iWay-Safety.com: eMail/Spam News & Views

Don't be an unintentional Spammer

Sat, 14 Jun 2008 01:46:07 GMT

from the SANS OUCH Newsletter Volume 5, Number 6 June 2008

If you're like most people, you've probably received at least one hoax or chain letter in your inbox. What should you do with the next one you receive? Delete it! Chain letters and hoaxes have the potential to cause problems (lots of network traffic, filling up someone's inbox, or hooking you into a phishing scam), and they can also be very annoying.

For current information about email hoaxes, visit http://www.hoax-slayer.com/latest-information.html.

Anti-virus software isn't the only computer security tool

Fri, 13 Jun 2008 01:37:58 GMT

... get in the habit of quickly installing all software program updates ... beyond that also consider:

Certified e-mail [?? Seems off the point since these services are directed at businesses not individuals]

Web page scanners ... tools using varying technologies to gauge the reputation of most Web pages. EG AVG's LinkScanner, ScanSafe's Scandoo, Trend Micro's TrendProtect, McAfee's SiteAdvisor [which I use] and Finjan's SecureBrowsing grade Web pages as safe, unsafe or questionable.

Browser security tools ... anti phishing filters

[In other words a toolbox instead of a tool.]

How to Block Cellphone Spam

Thu, 12 Jun 2008 21:42:33 GMT

[NY Times technology columnist David Pogue relates his experience with cellphone spam and lesser or little known tools you may be able to use to block it. ]

SANS OUCH! Newsletter - Volume 5, Number 5 May 2008

Thu, 12 Jun 2008 21:30:35 GMT

OUCH!

SANS Institute Security Newsletter for Computer Users

Volume 5, Number 5 May 2008

************************************************************************

In This Issue

1. Eight Surefire Ways to Become an Identity Theft Victim - 2. Malware

- - 3. Scams and Hoaxes - 4. Microsoft and Apple Security Updates - 5.

Security Newsbytes

************************************************************************

A formatted version of the OUCH newsletter can be found at https://www.sans.org/newsletters/ouch.

You can subscribe to OUCH on the same site. Send your comments to OUCH@sans.org.

************************************************************************

1. Eight Surefire Ways to Become an Identity Theft Victim

- --Practice unsafe surfing. When you purchase a new computer, go online without activating the firewall, or purchasing protective software.

Further expose yourself digitally by sharing a wireless connection with the entire neighborhood. Without digital encryption, you can share the contents of your hard drive with anyone on the street. For maximum risk, do some online banking on a public computer -- like the one at the library or a public cafe. Bonus points are added if your Social Security number is your user ID for any transactions.

- --Skimp on anti-virus and anti-spyware protection. Courting disaster online is easy. Invite malicious code to attack your computer simply by doing nothing. Antivirus programs can be pricey, and the maintenance of constantly downloading updates is time-consuming. Combine that with the security updates from Microsoft or Apple and it's enough to seriously annoy anyone.

- --Passwords are a pain! Make life easy for yourself by using the same password for EVERYTHING, and make it something easy to remember, like your first name or 'password'. Just in case, make sure you write it down on a yellow sticky and put it somewhere easy to see.

And don't forget to have your browser set to 'remember password' to make life easy for you - and the cyberthief.

- --Peek at junk email and open attachments from unknown sources. Open attachments from strangers, secret crushes, long-lost friends saying "what's up," or strangers hawking cheap drugs -- you'll never know unless you peek at that email. One of the many fun things that can happen when you open an attachment containing malicious code is infecting your computer with a Trojan horse or virus, which can easily lead to identity theft.

- --Stuff your wallet with juicy identifying tidbits. Wallets and purses are more than just handy cash-carrying devices. They often have credit cards, identification, insurance information and even Social Security cards. Obviously, more is better if you'd like to become the prey of fraudsters. Losing or misplacing a wallet or purse can cause more problems than just the hassle of replacing all those cards and buying a new bag. Armed with your date of birth, Social Security number and mailing address, there's no limit to the damage thieves could cause.

- --Make your checks payable to criminals. If you're like most people, you wouldn't post your checking account information on your front door, though you should if you'd like to be a victim of fraud. Similarly, checks reflecting the same information can be dropped casually into unsecured mailboxes. Statistically the chances of your mailbox being targeted by criminal elements are low, but not that low. According to the 2008 Identity Fraud Survey Report from Javelin Strategy and Research, almost 1 in 10 victims of identity theft who can pinpoint the scene of the crime say that it happened at the mailbox.

- --Opt out? Opt in! While you're mailing checks from the unlocked mailbox, go ahead and get credit card companies to send you all the pre-approved offers that the postman can cram into the box. Similarly, don't get credit card statements online; leave them on the side of the road so that they're more convenient for fraudsters who lack the technical knowledge or follow-through to launch complicated hacking schemes.

