IM: An Underestimated Security Threat

Focused on email security, many network managers are overlooking the dangers presented by IM (instant messaging) technology. After all, IMing your sister-in-law an impromptu dinner invitation from your office cubicle seems pretty harmless. But IM in the enterprise is exploding, as 85 percent of organizations in North America report IM use, according to The Radicati Group Inc.

In the past, the security threat from IM was seen as an additional gateway to the enterprise as well as a concern for securing private corporate data. But that’s not the issue anymore. Studies estimate that IM worms and viruses are growing exponentially. In fact, Akonix Systems Inc. tracked 297 malicious code attacks over IM networks in 2007 – a 20 percent increase in IM threats over the previous year. And while 60 percent of organizations monitor and secure email, studies estimate that 90 percent of organizations lack any form of IT sanction or control for IM. That equals exposure to a rash of security threats, data leakages and legal liabilities.

James Quin, a senior research analyst with Info-Tech Research Group said, “The vast majority of companies really aren’t even aware that there’s an issue associated with IM malware. … But when you look at the fact that IM is increasingly being used as a distribution platform for malware – viruses, worms, Trojan horses – and is also a very serious threat in terms of data leakage, organizations simply can’t continue to take the track that IM is not something they need to worry about.”

Flying Under the Radar

Quin said one of the greatest dangers posed by IM is data leakage. Unlike email which is typically logged, tracked and blocked by an organization, IM communications tend to exit an enterprise outside of the watchful gaze of an IT manager. “If I’m sending something through IM on a server that’s not maintained by the company and it goes out through a generic traffic port, as far as the firewall is concerned, it’s plain old Web traffic,” he said. “It’s a bit of a sneaky way to get information out of the enterprise.”

Taking Action

There are steps companies can take, however, to wrest control of enterprise IM and to minimize exposure to security and legal threats. Here are just a handful of precautionary measures:

1. Sure, IM lends itself far more easily to informal conversation than email, rendering it a faster and lighter alternative. But is it really necessary? What business value does it deliver? The first step, said Quin, is “determining if IM is something you feel is an appropriate part of your business communication strategy.”

2. By preventing IM from being sent over public networks, companies can better manage security challenges. “Organizations should look at deploying an internal IM capability rather than using one of the freely available ones outside of the enterprise,” said Quin. Microsoft Corp.’s unified-communications suite, for example, delivers messaging capabilities, which enables companies to manage IM on internal servers and restrict communications to in-house usage.

3. Many public IM networks offer patches to protect against the latest program vulnerabilities. Network administrators need to install and update these IM patches regularly.

4. Turn to a third-party provider for high-level security protection. Symantec Corp., for example, offers an IM-management tool that secures, logs and archives corporate IM traffic on both public and enterprise IM networks.

5. “No technology should ever be deployed without a policy,” said Quin. IM is certainly no exception. Companies must establish best practices for the uses of IM and any restrictions that apply. In addition, organizations should educate employees on the dangers of IM and inform them of important precautionary measures such as storing IM passwords, communicating with unauthorized sources and refusing file transfers and attachments.

IRS Warns of New E-Mail and Telephone Scams Using the IRS Name; Advance Payment Scams Starting

