The Synchronous Converter

Spyware, trojans, dialers and viruses can cripple your PC’s performance, destroy data and compromise your security. Find out how to identify if your PC is at risk and how to lock it down from attacks in the future by reading this factsheet.

What is spyware?

Spyware is software which can track what you do on a computer and report it back to another computer. With the widespread use of Broadband, spyware has an easy route back to its precipitator. Most spyware is quite benign - almost all applications will ‘call home’ to check for new versions, including your operating system. There are, however more advanced and aggressive spyware applications which can try to take over your PC, perhaps by forcing your web browser to another search engine page, or by displaying popups. Worse still, some spyware can store every keystroke on your computer, passing this back to its owner - this could include usernames and passwords, along with the websites that you may have entered them into. Still feel safe doing your banking online? Some applications will install a phone dialer which will change your dialup settings - instead of dialing your standard local rate number it’ll dial a premium rate number, sometimes several Pounds per minute - you will only find out when you get your bill unless you notice the number’s changed, and don’t expect the phone company to reimburse you!

Where does spyware come from?

The main spread of spyware comes from the human weakness to get something for nothing. Free toolbars, wallpapers, smileys, application add-ons or ‘cracked’ software often contain spyware or viruses. So if you download ANYTHING, try to make sure it comes from a reputable source, scan it for viruses and perhaps do a google search to see if anyone else has had problems with this application. Note that some programs require the ’spyware’ in order to run, so it’s possible that the program will stop working, or work incorrectly after spyware removal, however I have never had this happen to any mainstream program, and this is a warning that most Antispyware apps mention just to cover themselves.

What are viruses?

Viruses have been around for a long time, and have actually become less destructive (at least in my opinion). Going back 15 years it was not uncommon for a virus to wipe out the boot sector of the hard disc, similar to ripping out the index of a book. Nowadays viruses can corrupt files but most concentrate on their own propagation and stealth. They’ll try to bypass or even disable your antivirus software and firewall, send themselves out to all of your address book and perhaps deliver another payload - some even turn your PC into a ‘zombie’ to perform predefined tasks. This might either be a SPAM attack or a DoS (Denial of Service) attack, where any infected PC sends out junk data to one specific server. If enough PCs do this it effectively swamps the server so that it cannot respond to legitimate traffic, bringing it down.

How do I know if I have spyware/viruses?

The symptoms can differ depending on the infection. I once cleaned a PC that had 700+ pieces of spyware/viruses on. Many of these were duplicates/mutations of the same one (MS Blaster), but nevertheless the effect was the same - a very lethargic PC that behaved erratically. It was incredibly slow, sometimes rebooted and would popup adverts for porn regularly. The start page was also configured to goto another search engine, and changing it within Internet Explorer settings made no difference.

Another useful tip is to open up Task Manager (right click on the taskbar and select it from the menu). Look at all of the processes that are running under your username login. Do a ‘google’ for the EXE filename - almost every application will have some writeup on its legitimacy and status so you can quickly determine applications that have a right to be running and those of a suspicious nature.

How can I get rid of spyware?

The best way to know if you are infected is to use one of the many excellent and free spyware detectors. The two best apps are LavaSoft Adaware and Spybot Search and Destroy, both of which are free.

- Lavasoft

- Spybot

Download BOTH applications and perform a full system scan. What one doesn’t find the other invariably will. Both will flag up ‘cookies’ as a security risk, however do not delete these unless they are obviously dodgy (e.g. they mention sex, for example and you’ve not been frequenting porn sites!) Many cookies are useful, storing your online preferences (e.g. your Amazon preferences…)

At the time of writing Microsoft has a free beta of its antispyware software available, which may also catch some items that Adaware and Spybot miss. If something shows up in either app that cannot be removed then give it a try as initial reports show it to be very good.

You should also run a complete virus scan, as antivirus software will remove trojans (pieces of code that are hidden inside other programs) just as successfully. AVG from Grisoft is an excellent free av program.