- --Nothing is too good to be true. Everyone wants to feel special and maybe more importantly, filthy rich. When reading an emailed proposition from an African business tycoon, an imperiled prince or downtrodden heiress offering millions of dollars in exchange for some small measure of assistance, it's difficult not to wish it were true. Falling for the story will undoubtedly lead to unpleasantness.

More information:

http://finance.yahoo.com/banking-budgeting/article/104894/7-Surefire-Ways-to

-Become-an-ID-Theft-Victim

************************************************************************

2. Malware

- --Zeus. A Trojan being spread by the so-called "Rock Phish" group of Russian criminals through phishing scams. Zeus is designed not only to trick victims into clicking on a link in a phishing email to give up personal information, but also to drop a Trojan on the victim's computer at the same time. The new attacks combine phishing and the Zeus Trojan to steal personal information and spread financial crimeware. Zeus can steal personal data such as usernames, passwords and Social Security numbers entered by the user while interacting with other websites.

More information:

http://www.scmagazineus.com/Rock-Phish-gang-adds-malware-download-to-attacks

/article/109240/

- -- RaceForTibet. Rootkit* malware that surreptitiously installs a keystroke logger on end users' PCs once they open a Flash movie file which uses a cartoon to mask its malware payload. The captured data is reportedly sent to a computer in China. The cartoon ridicules the effort of a Chinese gymnast and then displays images supporting a free Tibet.

The malware is being distributed as an attachment called RaceForTibet.exe.

More information:

http://www.itpro.co.uk/wireless/news/187935/tibet-supporters-targeted-by-tro

jans.html

* Rootkit: http://en.wikipedia.org/wiki/Rootkit

- -- OSX.RSPlug.A. A Mac Trojan that spreads by spam emails designed to lure users to pornography sites. Visitors are presented with a still image from a salacious video. Clicking on the image to play the video returns the following message: "Quicktime Player is unable to play movie file. Please click here to download new version of codec." After the linked page loads, malware is downloaded and launches an installer. The installer requires the user to enter the admin password. Once the password has been entered, the malware infection is complete. The Trojan alters network settings, redirecting webpages and funneling advertisements for porn sites to your Mac.

More information:

http://www.geekstogo.com/2007/10/31/osxrspluga-trojan-info-and-removal/

************************************************************************

3. Scams and Hoaxes

- --Economic Stimulus Refund Phishing Scam A number of phishing scam emails are currently targeting US taxpayers by offering bogus refund payments as bait. This email, purporting to be from the Internal Revenue Service (IRS), claims that the recipient is qualified to receive the 2008 Economic Stimulus Refund. The recipient is instructed to follow a link in the message in order to fill in an online form, ostensibly to allow the refund to be processed. The email includes the IRS logo and copyright notice and is from a seemingly genuine IRS email address. However, the email is not from the IRS.

More information:

http://www.hoax-slayer.com/economic-stimulus-refund-scam.shtml

- --United States District Court Subpoena Malware Email This seemingly official email purports to be a subpoena sent by the United States District Court. The message claims that the recipient must testify before a Grand Jury at a specified place and time. The recipient is instructed to follow a link in the message to download and print a complete copy of the subpoena document. However, the message is not from the United States District Court. In fact, the message is an attempt to trick recipients into installing information-stealing malware on their computers.

More information: http://www.uscourts.gov/newsroom/2008/alert.cfm

http://www.hoax-slayer.com/subpoena-phishing-scam.shtml

- --Visa Personal Password Phishing Scam An email claiming that recipients can protect their Visa credit card for online purchases by clicking a link in the message and creating a personal password. However, the message is just another phishing scam and was not sent by Visa. Those who fall for the ruse and click the link will be taken to a very sophisticated, but fraudulent, website that has been designed to closely resemble the genuine Visa website.

More information: http://www.hoax-slayer.com/visa-password-scam.shtml

- --Mail Server Report

According to this warning message, a dangerous virus is being distributed via emails with the subject line "Mail Server Report". The warning claims that opening attachments that come with the email will first display a message saying "It is too late now, your life is no longer beautiful" before destroying all files on the infected computer and stealing personal information. However these claims are untrue.

There is not, nor has there ever been, a virus like the one described in this bogus warning message.

More information: http://www.hoax-slayer.com/mail-server-report-hoax.shtml

************************************************************************

4. Microsoft and Apple Security Updates

Microsoft and Apple provide free security updates for their software products.

Windows: Microsoft issues patches for all Microsoft products on the second Tuesday of each month as well as out-of-cycle patches on any day of the month. The next scheduled release date is May 13th. Check manually too, once every two weeks, to make sure all of the updates have been installed.

More information: http://www.microsoft.com/athome/security/default.mspx

OS X: Updates are issued frequently, and their contents may differ depending on which processor is in your Mac (PPC or Intel).