Updated April 21, 2008 Some people have received phone calls about the economic stimulus payments, in which the caller impersonates an IRS employee. The caller asks the taxpayer for their Social Security and bank account numbers, claiming that the IRS needs the information to complete the processing of the taxayer’s payment. In reality, the IRS uses the information contained on the taxpayer’s tax return to process stimulus payments, rather than contacting taxpayers by phone or e-mail. An e-mail claiming to come from the IRS about the “2008 Economic Stimulus Refund” tells recipients to click on a link to fill out a form, apparently for direct deposit of the payment into their bank account. This appears to be an identity theft scheme to obtain recipients’ personal and financial information so the scammers can clean out their victims’ financial accounts. In reality, taxpayers do not have to fill out a separate form to get a stimulus payment or have it directly deposited; all they had to do was file a tax return and provide direct deposit information on the return. IR-2008-11, Jan. 30, 2008 WASHINGTON — The Internal Revenue Service today warned taxpayers to beware of several current e-mail and telephone scams that use the IRS name as a lure. The IRS expects such scams to continue through the end of tax return filing season and beyond. The IRS cautioned taxpayers to be on the lookout for scams involving proposed advance payment checks. Although the government has not yet enacted an economic stimulus package in which the IRS would provide advance payments, known informally as rebates to many Americans, a scam which uses the proposed rebates as bait has already cropped up. The goal of the scams is to trick people into revealing personal and financial information, such as Social Security, bank account or credit card numbers, which the scammers can use to commit identity theft. Typically, identity thieves use a victim’s personal and financial data to empty the victim’s financial accounts, run up charges on the victim’s existing credit cards, apply for new loans, credit cards, services or benefits in the victim’s name, file fraudulent tax returns or even commit crimes. Most of these fraudulent activities can be committed electronically from a remote location, including overseas. Committing these activities in cyberspace allows scamsters to act quickly and cover their tracks before the victim becomes aware of the theft. People whose identities have been stolen can spend months or years — and their hard-earned money — cleaning up the mess thieves have made of their reputations and credit records. In the meantime, victims may lose job opportunities, may be refused loans, education, housing or cars, or even get arrested for crimes they didn’t commit. The most recent scams brought to IRS attention are described below. Rebate Phone Call At least one scheme using the word “rebate” as part of the lure has been identified. In that scam, consumers receive a phone call from someone identifying himself as an IRS employee. The caller tells the targeted victim that he is eligible for a sizable rebate for filing his taxes early. The caller then states that he needs the target’s bank account information for the direct deposit of the rebate. If the target refuses, he is told that he cannot receive the rebate. This phone call is a scam. No legislation has yet been enacted that would allow the IRS to provide advance payments to taxpayers or that determines the details of those payments. Moreover, the IRS does not force taxpayers to use direct deposit. Those who opt for direct deposit do so by completing the appropriate section of their tax return, with bank routing and account information, when they file; the IRS does not gather the information by telephone. Refund e-Mail The IRS has seen several variations of a refund-related bogus e-mail which falsely claims to come from the IRS, tells the recipient that he or she is eligible for a tax refund for a specific amount, and instructs the recipient to click on a link in the e-mail to access a refund claim form. The form asks the recipient to enter personal information that the scamsters can then use to access the e-mail recipient’s bank or credit card account. In a new wrinkle, the current version of the refund scam includes two paragraphs that appear to be directed toward tax-exempt organizations that distribute funds to other organizations or individuals. The e-mail contains the name and supposed signature of the Director of the IRS’s Exempt Organizations business division. This e-mail is a phony. The IRS does not send unsolicited e-mail about tax account matters to individual, business, tax-exempt or other taxpayers. Filing a tax return is the only way to apply for a tax refund; there is no separate application form. Taxpayers who wish to find out if they are due a refund from their last annual tax return filing may use the “Where’s My Refund?” interactive application on this Web site, IRS.gov. The only official IRS Web site is located here at www.irs.gov. Audit e-Mail Another new scam brought to IRS attention contains features not seen before by the IRS. Using a technique calculated to get almost anyone’s attention, the e-mail notifies the recipient that his or her tax return will be audited. This is the first scam of which the IRS is aware that uses this to get the victim to respond. Unusual for a scam e-mail, it may contain a salutation in the body addressed to the specific recipient by name. Most scam e-mails seen by the IRS are sent using the same technique used by spammers, in which hundreds of thousands of messages are sent to potential victims based on Internet address. Because of the volume, the typical scam e-mail is not personalized. This e-mail instructs the recipient to click on links to complete forms with personal and account information, which the scammers will use to commit identity theft. This e-mail is a phony. The IRS does not send unsolicited, tax-account related e-mails to taxpayers. Changes to Tax Law e-Mail This bogus e-mail is addressed to businesses, accountants and “Treasury” managers. It instructs them to download information on tax law changes by clicking on a series of links to publications on businesses, estate taxes, excise taxes, exempt organizations and IRAs and other retirement plans. The IRS believes that clicking on a link downloads malware onto the recipient’s computer. Malware is malicious code that can take over the victim’s computer hard drive, giving someone remote access to the computer, or it could look for passwords and other information and send them to the scamster. There are other types of malware, as well. The urls contained in the link are not legitimate IRS Web addresses. All IRS.gov Web page addresses begin with http://www.irs.gov/. Paper Check Phone Call In a current telephone scam, a caller claims to be an IRS employee who is calling because the IRS sent a check to the individual being called. The caller states that because the check has not been cashed, the IRS wants to verify the individual’s bank account number. The caller may have a foreign accent. In reality, the IRS leaves it entirely up to the individual to choose to cash or not cash a paper check. The IRS has no business need to know, and does not ask for, bank account or similar information, except when taxpayers indicate on their tax return that they are opting for the direct electronic deposit of their refund. In that case, however, it is the individual’s responsibility to provide the IRS with the correct bank routing and account numbers on the tax return; the IRS does not contact taxpayers to verify the information. What to Do Anyone wishing to access the IRS Web site should initiate contact by typing the IRS.gov address into their Internet address window, rather than clicking on a link in an e-mail or opening an attachment. Those who have received a questionable e-mail claiming to come from the IRS may forward it to a mailbox the IRS has established to receive such e-mails, phishing@irs.gov, using instructions contained in an article titled “How to Protect Yourself from Suspicious E-Mails or Phishing Schemes.” Following the instructions will help the IRS track the suspicious e-mail to its origins and shut down the scam. Find the article by visiting IRS.gov and entering the words “suspicious e-mails” into the search box in the upper right corner of the front page. Those who have received a questionable telephone call that claims to come from the IRS may also use the phishing@irs.gov mailbox to notify the IRS of the scam. The IRS has issued previous warnings on scams that use the IRS to lure victims into believing the scam is legitimate. More information on identity theft, phishing and telephone scams using the IRS name, logo or spoofed (copied) Web site is available on this Web site. Enter the terms “phishing,” “identity theft” or “e-mail scams” into the search box in the upper right corner of the front page. Related Items: FS-2008-9, Identity Theft E-Mails Scams a Growing Problem IR-2007-109, IRS Warns Taxpayers of New E-mail Scams Suspicious e-Mails and Identity Theft Subscribe to IRS Newswire

