|
|
|
This page last updated Saturday, January 19, 2008 Click here for information on Hoaxes Did you know that there are over 50,000 computer viruses, worms, and trojans? Did you know that some can reprogram your system BIOS in such a way that your computer can be turned into a giant, very expensive paperweight? Since I practice "safe computing" my system has not been infected this year, even though I have received SirCam more than 500 different times, and Snow White more than 100 times. New worms and viruses are so prolific that for the last few months, I've received 10 to 50 infected email messages A DAY! So that you can also feel reasonably secure, I decided to let you know what steps I take to feel as safe as possible. (Viruses, worms and trojans are different but they are all generically referred to as "viruses" so that's the term I'll use.) 1. Do not open ANY attachment, EVER, unless you are absolutely certain that you are expecting it, you know its contents, you know who sent it, and are sure they really did send it. Remember that some viruses (like SirCam, Magistr, and Klez) send out files in the name of the computer owner to people on their own mailing list, using files from their own computer, so it is NOT enough that you know the person it came from. If you're not sure, DON'T OPEN IT. Check with the person who sent it to verify its legitimacy. Better yet, set your virus scanner to automatically delete all infected file attachments.
2. Run a virus scanning program at all times and KEEP IT UP TO DATE! I update mine daily. It is NOT enough to update the signature files, since older virus programs will not detect viruses that incorporate new technology. No free virus scanner will update itself forever, so at some point you will end up having to pay something. (NOTE: Grisoft is now offering an antivirus program that is free for personal use. It is available at their website.) Compared to the very real possibility of losing everything on your system, or worse, having everything on your system compromised (like having your credit card numbers sent out on the Internet), it is a small price to pay. Also, make sure your virus scanner is set to scan all files, not just program files, and I recommend setting it to automatically delete all infected email attachments. You can keep up to date on the latest virus threats by subscribing to newsletters at all the major anti-virus sites, or by visiting the CERT Coordinating Council at the Software Engineering Institute at Carnegie Mellon University. Do a full scan of your system regularly, in addition to any automatic scans you may have scheduled. 3. Consider a firewall. Firewalls control which programs on your system are allowed access to the Internet, and which Internet sites are allowed access to your computer. Without a firewall, a virus (like SirCam or Klez) can send out email in your name without you ever knowing it happened. Chances are you have no idea how often a program on your computer accesses the Internet, and how often malicious hackers are accessing your computer. My firewall has blocked 11 attempts to access my computer in just the last hour! One of the best software firewalls is Zone Alarm, which is free for personal use. You can download it from Zone Labs. You can test your own Internet security safely at the Gibson Research Corporation site. Click on ShieldsUp! and find out just how vulnerable you are. Be prepared for bad news! While you're at the Gibson Research site, be sure to read about the programs that track your Internet usage and report back the sites you visit so you can be targeted by advertisers. 4. Beware of cookies. Cookies are small text files stored on your computer that can be very useful. For example, if you visit a web site like Amazon that "remembers" who you are when you return, that site has stored a cookie on your hard drive with your name and probably other information on your system. Weather sites use cookies to store your ZIP code, some sites store user names and passwords, and lots of other useful things. Unfortunately, some sites also keep a record of which types of sites you visit so they can target advertising. I use Cookie Pal to manage my cookies. It's available at http://www.kburra.com/index.html for a 30 day free trial. It will ask you every time a site tries to store a cookie on your system, or you can give blanket permission to trusted sites or blanket refusal to sites you don't want storing cookies on your system. (On the other hand, you can often tell what sites your kids [or your spouse] have been visiting by looking at the cookies) 5. Make sure you check for security updates to your email program often, especially if you use Microsoft's Outlook or Outlook Express. You can subscribe to Microsoft's Security Newsletter at http://www.microsoft.com/technet/security/notify.asp. You should also check for security updates to your word processor, spreadsheet, banking, and other major applications. Anything that can use a macro can host a virus and should be kept as secure as possible. Don't set them to run macros automatically, and only let macros run if you know what they're going to do. Microsoft does not send out updates, ever, so if you didn't download it yourself from Microsoft's web site, it is not legitimate. 