More information: http://www.apple.com/support/downloads/

iPhones: Must be updated manually:

http://docs.info.apple.com/article.html?artnum=305744

************************************************************************

5. Security Newsbytes

- --Hannaford to Spend Millions on IT Security Upgrades After Breach Executives at Hannaford Bros. Co. have said that the grocer expects to spend millions of dollars on IT security upgrades in the wake of the recent network intrusion that resulted in the theft of up to 4.2 million credit and debit card numbers from its systems. The planned upgrades include the installation of new intrusion-prevention systems that will monitor activities on Hannaford's network and the individual systems at its stores, plus the deployment of PIN pad devices with encryption support in store checkout aisles. Hannaford also has signed on IBM to do around-the-clock network security monitoring.

More information:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&;arti

cleId=9079652

- --Microsoft Reports 300% Increase in Trojan Downloaders Computer users are increasingly at risk of being lured to websites that surreptitiously download malicious software onto their machines, but stolen or lost laptops still represent most of the security breaches reported, according to the latest six-month Microsoft Security Intelligence Report. Exploits, malicious software, and hacking accounted for 13% of all security breach notifications recorded in the second half of 2007, while 57% of the breaches publicly disclosed involved lost or stolen equipment. Malicious software attacks via Trojan downloaders and droppers increased by 300% during the same time period.

More information:

http://www.news.com/8301-10784_3-9925077-7.html?tag=nefd.only

- -- Firefox and Safari Updates Tackle "Alternative" Browser Bugs Mozilla has updated its Firefox web browser in response to the discovery of a vulnerability which allows miscreants to take control of vulnerable systems. Apple has pushed out an update for both the Windows and Mac versions of its Safari web browser. The more serious Mac flaws, if left unchecked, create a means for hackers to crash browsers or inject malicious code into vulnerable systems.

More information:

http://www.mozilla.org/security/announce/2008/mfsa2008-20.html

http://support.apple.com/kb/HT1467

************************************************************************

Permission is hereby granted for any person to redistribute this in whole or in part to any other persons as long as the distribution is not being made as part of any commercial service or as part of a promotion or marketing effort for any commercial service or product. Readers are invited to subscribe for free at https://www.sans.org/newsletters/ouch

Best ISP Is...

Mon, 27 Jun 2005 21:23:47 GMT

PC World has just released a survey they took of more than 6,000 Internet users, in order to determine who the best ISP was. The winner, overall, was Earthlink’s cable service. The top three ISPs for overall service were all cable companies. Nobody did particularly well in the “spam blocking” category.

Phishers Hitting Nearly Half Of Adult Users

Sun, 15 May 2005 01:39:28 GMT

Next week Denver-based First Data Corp., one of the country's largest electronic financial transaction companies, plans to release survey results showing 43 percent of adults have received a phishing contact. Five percent of those adults gave up personal information. The telephone survey of 2,000 people was conducted by Synovate and had a sampling error margin of 2.2 percentage points.

The Federal Trade Commission advises that e-mailing financial and personal details is never a good idea, and legitimate companies don't ask for those details in an e-mail.

E-Mail Regs Still Driving Business

Sat, 14 May 2005 01:12:38 GMT

After all the hubbub during the last few years surrounding the Sarbanes-Oxley Act, Graham-Leach-Bliley Act and other rules and regulations dealing with e-mail retention, privacy, deletion and management policies, you might think the work is done. And you would be wrong, solution providers say.

For all the near-panic about complying with a daunting set of rules for public companies, a lot still needs to be done.

Study shows most attacks come from exploited PCs beloging to DSL or cable customers.

Sat, 13 Nov 2004 12:49:43 GMT

CipherTrust, the e-mail security company, in a survey this month of more than 4 million pieces of e-mail, found that nearly all of the phishing attacks came from about 1000 machines, mostly customers of DSL or cable modem services. Close to 28 percent of the IP addresses used in the phishing attacks during the two-week survey were from U.S. computers. Another 17 percent of the IP addresses were South Korean, and another 8 percent were Chinese.

Watch Out For Security Freeware Gotchas

Thu, 21 Oct 2004 22:21:07 GMT

Security freeware is pretty popular. The price is right and everyone needs more security. What's the catch? But just because software is free doesn't exempt it from the requirements of paid software. Folks who write security tools should practice secure coding. Authors of security freeware should be accessible and accountable for the product they provide; in security-speak, the software should have readily identifiable, non-repudiable origins. Folks who make security software available should have competent, security-savvy staff to support and maintain it.

So if you are considering security freeware, remember the five Ws. Who wrote the software? Can you identify and trust the developer? What does the software do? When should you use security freeware? Why are you choosing freeware over commercial ware? Where do you intend to use security freeware?

Webmail Startup Will Pay Users To Receive Spam

Thu, 21 Oct 2004 20:43:41 GMT

Startup Affini launched a free email service on Wednesday that will eventually pay users to receive advertisements. Initially, the service will work similarly to other "whitelist" email services such as Mailblocks, which allows members to pick and choose who they want to correspond with. In a few weeks, however, Affini will charge companies about 15 cents each to send advertisements to users, who will be able to opt in to the service.

