Joined: 18 September 2004
Thu Jan 6 2005
Patrick Norton - ExtremeTech
Chances are you've seen the following phrases on a Web page, or at the top of your e-mail in-box recently:
"Download our program and browse the Web faster."
"Defend against e-mail viruses."
"There's a problem with your account."
"Dear sir, I am the consulate of a foreign country in depose and I need your helpings in transferring funds out into your country of living."
They all might sound like good ideas, but act on them, and you and your computer could pay a serious price.
The first one leads you to download a chunk of spyware that could leave your secure transactions exposed.
Install the second one, and you could end up running another nasty little application. It might use your system as a mini-server to spray out spam. It could capture keystrokes in search of passwords and credit card info. It might simply track where you browse on the Web. (A few dozen little tracking applets like that can slow your system to a crawl.)
The third is a classic "phishing" e-mail. It looks like a legitimate e-mail from your bank, or credit card company, but it's linking you to a Web site hosted by somebody after your finances. They want you to blindly enter your credit card number or bank account information so they can make off with it.
That bit about moving funds out of a country? It's one of a zillion variations on the Nigerian 419 scam. All they need is your bank account info and you'll keep 10 percent, right? Wrong. You'll get ripped off, possibly even kidnapped, if you travel to see your "partner." It sounds silly, but it's a successful scam that takes up serious manpower at the U.S. Secret Service every year.
These are some examples of the damage that these PC scourges can do. Let's talk about some of the new variations of old problems that are attacking your system. Then we'll offer some tools and tricks you can use to fight back.
The Nigerian 419 scam marks one of spam's amazing qualities: Scams that have practically died out in the real world have taken on a new life, thanks to unsolicited junk e-mail. Worse yet, spammers keep evolving spam, making it harder for spam filters to do their jobs. PC Mag's "Anti-Spam Tools: Can They Keep Up?" is a roundup of spam-fighting tools that deals with just this problem.
Even without the threat of fraud, spam is a resource-sucking annoyance. A few years ago, it meant a few minutes of deleting a few pieces of "junk mail" plying you with offers of a lower mortgage rate, a better way to stop hair loss, or a link to a site you probably don't want your children to see. Today, without spam-filtering tools, you could spend hours deleting a hundred (or a few hundred!) messages.
For a different perspective, consider this: Experts claim that more than 75 percent of all e-mail is spam. That's a lot of wasted bandwidth, on top of the time you waste rooting it out of your in-box. The problem with spam is that it works. Even if just a tiny percentage of the people who are spammed responds, it's still cheap. It just doesn't cost that much to send e-mail.
It could cost you quite a bit if you answer the wrong e-mail. Phishing attacks, which are spam broadcasts designed by identity thieves, show that spam can be an outright threat to your pocketbook. Fall for a phishing e-mail, and you could give access to your checking account to somebody with criminal intent.
There's one way to completely stop spam: Stop using e-mail.
For many of us, that's a tad extreme, and nearly impossible if a computer plays a large part of your life. Fortunately, you can minimize the amount of spam that makes it to your in-box. Having two e-mail accounts helps, starting with one for family, friends and contacts who don't sell or forward your e-mail address. Reserve a second for any company or site you think is suspect. That first account will be notably cleaner. (If you've had the same account for years, one fast way to clean up your in-box is to simply give up on it and move to a new e-mail account ... and keep that new address as private as possible.)
If your e-mail provider doesn't offer a good anti-spam system, such as Gmail or Yahoo, you need a good spam-blocking tool. PC Magazine highly recommends Cloudmark SafetyBar 4.0, —especially if you use Outlook or Outlook Express. More Editors' Choice winners for stopping spam include Qube, which like Cloudmark Safety Bar, works only with Outlook e-mail clients. Run either of these; it'll make a huge dent.
Phishing is a relatively recent, and it's positively evil. Phishers try to get you to enter your personal information onto a Web page that looks like one from your bank, credit card company or even eBay or PayPal. In the words of one PC Mag pundit, you'd be "Opting into Identity Theft." if you clicked on this request.
Phishers use spam to send these links to millions of e-mail addresses with come-ons such as "There's a problem with your account" and a big name such as CitiBank, Visa, PayPal or anything else a recipient is likely to respond to. Sound like something you'd never fall for? According to the Anti-Phishing Working Group, these e-mails "convince about 5 percent of recipients to respond to them."
The Anti-Phishing Working Group Web page, AntiPhishing.org, features the best description of phishing I've found and excellent information on phishing. Most notably, it lists information on the latest phishing scams. "No Phishing Allowed" discusses the origins of the group, which includes a list of high-profile members, like MasterCard, Visa, Microsoft and Symantec, eight of the top 10 U.S. banks and four of the top five U.S. ISPs.
Tech experts aren't immune to phishing expeditions, either. "Warning: Look Out for the eBay Scam" covers a phishing attempt involving fake eBay e-mails that swamped the PC Mag offices. In "Gone Phishing—Yet Another Scam!", columnist John C. Dvorak chronicles the origins of phishing, along with some tips on how it works, because he's tired of people getting taken by them.
You can avoid getting phished. PC Mag's "Can You Sniff Out Fraud?" has some excellent info on avoiding phishing scams, as does the Federal Trade Commission's page dedicated on how not to get hooked by a phishing scam.
The best rule of thumb to avoid getting "phished" is never directly respond to an e-mail that requests private information, no matter how legitimate it looks. Phishers simply copy the style and graphic directly from the Web site they're scamming. For safety, enter the appropriate Web site in another browser window.
There are also tools that can help detect phishing expeditions. One of the newest is Cloudmark's SafetyBar 4.0. It's actually an update to SpamNet 3.0, an Editor's Choice-winning, spam-fighting tool that uses a massive group of subscribers to identify spam (and now phishing) e-mails to block. EarthLink and Webroot also offer anti-phishing tools; to learn more about them, read "Stymie the Scammers with Anti-Phishing Apps". Another new anti-phishing tool is the Netcraft Toolbar. Experts can delve into information about the site you're visiting; everyone else can rely on pop-ups that warn you that you're visiting a phishing site. There's even a button that lets you report phishing sites that aren't detected.
If you don't run anti-spyware software, and you use the Internet, chances are at least a few quiet little applications are running in the background on your machine. They might simply be tracking where you browse, serving pop-ups and hijacking links. They might be capturing keystrokes on your system, searching for credit card numbers and other personal information.
Running some kind of spyware software is crucial: A couple of hours with "Spybot Search and Destroy" can clean out a system and bring it back to the world of computing. Think it's not a problem? In "Panic over Spyware"
Are you nervous?
You should be. The Internet is getting to be a nasty place, thanks to some of the rougher forms of spam and spyware. Fortunately, if you keep a sharp eye and regularly update your security tools, not to mention your operating system, you can stay fairly safe.
If you aren't running any of the aforementioned security software, you should start immediately. Check out our sidebars, "An Arsenal of Tools to Keep Your PC Safe" and "Detecting and Eliminating Adware," for the best tools that PC Magazine's testing uncovered. You might also consider a browser other than Internet Explorer. Mozilla's newly released Firefox is one of the most popular.Patrick Norton has written hundreds of product reviews and how-to articles for print and online media and loves off-road racing, but he is best known for his stint hosting "The Screen Savers" on TechTV, an hour-long, live TV show for geeks.
Joined: 06 November 2004
Joined: 01 November 2004
Popular Channels :
Quick Links :