According to the Anti-Phishing Working Group (APWG) email scams also known as phishing attacks claim more than 2,000 victims each day from more than 75 million phishing emails that are sent each day. The APWG also claims that these email scams steal close to $1 billion a year from its victims.

Phishing (pronounced fishing), is online identity theft that uses spoof emails, fraudulent websites and crimeware to trick unsuspecting internet users into providing financial data, credit card numbers, social security numbers, account logins and passwords, etc.

These email scams (spoof email) mimic legitimate companies such as banks, credit card companies, investing companies, paypal, ebay, etc. These fraudulent emails look like they are from the "real" company; many even include the real company’s logo. Generally these emails try to convey a sense of urgency; if you don’t correct this problem your account will be suspended.

The spoof email may state that there is a problem with your account and if you do not log in and update your information your account may be suspended, restricted, terminated, or something similar. They may also request user name, passwords, credit card numbers, social security numbers, etc.

Protecting yourself against phishing and email scams.

1. Do not give out personal or financial information through an email request.

2. Always log on to your sensitive accounts by opening a new browser and typing the actual URL directly into the address bar. For example, if you receive a suspected phishing email from ebay, open a new browser and type "www.ebay.com" in the browser bar.

3. Do not click on any link in a suspected phishing email.

4. Do not open any attachments in a suspected email scam.

5. Only use a secure website to submit sensitive data. A secure sites’ address will begin with https:// instead of http://

6. Check the activity of your online accounts regularly and check for fraudulent activity.

7. Make sure your browser is up to date and all security patches are installed.

8. Report phishing and spoof email to: reportphishing@antiphishing.com , spam@uce.gov, and forward the email to the company that is being spoofed.

9. Keep your PC protected with updated anti-virus software, anti-spyware software, and a firewall.

10. You may want to install an anti-phishing toolbar such as Earthlink ScamBlocker which alerts you before you visit a known fraudulent website. It’s free and can be downloaded at http://www.earthlink.net/earthlinktoolbar

As email scams are on the rise and with the consequences being identity theft, it is important that you increase your awareness and learn to protect yourself from these fraudulent attacks. With more than 75 million phishing emails being sent every day it’s only a matter of time before you receive one. By following the above tips you will protect yourself from many email scams and the possible financial consequences.

Lisa Smith makes it easy to increase your online privacy in her newest book, "Internet Safety Tips & Resource Guide. How To Increase Your Online Privacy and Security." To download a free copy and have free internet safety & security articles e-mailed to you every month visit: Email Scams and Phishing

As the number of people using the Internet as an integral part of their daily life grows, it is inevitable that the number of Internet Scams will grow. Unfortunately there are many forms of scams but in this article we will look at three of the most prominent.

419 fraud or “Nigerian Scams”

Also known as advanced fee fraud (AFF), 4-1-9 scams are named after the section of the Nigerian penal code that deals with fraud. Although originally originating in Nigeria these scams can originate from anywhere. If you fall for one of these at best you will lose thousands of dollars; at worst you will lose your life. These usually start with an email from a bank official or the relative of a recently deceased African president or a government minister informing you that they have access to millions of dollars but need your help to get the money out of the country. The end result is that when the deal is threatened you will be asked for money to secure the release of the funds. Do not under any circumstances reply to these letters, people have been murdered while following up with these scams.

Phishing

Phishing scams can be very elaborate, scammers send out emails to millions of internet addresses purporting to be from a financial institution, and requiring you to log in and confirm your details. The email looks authentic and contains a link that you need to click. If you happen to have an account at the bank featured in the scam then it’s a very natural thing to click the link and login to “your” account except it’s not your account or even your bank. It will be a website setup by the scammers to extract as much information from you as possible, Name, Address Credit card details, Bank login, Password, PIN number etc. Once they have these details it is very likely that will have access to your funds and in the worse case your identity. Avoid these scams by never clicking on a link in an email like these, Banks do not sent out emails requesting you login and confirm your details.