The idea of paying for spam has circulated for years, prompting strategies designed by independent consultants as well as IBM's research team. Most have used some sort of authorized whitelist to determine legitimate emailers, and then offered some form of a token or cash payment to let advertisers into the system. Affini's model will start off as a token model. The tokens will be exchangeable for cash at a later date, in what Chang said would be a matter of weeks. At the launch, users will receive 1,000 points just for signing up, worth about $10 during the cash conversion, he said. A user can block all spam, or opt in to the payment system. Affini members won't pay to send messages, but will have the right to charge a fee for receiving a message from anybody outside the network – individual or commercial sender alike. If the recipient so chooses, he can waive the fee and also invite the sender into the network. At some point, Affini will allow users to alter the initial fee, allowing them to charge a dollar, for example, to receive unsolicited mail.

Phishing Attacks Launched from Handful of Networks

Thu, 21 Oct 2004 20:33:50 GMT

Security firm CipherTrust has reported that fewer than five zombie networks may be involved in all Internet phishing attacks worldwide, suggesting that only a small number of people are responsible for the threats. CipherTrust researchers found that less than 1 percent of e-mail messages are phishing attacks, but says these threats should be taken very seriously.

In its research, the firm analyzed customer e-mails during the first two weeks of October, and found that about a third of all zombie machines launching phishing attacks are based in the U.S., with South Korea coming in second at about 15 percent. However, the findings do not imply that the attacks originate within the U.S. Because zombie networks can be controlled from any geographic region, U.S. machines used in an attack can be manipulated by phishers in other countries. Most notably, the research indicated that attacks are sending out messages using networks of only about 1,000 PCs. This suggests that the number of perpetrators is small, but very adept at using compromised machines.

Microsoft to debut 'Istanbul' application

Thu, 21 Oct 2004 13:26:08 GMT

Microsoft on Tuesday introduced a desktop computer application that aims to seamlessly integrate e-mail, instant messaging, video conferencing, traditional phone service and Internet-based calling.

SANS "Ouch" newsletter for "unsophisticated end users"

Tue, 19 Oct 2004 16:22:32 GMT

A new free SANS newsletter has gotten rave reviews from unsophisticated end users - they really appreciate the plain non-technical writing and the cool examples. It's called OUCH! More than 500 security awareness professionals from around the US and the world helped them get it right. If you want to redistribute it to your users, that' allowed. The newsletter includes a pointer to a great phishing quiz for anyone who thinks he or she can spot a phishing email. To subscribe go to the newsletter page at the SANS portal and choose it.

FTC Goes After Spyware Operations

Mon, 11 Oct 2004 20:31:08 GMT

The Federal Trade Committee has filed a complaint in federal court asking that two Internet advertising and software firms be shut down. The activities of New Hampshire resident Sanford Wallace and his two firms -- Seismic Entertainment Productions and SmartBot.Net -- are some of the most egregious in the spyware field, Ari Schwartz, associate director of the Center for Democracy and Technology, told NewsFactor.

The operation of the spyware distributed by Wallace is very complicated, Schwartz explained. In addition, it has operated in different ways over the months. Perhaps the worst allegation is that of direct fraud. Some consumers assert that they were asked to pay US$30 to stop the pop-up ads repeatedly appearing on their computers. Those pop-ups originated from the same web of companies and advertisements originating them. Spy Wiper and Spy Deleter are two of the software programs marketed by Wallace's firms. In some cases, said Schwartz, pieces of software were downloaded to consumer computers without their knowledge or purchase. The company used security holes in Internet Explorer to take control of some operations on computers of users who clicked on particular ads.

The case is the first in the spyware arena to target a company for downloading code to a user's machine without permission. There are no laws against spyware at the national level.

Possible eBay phishing scam

Thu, 07 Oct 2004 12:16:26 GMT

[ALWAYS be suspicious of emails asking you to provide sensitive information by using a link provided in the email instead of the established method of providing such information.]

Veterans warned against e-mail hoax

Sun, 26 Sep 2004 22:33:24 GMT

Don't fall for an Internet hoax that tries to convince veterans that the National Personnel Records Center (NPRC) plans to destroy all paper military records.

Spam's Unsubscribe Link Downloads Nasty Things to PC

Thu, 23 Sep 2004 19:30:47 GMT

MessageGate has determined that spam featuring the domain xcelent.biz has gone beyond the usual rudeness of using a click on an unsubscribe link to confirm a warm body on the other side of the email inbox.

This badboy actually downloads an EXE file which takes advantage of a known bug in IE - namely that it treats any link containing the "IMG" tag as a valid image file, and, as the US-CERT tells us, "a drag and drop operation on an IMG element with an executable source file will copy the executable file without presenting a download dialog."