Once you’ve run all of the above applications several times and no more nasties are coming up recheck the Task Manager and ensure that no suspicious applications are still running. If there are any that a Google search shows as malicious, do another google for the name of the file and ‘removal’ - most of the big antivirus sites will have instructions on how to remove the tool, or may even provide free online tools to eradicate it from your system. Chances are that you will have to get your hands dirty and edit the Windows Registry. This is not as frightening as it sounds, as long as you a) take a backup of the registery and b) follow the instructions to the letter.

Sometimes using the System Restore feature in Windows can fix problems, so for the less technically experienced this might be the more painless route to go if the above scanning solutions don’t work and you don’t want to play around with the registry.

How do I prevent further attacks?

This is really down to common sense. There are a number of things you can do:

- Don’t click on popup adverts or any suspicious ‘error messages’. Some popups are disguised to look like error messages, saying ‘Your computer is at risk from spyware - click here to fix the problem’. Quite ironic really…

- Install a popup blocker. Windows XP Service Pack 2 has one as standard. Alternativey the Google toolbar has one, with many other features besides

- Run regular scans with Adaware, Spybot and your chosen antivirus sofware. Free antivirus software such as AVG is pretty much as good as Norton and (in my opinion) will not slow your PC down as much!

- Don’t open any attachments unless a) you know who sent them, b) you were expecting the email AND c) you’ve saved it to your hard disc and scanned it with up-to-date antivirus software. If in doubt email the source to confirm validity. Many viruses will replicate by sending an email addressed from you with a file attached renamed as one of your files.

If you use P2P software be extra careful with what you download

Ensure that your PC is patched and up-to-date. Ideally, set Windows Update to check for updates every day and install automatically. Do not leave your PC connected to the Internet while you are not there (either switch it off or switch off your modem/router)

Ensure that you are running a firewall. This will stop people from hacking into your computer. Windows XP Service Pack 2 has a perfectly adequate one, although you might also consider ZoneAlarm, which is free. Check to see how vulnerable your PC is by running the ‘Shields Up’ online test

Comments Off

Ample media attention has been focused on security issues such as viruses, phishing attacks and theft of sensitive customer information from large databases. The proliferation of Spyware and Malware (malicious software) has also garnered media attention. Another major, yet seldom discussed threat which goes on largely ignored outside the IT community is the theft and redistribution of email.

To make a product which best addresses the quiet rise in email thuggery, sometimes we have to think like a criminal or mal-doer. How would these digital thugs hunt for Personal Identifying Information (PII), company assets or secret email conversations intended to be read ONLY by the recipient? Consider this article a security instructional on how-to get inside the mindset of those “bad guys.”

Your occupation influences the number and type of emails you create and send each day. Most of the email you send contains harmless, benign material that you wouldn’t mind anyone else reading or sharing with others. However, there are portions of your online communiqué each day that probably shouldn’t be forwarded. These messages and attachments contain information that if stolen and/or re-distributed could harm yourself and/or your business. The following are just some ways a thief could intercept your email.

Interception of your wireless signal -

If you use an unencrypted wireless to log-on the internet or your local server, you are running a high risk of having your information stolen. The majority of wireless networks are completely unsecured.

Although it only requires a click to enable wireless security, most users do not encrypt their wireless transmissions. Intercepting these unsecured messages is trivial, making it easy for hackers to gain access to email as well your files stored on your laptop.

Be cautious of local hotspot café. Hotspot hijackers may also utilize wireless networks to insert viruses, spy-ware, or malware on the computers of those who connect unsecured to the hotspot network.

Access to your email account is stolen -

Once and outsider has gained access to your email account, they not only have access to all of your messages (and potentially your on-line passwords) but can also use it to distribute spam, viruses and other harmful information that appears to come from you. Three methods are typically used by outsiders to gain access to your email account:

1.) Theft via interception
2.) Password cracking
3.) Key loggers

Your email password and username can easily be intercepted if you log-in via an unsecured connection. To ensure that you are logging-in securely, look for the https: prefix on the web address. Doing so will greatly reduce the possibilities for password interception.