Identity Breaches are everywhere

Commercial businesses, colleges and universities, government offices, and medical facilities of varying sizes share the common label of being hit by identity thieves.

167 breaches revealing over 8.3 million records happened or became public in the first three months of 2008, according to the nonprofit Identity Theft Resource Center. Targets of attacks ranged from a Vermont ski resort to the University of Georgia, and plenty of points in between.

Some of the breaches happened due to internal misuse of customer data. At Bank of the West in Washington state, a loan officer used applications from customers to steal identities. Cassidy Janosky and her mother rang up $16,000 grand in purchases like plasma TVs and electronics from a local Sears store.

Other breaches happened due to laptop theft, like that of the Florida Department of Children and Families. Five laptops stoled from their Orlando office forced them to alert 1,200 staffers that their Social Security numbers, birth dates, and other information was at risk.

Then there was the old standby, the lost backup tape. In one particularly embarrassing case, secure storage business Iron Mountain lost one with credit card information on 650,000 customers. Names, addresses, and Social Security numbers were on it as well.

Oh, there were network breaches as well. One can essentially envision an attack vector, and something probably happened along those lines, since reported incidents for Q1 2008 more than doubled what ITRC picked up on for the same period last year.

Nick Cavalancia of ScriptLogic said in commenting on the report that security pros need near-real time notification of sensitive file system events, especially in environments where regulatory compliance like Sarbanes-Oxley is a reality.

“Businesses must be able to provide reports indicating permission changes, highlighting what changes were made, who made them and when they were made,” he said. Cavalancia also recommended administrators be able to lock down the myriad devices like iPods people bring into workplaces, to mitigate data theft.

Unbloating Vista Could Be Security Risk

A frustrated Windows Vista user who turns to the vLite application to shrink the OS can pick and choose components to remove, including the Windows Firewall.

A 15GB operating system may have a little more on the component side than it truly needs to run efficiently. Lots of people feel this way about Vista, especially Dino Nuhagic.

He developed vLite, a utility that permits customization of the Vista OS before installing it on a system. “This method is much cleaner, not to mention easier and more logical than doing it after installation on every reinstall,” Nuhagic said on the vLite site.