Vehicle Sales Fraud

If you place an advert online to sell a car, boat, or motorcycle you will probably receive one of these scam attempts. You will receive an email from abroad saying that they would like to buy your vehicle and arrange shipping. Once you agree you will get a check or bankers draft in the mail within a few days for the amount you asked for the vehicle PLUS the shipping fee you will then be asked to contact the shipper and pay him the extra amount. If you are sensible you will wait for the check to clear then pass on the shipping fee. This is what the scammers expect, the check will only bounce about 3 weeks to a month later at which point your bank will take back the money leaving you short of the shipping money. The best way of avoiding this fraud is not to sell your vehicle to someone who wants to pay the shipper.

I hope all this hasn’t scared you away from the Internet, If you are sensible and wary about offers that seem too good to be true then you should be Ok, just apply the same commonsense you use in everyday life, after all if a stranger walked up to you in the street and said “Hi I am from your bank what’s your credit card number and PIN” would you give it to them?

Mark Thompson ran an IT consultancy in London for many years . He now live in Spain and runs an number of websites including The Income Site

It’s late. You’ve been scouring the web for that perfect present for your Aunt Bess in Idaho. You finally find it at presents4aunties.com. The site looks a little rough on the edges, weird colors and such. But they have that gift you know will make Aunt Bess add you to her will. You purchase the gift, log off and head to bed. Tired but happy.

The next day, coffee in hand, you turn on your computer. That’s strange you say, it’s awfully slow this morning. Finally it’s booted and ready to go. You open your browser to check the Cow Tipping Blog for the latest posts. What’s this you say, My Homepage is now longer the Blog, but a site trying to sell me a DVD of the Smurfs vs. the Terminator! Oh well you say, not quite fully awake. You type in the URL for your Blog and wait. And wait, and wait. Finally it’s up! You start to read the mornings postings. You’re into the second post about the upcoming Cow Tipping Championship in Vegas when a Popup appears and says you need to go to heartburngone.com for the new revolutionary cure for heartburn. Click here now it says and receive a free gift, the secret cure for Baldness! Weird you think, you click the X to close it. You don’t realize by clicking the X that a small hidden piece of code has just been downloaded to your computer. You finish the Blog postings and decide to check your Bank Account. You type in the URL and wait, and wait. Finally the Bank Logon appears. You log in, completely unaware of the code, which is actually a Keylogger, is recording your every keystroke. The Transaction is there for Aunties gift, you’re so happy. You log off and remember you forgot to email that document for your Boss. That’s ok you say, I can log in from here and send it! Technology is so great ! You log into your work portal and access your email program, find the document, attach it to the email form and send it. You vaguely remember it had something to do with the updated personal info list for all of the employees at your job. It includes their Addresses, email addresses and Direct Deposit Account numbers, also their Logon Names and Passwords to access the Computers at work. Darn you say as another Popup appears, what’s wrong with this computer?

Well at least you didn’t forget the Bosses Document. Wouldn’t want to get in trouble with the Boss. You’ve a great job, working for the Trans Global Bank after all. Offices all over the world don’t you know. Well time to check your Anti-Virus program for updates. Hmmm it says no updates kneeded. You notice the miss-spelling but what the heck, those things happen. Geez the computer is really slow! You decide to reboot, hoping that will fix it. Gripes, now it won’t even boot! At least there’s a little extra money in the ole Bank Account to get it fixed. The above is fiction. No animals were harmed. But it’s scary huh to think it could happen. Granted it’s a worse case scenario, but I wonder…

Be smart out there people, learn how to use your Anti-Virus and Anti-Spyware programs. Keep them updated, and it they don’t work well for your surfing habits, find programs that will. Keep your computer protected, your well being may depend on it.

About the Author: Doug Woodall has a website at http://www.spywarebiz.com There he provides free information and recommended products to combat Spyware. He is a member of the IWA (International Webmasters Association) Article edited for proper content by Wendy McCallum Permission to copy ok as long as about author info remains with article.

