Friday, October 20, 2006

Phishing For Your Identity

Who hasn't received an email directing them to visit a familiar website where they are being asked to update their personal information? The website needs you to verify or update your passwords, credit card numbers, social security number, or even your bank account number. You recognize the business name as one that you've conducted business with in the past. So, you click on the convenient "take me there" link and proceed to provide all the information they have requested. Unfortunately, you find out much later that the website is bogus. It was created with the sole intent to steal your personal information. You, my friend, have just been "phished".

Phishing (pronounced as "fishing") is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business. The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.

It is not at easy as you think to spot an email phishing for information. At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail. The clickable link even appears to take you to the company's website, when in fact, it is a fake website built to replicate the legitimate site.

Many of these people are professional criminals. They have spent a lot of time in creating emails that look authentic. Users need to review all emails requesting personal information carefully. When reviewing your email remember that the "From Field" can be easily changed by the sender. While it may look like it is coming from a .com you do business with, looks can be deceiving. Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible. They will even copy logos or images from the official site to use in their emails. Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.
A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view. It is a very quick and easy way to check if you are being directed to a legitimate site.

Finally, follow the golden rule. Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser. At least then you can be confident that you are, in fact, being directed to the true and legitimate website.

Tuesday, October 10, 2006

Get Into the Zone

Malware. An odd sounding word created to lump all malicious software programs, including viruses, worms, trojans, spyware, adware, and other malevolent codes into one cause-your-computer-serious-hurt category.

In 2005, Computer Economics released a report on malware. The good news was that for the first time since 2002, the total worldwide financial losses from malware actually declined to a mere $14.2 billion. The bad news was that the nature of malware was changing from overt threats to more focused, covert attacks. This definitely is not great news for the average computer user just trying to keep up with the hundreds of malware programs that bombard us daily.

It’s not an easy task keeping malware out of your computer system. In order to accomplish this, you need a strong antivirus program. One such program that can deliver the goods is ZoneAlarm Internet Security Suite from Zone Labs. Zone Labs is one of the most trusted brands in Internet Security for good reason. Their product, simply put, kicks serious malware gluteus maximus.

ZoneAlarm has received more review recommendations that any other Internet-security software suite because of its superb firewall and antivirus protection. It blocks pop-up ads, protects against identify theft and provides adequate spam filters that are flexible. It even beats the market leader, Norton Internet Security, which is often criticized for excessive system drag.

Its newest version includes these additional features:

· Triple Defense Firewall to prevent spyware from sending your information across the Internet. It also makes your computer invisible to anyone on the Net.

· Smart Defense Advisor which can automatically adjust your security settings for maximum protection against the latest virus and spyware outbreaks.

· Advanced Identify and Privacy Protection to prevent your personal data from leaving your computer without your approval.

The bonus for the average user who cringes at the idea of setting-up one of these systems is that the interface is easier to understand and use in comparison to most if its competitors. If you choose to venture beyond the out-of-the-box default settings, and install a more elaborate filtering, know that this will require some additional time to set up on your part.

Overall, ZoneAlarm Internet Security Suite is a user-friendly, comprehensive security solution that will have your computer safe from Internet hazards and cyber criminals within minutes of installation.

ZoneAlarm FREE Download



Saturday, October 07, 2006

Spyware And Adware


Spyware is becoming an increasingly prevalent tool that is used by internet marketing companies and others to gather information about computer users' activities on the internet. It is also widely reported that some spyware is also being used to obtain personal information about visitors to the internet in order to facilitate identity theft or worse.

What is it and how did I get it?

In its most basic sense, spyware can be defined as "any software program that aids in gathering information about a person or organization without their knowledge, and can relay this information back to an unauthorized third party." This definition was proposed by a industry trade group and probably enjoys general consensus in the industry. While there are many ways these software programs can be delivered, they usually end up on a user's computer by being surreptitiously downloaded in the background while the user is visiting a participating website. Once the code is inserted into the appropriate places in the user's browser, it can collect information such as passwords, credit card numbers, and social security numbers, or it can monitor and report behavioral information such as the user's favorite websites or internet purchasing habits.

Adware - Spyware's nicer cousin

Spyware is often grouped together with Adware, although there are some significant differences between the two. While the main purpose of spyware is to obtain information about a user, the main purpose of adware is to advertise. Usually, this advertisement is accomplished through pop-up ads, but recently, adware manufacturers have gotten more clever and have figured out ways to, for example, cause the user's browser to display search results determined by the advertisers instead of the search site. While some adware programs may use tactics that are similar to spyware, they claim to do so with the knowledge and consent of the user -- although this claim is often disputed by the user who is sick of pop-up ads. Typically, adware finds its way onto the user's computer by being "bundled" with other applications that the user actually wants. One of the main issues with adware is the fact that the user often does not know that they are downloading the adware code along with the desired application.

Many adware companies currently argue that their software is only downloaded with the consent of the user. What they do not tell you is that consent is often given by way of a long, complex and burdensome notice agreement. The typical user, which practically every computer user has been guilty of this at some point, will instead of reading the entire 40 or 50 page pop-up consent regarding what is being downloaded, will simply click "OK" in order to download the program they want. What they miss by not reading that long notice is that bundled along with the software the user wanted, there is a spyware or adware program.

Tuesday, October 03, 2006

E-Mail Security


HTML E-Mail

Disable HTML for e-mail or choose to view all messages as plain text if your e-mail client has such options - the better ones do; or use an e-mail content filter for web bugs and embedded content originating from a server other than the one belonging to the sender of the e-mail. Today's cleverly-coded e-mail worms can execute just by viewing HTML-formatted e-mail.


E-Mail Attachments

  • Never allow your e-mail client to "View Attachment Inline" ...unless you are sure it arrived from a trusted sender.
  • Never open e-mail attachments from strangers.
  • Use encryption software for sending your most private e-mail messages. If you don't, keep in mind that what you are sending is the equivalent of a postcard.
  • Never, ever use e-mail to send confidential information such as credit card numbers, bank account numbers, or your Social Security number.
  • Never respond to e-mail asking for confidential information. Any e-mail you receive requesting your credit card numbers, bank account numbers, or Social Security number either via e-mail or a web site link is surely an identity theft or phishing scam.