Not many people are big fans of a can of Spam, there are some who enjoy the taste, but I do not know of anyone who likes electronic spam. Spam is spread out all over the internet and is designed to attack computers gathering information, data, or just giving them viruses. It began back in the 90′s with the use of email, spammers sending out thousands of bogus emails. Email providers even had to get a service that detected spam and sent it to a separate folder. But even that is not keeping out the crap as spammers find new ways to infiltrate and bypass security systems to annoy you even more.

I read in a message that a person had 493 messages that were spam, wow.

Today, botnets are software agents that run by themselves and are independent once they are set up by a hacker or spammer. They are sent out through distributed systems, systems that are autonomous and communicate with other computers in a network. Hence the name: ‘roBOT NETwork’. These robots are designed to infect your computer with trojans, worms, and other malicious wares.

In fact, the email botnets send out so much spam equaling 85-90% of all messages send and received!

Spam does not stop at emails, they reach out to instant messaging, social media such as Myspace and Facebook, and even blogs like Geek Choice. I cannot tell you how many spam comments I get with bogus links to websites or just random words to fill and clutter the inbox.

The number of spam messages for the United States reached 6.6  Trillion this past year, they were second only to Brasil with 7.7 Trillion, and India came in third with 3.6 Trillion.

This is a costly business, spam means manpower, loss of productivity, and additional equipment and software, in 2007 the United States spent $13 Billion alone on combating it. What can you do at home to fight back against these bots? Not a whole lot.

These botnets are so numerous to name, trying to will give you a headache, which is exactly why they are designed. The infected computers, called “zombies”, send out all those annoying emails about Viagra or Cialis, or new products, or a girl who wants  to have sex with you(check to make sure it might be a real one).

You might not even know it, but your computer could be infected and be sending out messages! Once the virus is installed, the “botmaster” can control is from anywhere. Recently a botnet named Rustock has become the biggest of the bots, controlling over one million bots sending out over 44 billion spam messages a day(Symantec study).

They are getting harder to detect too. These new botnets can be detected right away with the security softwares, so they are switching from carrying bulk messages to carrying smaller amounts so they can slip right by and into your inbox.

Bottom line, there will always be spam sent out in the billions every day. It is a fact of life, as long as internet exists, so will spam. Yum!

How safe is your computer? If you use the internet you take the risk of catching a virus, like the cold it can be prevented if you take certain steps. No I am not talking about downloading the latest anti-virus software or the cool new tool that can fly around your computer like superman saving your files from the evil file corrupter.

I am talking about what is already on your computer, like your web browser whether that be Internet Explorer, Firefox, or Chrome, that have the tools you need to protect yourself. You can find these tools in the ‘Tools’ menu bar located at the top of your browser. Look at ‘options’ on Firefox or ‘security zones’ on Internet Explorer. By telling your browser exactly what type of sites it is allowed to visit and the level of restriction, you are ensuring that you will be protected from spyware, unwanted advertisements, and those “drive-by” downloads.

You may have heard recently that there was a big “drive-by” attack that hackers did on IE6. What happened was that hackers were able to get into a certain website and make links using the sites name to another website, which people visited, and got screwed because just by being on the site malicious software and viruses were downloaded to people’s computers.They are still doing it on IE8, so be careful.

That is just one example of how easy it is for hackers to get into your system, simply by taking over a website and waiting for a user to walk aimlessly into the site, unaware that they will be regretting not listening to this blog and taking the necessary steps to prevent such a thing!

One of these steps involves securing your email, particularly in Outlook. A common pitfall that is easily overlooked is the text. You have two choices: HTML-Text, or Plain Text, which is better? It is not a question of better, but safer. HTML might look good, but in the long run it is dangerous because this is where all those phishing scams thrive on. By using Plain Text it disables the Active Content that opens email attachments automatically, and allows safer emailing.

Instant Messaging worms have become more and more vicious and prevalent in today’s internet world. Be careful when talking with your friends online, be wary of ‘Away’ messages, because if you are chatting with someone who sent you a malicious worm or virus masquerading as a link somewhere infected you could be in for a bad time. You can usually tell when a message like in email that is suspicious.

Hackers are always looking for new ways to get into your computer and screw things up. Do not allow them to, especially during the holidays when you should be out gallivanting around with your family enjoying the holiday spirit.

Say someone wants to know what you are up to. By tracking the electronic foot prints left behind by email, Facebook, Twitter, MySpace, or even just account activity, they can learn a lot about you in a short amount of time, about the time it takes to load a page. The world of today where there are no walls and information is out there flying around can be a dangerous one, if you are not careful.

The information that is out there can be grabbed by people search engines like Pipl, Spokeo, and CVGadget. It is not illegal, they are doing nothing wrong in the eyes of the internet police, but it does invade our privacy even if the information is out for people to see. It is like putting your dirty laundry out in front of the house, even clothes with small stains, the fact remains that our personal stuff can be easily accessed by anyone. Creepy.