6. Make sure your browser (Internet Explorer, Netscape, Opera, etc.) features 128-bit security if you live in a country where that's allowed. In your browser click "Help" then "About" to verify the security level. It is safe to make purchases and do banking on the Internet as long as you make sure the site you are visiting is reputable and secure. Look for a URL that begins with "https" instead of "http" and a security symbol such as a closed padlock to indicate that you are giving your information securely. Be careful who you're dealing with, though. I recommend making your initial shopping "trips" through a shopping site like Yahoo!, where you can visit thousands of stores but maintain security of your credit card information. Register for online access of your credit card information so you can keep up with activity between statements. Some cards will even send you email when your card is used. I've bought hundreds of things online without ever having a problem, but I'm always careful where I shop. If in doubt, I'll call them or shop elsewhere. 6. Do NOT forward virus warnings until you have verified them at any of the reputable anti-virus sites. Here are a few: http://vil.mcafee.com; (Note: As web sites are revised, the page references may move. Each site listed has extensive information on viruses, but it may not be in the same place.) When you forward fraudulent information you clutter everyone else's email and hurt your own credibility for no purpose. Get into the habit of checking things out yourself. Don't take anyone else's word for it (including mine). Some viruses can send email out in your name without your knowledge, even from computers that don't "do" email but have Internet access. And remember that the first viruses were propagated on disk, so even computers that are not connected to the Internet are at risk. All computers should have virus protection, but firewalls are only necessary on computers that are connected to the Internet. Hoaxes are threats of viruses, worms, or Trojans (all generically known as "viruses") that have been making the rounds for years and are well known to be fake. Before forwarding such a message and cluttering up everyone's inbox, please check and see if it is a known fake that is just new to you. You can get information about well-known hoaxes (and real viruses, too) at the following addresses:
http://vil.mcafee.com/hoax.asp?http://vil.mcafee.com/hoax.asp? (Note: As web sites are revised, the page references may move. Each site listed has extensive information on hoaxes, but it may not be in the same place.) An interesting web site catalogues urban legends (Craig Shergold wants greeting cards/post cards/business cards, people waking up without kidneys in New Orleans, FCC wants to ban religious broadcasting, Congress wants to pass a modem tax, can tabs paying for dialysis, Bill Gates or anyone else tracking or paying for email, Neiman Marcus cookie recipes, monkey burgers, Kentucky Fried Chicken stops serving chicken, etc.). These are not harmful by themselves except to the reputation of affected companies, cities, or individuals, but nonetheless they perpetuate useless myths and add to email clutter. The FCC answers thousands of complaints every year about the phony ban on religious broadcasting, all at taxpayer expense, and the Make A Wish foundation spends valuable dollars handling mail for Craig Shergold that could be funding wishes for terminally ill children. Before passing along this stuff, check this web site: There are many more sites that deal in viruses and hoaxes. You can locate dozens, maybe even hundreds, by going to any search engine and typing in "antivirus" or "virus hoax". Such a search at Yahoo! leads to the Urban Legends category: http://dir.yahoo.com/Society_and_Culture/Mythology_and_Folklore/Folklore/Urban_Legends/ There are tens of thousands of legitimate viruses, worms, and trojans, and they are a real threat. Just about all of the antivirus sites listed above have newsletters which will reliably alert you to new viruses, often within minutes of their discovery. If you want reliable information, subscribe to the newsletters at just about any of the sites listed above. By the way, chain letters ("forward to everyone you know or bad things will happen", or "forward this to everyone you know and good things will happen") are illegal, immoral, and most churches (including mine) consider them sinful. You can be absolutely certain that any message I receive that contains a threat or a promise in return for forwarding it to others will be immediately deleted from my system. If it's a poem, joke, or other type of useful or pleasant writing I *may* choose to forward it to selected individuals who I think might appreciate it or benefit from it, but any threats or promises will be deleted. Rick Luquette Copyright © 2001-2004 by Rick Luquette Taken from Luquette Lane virus_hoax.htm |
| ||||||||