Copyright 2005 SpywareBiz

Paypal is a great site and is used by many to send and receive money. Unfortunately some dishonest people are using the Popularity of Paypal to line their own pockets with gold at the expense of unsuspecting Pay Pal members. These paypal Scam Artists will try to get your Paypal ID and password so they can Login then Clean out your Paypal Account of all funds. Paypal is fully aware of this problem and is doing everything possible to stop this. Unfortunately if someone logs into an account with a valid Id and Password it is very hard for Paypal or any other secure site for that matter to stop it. As a Consumer you need to be educated so you can protect yourself.

A Typical Paypal Scam Artist will send you an e-mail requesting that you update your account. Often this request to update your account is made under some false pretence like it is suspended or has been suspected of Fraudulent use. Here is a Copy of a recent Paypal Scam E-mail I received http://ewguru.com/hbiz/scam.html. You will notice the Pay Pal Link on this page looks real. Don’t click it. You can however do a right click properties and notice that it is in fact a phony link.

Paypal has an excellent online Article about how to spot Fake E_mails. Much of the Material in this article is derived from the paypal site http://www.paypal.com/us/cgi-bin/abuser?cmd=kept/general/SecuritySpoof

Here are 7 ways to spot a Pay Pal Scam E-mail and Protect Yourself from Identity Theft

1 - Wrong E-Mail Address

Any E-mail Sent to an E-mail Address that is Not Your Primary Pay Pal E-mail Account is more then likely a scam.

2 - Fake links

After you click on the Link if it doesn’t Start https://www.paypal.com then it is a Fake Link. Even if it says Paypal in it somewhere it is a Fake Link. The term "https" should always precede any website address where you enter personal information. The "s" stands for secure. If you don’t see "https," you’re not in a secure web session, and you should not enter data. (This goes for any payment Processor including your online Bank Accounts)

3 - Subject Lines

Subject like Please Restore Your Account Access.

4 - Generic greetings

Lot’s of emails begin with a Greeting, such as: "Dear PayPal member. Paypal knows the name you used when you registered your account

5 - Action Required Now

Many Fake emails try to trick you with the threat that your account is in jeopardy if you don’t sign in and fix it NOW!

6 - HTML Emails

Emails that appear to be websites. Some emails will look like a website in order to get you to enter personal information. PayPal never asks for personal information in an e-mail.

7. Misspellings and bad grammar

Fake emails may contain misspellings, incorrect grammar, missing words. Many Times these are used to trick the E-mail Filters

A quick review

If you receive an E-mail with a Link requesting you to click on the link and sign in to your Pay Pal account, Don’t Do It!

If you receive an E-mail with what looks like a Paypal Sign in Form, Don’t Sign in!

If you are unsure if the e-mail is Real or fake forward it to spoof@paypal.com and request assistance.

If you absolutely must login to your pay pal account then I would highly recommend you do the Following. Close all open Browser sessions. Run a Spyware check on your computer You can get a free Spyware program here (http://www.download.com/Spyware-Doctor/3641-8022_4-9063584.html) then type in https://www.paypal.com/ directly into your Browser window do not click on any links.

Mike Makler has been Marketing Online Since 2001, When he built his first Sales organization of over 100,000 Members.

About The Author:
Mike Makler has been Marketing Online Since 2001 When he Built an Organization of over 100,000 Members

Get Mike’s Newsletter:
http://ewguru.com/newsletter

More Articles by Mike:
http://ewguru.com/tips

Copyright © 2005-2006 Mike Makler the Coolest Guy in the Universe

[You have permission to publish this article electronically or in print, free of charge, as long as the bylines are included. A courtesy copy of your publication would be appreciated getarticles At Ewguru .Com]

In the past I’ve never really paid much attention to security issues when it comes to user names and passwords. Frankly I figured it was all a lot of overblown hype. This led to an unfortunate incident that involved my website being attacked, apparently by a skillful youth with a propensity for mischief.

