Tuesday, December 10, 2013

Viruses, Malware, Scams & "Hacking" vs Your Privacy, Your Computer, & You

Today, I'd like to take a look at an important issue - your online safety and protection.   Whether you're new to computers, have been around for a while, or "really know your stuff", you're bound to come across people with less-than-honorable intentions.  

Today, I will, briefly,  point out what is out there, what "bad guys" are doing, the threats to you, and what you can do to prevent yourself from being a victim.  If you would like further information, please get in touch with me, and I will expand on any of these topics.


What is out there?
The internet is a big place.   It seems that almost everyone has a presence,   Much the same as there are criminals in the real world, there are bad guys on the internet, as well.   Their goals are not all the same.  Some like causing mischief.  Others want your money or identity.  Others still want to steal your property (account, machine or service) to further carry out their acts.   

One of the most common means used is the computer virus.   These are often transmitted through an infected file.  Once activated, they install themselves on the infected computer, and may spread themselves through the means for which they were designed.   This could mean being spread through email, or being shared as part of a file-sharing network.   In some cases, a virus may be transmitted through an exploit through an add-on like Javascript or Flash. For the sake of this article, I am not distinguishing between viruses, trojan horses, rootkits and other malicious code.  The end result of this malicious code is that your drive may be corrupted, your computer may be locked out, your personal information may be stolen, your computer may be used to send or host spam, or any number o other unfavorable outcomes.

"Adware" is another threat that lies out there.  Adware may or may not be caught by some security programs as malware.   By its written purpose, it is "intended to help you".  This may be in showing you similar goods to those you're viewing on a webpage, replacing banner ads with those from a client, or hijacking your browser.  Very often these programs sneak in with anotherprogram.   While they may not be "malicious" by definition, they often have unwanted or undesirable consequences.  

Scams are perhaps one of the biggest threats out there.   These may be carried out by email, instant messenger, or by phone.    I have seen one delivered by postal mail, as well, but that's a different story.  Common scams include the NIgerian Prince (or other dead rich person) who either left you as an heir to a fortune, or you've been sought out to help a banker launder the "money".  There is also the fake international lottery scam, and even the "Someone wants you dead, but if you pay me, I'll let you live" scam.    Other common seen scams include folks (especially from Africa) who want to buy an item from you on an auction site at an inflated price, long-distance "landlords" that want to offer you a ridiculously low price on housing, or even ones who want to play on the naivity of someone using a dating site.   Another common scam takes place over the telephone.   Usually with a pre-recorded message that your credit card interest rate can be lowered just by talking to some call center representative crook.   Another phone scam to watch out for is the foreign (generally Indian) "Microsoft" calls.  They attempt to trick you into believing that your computer is telling Microsoft it has error/viruses, and they were there to help rip you off.

Spam is another way to fall victim to theft.  Email messages purporting "great" deals on counterfeit goods or discount prescriptions (Viagra seems to be a very popular one) without a prescription, lead the pack on offers to separate you from your hard-earned money.   It's fairly easy to bulk-register a bunch of domains cheap, park them on a referrer, aiming them at a foreign site that is unlikely to help you when you've been taken to the cleaners.  That is a "when", not an "if".   Spam is very often perpetuated through the use of fake or stolen email accounts, and hijacked computers.  

The last thing we'll look at today in the "what is out there" category is "hacking".   In general, this is a very mis-used word.   Many times, after one has been tricked into sharing their login information, and their email/social media account begins to spam people, they say "I was hacked".   No, there was no hacking involved, they just were tricked into turning over their account.   On the other hand, I have had an account hacked.   I saw the email notifications that there were a series of unsuccessful attempts  on my account, followed by it being used for bad purposes.   [I got their domains and IP addresses removed for this act].  Whether real hacking, or trickery, your account information, contact lists, and private data may become compromised.  

What can I do about it?
Information, protection and prevention are the best ways of ensuring you keep a healthy computer, and do not fall victim to the crooks. 

Information: Know what's out there.  You don't need to be an expert on every threat that is out there, but keep some basics in mind
  • If it seems "too good to be true" it's a scam
  • If they claim you won a prize you didn't sign up for, it's a scam
  • If someone asks you to sell an item outside of normal channels - and ship it internationally - they're out to steal from you
  • Pictures do not have an .exe estention
  • "Your bank" will not email you from a free email account to tell you there's a problem with your account.
  • "Your credit card company" will not call you from a spoofed phone number offering to "reduce your interest rate" without identifying themselves properly.
  • Microsoft does not call users.  Period.



Protection: This may be as simple as setting up your firewall or antivirus program.  This is especially important for Windows users, though otherusers should take note, as well.  

"But, I use a Mac, and they don't get viruses" one might say.  This is verifiably wrong.   While Microsoft has held the lion's share of the operating system use in the world, they have been a greater target for malicious code.   Assuming one wanted to distribute their software to the largest number of machines, it is only logical that they would write it for the most prevalent system.   The Windows and Mac operating systems are different, which means that most windows-designed viruses will be ineffective against Macs - but Mac-specific viruses have been in existence since 1982.   So, it's a good idea to have protection on your Mac to keep it virus free.   At the very least it's good to have to prevent forwarding harmful email attachments to your Windows-using friends.

"But I use Linux, that is virus-proof".   Again, this statement is wrong.   First, we have the aforementioned courtesy when forwarding potentially infected files.  While, Linux also uses a different system, some malicious code is possible.  This will often be distributed in packages outside of the distro-specific repository.   While not prevalent, and often preventable through basic knowledge, it's tood to use protection.

"But I'm on an android/iPad".  These devices are growing in popularity and market share.  As such, there are more exploits, and more people willing to spend time to write harmful code.   

Prevention: You can't easily stop any of these things from their source, but you can prevent yourself from falling victim to many of the threats that surround us.   Here are a few tips:

  • Never respond to spam!   buying anything from them does a few things.  It enriches them at your expense.  It adds you to a "sucker list".  It takes money from you directly (often for nothing) or gives ac it gives them your credit/debit card info, allowing htem to steal far more from you.
  • Responding to "unsubscribe" links in spam mail only validates your account.  Spammers do not care that you do not want their garbage, and will gladly sell the list collected from the "unsubscribe" link for more money.  Then you get more spam.
  • Do not do business outside the official channels on sites like eBay.   If you get ripped off outside of eBay, you lose the protections available within the service.   It's advisable to report any attempts to conduct a transaction outside of the auction/sale, or to simply ignore the contact.
  • Large sums of money from foreign (often African) countries are scams.   You're probably just as well deleting them.   For those with the time and inclination, there is a "sport" of scam-baiting, but in general, it's best to just ignore these email messages.
  • Watch what you open, and who sent it to you.    I'm not saying not to trust what your friends and family sent to you, but sometimes it's good to  pay attention.   If you have a friend who generally has good spelling and grammar, and suddenly sends you a message for a website with "u" or "4" as words, then chances are good you're dealing with a compromised account.
  • With email, learn that legitimate businesses you deal with will not send you a "Dear user" message telling you about an impropriety in your account.  This is especially true for banks, Paypal, and credit cards.   Do not follow links from these email messages, but rather go to the site directly, - or phone the establishment - and verify whether or not there is actually a problem
  • Regarding the phone scams, unless you feel comfortable - and have the time - it's better just to hang up on the "card services", "auto warranty", and Microsoft Tech Support scam calls.   
I hope that this gave you a bit of info that could help protect you, your computer, and your private information.   If you'd like me to expand on any of these points, let me know, and I can provide more information.   

No comments:

Post a Comment