Doing this is not for the faint of heart when it comes to technology issues. Being able to remove a component doesn’t mean one should. Someone who decides to trust a router for protection and removes the Windows Firewall from a laptop installation could be in for a nasty surprise when connecting to another network that may be lacking in security for whatever reason.

The Windows Firewall arrived with Microsoft operating systems starting with XP. Before that, security pros and other prudent users had to add third party firewalls to Windows 2000 to safeguard against the OS attacks that were common for the period.

People may not realize this, but the shift from attacking Windows to attacking applications began when XP gained a place on thousands of personal computers. Though people could add firewalls to their systems before this, many did not. XP arrived with the firewall on by default.

It may feel right to remove some of Vista’s excess. Gamers in particular will be heartened by Nuhagic’s comment in Computerworld about putting Vista on a drastic diet:

Nuhagic didn’t come right out and say it, but he hinted that he — like more critical users and pundits — thought Vista was bloated and could use some reducing. “To be frank, I don’t need 90% of Windows. But that 10%, which guarantees that you can run [the] majority of games out there, is what is worth isolating.”

To the power gamers who have been frustrated with Vista, vLite may look like an absolute must-have for their systems. Achieving speed at the expense of security should not be part of the process. Plenty of criminals would love to grab a gamer’s login credentials, and losing one’s virtual identity would be worse than a headshot in-game.

Link

“Safe Surfing.” IT Security Presentation Notes

IT Security Presentation: “Safe Surfing” by Tim Torres.

[Presentation Notes]

 

Three Types of Activities to Improve IT Security at Home:

1. Using What You Have

2. Obtaining Specialized Programs and Tools

3. Locking Down Your Environment

 

1. Using what you have

 

            A. Working with Passwords:

• Currently, passwords are the most common method of authentication

• They are also the easiest to obtain and use falsely

• What is the easiest way to break into a password protected account?

• Brute force

• Try every possible combination of characters

• Takes a long time

• Dictionary method

• Try dictionary words (includes common words, common misspellings, foreign dictionaries, words from films or books, and l33t sp34k)

• Try date formats

• Sniffing

• Keystroke Recording

 

The SUPR test: Is the password as strong (meaning length and content) as the rules allow?

 

· The Strong Test: Is the password Complex? Numbers, letters, special Characters?

· The Unique test: Is the password unique and unrelated to any of your other passwords?

· The Practical test: Can you remember it without having to write it down?

· The Recent test: Have you changed it recently?

· In spite of the SUPR tests, you need to be aware that sniffing happens, and even the best of passwords can be captured and used by an intruder.

 

Ten Most Commonly Used Passwords Online:

 

password

123456

qwerty

abc123

letmein

monkey

myspace1

password1

blink182

your first name

 

Recap

• Do not write your passwords down

• Do not give your passwords to anyone

• Do not use the same password for multiple accounts

 

B. Spam

Statistics:

Computer security firm Symantec estimates that between 65 and 70 per cent of email traffic is spam. While spam itself doesn’t necessarily carry a computer virus, there is a connection, because many email virus programs involve a “mass-email” element.

 

When the “Sober” [Read about the "Sober" trojan] trojan, for instance, infects a computer it sends spam email to email addresses in the infected user’s email address book.

 

Where does most “spam”, or “junk” email come from?

Symantec estimates that 90 per cent of spam comes from offshore sources. This factor makes it impossible for local law enforcement agencies to do anything about it. It is cheap for spammers to send thousands of emails. If only a handful of people click on them and are fooled by a fraudulent offer, it’s worth the cost.

 

How to Protect against Spam and Spim:

1. Filter SPAM & SPIM

2. Minimize Annoyance

3. Reduce Exposure to Risk

 

Six Steps:

1. Install High Quality Anti-Spam Program from trusted vendor, that scans email and attachments for viruses.

2. Don’t Respond to SPAM email or IM links. By clicking link, you are encouraging the sender to send more SPAM.

3. Don’t send vital personal or financial information via email or Instant Messenger. Email is generally unencrypted, and is vulnerable to hackers on the internet who can easily intercept the information.

4. Don’t open up email by anyone you don’t know, even when email claims to be from a reputable source. Check first before opening attachments. Always verify!