The main security flaw with my website was probably the simple fact that the username and password were exactly the same. Granted I did realize that this wasn’t highly intelligent but I didn’t have the power to change it myself, and I didn’t think it really mattered enough to bother about it. Having an identical username and password is a massive “no-no” in computer security. Your username and password should not even be related along the same line of thought. A username of “Dragon” and a password of “Fire” is not a secure combination.

For maximum security, passwords should not be cohesive words or phrases and should not be too obviously related to something like your birthday or the birthday of someone close to you. Personal information is one of the first things used when people attempt to break passwords. Having a password of “Password” is indeed humorous and ironic but it is not in the least bit secure.

A “brute force” password hacking technique involves using certain rules and guidelines to take a guess at possible passwords and generally works through a dictionary of sorts, trying combinations of possible words and common characters. Your best bet at creating a secure password is to pick a random collection of letters, numbers, and symbols, including varying case changes (in a password the letter “a” is not the same as the letter “A”, so alternating at random between upper and lower case will increase the difficulty encountered in cracking your password). Selecting a sequence of characters on the keyboard (such as “asdf” or, worse, “1234”) definitely does not create a secure, random password.

Having symbols in your password is an easy way to greatly increase security. These are the special characters accessed by holding the “Shift” key and pressing one of the numbers at the top of the keyboard. If you want to truly expand your arsenal of special characters, try holding down the “alt” key and pressing a combination of numbers on the num pad (the rectangular collection of numbers on the right hand side of most keyboards) then release “alt”. For example, holding “alt” and pressing numbers, 1 then 6 then 8 and releasing “alt” will give the character “¿”. Most combinations of 3 numbers will enter a different symbol into your password. This may make it a little harder to enter your password but it makes it a lot harder for anyone else to crack it.

To make passwords easier to remember you can use something original, like the name of your favorite character in a book (personal information that other people won’t know). Then add some numbers to it, perhaps use the “Leet speak” (check http://en.wikipedia.org/wiki/Leet for exact definition) method of changing letters to numbers and generally mix things up so that to you it seems coherent and memorable but to an automated pattern recognizer it seems random. For example, “jAm35_5m1Th¿” (“James Smith”) is actually surprisingly secure. In this case the password’s meaning is obvious to a human reader but it will take a lot of work for them to divine the password without prior knowledge.

For additional security you should not use the one user name and password for every account that you have. If you do and someone manages to get hold of your details for one site they pretty much have the run of your digital life. It is not particularly vital to have perfect passwords for less important accounts (e.g. web based email from Hotmail, forums you visit etc.). These sites can quite happily be accessed using the same password. However, bank accounts, work email etc. should be made as secure as possible.

Hopefully a few of these tips will assist you in making your online activities more secure. Keep these guidelines in mind, change your password on a semi regular basis, and with any luck you’ll be able to avoid the hacking menace that befell me.

M6.Net Web Helpers

With the Internet entering our lives in such an explosive manner, it was inevitable that Internet security issues would follow as well. While credit card frauds are an offline security problem that has been carried over to the Internet as well, spamming and phishing are uniquely Internet security hazards.

Spammers are an Internet phenomenon that have been given great encouragement by the distribution of free scripts. Free scripts and free downloadable software are one of the greatest attractions of the web. Unfortunately, they are also one of the biggest security risks the Internet offers.

Spammers use free scripts to their advantage very ingenuously. Refer-a-Friend scripts are a great asset on any site. They allow visitors to recommend a site to their friends. And, by simply a Refer-a-Friend script, a Webmaster can increase traffic on his website at zero cost!

Unfortunately, Refer-a-Friend scripts that don’t have built-in security features are a popular tool with spammers as well. When your site visitor enters friends’ e-mails, the insecure Refer-a-Friend scripts capture those e-mails and collates them into a Spam database.

