) Free
          • Avast! Home Edition (http://www.avast.com) Free
    • What Can You Do About Them?
      • These typically provide for updating of the virus definitions for one year following purchase
      • After that, you must renew your subscription or buy a new edition of the software
      Viruses – Always Use Anti-Virus Software
    • What Can You Do About Them?
      • The Anti-virus software is typically (by default) set to scan all of your files and all incoming e-mail constantly
      • If it detects a virus, it will offer to delete the file containing it or to quarantine the file
      • Try deleting first. If that doesn’t work, try quarantining (this instructs the software to attempt to put a barrier between the virus code and the rest of your computer)
      Viruses – Always Use Anti-Virus Software
    • What Can You Do About Them?
      • These are like dictionaries of viruses
      • If a new virus has been release since the last edition of the dictionary, it will not be recognized by your anti-virus software
      • Thus, it is important to keep the definitions up to date
      • The software can be configured to do this automatically on a pre-determined schedule, or you can do it manually
      Viruses – Up to Date Virus Definitions
    • What Can You Do About Them?
      • Never open e-mail attachments received from someone you know without checking for viruses first
      • Never open e-mail attachments received from someone you don’t know under ANY circumstances
      Viruses – Never Open Questionable E-mail Attachments
    • What Can You Do About Them?
      • Some recent viruses can infect your system when you simply look at the contents of the e-mail message
      • To turn off the Preview screen in Outlook Express
        • Open the View menu and choose Layout
        • In the lower half of the dialog box, click on “Show Preview Pane” to remove the check mark
      • NOTE: You can’t do this in AOL
      Viruses – Don’t Automatically Preview E-mail
    • What Can You Do About Them?
      • Viruses always come from outside your computer, either by
      Viruses – The Common Sense Dimension
      • - An infected e-mail (most common)
        • - An infected file (sometimes)
        • - An incursion by a cracker (rarely)
      . Thus you should be extremely careful and continually aware of the traffic between your computer and the outside world (e-mail and web browsing)
    • What Can You Do About Them?
      • Never open a file or an e-mail attachment unless you are ABSOLUTELY SURE it does not contain a virus
      • Always run a virus check before opening it
      Viruses – The Common Sense Dimension
    • What Can You Do About Them?
      • There is really very little you can do to prevent your computer from being infected with spyware
      • Practice Safe Browsing
        • Use real-time spyware blockers (only partially effective)
        • Avoid free file-sharing programs (Kazaa, Grokster, Morpheus)
        • Many spyware programs are hidden in pop-up ads. Either block them or don’t click on them
      Spyware
    • What Can You Do About Them?
      • Before you download any program, browser tool bar, or an ActiveX application, enter its name in your favorite search engine (or go to http://find.pcworld.com/42942) to find out if it’s spyware
      Spyware
    • What Can You Do About Them?
      • Anti-Spyware Software
        • Ad-Aware (http://www.lavasoftuse.com) Free; Plus version $26.95
        • Spybot Search and Destroy (http://www.safer-networking.com) Donation
        • Spy Sweeper (http://www.webroot.com) $29.95
        • McAfee Internet Security 2004 (http://www.mcafee.com) $69.95
        • Norton Internet Security Tool (http://www.symantec.com) $69.95
      Spyware
    • What Can You Do About Them?
      • As with Anti-Virus software, these programs can only detect spyware that they know about
      • So it is important to keep the definition files up-to-date (weekly?)
      Spyware
    • What Can You Do About Them?
      • Deletion or Quarantine
        • When a spyware program is discovered, try deleting it first. If this is not possible, try to quarantine it
      Spyware
    • What Can You Do About Them?
      • Some spyware programs embed themselves so deeply in your computer (files and registry) that none of the anti-spyware programs can remove them
      • (or, the program reports that they are removed, but when you reboot, they reappear)
      • Key-loggers are the most notorious in this respect
      • If this happens to you, you can try CWShredder (http://www.spywareinfo.com)
      Spyware
    • What Can You Do About Them?
      • Be aware of where you are surfing
      • Don’t click on pop-ups
      • Run anti-spyware software on a regular basis and keep the definition files updated
      Spyware – The Common Sense Dimension
    • What Can You Do About Them?
      • Many ISPs provide spam-blocking services, but they are notorious for being too arbitrary
      • Legislation has been proposed (and adopted in CA and UT) which uses a sort of “caller-ID” approach, requiring spammers to give their true addresses
      Spam
    • What Can You Do About Them?
      • If you are receiving lots of spam at your current email address, you have little choice but to change addresses.
        • Gmail (mail.google.com)
        • Yahoo (overview.mail.yahoo.com)
        • Hotmail (get.live.com/mail/overview)
      Spam
    • What Can You Do About Them?