McAfee aims at small firms with e-mail service

Tue, 14 Sep 2004 22:29:06 GMT

McAfee on Monday unveiled a new security service designed to let small companies outsource their e-mail security to the antivirus software maker. Managed Mail Protection is a spam-filtering service that can detect and quarantine infected e-mails before they enter a customer's network, the security company said. Subscribers to the service can obtain detailed information on quarantined e-mails via Web-based management reports.

The MailFrontier Phishing IQ Test

Mon, 13 Sep 2004 02:18:00 GMT

Mailfrontier has put together 10 suspected fraud emails from their collection of millions-all of them real and all of them actually received by real people. [I got 9 of 10 correct - my paranoia had me calling a legitimate email a fraud. Advice on: use your common sense! advice off:]

Spammers Using Authentication To Dodge Detection

Fri, 10 Sep 2004 22:23:21 GMT

Spammers are trying to make their junk mail look more legit by adopting the same technologies intended to stem their message tsunamis, said MX Logic, a filtering firm, Wednesday. According to their analysis of 400,000 messages processed during a five-day period at the end of August and beginning of September, one in six spams, or 16 percent of those it filtered, included published Sender Policy Framework records. Sender Policy Framework (SPF) is one of the e-mail authentication schemes designed to ID spoofed addresses used by spammer and phishing scammers. SPF, and has been blended with Microsoft's Caller ID for E-mail and is now being considered as a possible Internet standard under the name Sender ID. [Once again proof that technology is a two edged sword. The good or evil is in the intent of the user.]

Web sites offering "phishing" kits for download

Sun, 22 Aug 2004 14:48:41 GMT

Some Web sites are now offering surfers the chance to download free "phishing kits" containing all the graphics, Web code and text required to construct the kind of bogus Web sites used in Internet phishing scams. Security firm Sophos warned that many of the kits also contain spamming software that enables potential fraudsters to send out thousands of phishing e-mails with direct links to their do-it-yourself fraud sites.

FTC Unveils New E-mail Address for Deceptive Spam

Sun, 22 Aug 2004 13:37:15 GMT

To better handle the high volume of spam forwarded to its database, the FTC recently opened a new email box spam@uce.gov

Net phone customers brace for 'VoIP spam'

Fri, 20 Aug 2004 16:20:11 GMT

If you're sick of spam, imagine wading through dozens of prerecorded porn and Viagra messages on your voice mail. Some computer security and privacy experts are warning that such a day may not be far off for customers of new Internet phone services, which marry the immediacy of a voice call with the conveniences--and inconveniences--of e-mail.

Computer Security for the Home and Small Office

Fri, 20 Aug 2004 16:16:16 GMT

[A review by Andrew Murphy of the book "Computer Security for the Home and Small Office" by Thomas Greene, The Register's security guru. What may be more interesting are the comments and give and take that follow. For example, how do you characterize an "average" computer user and do they or do they not "care" about "security?"]

AOL, Yahoo rolling out sender authentication

Fri, 20 Aug 2004 13:02:02 GMT

ISPs (Internet service providers) America Online Inc. (AOL) and Yahoo Inc. plan to begin using technology to verify the source of e-mail messages in coming months, as both companies step up efforts to stop unsolicited commercial, or "spam," e-mail, according to information provided by the companies.

Wiretapping the Web

Fri, 20 Aug 2004 12:57:20 GMT

A literal reading of electronic eavesdropping laws—coupled with a new FCC proposal—may make it easier for Washington to watch you online.

Interception of E-Mail Raises Questions

Thu, 01 Jul 2004 02:01:52 GMT

Interception of E-Mail Raises Questions (AP). AP - In an online eavesdropping case with potentially profound implications, a federal appeals court ruled it was acceptable for a company that offered e-mail service to surreptitiously track its subscribers' messages. [Yahoo! News - Technology]

Now they'll know if you read their e-mail

Mon, 31 May 2004 20:44:56 GMT

DidTheyReadIt.com, which will launch Monday [5/24] , allows anyone to secretly track e-mails they send. You'll see whether someone opens your e-mail, how long the recipient keeps it open — even where geographically the recipient is reading it.

In most cases, the site will be able to tell you the city where the e-mail was read — though not the specific address. It can also tell you if the recipient forwarded the e-mail (though not to whom it was sent), and whether it was read by the people to whom it was forwarded.

DidTheyReadIt is invisible to the recipient. It works with any kind of e-mail, including Web-based e-mail such as Hotmail. DidTheyReadIt maintains that it collects no other information about either e-mail senders or the recipients.

An existing service called MessageTag can track whether an e-mail was opened. AOL can do the same for e-mail sent to other AOL users. But neither allows the extensive monitoring of DidTheyReadIt.

Netsky worm variant targets the security conscious

Tue, 04 May 2004 15:04:26 GMT

By Shawna McAlearney, News Writer
04 May 2004 | SearchSecurity.com

"The latest Netsky worm is incredibly sneaky in the social engineering it uses to infect innocent computer users. It knows people are panicking right now about Sasser so it presents itself as a fix for Sasser from one of several well-known antivirus firms," said Graham Cluley, senior technology consultant for U.K.-based Sophos. "All users should be wary of launching unsolicited e-mail attachments." [Security conscious the victims may be but not security cautious or savvy. Paranoia regarding unsolicited email or whatever is entirely justified.]