The spammers then use the e-mails to create illegal lists and sell them for a profit or send large quantities of Spam. This can result in major damage for your website from loss of consumer loyalty and trust to deactivation of your e-mail privileges by your hosting company to even disbarment from your web server.

It thus becomes vital that any Refer-a-Friend script that you choose to install on your website must have a security feature. The scripts should limit how many people can be e-mailed at one time and how many e-mails can be sent within a limited period. It can also set a delay before the form can be used again. One of the most effective security features is to get visitors to enter a randomly generated visual code, which is not readable by Spam software. Forewarned is forearmed.

Patti Santee and the programmers at PhpVille.com help affiliate marketers increase traffic by adding interactive features to Websites. Stop by and check out PhpVille’s current special offers.

Viruses, Trojans and Spyware: Protecting yourself.

No user on the internet is safe from assault. Viruses, Trojans and Spyware can all effect your computer by placing annoying ads, tracking your credit card numbers, or even slow it down to a certain extent it is deemed no longer usable. By following through these simple steps, you can help protect yourself from the internet.

High CPU Usage: If your computer seems to be slower than usual, it is very likely that you have been infected. Background services can slow down your computer, and to check performance, enter Task Manager (Ctrl+Alt+Delete). Then, click on the processes tab. You will be able to see active processes that are running. To find what should be running on your computer, visit http://www.theeldergeek.com/services_guide.htm.

Check your level of protection: A good way to know whether you are safe or not is by using security tools. Here are some you should try out: NeWT 2.1: This is a very simple tool to use, and it scans for more than 4000 common security vulnerabilities. Download NeWT here: http://www.tenablesecurity.com/newt.htm Sumantec security check: This is a free service provided by Symantec. Simply visit here (www.sumantec.com), then select Scan for Security Risks. It will only tell you what vulnerabilities you have, but however it won’t tell you how to fix them. Infinitive! Port Scanner: Our very own online port scanner! http://infinate.x10hosting.com/phport

Update Yourself: Install all the latest update possible. Service Pack 2 is a good way to start if you’re running Windows XP. Enable Automatic Updates, and make sure you have the latest updates on your PC.

Safe Surfing: Due to Internet Explorer’s high popularity, it is usually safe to change altogether. A common program now is known as FireFox (www.mozilla.com/products/firefox), which is fast, responsive and similar to Internet Explorer. However a major flaw with FireFox is that you will need to install additional plug-ins in order for you to view certain pages.

Make Regular Backups: Prepare for the worst. Make regular backups of your important files and store them on a type of offline storage.

Don’t open suspicious links: If you are sent a link you are not sure about, do not open them, Simple. Another good way is to avoid suspicious sites altogether. Many programs too, bundle with spyware, so when you download them make sure they are stated "Freeware", nothing else.

Program Protection: Use Anti-Virus and Firewall software. McAfee is a highly recommended product over Symantec, but there are also other free anti-virus/firewall software online such as NOD32. http://www.nod32.com/

If you have been infected: Find cleaning instructions online on sites such as http://vil.nai.com. It will tell you where to locate your infection, and where to find and remove it. System Restore is also a good option on Windows XP. To use System Restore, go to Start, All Programs, Accessories, System, System Restore. Simply click a restore point and reboot.

You can also remove viruses using the programs listed under Program Protection. To remove Spyware, Spybot S&D (http://www.safer-networking.org/en/index.html) is a free yet useful tool to use.

All articles are written by Infinitive!

Infinitive! http://www.infinate.x10hosting.com You may reproduce and use this article just so long as you add a link (http://www.infinate.x10hosting.com) down at the bottom.

Infinitive! All the latest articles, tools, news, file hosting and more!

The menacing campaigns that drive the corporate spyware and adware market is developing way out of hand. Who are these companies and how do they get away with it? They are costing computer users millions with their sneakware system of promotional crap!