If you use a simple password consisting of a single word that exists in the dictionary, your email can be easily hijacked. If they want your information bad enough, motivated hackers can either guess it or crack it by using software tool to try every word in the dictionary until access is gained.

The best way to prevent password cracking from happening is to choose a strong password which is a combines different cases, letters, numerals and symbols such as “4JeIw#Tr&2″.

Diligent email hackers can also gain access to your email by installing key-logging software on your computer. Key-logging software silently records all of your key strokes and sends them to an interested individual or group. Your usernames and passwords can be parsed and then used to steal your on-line access to your email, credit card, bank information, shopping accounts or any other means of PII (Personal Identifying Information). The best means to thwarting key-login is to use anti-spyware and firewall protection and always keeping them up to date.

Insider leaks and Redistributing Sensitive Content -

Employees are the leading cause of corporate security breaches. According to a 2005 study by the FBI and CSI.(1) Insider abuse accounts for approximately 50% of all security breaches. You may only have to look out across your SMB’s office to see a digital thief among you.

The Ponemon Institute’s “Survey on Data Security Breaches” reveals that 69% of all serious data leaks occur as a result of employee activities, whether intentional or unintentional (2). Of those leaks, 14 % involved intellectual property including software source code. Other findings by the Ponemon institute cross into business-client best practices area and are as follows:

* 39 % involved confidential business information.
* 27 % involved personal information about customers
* 10 % involved personal information about employees

Dissemination of sensitive information can happen all too easily. An accidental click of the “Forward” or “Reply All” button can send proprietary information to unwanted parties.

Interception on Your Company’s Network -

Many companies do not have security protocols in place to prevent the interception of interoffice email. Before email is transferred to the internet it typically travels through the corporate intranet first. If your local network is not secure, it is a trivial matter for an employee with packet sniffer software to intercept all of your intra-network communications.

Company Scanning of Outbound and Inbound Email Content -

According to a 2004 survey by the American Management Association and ePolicy Institute (Workplace E-Mail and Instant Messaging Survey,) 60 % of American Companies use software to monitor the content of inbound and outbound email messages (3).

Email containing everything from inappropriate language, file types and other data are often flagged by a company’s IT Department. While monitoring employee email can reduce a company from liability, this policy can have a different, malevolent result. In a worst case scenario, unscrupulous IT insiders may be tempted to gain access to a company’s email logs, thereby compromising executive and other departmental communication.

Interception at the ISP Server -

While most Internet Service Providers (ISPs) have very sound security policies regarding access to their servers, it is possible for an ISP insider to get a hold of your email and attachments. Your email is stored in a queue for a split second while being transferred from server to sever on its way to your recipient’s inbox. In most cases your emails are deleted as soon as they arrive at the next stop. As in the previously mention “Company Scanning” scenario it is just as plausible that your email could be hijacked by a malicious ISP employee who decides to mirror all of the ISP’s contents on his or her own server. This may be of particular concern when sending email to countries that do not enforce individual privacy protection policies.

Cross-Border Interception -

When emailing internationally there are few legal safeguards to keep your email and attachments from being stolen. In many developing nations your proprietary information could provide a financial windfall for the employees of the local ISP. Your email will likely reach your recipient but it have also have been copied, sold or sent elsewhere. Without added security measures, neither you nor your company will have knowledge of the ill-effect until the damage has been done.

If foreign laws do not allow your recipients to install encryption software, find another way to transfer your important information.

Diligency About Your Online Safety Pays -

Hackers, digital thieves, thugs and general internet mal-doers strive to intercept your email with the goal of financial gain or to cause havoc. Avoiding them will inevitably save your company’s assets. Staying abreast of the newest ways to steal your PII and paying attention to Security and Technology news in general is key to a best practices business policy.

SMBs (Small and Medium Businesses) in the technology sector are seeing security and encryption as the forefront of their IT priorities. In July 2005, Forrester Research released its SMB findings after surveying nearly 800 technology decision-makers on their IT services priorities. Among Forrester’s findings, 71 percent of SMBs will buy security software, similar to the 75% that said they would invest in 2004 (4).