5. Watch out for internet and email “Con-Games,” asking for personal information. [If an offer is too good to be true, it probably is!] (**use example.)

6. Use a different email for work and home.

 

· Always remember to use good judgment, and if you don’t know who it’s from, or what it is, just hit “delete”.

 

(Top 12 Spam Filters list)

C. Backing up Data:

A back-up is a copy of the data and certain programs on your computer. Creating a copy or back-up of data is a sensible and easy way to ensure that, in the event of a fire, computer theft or virus infection you can recover all of your business information from your computer or website quickly and easily.

 

What you can do:

· Develop a disaster recovery plan by first assessing your level of risk

· Ensure back-up procedures are in place and tested and remember to test the actual data and restoring of data process

· Ensure that you keep the back-up copies in a safe, fire-proof location away from your computer systems – usually these conditions can be met simply by storing the back-up in another place away from your business premises

· Ensure back-up procedures include systems such as finance and payroll

· All third party software should be copied prior to its initial use (software licensing allows for the making of copies for legitimate back-up purposes). These master copies should not be used for ordinary business activities but should be reserved for recovery purposes. They should be stored in a secure off-site location.

 

D. Apply Patches – Keep System updated.

Windows Security Updates

 

· When necessary, Microsoft provides a new security update on the second Tuesday of each month and publishes a bulletin to announce the update. Occasionally, updates are released more often. The links below go to the latest bulletins. Each bulletin includes links to the security updates.

 

If you are using Windows Vista or XP, you can manage your updates through the control panel.

 

To manually download available updates, go to Microsoft update or in Windows Vista go to your control panel. After your computer has been scanned to see which updates it needs, click the Custom button to find and choose the update you want to install. We recommend you install all High-Priority Security and Critical updates immediately.

 

We recommend that you get the updates delivered automatically to your PC. When your computer is on and connected to the Internet, the most current security updates are automatically downloaded and installed. To learn how to turn on automatic updating for your particular operating system, see Update your computer automatically..

 

2. Obtaining Specialized Programs

 

A. Anti-Virus:

Facts about Computer Viruses

A computer virus is code — a program — that can be recognized and run by your computer, causing the code to reproduce. Just like a virus in a human, the computer virus may be innocuous, bothersome or deadly. Yet in all cases, the virus occupies precious computer memory space. Just cycling through the program, no matter how ineffective it may be, could impair the functions of your legitimate applications.

 

Dispelling Virus Myths

Hysteria and ignorance have combined to create a vibrant industry of myth, legend and hoaxes. But, if you know the facts, you will be in a better position to respond effectively.

 

1. Myth: Viruses can be transmitted via a data file, e-mail or Web page.

Fact: Data files cannot carry viruses because such files carry data, not programs. Only an executable program file can carry a virus. But there is a catch. What you believe to be just a data file may include some legitimate executable code, and this code could be infected.

 

For example, a Microsoft Word document contains only word processing data, so it could not be infected. But a Word template file contains a small program known as a “macro,” that could be infected. Similarly, a simple e-mail message is just data, but an email message that includes a Word template file could carry a virus in that file.

 

2. Myth: Backups are useless if you back up the virus along with the data.

Fact: You can restore important data without restoring the infected program. You will have to remove the infected files, and you probably will have to reinstall computer applications from your original software source. This can be time consuming and tedious, but it is possible.

 

3. Myth: Shareware, public bulletin boards and the Internet are the source of most viruses.

 

Fact: This usually is not the case. New shrink-wrapped software applications are a major source of viruses. Often, new applications instruct users to turn off virus protection software before installing. Follow those instructions, but also check the software for virus infection after installing. Remember, mere connection to a bulletin board or the Internet cannot transmit a virus. You transmit a file to your computer only by choosing to.

 

B. Install and Use a Firewall

What is a Firewall?

Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary Internet traffic. Firewalls can be configured to block data from certain locations while allowing the relevant and necessary data through

 

What type of firewall is best?

Firewalls are offered in two forms: hardware (external) and software (internal). While both have their advantages and disadvantages, the decision to use a firewall is far more important than deciding which type you use.

