Extortionware / Rogue Security Software / Malware

You may not be familiar with the terms ‘rogue software, extortionware, or malware’ but there’s a very good chance that you or someone you know either has experienced it, or will in the near future.

As I mentioned in a previous post, I have seen a lot of virus attacks lately. A large part of the viruses I had to clean-up where this type. They appear as a pop-up on your PC, warning you that you’re infected with malware, and urging you to buy a specific program in order to remove the threat? Some of them keep popping up and won't let you shut them down. I have even seen one that won't let you access the internet. While the “threat” being reported by these fake scanners isn’t real, the danger posed by the scam is.

As malware writers fill the web with rogue anti-malware programs, this kind of trickery is becoming more and more common, and now poses one of today’s greatest security challenges to computer users.

What exactly is a rogue? Rogue security applications are sometimes referred to as scareware or extortionware because they try to frighten users into thinking they need to buy a certain program. Taking the form of legitimate-looking anti-virus, anti-spyware and anti-malware products, these rogue applications appear beneficial from a security perspective but provide little or no protection, generate misleading alerts, or attempt to lure you into a bogus transaction; essentially, they are malware, pretending to be genuine Internet security programs, and they aim to steal your money, private information, or expose you to other high risk cyber threats.

Rogues are distributed in a variety of ways, using social engineering tactics to deceive and mislead people. For example:

• You may see an ad for a security software product pop-up on your PC as your browsing the Web, warning you that your PC is infected with malware, prompting you to download a specific program to remove it.
• It may be distributed by a fake codec (supposedly necessary to view a certain video).
• You may see messages that appear to come from your operating system, telling you that your system is infected, and pushing you to take a certain action, like visit a website or download a program.

Microsoft’s Help and Support page explains it well, stating that, “Rogue security software might report a virus, even though your computer is actually clean. The software might also fail to report viruses when your computer is infected. Inversely, sometimes, when you download rogue security software, it will install a virus or other malicious software on your computer so that the software has something to detect.”*

In my opinion the best ways to avoid Extortionware is:

• Do not fall for scare tactics.
• Use security software with real-time protection and keep it up-to-date. If you have ant-virus, firewall, anti-spyware, etc… programs and a warning pops up from another service telling you that you are infected, DON’T BELIEVE IT.
• Access experts. If you do get a warning like this, contact someone that knows. Hopefully me. HA HA.
• Read the software reviews. Refer to sources such as Download.com, Afterdawn.com, or even type the suspect program name into a Google, Bing, or Yahoo search bar. The search may show the program as legitimate, but all of my experience it comes back with a cure to get rid of it.
• Ask knowledgeable friends and family. Ask them what they use and if they have ever heard of the “rouge” software.
• Practice online skepticism. Be aware that these programs exist and can cause trouble. Also be cautious of links in e-mail messages and on social networking sites (Facebook, Twitter, etc…).

Remember, be careful what you download and what links you click on. If you do get a warning that pops up on your monitor saying you are loaded with "infections.", don't get scared just contact someone that knows about this kind of stuff, ME, and see what can be done.



*Part of the above content is from the Lavasoft Newsletter.
* http://www.microsoft.com/security/antivirus/rogue.aspx

Read More

Belarc Advisor

This entry is to explain what the Belarc Advisor link on this page is for.
Belarc's products automatically create an accurate and up-to-date central repository (CMDB), consisting of detailed software, hardware and security configurations. The Belarc Advisor displays a detailed profile of your installed software, hardware and vulnerabilities in your Web browser. Click on the Belarc link in the "Links" section on this page to download a free copy for personal use. This product is used for software license compliance, hardware upgrade planning, cyber security status, information assurance audits, IT asset management, configuration management, and more.

It will give you a Computer Profile of the current Operating System (XP, Vista, etc..), all the hardware you have install in your computer, the active and inactive user accounts, attached printers, attached monitors, communications (I.P. Address, Default Gateway, etc.), and much more.

Next, it tells you what Microsoft hotfixes are installed on your computer and the dates they were installed,  
if there are any hotfixes that need to be installed, and any antivirus software installed.

Lastly, it lists all your Software Licenses and Software Versions for all currently installed software.