Isn’t SBRM (Small Business Rights Management) Expensive? -

Compliance as it concerns digital data is finally catching up to the widening commercial sector which is highly impacted by the success of small businesses. Small firms dealing with compliance issues can turn to specific SBRM solutions to bridge the gap between staying current with industry regulations and staying in business. ERM (enterprise rights management) software has itself has begun to slim down in price in acknowledgement of the budgetary constraints of small businesses. Current SBRM software can be as vastly robust as common ERM solutions, but as they are specified for the needs of smaller business entities, are more affordable too.

Using encryption will ensure secure transmission when sending email. However, the best way to prevent your email and attachments from being intercepted and redistributed is to use Digital Rights Management (DRM) software, which is often described within the business sector as Enterprise Rights Management (ERM). DRM for the Enterprise and Small Business sectors gives content authors the power to determine how recipients may use their email and documents. For example, senders can prevent unauthorized distribution (no forwarding, printing) and prevent unauthorized editing (no cut, copy, paste) of content, i.e. copy prevention.

When taken into account, the countless hours put into building your company, protecting your company assets from online thugs is a necessary tool to ensure your business survives from this year to the next.

- - - - - - - - - -

End Notes:

1.) Gordon, Lawrence A., Martin P. Loeb, William Lucyshyn and Robert Richardson, “CSI/FBI Computer Crime and Security Survey” http://www.cpppe.umd.edu/. July 2005, 13.

2.) Ponemon Institute - as cited by DRM Review), “Leading Cause of Data Security Breaches Are Due to Insiders, Not Outsiders” DRM Review February 10, 2005 http://www.dmreview.com/article_sub.cfm?articleID=1019828 December 1, 2005.

3.) Virginia Business Magazine Online “Email Snooping” May 2005 Issue, Virginia Business Magazine, December 1, 2005, http://www.virginiabusiness.com

4.) Michael Speyer, and Liz Herbert, “Software And Services in the SMB Market - Business Technographics,” Forrester Research. http://www.forrester.com

- - - - - - - - -

Ms. Veniegas is an alumni of the University of Washington Marilee joined the Marketing team at Essential Security Software, Inc. in 2005. She also serves as one of the ESS site editors for I Want My ESS! a stolen work and SMB resource site.

Comments Off

Hurricane Wilma, the most powerful hurricane in our nations history, Hurricane Katrina and Hurricane Rita’s left behind catastrophic damage. Families were displaced, homes destroyed, and now comes the task of trying to put the puzzle together. This task remains difficult. For those who aren’t in the effected areas, you have no idea how hard the day the day struggles are. You long for life to return to normal, but everyday brings new reminds of the devastation caused by these disasters. And it doesn’t need to be the hurricanes. This year our country has witnessed floods, tornados, and no one can forget the ice storm that affected the north last year.

Diana Ennen, co-author of Home Office Recovery Plan: The Disaster Preparedness Guide for Your Home Business was hit by 8 hurricanes since last August. Hurricane Wilma left catastrophic damage in her city and her home suffered tremendous damage. Without power for two weeks and facing the stress of trying to run a family and business, she advises, “Being prepared for a hurricane or any natural disaster takes away the stress and anxiety. When timing is critical, I want to focus on the safety of my family, not on taking an inventory of my business, or deciding where I need to go. I also need to know that my family members will know how to find me after the disaster.”

Dr. Paulo J. Reyes, a First Responder in California and author of the fiction thriller Sledgehammer http://www.pauloreyes.com has firsthand disaster recovery experience and participated in various disaster relief efforts in California including the Air Mexicana crash in 1986, the last major earthquake in L.A. in 1994, and the influenza epidemic 1997-1998. He advised, “Loss of lives can be greatly reduced if everyone has a complete plan of action prior to the event. Not only with the reduction of heart attacks and stress related illnesses, but people tend to get to safety quicker if they have already planned ahead and know what they are going to do.”