We have some serious problems. These narcissistic bugger programmers that develop application and browser hijackers, pop-up pushers, adware scams and other bogus blots of code that only make life worse, need to be taught a lesson or two. They are like fleas, pesky taggers, used gum thrown on the pavement that you just stepped in, but way worse. And for what reason? Advertising?

The graffiti artist or “tagger” is trying to make a name for himself by either creative representation or pure mass distribution. Hey, you are all annoying, you are all vandals, but really, your destruction is trite. We are not afraid of you we just think your art is ugly.

Of course you can get some bug spray or clean your shoe, but these hijacks will cost you a whole lot more. Oh yeah, I have seen massive amounts of destruction brought about by malicious code, and I am not talking about viruses.

Let’s Reason

Truthfully, I think we need to intervene and get a hold of this situation. There are companies that produce “hijackers” for the sake of advertising. But that code has grown far too chaotic to serve as any means for honest advertising. I am hired every day to fix problems brought about by certain American corporate advertising campaigns.

Most of us have experienced the various “Trojans” that hijack your Internet browser start and search pages, changing them to some site that they are advertising for, let alone the formidable “about.blank” page. The Trojan then makes it difficult to change these setting back, often requiring Registry edits and special removal tools just so you can get back to easy Internet browsing.

Let’s look at some industry specifics.

One of the largest Adware agencies WhenU.com of New York, distributes its software piggybacked on popular “free” applications downloaded from the Internet. Once on your computer, it then distributes advertisements in the form of pop-ups to your desktop as you browse the Internet. Who’s to blame in this scenario, WhenU or its clients that actually pay WhenU to distribute their ads? Merck, T-Mobile, Priceline, Verizon, to name a few.

And mortgage brokers. I would say that 50% of all the spam I receive is based around some untrue promise about an enormously low interest rate for which I qualify. Strange, most of the junk mail I get in my street mailbox is the same crap. WHO FALLS FOR THIS? It must work if the junk keeps coming and coming.

I am not talking specifically about spam here, that is a story in itself, but I am talking about unfair marketing techniques that need to be controlled. We all see our fair share of mortgage company pop-ups, don’t we?

Give me the shotgun!

The worst of the worst are the various toolbar distributors that promise a better Internet experience. CoolWebSearch, Hotbar, WyWebSearch, and the horrid “My Search Assistant” which mutates itself if you try to uninstall it. How creepy is that? Every time you uninstall the hijacker, it places itself in a different spot on your computer and renames itself, so the next time you restart your PC, it re-installs. Trust me, the longer you keep this program on your system, the worse your system gets. More and more pop-ups which lead to more spyware and adware and the resolution is horrendous. Wipe and reload.

The Reverence

Bow down to the savior of smart computing. Learn to understand how your system gets infected. Learn to use the appropriate spyware and adware prevention programs and removal tools. Learn to get some help before it is too late. The difficult part if finding who to trust.

That’s where I come in.

Greg Richburg a Microsoft Certified Systems Engineer and the owner of Netricks, Inc. a network consulting, web design and hosting company in California. As well, Greg runs a web based distributorship for Ujena swimwear and clothing. Please visit My Shop Girl Sexy Swimwear and Web Bikini Store and Clothing for Women for details.

All past articles written by Greg Richburg are available at Netricks Tech News.

In recent days, I was one of the unfortunate persons to receive the "Mydoom" worm emails. Not just one, but at least forty appeared in my popserver mailbox. As frustrating as it was deleting all of these nasty little boogers, I realized that some of these "worm" emails even came from persons I knew - or so I thought I knew.

The problem with the "Mydoom" email worm is that it specifically targets email addresses with the following extensions:

• .htm
• .sht
• .php
• .asp
• .dbx
• .tbb
• .adb
• .pl
• .wab
• .txt

Furthermore, it sends "get" requests to target domains and uses direct connections to port 80. It will also attempt to send email messages using its own SMTP engine. The worm is successful by using a mail server that a recipient uses or local server as well. Some strings to these target domain names are:

• gate.
• ns.
• relay.
• mail1.
• mxs.
• smtp.
• mail.
• mx.