So what can you do about it?

Put a stop to the mountain of information on you that is being collected by these search engines as you read this. First check out for yourself how much is out there by searching your name. Rapleaf is a provider with an open tool to let you see everything, while the other search engines only let you see bits and pieces. By going to that site you can actually manage what people see about you. No more spying from your ex-girlfriend or boyfriend, no more parental espionage, no more privacy pillaging! By ‘Opting-out’ on Rapleaf’s website, you can permanently delete all that saved information that Rapleaf has on you.

Another way to stop prying eyes is to adjust the privacy settings. This means going to all the sites connected to your email address and changing them individually

• Amazon: Wish Lists are made public by default. To change that setting, go to this page and select the option to sign in. You can then view any Wish Lists associated with your account and designate them as private.
• Facebook: Once signed in, look under the ‘Settings’ tab at the top of the page to find the privacy control panel. Click the Profile option to set parameters regarding who can view your content.
• MySpace: Click the My Account button at the top of the page after logging in, then click Privacy to adjust your settings. Bear in mind that your age and location are typically displayed publicly even if your profile is set as private, as was the case in one of the examples cited in “They Know Your Dark Secrets…And Tell Anyone.”
• Pandora: Your playlists are public unless you specify otherwise. Once logged in, click Account at the top of the page, and then follow the option to edit your profile info. From there, you’ll see a checkbox that you can select to make your profile (and thus your playlists) private.

By doing this, you prevent search from sites like Pipl and Spokeo from getting into your private information like what music you like, who your girl or boyfriend is, where you live, the list goes on and on. Take back control of your privacy. Don’t let weirdo’s or people who do not need to see your personal life get the best of you. Who knows what people will do with information like that. You can protect your privacy even when you are on the web, these are ways to catch those spiders crawling around looking for trouble.

Adobe is releasing a new version called Reader X. Another name for that might be Adobe “Bait-for-Hackers”. With the release of this new product which enables users to open PDF files and view them with even more content types, and expanded PDF access to mobile devices.

What also comes with the release of Adobe Reader X and other Acrobat X applications is the susceptibility of hacks and security issues that comes with the ongoing threat of malicious campaigns against programs such as these.

Even the chief security executive for Adobe said that there will be a bull’s-eye on this product once it is released in 30 days.

Adobe is taking the hackers into the sandbox.

To explain, a sandbox in the world of computers is a way of isolating running programs. This security mechanism restricts the ability of untested codes and third party programs to enter and see the network access and the host systems. In other words it makes the world of computers a better place because it plays nice and makes sure your computer isn’t running around the playground kissing every kid and telling about it.

While the sandbox protect mode will not stop attacks, it will at least stem them to a point where they are manageable. Hackers want bragging rights, so the first one to break into Adobe Reader X is a hero, and then it is off and running for them to cause chaos with your information and money.

Hackers can get into this program and exploit it by running the program with the looks and feel of the real thing. So when you put your credit card in to upgrading to full service or when you send money, although you think it is going to a legitimate company, it is really going to some fat over-weight asshole who needs your money to fuel his Twinkie addiction.

Sandbox is another word for isolation chamber.

Applets, which are self-contained programs that run in your operating system, are common in web browsers; they use the mechanism to safely execute untrusted code embedded in web pages. Java is a common one you might be familiar with. When it asks for your permission to run a program, that is an example of a sandbox doing its job.

The one major important job of the sandbox for Adobe and for your system is that is prevents viruses and Trojans from infecting you. If you do not want to get sick and lose all your memory and work that you have done for years on your favorite computer, make sure you have a sandbox application running. A common one is Sandboxie, which is a great tool for isolating the virtual processes in a controlled environment to allow for testing before it is sent out over the web and into your machine.

Adobe against the Hackers

The programmers at Adobe want to make sure that they come out on top over the hackers. A daunting task, but with 13,000 lines of code making it the most popular program to get this much attention, anyone trying to get into this sandbox will be tested to the fullest extent.

If you are downloading the new Adobe and are unsure about whether it is safe or not, remember the days of playing in the sandbox, and you should not have any more worries. The internet playground is a better place with a sandbox in it.

In this world of computers, technology, and the internet where information flows all around us there exist two types of people: surfers and sharks.

These are dangerous waters. Just last year there were 2.6 million threats in the form of Trojan and other viruses sent out all over the internet. How are we to keep safe when most of us do not even know what a virus looks like, and what is more, how to stop one.

The answer is in the password. There are many different techniques to stop hackers from getting into your computer, this one is crucial to prevention.

You might be asking: “Why do I need to change my password?”

First, let’s take a look at just what a malicious attacker can do with your password.