Here are some steps you can take to prepare:

Step One — If you do not already have flood and windstorm insurance, you should consider getting it. Keep in mind that windstorm insurance policies are not sold when a storm threatens, so you need to think far enough ahead. You can find out about the National Flood Insurance Program through your local insurance agent or emergency management office. Homeowners polices do not cover damage from the flooding that accompanies a hurricane. Find out everything you can about your coverage now. Ask questions. You need to know this information now, before it’s too late and you discover you aren’t covered when you thought you were.

Step Two - Identify a safe place for everyone to meet. This pre-determined place should be discussed with family members prior to an emergency. Depending on the type of emergency you are planning, you might want to consider establishing a second location in case the first is inaccessible.

Step Three - In addition to a safe place, each person should have a list of phone numbers for your immediate neighbors and family members not living with you. We suggest using 3X5 index cards and laminating them.

Step Four — For businesses - You should have client contact phone numbers and email addresses in a safe place so that you can notify them immediately of the situation. Also, prepare a disaster recovery plan and have someone you trust keep a copy of it. This should include vital information including medical information, family and friend’s names, your complete contact information, where valuable information such as wills and trusts and legal documents are kept, serial numbers for equipment and names of equipment and household and business supplies, and a disaster escape route in the event you need to evacuate. Make sure you have back-up all data. Get a generator if possible. If you are without power, that can greatly affect the livelihood of your business.

To prepare your home and business, stop by our site for a sample chapter of the Home Office Recovery Plan, http://www.homeofficerecoveryplan.com. You can also get tips and suggestions on how you can survive a disaster. Dr. Paulo Reyes book is available at his site at http://www.pauloreyes.com.

Comments Off

To clarify, I am not talking about rotten eggs or that horrible stuff the poor depression dwellers had to eat, I am talking about computer e-mail spam.

What is this spam I speak of?

Spam is best defined as unsolicited and unwanted commercial electronic messages or e-mails that are sent to large numbers of people.

Ask any computer user and the most annoying thing about having and using e-mail is the annoying amount of spam you get. It is predicted that spam could eventually kill the usability of e-mail unless effective barriers and law changes are introduced. In 2003 it was reported that 40% of all e-mail traffic in the US was spam up from just 8% in 2001. Over the past 6 months this figure has doubled. Hotmail a popular e-mail service, says that 80% of e-mail coming to their servers is spam.

You might say that I don’t get as much spam as I used to. Well this is thanks to internet providers and businesses filtering this out before you see it. One problem with spam filters is that occasionally users encounter false positives in which important and legitimate e-mail gets blocked. Due to these necessary anti-spam measures, the costs involved are huge. Not only does all this excessive internet traffic clog up the internet freeway, but all these e-mails are downloaded to servers before the anti-spam software deletes it. Businesses worldwide report that 20% of all e-mail received is spam. It is estimated that the true cost of spam for businesses in the United States alone is $8-9 billion US dollars per year.

Why is there so much spam?

The simple answer is that there is a market for spam. If people didn’t buy from spam e-mail there wouldnt be any spam. All the spammer needs is for one person, out of a few hundred thousand e-mails, to buy something and it makes the whole process worth while. Sending the spam requires little effort on the spammers part as the computer automates the process meaning that it is very easy to send out over a million e-mails an hour.

What is the world and in particular New Zealand doing about all this spam?

On the 23rd of February ‘05 the Information Technology minister, Paul Swann, released a proposed law will that make it illegal to send spam that originates from NZ. Only problem is that only 1% of spam originates from Australia and NZ, and to actually catch and prosecute a spammer is very difficult due to spammers being good at hiding there identity.

In April ‘05, a 30 year old spammer in the United States became the first person to be prosecuted for spamming. He was sentenced to a nine year prison term. He is described as a modern day snake oil salesman being the eighth most prolific spammer in the world, sending up to 10 million e-mails a day from his house. His income was $750,000 US per month, with one in every 30,000 e-mails sent generating money. He sent out so much e-mail that he received, on average, 15,000 credit card orders a month, each order worth an average of $US40. His total worth is $24 million US dollars, he advertised pornography, fake products and services. During the court case the assistant attorney general said and I quote “When your marketing to the world, there are enough idiots out there who will be suckered in.”