      • Prevention:
        • Don’t give your e-mail address to anyone you don’t want to hear from again
        • Use a false or self-destructing e-mail address when registering on web sites
          • Spam Gourmet (http://www.spamgourmet.com) free
      Spam
    • What Can You Do About Them?
      • Prevention (Contd):
        • Watch out for those checkboxes
        • Don’t post your e-mail address on a web site
          • www.spam-proof-email-generator.com
        • Don’t ever unsubscribe from spam
        • Use a spam filter
      Spam
    • What Can You Do About Them?
      • There are many software programs available for blocking spam at the level of the individual user:
      Spam
      • Black-lists (create a list of addresses you don’t want to hear from and lets through addresses not on the list)
      • White-lists (create a list of addresses you do want to hear from and block all addresses not on the list)
    • What Can You Do About Them?
      • There are many software programs available for blocking spam at the level of the individual user:
      Spam
      • Challenge/Response (creates both a black list and a white list. When an e-mail from an address not on either list arrives, a “challenge e-mail” is returned to the sender. If she/he responds, the e-mail is passed through and the address is added to the white-list)
    • What Can You Do About Them?
      • There are many software programs available for blocking spam at the level of the individual user:
      Spam
      • Beyesian (uses a probability theory approach to analyze the address, subject and text of an in-coming e-mail in order to classify it as good or not. Learns from experience)
    • What Can You Do About Them?
      • Spam Filtering Software:
        • Spam Inspector (http://www.giantcompany.com) $29.95
        • Spam Eater (http://www.regnow.com) $24.95
        • Qurb (http://www.qurb.com) $29.95
        • EmailProtect (http://www.contentwatch.com) $29.99
        • MailFrontier (http://wwwmailfrontier.com) $29.95
        • ChoiceMail One (http://www.digiportal.com) $39.95
        • Spam Bully (http://www.spambully.com) $29.95
        • Mailwasher (http://www.mailwasher.net) Donation; Pro version $37.00
      Spam
    • What Can You Do About Them?
        • Don’t give your e-mail address to anyone you don’t want to hear from again
        • Delete all questionable messages without reading them or opening attachments
        • Remember that AOL, eBay, your bank or credit card company and other web sites related to your money will NEVER send out requests for passwords, PINs, or other sensitive information via e-mail
      Spam – The Common Sense Dimension
    • What Do I Do About Them?
    • What Do I Do About Them?
      • In Real Time:
        • Sygate Firewall ( www.sygate.com ) Free
        • Hardware Firewall (router on home network)
        • AVG Anti Virus ( www.grisoft.com ) Free
        • Spyware Doctor ( www.pctools.com ) $29.95/year
        • WinPatrol ( www.winpatrol.com ) $29.95
        • McAfee Site Advisor ( www.siteadvisor.jp ) Free
        • Windows Update
        • (start>control panel>security center>updates: ON)
    • What Do I Do About Them?
      • Daily:
        • Advanced WindowsCare ( www.iobit.com ) Free
        • Acronis True Image Backup ( www.acronis.com ) $49.99
    • What Do I Do About Them?
      • Weekly:
        • CCleaner ( www.ccleaner.com ) Free
        • PCP Optimize ( www.pcpitstop.com ) Free
        • Spybot Search and Destroy
        • ( www.safer-networking.com ) Donation
        • AdAware ( www.lavasoftusa.com ) Free
        • Spyware Doctor ( www.pctools.com ) $29.95/year
        • AVG Anti Virus ( www.grisoft.com ) Free
        • Registry Mechanic ( www.pctolls.com ) $29.95
        • Chkdsk (start>run>type “cmd”>type “chkdsk c: /f)
    • What Do I Do About Them?
      • Monthly:
        • Disk Defragmenter
        • (Start>All Programs>Accessories>System Tools>Defrag)
        • Secunia Software Inspector
        • (Secunia.com/soft_inspector/) Free
      • Annually:
        • Open the case
        • Vacuum out the dust
        • Check the cables
    • What Can You Do About Them?
      • Keep Windows up to date
      • Check start-up processes
      • Use anti-virus and anti–spyware security programs
      • Keep all security programs up to date
      • Surf safely
      • Don’t give out your address indiscriminately
      • Be wary of attachments
      • Don’t answer spam
      Summary
    • Google and AARP to the Rescue
      • Google has teamed up with AARP to launch a new video series that provides helpful, easy-to-understand tips on how to stay safe online
      • It includes pointers on how to set privacy controls in online photo-sharing sites, configure firewalls to protect your computer, select safe and secure passwords for your online accounts, shop safely online, and avoid phishing scams.
      • http:// snipurl.com/aarptips
    • While the people retain their virtue and vigilance, no agent, by any extreme of wickedness or folly, can very seriously injure. - Abraham Lincoln
    • The End