Recently a hacker masquerading as your friend Bob sent you an email asking for help with money or some other problem and to help him all he requires is your sensitive personal information. Hacker skills are vast in finding ways into your friend Bob’s email account. One way is through malicious software that simply records the information as he types it in, like taking candy from a Bob the hackers now have his sign-in data and can use that for whatever they wish.

Poor Bob did not change his password, left it at boob69, and now has to answer to a friend who lost a thousand dollars because he thought Bob was in trouble from an email he sent. This can happen to anyone.

Sometimes all it takes for a hacker to get your password is to guess. “You use a password that’s easy to guess, like your first or last name plus your birth date (‘Laura1968′), or you provide an answer to a secret question that’s common and therefore easy to guess, like ‘pizza’ for ‘What is your favorite food?,’” wrote Priya Navak, Google’s online operations strategist. Be creative with your password.

Gmail is a common target along with Hotmail, Yahoo, and social networking site Facebook for sharks to base their attack on surfers’ privacy.

There is so much information out there it is easy for hackers to grab whatever they want simply by reaching out there hand. To put this in perspective, 247 billion emails are sent out per day, 81% of which are spam emails. That means that every day there are about 200 billion attempts at scams, viruses, and other malicious attacks on you.

This happened to me, and I almost cashed a check written out to me from a businessman who actually used a job finding website to mask as an employer. He wanted me to send him via email my name, address, email address, and my age. It seemed like harmless info, so I obliged, not knowing that this “employer” was a scammer who wanted me to cash a bad check.

Now you might be asking: “How do I protect myself from these bad people?” Answer: Change your password twice a year and never reuse the same one.

Here are some other ways to protect you in the computer world.

1)      Watch out for messages that ask for your username and/or password. Secure sites will not ask you for this information.

2)      Never give out your password if you opened a link that you think is trusted on an email. Hackers are crafty little crackers; they can disguise a trusted site like Amazon or Google and have your information easy.

3)      Always sign-out when you are finished using your email. Don’t leave the door open for hackers and viruses to get in.

There are also some good, free programs like LastPass and Keepass to help with protection. Don’t get bit by a computer shark while surfing the net!

Junk mail is the bane of any household, particularly catalogs from companies hawking products for which you have zero interest. Many of us, when arriving home from work, hate the daily ritual of filtering unwanted junk from the mail that we’re actually interested in reading.

Initially unveiled as just a beta, Catalog Choice is now an official registry that allows you to cut down on the clutter filling up your mailbox.

It’s completely free and easy to use, supported by more than 1,000 merchants complying with the requests made through this service.

After the registration process has been completed, you can browse their directory for any catalogs that have found their way to your mailbox. You can either put a halt to their delivery altogether or make it so the frequency with which they’re sent to your residence diminishes considerably. Once your choices have been made, Catalog Choice will contact the companies and inform them of your preference.

Be forewarned: It can take up to 12 weeks before you notice your changes.

If you’re like me, you look forward to a mailbox containing only that which is relevant, absent the unnecessary solicitations. For those of you who tire of finding your mailbox invaded by catalogs you almost immediately toss in the garbage bin, this service is a perfect means of putting an end to the unwanted junk.

Visit Catalog Choice here

Twitter has begun issuing alerts to certain users, notifying them of the need to change their password. It reads as follows:

“Due to concern that your account may have been compromised in a phishing attack that took place off-Twitter, your password was reset.”

This is in response to phishing attempts that have resulted in users unwittingly surrendering their login information to hackers.

Phishing refers to a process where unscrupulous sorts set up a bogus login screen that dupes unsuspecting users into giving their user name and password away. The phishers then use that compromised account to send messages to other users, using the same scheme.

Aiming to thwart a recent series of phishing scams, Twitter has been informing users that they should change their password if they happen to be following an account by the name of @THCx. It’s suspected that this account may have been created for the purpose of phishing for passwords.

Geek Choice advises you to be very mindful of who you share information with. When logging into ANY account, always make sure to look at the url located in the address bar. Should there be anything that looks peculiar, it’s possible that it’s not the actual site you wish to log into.

Stay vigilant and protect yourself.

When dealing with charities, it’s best to pay attention to just whom you’re donating to, remaining mindful of their legitimacy. While there are a lot of charitable sources that would appreciate your help,  this tragedy has also unearthed unscrupulous sorts who would take advantage of kind hearts. Below, you’ll find sites to which your donations are welcome, and some information on possible scams you should avoid:

• The American Red Cross is a well known organization that addresses need the world over. They’re now in Haiti, assisting the victims of this devastating event. You can donate money, volunteer your time, and provide other forms of support.
• UNICEF and Doctors Without Borders are also there, lending their hand.
• If you’re looking for a comprehensive list of charities to which you can donate, The Daily Beast has compiled a list of non-governmental organizations lending a hand to the cause, with additional information about what each service provides.
• Reddit.com, that source to which you can post all kinds of news, has set up their own donation site. Every dollar you donate to Reddit will go directly to Haiti, with none of the money used for any other purpose.