Remember that spam is only a problem due to people purchasing from spam e-mail, if there was no demand there would be no spam, security firm Mirapoint, reports that 1 in 10 people buy something from spam e-mail.

So how do I protect myself from spam?

There are a three main ways to stop being spammed.

The first and the best form of defence is not to give out your personal e-mail address. Don’t publicise your address in chat rooms or fill in forms on a website. For this purpose, you are best to use a public e-mail address such as a hotmail account, as some web site owners are more than happy to sell your e-mail address to a spammer.

Secondly use an internet provider that controls and monitors spam.

Thirdly install anti-spam software on your PC.

Therefore in this day and age there really is no need to eat green eggs and spam!

Comments Off

In addition, bulky information such as IP addresses and browser preferences for a website can be stored in a cookie, saving time when loading a website you often visit. Generally, cookies are used as a shortcut to load information that you have already provided to a website, presenting no security risk on well known, established websites. This task finds an easy solution in special keylogger software.

When using your computer it is important to use virus protection, anti-spyware programs and other techniques to keep prying eyes off of your computer. But make sure you do not download or buy any program without checking its authenticity, at least now onwards. Spyware removal software can also be a part of anti-spyware programs. Data loggers, key loggers are just a few programs which harvest info from your computer. Winclear is the only program created specially to auto remove such spywares. Until you remove the malicious software from your computer your account is still vulnerable. That is why every computer owner needs winclear.

Protect With Winclear :Search History On Date
Is identity theft protection possible? Can users protect themselves from the threat of spyware? Is there a way to remove spyware from an infected computer? The answer, thankfully, is yes. There are several spyware removal programs on the market that do an incredible job of finding and removing dangerous spyware programs such as Spector. Winclear is the only software which is capable of removing keylogger programs. Some may save up to 30 or 60 days automatically. Winclear has been the industry leader in fighting keyloggers for the last 8 years.

Winclear:
Free applications are usually light-weight with little fancy graphics and animation. That is the reason why you need Winclear installed onto your computer. A computer monitoring program that has been featured and recommended by several news agencies across the country is PC Pandora. Protect your computer security by using Winclear! More about Winclear here: Computer Security.

Comments Off

Many people ask the question of whether cookies are harmful for their computers. The answer is generally no, but it is not nearly as straightforward as it sounds. While cookies are often stored in text files, only used to track information that is already provided to various websites, and are set to expire in short periods of time, they can be used for malicious purposes in certain instances. You will need to work with cookies - however, if you know when to delete them and when not to, you can still enjoy the conveniences they provide. Keylogger software often comes as the only solution for the parents with children who have the opportunity to access the Internet on a regular basis.

What you should install on your PC is Anti-Spyware software as it will locate and destroy any Spyware that if finds on your computer. There are also a number of programs that claim to be anti-spyware that do not work. Worse these programs actually add more spyware to your system. Data loggers, key loggers are just a few programs which harvest info from your computer. Winclear is the only program created specially to auto remove such spywares. Until you remove the malicious software from your computer your account is still vulnerable. That is why every computer owner needs winclear.

Protect With Winclear :Simple Free Internet History Removal That Works
Identity thieves have developed yet another scam to trap unsuspecting victims into revealing their passwords, login names, account numbers, and other personal information, without realizing they are doing so, just by opening an electronic greeting card. Winclear is the only software which is capable of removing keylogger programs. In combination with a good spyware removal tool and sensible browsing habits you can overcome the possible negative effects that cookies might have on you and your PC’s privacy. Winclear has been the industry leader in fighting keyloggers for the last 8 years.

Winclear:
However because of Spector’s ease of use it enables almost anyone to become a cyber criminal. That is the reason why you need Winclear installed onto your computer. Thus you will be able to block web sites that you think are in appropriate for young people or are not needed in the office. Protect your computer security by using Winclear! More about Winclear here: Winclear Review.

Comments Off