 

· Hardware – Typically called network firewalls, these external devices are positioned between your computer or network and your cable or DSL modem. Many vendors and some Internet Service Providers (ISPs) offer devices called “routers” that also include firewall features. Hardware-based firewalls are particularly useful for protecting multiple computers but also offer a high degree of protection for a single computer. If you only have one computer behind the firewall, or if you are certain that all of the other computers on the network are up to date on patches are free from viruses, worms, or other malicious code, you may not need the extra protection of a software firewall. Hardware-based firewalls have the advantage of being separate devices running their own operating systems, so they provide an additional line of defense against attacks. Their major drawback is cost, but many products are available for less than $100 (and there are even some for less than $50).

 

· Software – Some operating systems include a built-in firewall; if yours does, consider enabling it to add another layer of protection even if you have an external firewall. If you don’t have a built-in firewall, you can obtain a software firewall for relatively little or no cost from your local computer store, software vendors, or ISP. Because of the risks associated with downloading software from the Internet onto an unprotected computer, it is best to install the firewall from a CD, DVD, or floppy disk. Although relying on a software firewall alone does provide some protection, realize that having the firewall on the same computer as the information you’re trying to protect may hinder the firewall’s ability to catch malicious traffic before it enters your system.

 

Personal Firewall Choices

· Microsoft Windows Firewall — The Vista and XP Service Pack 2 operating systems have personal firewalls built in that are turned on by default to block threats from the Internet. You should leave this feature turned on until you replace it with third-party software and/or hardware.

 

· Two-Way Third-Party Personal Firewall Software — These firewalls block both incoming and outgoing threats. A computer has outgoing threats when it becomes infected with a virus, trojan horse or spyware. A challenge for this type of firewall is to distinguish between threats and legitimate software. Two common ways to address this are by vendors including a list of safe software for the firewall to check and/or by issuing a pop up alert to the user asking for advice on what to do. For links to vendors and reviews of over fifty products, see our Personal Firewall Reviews page.

 

Recommended products with links to vendors:

· Sunbelt/Kerio Personal Firewall [freeware & retail versions]

· ZoneAlarm Pro from CheckPoint [retail & free versions]

· Comodo Personal Firewall [freeware]

 

· Internet Security Software Suites — These products include two or more security features such as a personal firewall, anti-virus, anti-spyware and more. For links to vendors and reviews of over 20 products, see our Internet Security & Utility Suites page. Recommended retail products with links to vendors:

 

· Norton Internet Security 2008 or Norton 360 from Symantec include personal firewall and protection from viruses, worms, spyware, intrusion, phishing and root kits. Also includes behavioral monitoring features. The free online add-on pack includes anti-spam, parental control, confidential information blocking, and ad blocking. “Norton 360″ adds automatic backup and restore with 2 GB of online storage, PC tune up and embedded support components; PC Magazine Editor’s Choice 3-7-07.

 

· ZoneAlarm Internet Security Suite from CheckPoint features include network, program and operating systems firewalls, antivirus, identity theft protection, anti-spyware, spy site blocking, auto-learn, privacy protection, IM protection, game mode, essential email security, wireless PC protection, parental control, and smart defense service.

 

· Kaspersky Internet Security 7.0 — Intrusion protection, anti-virus, personal firewall, anti-spyware, anti-spam, and blocks auto dialers, ads and pop-ups.

 

B. Spyware

 

What is spyware?

Spyware is a general term used to describe software that performs certain behaviors such as advertising, collecting personal information, or changing the configuration of your computer, generally without appropriately obtaining your consent first.

 

Spyware is often associated with software that displays advertisements (called adware) or software that tracks personal or sensitive information.

These programs can change your Web browser’s home page or search page, or add additional components to your browser you don’t need or want. These programs also make it very difficult for you to change your settings back to the way you originally had them.

 

Signs of spyware: Are you being watched?

If your computer starts to behave strangely or displays any of the symptoms listed below, you may have spyware or other unwanted software installed on your computer.

 

· I see pop-up advertisements all the time. Some unwanted software will bombard you with pop-up ads that aren’t related to a particular Web site you’re visiting. These ads are often for adult or other Web sites you may find objectionable. If you see pop-up ads as soon as you turn on your computer or when you’re not even browsing the Web, you may have spyware or other unwanted software on your computer.