A Home User's Security Checklist for Windows

Fri, 30 Apr 2004 22:20:19 GMT

by Scott Granneman, Feb 13 2004 01:33PM
Most people don't secure their computers or act in a secure manner, and the main reason is that the average user just doesn't know what to do. Here is a checklist on security for home computer users that you can share with your friends, family, churches and clubs.
[Some suggested additions by readers of the article:
- Disabling unused Windows accounts (especially the guest account)

- Disabling common services that are enabled by default but shouldn't be (for example Windows Messenger Service)

- MAC-address based access control on wireless router

- Disabling File and Printer sharing

- [You should include] a section to help users recover from crashes and data corruption. All computer flavors need a backup & restore/recovery plan for: file loss or corruption; application config/install corruption; OS/System corruption; and hard disk failure (or laptop theft). Surely there's a good link to point to that discusses options for the above per platform. Things like making sure XP System Restore point has been created (which doesn't happen on OEM pre-installs when you finish setup), Automatic System Restore diskettes created when you do a full-system backup (only external USB or writeable DVD drives can typically hold the backup files), and/or simple ntbackup backups for data subsets [and/or] 3rd party software like Norton Ghost which requires a bootable floppy if you want to use it to recover your hard disk from a complete failure using a new HD [and/or] a UPS (Uninterruptible Power Supply AKA battery backup)

- Use some outfit like http://www.grc.com/default.htm Shields Up to verify [protection from unauthorized internet access].

- [The list] could be simplified for non-computer administrators/gurus. For example: (Why shouldn't I run as Administrator?) is great for someone who is skeptical and wants to know why before following someone else's advice. But for the novice who is willing to believe and just needs to be told how, how about a quick cookbook approach: (How do I tell if I'm running as Administrator?) - with a short 25 words or less explanation; (How do I set up a non Administrator ID?); (How do I run as RUNAS?) - again a short explanation would be good.

- I would also recommend removing IM [instant messaging] programs, but everybody thinks they know better!!

Some challenges to the list or the suggested additions:
- This list needs to note where there are differences between Win95/98/ME/XP, or that it applies to all platforms. In general it does, but you have to be clear. For example, XP Home default users don't use a password to login, and may not know that extra users they create are administrators too - so how to enable passwords & check privileges. Many apps require Admin privileges - you should make them aware of that.

- [Some] have suggested disabling services. But my experience is that this breaks applications, or the apps just re-enable the required services. So I'd stay away from all but the simplest to disable and reenable. I would recommend making sure that your firewall isn't set on "medium" security or hasn't allowed inbound access to ports open by "trusted" programs.

- It's a no-no to configure Windows Update to automatically update and install.
- Users should probably be advised to go to the manufacturers update site USING THEIR BOOKMARKS and NOT the link given in any possibly fake email [phishing].

-Putting RegClean (and other registry cleaners) on the checklist for beginners is not a smart thing to do. The problem is that RegClean (and similar software) has a severe problem with false positives -- they mark registry entries for deletion that should NOT be deleted, as they're either in use, or are required for installing additional components that need those registry entries. RegClean and similar utilities should *only* be used by people who can go through the registry entries one by one and *understand* whether the key really can be safely deleted or not. Because of RegClean's ability to do more harm than good in the hands of unskilled users, Microsoft *pulled it*. See http://support.microsoft.com/default.aspx?scid=kb;en-us;299958 for some details (Regclean is incompatible with: Microsoft Office 2003, All Editions; Microsoft Office XP (Setup); Microsoft Office 2000 (Setup); and has been specifically declared unsupported by MS). Other similar utilities (like Norton System Doctor) are no better, and often do even more harm than RegClean does.

- Software to "clean" your PC of garbage needs lots of memory and disk space to work properly ... if you are running out of that stuff, then it is too late to use [Norton System] Doctor.