If you really want to help, it’s advisable to send just money – not stuff. Right now, money is critical, with that financial assistance going towards the replenishment of much needed supplies. If you experiencing some ambivalence over donating funds to organizations you’re not sure about, these resources should allay some of your fears:

• Charity Navigator assesses organizations and rates them accordingly, listing those services that have received three or four star ratings from their studies (such ratings denote trustworthiness and competency).
• The Foundation Center is helpful resource that unveils the tax filing and non-profit status of an organization.

Our thoughts and prayers are with the people of Haiti. As more sites become available, we will update you on the best way to donate to the entities now addressing this tragic ordeal.

Suspicious attachments

Attaching files to an email is a quick and easy way to share files with your contacts. The downside is that unscrupulous spammers can attach files like viruses and trojan horses in the hopes that an unwary recipient might download the file and infect their computer. Any time you see an email with an attachment that you weren’t expecting, be very cautious about downloading the attachment or even opening the email.

Links that don’t make sense

In an email supposedly from Yahoo, a link to a specific page on Yahoo’s site appears. So why does the text of the link not begin with “http://yahoo.com”? Because it’s a scam. Many scam artists attempt to gain account information or even credit card numbers by posing as respectable web companies looking for information about your account. These emails typically contain a link where you can reset your password, confirm your credit card information, or log in to access some special new feature. To spot these bad links, you need to look at the url: the address of the page that is being linked to. All urls begin with “http://” or “htpps://” and from there vary from website to website. If the url is not visible in the link, you can hover your mouse over the link and see the url in the lower left corner of your web browser.

email containing links that don't match up and suspicious sender information

Notices about accounts you don’t have

Virus spreading emails that mask themselves as emails from major websites are banking on their recipients actually having accounts with that website in the first place. If you get an email about your facebook account when you never signed up for facebook in the first place, the odds are very good that this is a phishing or virus email.

Password reset requests you didn’t send

One of the most common phishing emails currently is the fake password reset. These emails claim that you recently requested a new password, and direct you to a webpage where you can enter your “old” account name and password. You may be able to identify these emails by the link urls or because you don’t have the account that you would supposedly be resetting a password for in the first place. Even if you don’t see anything wrong with the link or the account information, never respond to a password reset email that you didn’t specifically request.

Sender addresses that don’t add up

An email from YouTube.com will be sent from an account that ends with @youtube.com. If “joey5683426$$@ytmail.com” is sending you important updates about your YouTube account, it’s a safe bet this is also a malicious email. If your email system hides sender information, you can change your settings to show full headers or usually click a link right in the email to show all of the sender information.

Money transfer requests

Typically from Nigeria, these emails claim that there is some obscene amount of money sitting in an account somewhere that the sender wants moved to the United States before something terrible happens to it. It’s not uncommon for these emails to be completely in upper case and poor English, although there are exceptions. These emails are scam attempts, trying to get your bank account information so that the sender can access your funds. No matter the pretense for the email, you should never share bank account information with anyone you don’t know. Recent versions of these emails claim to be from “a member of your church.”

Weird emails from friends

The most dangerous and difficult to spot malicious emails are the ones sent by your friends and other contacts. Usually if you receive a suspicious email from a friend or co-worker, it’s either because their system has been infected or because their account has been compromised. If you see an email from one of your contacts that contains strange characters in the subject, has attachments that you weren’t expecting, links to a file sharing site, or otherwise looks unlike the correspondence you’re used to from that person, take the time to check with them before clicking on any links or downloading any attachments. If you do find a strange email from a contact that later turns out to be a virus or online scam, it’s important to remember that your friend most likely was not the one that sent the email to you. These are almost always sent either by a virus or by someone who gained unauthorized access to your friend’s email account.

Email from the user's account containing a suspicious link and subject

Emails from yourself (that you didn’t send)
These emails can be disturbing when you find them. If you find an email from your own account sitting in your inbox that you know you didn’t send (and you have not allowed anyone else access to your account) immediately change your password and security question for your account. Next, check your “sent mail” folder to see if any other emails went out that you were unaware of. Let everyone who received one of these suspicious emails know that you did not send the emails, that they should not open them or click any links or attachments and that you suspect your account was compromised. You can also let your email provider know about your concerns. If this problem recurs, your system may be infected and need virus cleanup service performed.

As users and spam filters become more aware of these malicious emails, scammers will develop new schemes to get at your computer, bank account, and other information. The best weapon against these attacks is a healthy dose of skepticism, though even vigilant users can fall victim to scams and viruses. If you believe you may have a compromised email account or infected machine, or if you just want more information about how to prevent these problems, give our office a call at 1-800-GEEK-HELP (433-5435).