 

· My settings have changed and I can’t change them back to the way they were. Some unwanted software has the ability to change your home page or search page settings. This means that the page that opens first when you start your Internet browser or the page that appears when you select “search” may be pages that you do not recognize. Even if you know how to adjust these settings, you may find that they revert back every time you restart your computer.

 

· My Web browser contains additional components that I don’t remember downloading. Spyware and other unwanted software can add additional toolbars to your Web browser that you don’t want or need. Even if you know how to remove these toolbars, they may return each time you restart your computer.

 

· My computer seems sluggish. Spyware and other unwanted software are not necessarily designed to be efficient. The resources these programs use to track your activities and deliver advertisements can slow down your computer and errors in the software can make your computer crash.

 

If you notice a sudden increase in the number of times a certain program crashes, or if your computer is slower than normal at performing routine tasks, you may have spyware or other unwanted software on your machine.

 

How to help prevent spyware

1. Use Anti-Virus and frequently run Anti-Spyware Software

Norton Internet Security 2008 ($69.99)

Key Technologies

* Antispyware

* Antivirus

* Antispam and Parental Controls **

* Two-Way Firewall

* Advanced Phishing Protection

* Intrusion Prevention

* Rootkit Detection

 

Free-Ware:

*Ad-Aware / Lavasoft Anti-Spyware

*Spybot Anti-Spyware

*ewido Anti-Spyware

 

2. Adjust Internet Explorer security settings

You can adjust your Internet Explorer Web browser’s security settings to determine how much—or how little—information you are willing to accept from a Web site. Microsoft recommends that you set the security settings for the Internet zone to Medium or higher.

 

To view your current Internet Explorer security settings:

1. In Internet Explorer, click Tools and then click Internet Options.

2. Select the Security tab.

 

If you’re running Windows XP Service Pack 2 (SP2) and you use Internet Explorer to browse the Web, your browser security settings for the Internet zone are already set to Medium by default. Internet Explorer in Windows XP SP2 also includes a number of features to help protect against spyware and many other kinds of deceptive or unwanted software.

 

Windows Defender protects your computer from spyware and other unwanted software. Windows Defender comes with Windows Vista and you can download it for no charge for Windows XP SP2.

 

3. Surf and download more safely

The best defense against spyware and other unwanted software is not to download it in the first place. Here are a few helpful tips that can protect you from downloading software you don’t want:

 

· Only download programs from Web sites you trust. If you’re not sure whether to trust a program you are considering downloading, ask a knowledgeable friend or enter the name of the program into your favorite search engine to see if anyone else has reported that it contains spyware.

 

· Read all security warnings, license agreements, and privacy statements associated with any software you download.

 

· Never click “agree” or “OK” to close a window. Instead, click the red “x” in the corner of the window or press the Alt + F4 buttons on your keyboard to close a window.

 

Removable Media Protection

Take 4 Steps to secure your thumb drive data

 

1. Guard it carefully

· Many people are careless with thumb drives. People often leave them lying around or attach the drives to key chains. How often have you lost your keys?

 

· Better are ones that you can attach to a cord and wear around your neck. This won’t appeal to the fashion-conscious, but it helps prevent loss or theft.

 

· Some thumb drives have cords that connect to the drive’s protective removable cap. Forgo these. You want one with a cord that connects to the body of the drive.

 

2. Watch out for viruses

· Be careful when you connect your thumb drive to shared computers. Just like floppy disks, thumb drives can easily transfer viruses.

 

· Make sure you’re only transferring data. Any computer you connect the drive to should have anti-virus software running. Of course, the virus definitions must be current. The anti-virus software should scan the drive as soon as it is connected.

 

· If the drive isn’t from a trusted source, don’t connect it to your computer.

 

3. Encrypt your data

· If your thumb drive falls into the wrong hands, your data is fair game. So it is important to protect your files.

· Encryption will “scramble” your data. It can only be unscrambled with the correct password. Encryption that is 128-bit is very secure.

 

· Many drives come bundled with encryption features. Double-check that the encryption software is not a trial version. Otherwise, you will need to pay to use it once the trial expires.