This isn't a necessary thing, but it is cool to see the report that it generates. Also helps to see if you are up to date on all your hot fixes and see if you have the most current versions of your software.

Read More

Another one bites the Dust!

Viruses seem to be on the rise lately. I have heard of and removed quit a few over the past few months. Some of my tips for avoiding viruses are in a previous post. Not that I mind the business or anything, but I can see how stressful it is and potentially dangerous it can be to your data. Especially if you store personal info on your computer like: bank passwords, credit card info, insurance policy numbers, social security numbers, etc...
Unfortunately the world is full of jerks and we have all heard about identity theft and the damage it does to your credit. Just be careful with what you do and where you surf.

Read More

Virus, Spyware, Adware, Trojan Horse, Malware

Day two:
I have attached a few definitions of some common computer infections. Some of these are just annoying while others are nasty. In my opinion, your best chance to avoid these is to:

• Keep your anti-virus & other protection programs up to date
• Don't open any e-mails / attachments from senders you don't know
• Don't download anything from the web that you are unsure of
• Don't frequent questionable websites and on-line game sites
• Don't leave your computer logged into a website and walk away for extended periods of time.
• Be careful when installing programs or copies of programs from "friends."

Even after adhering to these guidelines, you still get something, don't panic not all is lost. Unless you feel comfortable "treating" the infection yourself, seek help from someone that has an idea of what they are doing. Again these are my opinions, but I follow these and with God's watchful eye, I have only had one bad virus in my eight years of "serious" computer experience. The aforementioned virus was from someone else using my computer to play an on-line game. It took me two days to clean-up my system. Needless to say, NO ONE uses my computer unless I know what they are doing. On the right hand side of this page, under the "About Me" section, you will find links to my favorite computer protection sites. Not saying any of these are perfect, but I have had good experiences with them. You are free to try your own.


Computer Virus:
A program that enters a computer (usually without the knowledge of the operator). Some viruses are mild, and only cause messages to appear on the screen, but others are destructive and can wipe out the computer's memory or even cause more severe damage.Computer viruses spread from machine to machine on disks and through telephone lines.


Spyware:
Software that sends information about your Web surfing habits to its Web site. Often quickly installed in your computer in combination with a free download you selected from the Web, spyware transmits information in the background as you move around the Web. Also known as "parasite software," "scumware," "junkware" and "thiefware," spyware is occasionally installed just by visiting a Web site (see drive-by download). The license agreement that everyone accepts without reading may actually state that you are installing spyware and explain what it does. For example, it might say that the program performs anonymous profiling, which means that your habits are being recorded, not you individually. Such software is used to create marketing profiles; for example, people who go to Web site "A" often go to site "B" and so on. Spyware may deliver competing products in real time. For example, if you go to a Web page and look for a minivan, an ad for a competitor's vehicle might pop up (see adware).

Adware:
(ADvertisementWARE) Software that periodically pops up advertisements on a user's computer. It displays ads targeted to the individual user based on key words entered in search engines and the types of Web sites the user visits. The marketing data are collected periodically and sent in the background to the adware Web server. Adware is known as "contextual marketing."

Trojan Horse:
A malicious security-breaking program that is disguised as something benign, such as a directory lister, archiver, game, or (in one notorious 1990 case on the Mac) a program to find and destroy viruses! See back door, virus, worm, phage, mockingbird.

Malware:
(MALicious softWARE) Software designed to destroy, aggravate and otherwise make life unhappy. See malvertising, crimeware, virus, worm, logic bomb, macro virus and Trojan. Malicious computer software that interferes with normal computer functions or sends personal data about the user to unauthorized parties over the Internet.

* Definitions from www.answers.com

Read More

Welcome

Let me first start by saying, I am by no means an expert at writing, so you will probably find many grammatical errors and maybe even a spelling error or two on this page. Please don't let that sway you from reading on or asking questions. With that said, Hello and Welcome to my "Experiment." I have been thinking about setting up a website for awhile, but decided the cost may be a little more than I want to handle. Renting a URL and all that goes along with that. A special person told me about this and I figured I would give it a try. I am setting this up to answer technical questions and to provide links to sites I find helpful. And those of you that I already deal with, links to the sites for your various security programs will also be provided. Hope you enjoy and PLEASE keep your comments appropriate.

Read More