- I have to disagree with responding to spam to unsubscribe. With the recent CAN-SPAM Act that Congress passed (for those of you in the USA) the whole spam game has become an "opt out" one. Everyone is essentially allowed to spam you once but has to give you (among other things) an easy way to be removed from their list. On the other hand ... [another reader counters with] My personal experience over the past two months in unsubscribing from spam has been mostly good. The amount of spam I receive is going down. I'll be the first to admit that this was not a very scientific experiment, and I certainly don't have enough numbers to be statistically significant. [Another user agrees] With the recent CAN-SPAM Act that Congress passed (for those of you in the USA) the whole spam game has become an "opt out" one. Everyone is essentially allowed to spam you once but has to give you (among other things) an easy way to be removed from their list. [A counter to the counters] I wouldn't be too awful sure. It may but [probably] won't if they're outside US jurisdiction) stop them from spamming you personally, but it may not stop [them] from selling your name as a verified e-mail [address] to other spammers.
- Regarding [good rules] for passwords. I think [you can spend] too much time figuring out what not to do in passwords. For example Dictionary Words, Proper Nouns, or Foreign Words, and Personal Information can be used safely if more than 1 are used combined with numbers or special characters in a unique way. These kind will only be deciphered with brute force anyway - and will be more easily remembered without having to write them down. Writing down a very complex "approved" password would be more risky. I come up with the WORD ... some word I can remember without writing it down ... and I come up with a way to capture a few characters related to the site that needs a password ... perhaps their initials, perhaps first few letters of name of outfit ... then I combine the WORD with the RULE based on that outfit ... now I have a unique password for that place, and it not have to be written down ... all I need to remember is the WORD and the RULE ... and from time to time I redo my passwords with a new WORD.

- I might argue a little with you about your suggestion to change the SSID [of a wireless access point]. Sometimes that is the thing that makes one network stand out. Perhaps changing it SLIGHTLY by changing the order of the SSID letters and numbers, but not so much that it stands out. The most important point is to make your system harder to hack than the next guy! Most of these bottom feeders are looking for low hanging fruit!! Be the first PC in your Neighborhood not to give them any! Most computers are LESS secure than you think!]

Citibank phishing expedition

Mon, 26 Apr 2004 22:30:43 GMT

Another phishing expedition with Citibank as the bait.

AOL Opens Mail To IMAP Clients

Mon, 26 Apr 2004 16:05:18 GMT

Proprietary e-mail system now accessible in U.S. from third-party clients such as Outlook, Outlook Express, Eudora, and Entourage.

REVIEW: Toolbars Offer More Than Searches

Fri, 23 Apr 2004 14:57:19 GMT

Search engine toolbars for the Internet Explorer browser have become nearly essential tools online: They can block pop-up ads, alert you to new e-mail, even protect you from scams.

E-Mailing Aromas May Be Next Multimedia Experience

Thu, 22 Apr 2004 00:03:24 GMT

Sending smells by e-mail may be possible within the next decade, say researchers at the University of Alberta in Canada who have invented an electronic nose that connects to a PC and can detect several different odors.

Jail Mail Can Have Web Downloads, Court Rules (Reuters)

Wed, 21 Apr 2004 23:54:51 GMT

Reuters - The state cannot bar prisoners access from mail that contains downloads from the Internet, a U.S. appeals court ruled on Tuesday.

EarthLink aims to block 'phisher' scams

Tue, 20 Apr 2004 02:05:38 GMT

The ISP is offering a tool to protect customers from scams that con people into parting with personal information by luring them to bogus corporate Web sites. Atlanta-based EarthLink on Monday became the first Internet service provider to offer protection from "phishing" scams that trick people into parting with personal information by luring them to bogus corporate Web sites. The antiphisher software is part of EarthLink's ScamBlocker feature, a downloadable browser-based toolbar that includes a Google-powered search engine and EarthLink's Pop-Up Blocker. EarthLink said it also offers a program that keeps tab of all spyware software on customers' computers.

'Phishing' scams luring more users

Tue, 20 Apr 2004 02:02:17 GMT

The number of "phishing" e-mails circulating on the Web has increased from 279 to 215,643 over the past six months, according to e-mail security company MessageLabs.

Phishing is an Internet scam in which unsuspecting users receive official-looking e-mails that attempt to fool them into disclosing online passwords, user names and other personal information. Victims are usually persuaded to click on a link that directs them to a doctored version of an organization's Web site.

Renewed warnings over 'phishing'

Mon, 19 Apr 2004 01:03:25 GMT

Bank customers are being warned again about "phishing" scam e-mails, after a recent increase in those falling victim to the internet menace.

FDIC warns of scam targeting consumers' bank accounts

Sun, 18 Apr 2004 23:59:44 GMT

APRIL 08, 2004 This is the second such scam it has seen since January. (COMPUTERWORLD) - Consumers and financial institutions are being warned of a new e-mail scam that purports to be from the Federal Deposit Insurance Corp. and that advises consumers to click on an attached file for more information about alleged fraudulent activity regarding their bank accounts.

Google mail

Tue, 06 Apr 2004 21:09:32 GMT

A new Google email service that stores messages where users cannot delete them may violate Europe's privacy laws, a citizens' group has said after lodging a complaint with UK authorities.
The world's most popular Internet search engine said last week it would offer a free email service, called "Gmail", with one gigabyte of free storage capacity -- more than 100 times that offered by established rivals Yahoo Mail and Microsoft's MSN Hotmail.
But the breakthrough comes at the price of less privacy.
"Residual copies of email may remain on our systems, even after you have deleted them from your mailbox or after the termination of your account," Google's Gmail says in its privacy and terms of use sections.
Google will also scan users' emails in order to paste appropriate advertising into messages. It may also link together "cookies", which contain personal information, from both email and Web use records.
"This is not just 'buyer beware'. Consumers should be aware that there's a vast violation of European law occurring here," said Simon Davies, director of Privacy International, a citizens' group with offices in Britain and the United States. [I can not believe that, assuming they read the warnings, anyone would accept these conditions for receiving free email.]