The "Mydoom" worm will have subject headings such as:

• "Returned Mail"
• "Delivery Error"
• "Status"
• "Server Report"
• "Mail Transaction Failed"
• "Mail Delivery System"
• "Hello/hello"
• "Hi/hi"

What persons need to realize is that even if you "know" the sender, you must make absolutely sure that any attachments are specifically clarified from the sender before you attempt to open these suspect emails. Most worms and viruses are spread directly through attachments. Unless you are expecting an attachment from a person you know, be cautious. Do NOT open attachments unless you are absolutely positive that your known correspondent has actually sent it to you. Another thing to remember is that the "Mydoom" worm ranges from 6,144 bytes to 29,184 bytes in size and can affect Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, and Windows XP. Luckily, if you have DOS, Linux, Macintosh, OS/2 or UNIX, your systems will not be affected by the MyDoom worm.

For those of you who share files through Kazaa, there is a new worm with aliases such as Worm.P2P.Apsiv (Kaspersky) and W32/Apsiv.worm!p2p (McAfee) and seemingly affects Windows systems 2000, 95, 98, Me, NT, Server 2003 and Windows XP. The damage profile has not yet been assessed, but it would be a good idea to steer clear of this one as well.

"Keylogger.Stawin" is probably one of the nastiest viruses as it attempts to steal a user’s online banking information. A Trojan is distributed through email messages with the subject line, "I still love you," and has a "message.zip" attachment. Affecting the same vunerable systems as mentioned above, Keylogger records keystrokes and has the ability to steal personal, financial information. A few systems that Keylogger monitors are window titles such as "PayPal," "Logon," and numerous other window titles associated with banking logins.

Common Hoaxes

A popular hoax circulating the Internet is an email titled, "FREE M &M’s." Sorry guys - no M & M’s here. More recently, you may have received the "Life is Beautiful" virus … er, hoax. The "Life is Beautiful" virus is not real and should be ignored. This is only a scare tactic that causes unwarranted fears and concerns.

In closing, the Internet is a massive electronical world filled with infinite bits of information. When using your "key" to this magnificent but vast window of versatile knowledge, it pays to use logic when distinguishing hoaxes from real threats such as viruses and worms.

• To learn more about current viruses and worms, visit: http://search.symantec.com/custom/us/query.html
• For an updated listing of current email hoaxes, go to: http://securityresponse.symantec.com/avcenter/hoax.html

Copyright 2004 - All Rights Reserved
Computer Viruses, Worms and Hoaxes
by C. Bailey-Lloyd

About the Author: C. Bailey-Lloyd - Author of "Somewhere Along the Beaten Path"

Feel free to visit Media Positive Radio — Providing a positive and uplifting listening experience - All the Time! Featuring the finest music from Independent and Mainstream musicians all focusing on the power and greatness of every individual as well as the collective power of unity and brotherhood.

NOTICE: Article may be republished free of charge as long as Author Resource Box (above) is included, and ALL Hyperlinks REMAIN in tact and active.

Threats we ordinary Web users face online leave us no choice but learn. Haven’t you noticed how many new things you learned lately? We are much better informed about malicious programs than just a year ago.

This section of our vocabularies grows rapidly: now we all know what a "keylogger" is,"worm" for us has something to do not only with zoology, nor a "Trojan Horse" with Ancient Greek literature. We are getting better at avoiding such scams as phishing, and this word doesn’t look like a spelling mistake anymore.

We Web users are getting smarter — at least the numbers from the recent survey by the Pew Internet and American Life Project say so. The study shows that 91% of respondents (adult Web users from the USA) have improved their online behavior in one way or another.

81% of respondents have become more cautious about e-mail attachments.

People are also avoiding certain Web sites (48%), using file-sharing networks less often (25%), and even switching browsers (18%).