 

· Once you set up the encryption software, get in the habit of using it. And don’t forget to create a strong password. A combination of at least eight numbers and upper- and lower-case letters is most effective. Don’t use an easily recognizable word, but make sure you can remember it — without writing it down.

 

· If your thumb drive doesn’t have encryption software, you can buy additional software.

 

· File Encryption XP (www.cp-lab.com, $30)

· Folder Crypto Password (www.folder-password-protect.com, $20)

· Folder Lock (www.newsoftwares.net, $35) can encrypt your thumb drive files.

· TrueCrypt is a free open source which allows you to encrypt your disk. This is really useful for securing your USB thumb drive as you wouldn’t want your documents and data exposed to third party when it got stolen or lost. Main features are:

· Additionally, some manufacturers make drives with biometric fingerprint readers. A built-in scanner reads your fingerprint before granting access to the drive. This provides excellent security. Expect to pay a premium for this feature.

· Drives with biometric scanners require that software be installed on the computer. This limits where you can access your thumb drive. You might find yourself in a situation where you can’t access your data.

 

4. Back up your data

· Losing your thumb drive is painful, even when the contents are protected. So, back up your data!

 

· You should always keep multiple copies of important data. This is particularly true when the storage medium is susceptible to loss or damage. Most thumb drives are made of plastic, which isn’t always durable.

 

3. Locking down your environment

 

1. Wireless Networks

 

Step 1: Change the Router’s Default Administrator Password
Out of the box, most routers contain a default user ID and password. Because this password is well known (i.e., printed in documentation included with the router), you must change the default password. You can easily make this change by running the router’s installation and setup wizard.

 

Step 2: Change the Default SSID and Disable SSID Broadcast
All routers are shipped with a Service Set Identifier (SSID) that’s set by the manufacturer. An SSID is a sequence of as many as 32 letters or numbers that comprise a wireless LAN’s (WLAN’s) ID or name. For example, the Linksys router’s default SSID name is Linksys. Default SSIDs are well known and published.

 

Step 3: Change the IP Address Setting
Router manufacturers set every router with an IP address. Linksys routers, for example, come configured with an IP address of 192.168.1.1. These address settings are well known and published, and thus malicious users can easily discover your IP address if they know the router manufacturer and type. Therefore, you should change the IP address as a part of the setup process. Continuing with the Linksys example, you can change the default 192.168.1.1 IP address to 192.168.10.1. Although changing the IP address doesn’t secure the router, it does leave the eavesdropper guessing for the IP address.

DHCP is also enabled by default on every router. DHCP provides IP address information to client machines. By default, the DHCP server hands out IP addresses in the 2-to-254 range. Therefore, 253 client machines can get an IP address from the router. You probably don’t have that many systems at home, so it’s best to reduce the DHCP range to the number of machines that you expect to have in your network. As a rule of thumb, I set the router to hand out addresses for the number of machines in my network, plus an additional two for visiting friends and family.

 

Step 4: Set Up Your Router to Use Encryption
A router’s default settings don’t include encryption. Because encryption provides security to your wireless communication, you must enable it. However, before setting up encryption, you must understand a few facts about wireless encryption and the security that different types of encryption standards—specifically, Wired Equivalent Privacy (WEP) and WiFi Protected Access (WPA)—provide.

 

Step 5: Use the MAC Address Filter
Every NIC has a unique MAC address. You can configure most wireless routers to filter based on these addresses. To display XP’s IP configuration, which includes the MAC address (as Figure 2 shows), simply type “C:\>ipconfig /all” at a command prompt. After you know the MAC (Physical) address, you can log on to the router (at http://router’s IP address) and add the MAC address to the filter. Figure 3 shows how to add the MAC address to a Linksys router. However, you will have to add and save the MAC address to your router only once and subsequent visits will be seamless.

 

Just like Locking Your Home
Just as you secure your home by locking your doors and windows, you must take the precaution of securing your wireless network by locking it down. By changing your router’s default administrator password, changing the default SSID and disabling SSID broadcast, changing your IP address settings, setting up your router to use encryption, and using the MAC address filter, you can easily secure your home wireless network, as my friend did. Although these steps won’t prevent a dedicated intruder whose intent on hacking your network, they’ll keep most malicious users and eavesdroppers away.