Yahoo patches e-mail hole

Mon, 29 Mar 2004 17:29:52 GMT

Yahoo Inc. has patched a hole in its Web e-mail service that could have allowed malicious hackers to run malicious computer scripts on computers that use Microsoft Corp.'s Internet Explorer Web browser to check Web e-mail accounts. The problem also affected Microsoft's Hotmail e-mail service.

Office update clogs spam filters

Wed, 24 Mar 2004 21:39:37 GMT

Antispam software vendors are scrambling to find a fix to the fixes in a recently released service pack for Office XP and Office 2000, which some say causes havoc with spam filters.

Shortly after SP3 was released, users started reporting problems to the makers of several popular products for filtering out junk e-mail. They said every time their spam filter tried to intercept a message, Outlook would pop up a warning message that another application was trying to access Outlook's address book.

The flaw appears to be related to the way some spam filters use the Outlook address book to distinguish known e-mail senders from junk spewers. SP3 restricts the ability of outside applications to access the address book, a common venue for worms and viruses to propagate.

While the warning messages don't stop either the spam filter or Outlook from working, they're an annoyance for anyone with an active mailbox, said Tricia Fahey, the vice president of marketing communications for spam filter company Cloudmark. [It's a huge disincentive to users when the tools they use to protect themselves from threats cause as many problems as the threats themselves.]

Malicious computer worm detected

Wed, 24 Mar 2004 21:29:45 GMT

A new malicious computer program has been detected that can create networks of remotely controlled computers to take part in online attacks, send junk e-mail messages and engage in other shady activities common to the bad neighborhoods of cyberspace.

The program, known as phatbot or polybot, uses technology like that developed for file sharing networks such as Gnutella and Kazaa to control the machines. ("Bot" is shorthand for "software robot," a term generally applied to automated software.)

EarthLink brings cell phone service to BlackBerry

Tue, 23 Mar 2004 20:32:41 GMT

Internet service provider EarthLink (ELNK) in May will begin selling cell phone service on BlackBerry e-mail devices, the company announced Monday.

The move by the No. 3 ISP shows just how similar Internet and phone companies have become.

Spam's irritating cousin, spim, on the loose

Tue, 09 Mar 2004 03:29:01 GMT

USATODAY.com - Consumers ditching e-mail for instant messages to avoid spam are in for an unpleasant surprise. [Doesn't measure up to Spam yet but for "spammers" where there's a will there's a way.]

Spam's 'dirty dozen' exposed

Sun, 07 Mar 2004 21:47:55 GMT

The United States, Canada, China, South Korea and the Netherlands are the top five birthplaces of spam worldwide, according to a new analysis.

In an analysis of junk e-mails received over two days in mid-February, the company created a list of the "dirty dozen" spam-producing countries. Taking the undisputed helm on its list of spam-producing countries is the United States, which accounted for more than half of the world's unsolicited e-mail at 56.7 percent during the period of study.
... The list may not be a completely accurate reflection of spam's origins, Graham Cluley , senior technology consultant at Sophos, acknowledges. "Our intelligence suggests that a large amount of spam originates in Russia, even though it appears at only No. 28 in the chart. Hackers appear to be breaking into computers in other countries and sending out spam via infected PCs," he said. [I presume they have determined that a two day sample is statistically valid.]

Antivirus firm secures lists after virus leak

Sun, 07 Mar 2004 21:36:56 GMT

F-Secure adds more security to its customer mailing lists after a moderator accidentally forwarded a virus to users of the company's antivirus software.

The Electronic Verification Is in the Mail

Sat, 06 Mar 2004 21:50:38 GMT

By MARK GLASSMAN (NYT)
The Postal Service, Microsoft and a technology company have developed a system for verifying that a document’s content is the same as when a user saved it.

Cloudmark's community of interest

Sat, 06 Mar 2004 20:33:06 GMT

I don't often endorse a product, but I am so impressed by the anti-spam product I've been using for the last three months that I'm going to tell you about it. [Network World on Security] [Review by Mitch Kabay, PhD. SpamNet for Outlook and Outlook Express users - A cooperative effort driven by the product's users to identify spam and non-spam including weighting the users themselves for accuracy and integrity. Reads like a neural network of (800,000+) human beings to me.]

RSA - Competing technologies could shake up e-mail

Sat, 06 Mar 2004 03:08:59 GMT

Microsoft’s announcement at the RSA Conference last week of a host of initiatives to stop unsolicited commercial e-mail, or spam, highlighted some tectonic shifts taking place in the once staid world of Internet messaging. [For the more technically inclined who are interested in details.]