But, alas… As Web users get wiser, cybercriminals become more insidious and commit more sophisticated crimes.

More people are now aware of a worm, virus or Trojan which might be hidden in a spam email attachment — for cybercriminals it means that spam becomes less "effective" means of spreading malware.

Why they are spreading malware? What motivates them? Money, of course.

All security experts are at one in thinking that " cybercriminals are primarily motivated by financial gain". In other words, they prefer cash to fun. Instead of doing mischief just for the h… of it, they steal money. Big money.

Along with other unlawful activities, cybercriminals are actively hunting for valuable data that can be turned into cash. Stealing information needs contaminating as many PCs as possible with malicious programs. Most PC users now are aware of (or we even can say, almost got used to) the fact that Trojan horses can be included into e-mail messages, multimedia files or free knick-knackery like postcards, smileys and screensavers. We users know that many viruses, worms, and Trojan horses contain information-stealing (keylogging) modules.

Spreading malware as wide as possible that’s what cyberthieves do in order to reach their treacherous goal. At least it was their main approach — until recently, when crooks began to more intensively exploit a new tactic.

Targeting at Individual Addressees

On July 8, 2005 CERT (the US Computer Emergency Readiness Team), issued an alert warning about the rise of Trojan attacks of a new kind. Signs of these stealthy Trojan attacks, which were targeting specific firms to evade detection, have been detected for the last year. Targeted Trojan-horse attacks are a new trend in online threats, states the alert.

Trojan attacks by themselves aren’t new, but CERT said this technique has two features that make it very dangerous, especially for businesses.

First, conventional anti-virus software and firewalls can’t beat Trojans of this kind. These programs are "tailor-made". Source code of known Trojans, if altered, is unfamiliar to anti-viruses, and they can’t detect it.

Any new variation of known malicious program is a new program for anti-viruses. There is a long way from detection of a piece of malware to the moment when an anti-virus or anti-spyware vendor is able to offer protection against it. This cycle takes time — from several hours to a couple of days. When such a program is detected, its signature (piece of code) should be picked and included into an update. Only after all anti-virus or anti-spyware programs on all users’ PCs are updated it is possible to protect them against this particular piece of malware. Poor consolation for those unlucky ones who were hit by a new kind of malware FIRST.

These e-mails contain dangerous malware-laden attachments, or links to web sites hosting Trojan horses. When such an attachment is opened or a link is clicked, a malicious program installs the Trojan onto the users’ machines. These Trojans can be configured to transmit information via ports used for a common service, like TCP port 80, which is assigned to Web traffic. That’s why firewalls are helpless against them.

Second, this time the e-mails are TARGETED — sent to specific recipients. Their subject lines often have something to do with the user’s work or interests.

What the criminal can do when the attachment is opened? He can: (Quote from the alert issued by US-CERT)

• Collect usernames and passwords for email accounts
• Collect critical system information and scan network drives
• Use the infected machine to compromise other machines and networks
• Download further programs (e.g., worms, more advanced Trojans)
• Upload documents and data to a remote computer

CERT made recommendations for system administrators on how to prevent this kind of Trojan horse attacks. You can get the complete list from: http://www.us-cert.gov/cas/techalerts/TA05-189A.html

As for us ordinary Web users — to lessen the risk of these attacks we all should:

• use an anti-virus scanner on all e-mail attachments
• update operating system and application software to patch vulnerabilities these Trojans exploited
• set the default options in e-mail clients to view opened e-mails as plain text, i.e. turn off the "Preview Pane" functionality.

And, of course, be more cautious about everything which appears in our inboxes.

Alexandra Gamanenko currently works at Raytown Corporation, LLC — an independent software developing company. This company provides software capable of disabling even "tailor-made" information-stealing modules, which can be hidden inside spyware as well as viruses, worms and Trojans.

Learn more — visit the company’s website http://www.anti-keyloggers.com