October 28, 2009

What is spyware?

What is spyware?

Whether it’s at a party with friends or on a phone call with one of our members, we’re often asked “What is spyware?“, but the answer isn’t always cut and dry. In theory, spyware is any software installed on your computer, typically without your knowledge, which is used to track your computer usage, change your PC’s configuration without telling you, and/or display unwanted advertising. Think of it like a digital spy camera, but instead of taking a picture of you, it’s taking snapshots of what you’re doing on your computer. In practice, however, many types of software could be loosely defined as spyware without being malicious. This makes keeping up with what is, and isn’t, spyware all the more difficult.

What we can all agree on is that spyware is computer software that’s more often than not set-up to monitor any activity on your PC, including (but not limited to) what you type, any websites you visit, or any habits you have when you use your computer. Because of this, the inference is that any piece of software that monitors any aspect of your computing can be considered spyware if you take it to the extreme. However, some software by it’s very nature needs to monitor your computer usage, files opened, and software downloaded. Malware and other scam software packages aren’t likely to tell you they’re installing themselves onto your system, much less tell you about any changes they make to your computer. And because there are so many rogue spyware applications out there you should evaluate any piece of software that you download (and ideally before you install) to have an informed decision regarding whether the software is using the information gathered, and any system changes, for good or bad.

Symptoms of a computer with a spyware infection include, but aren’t limited to:

  • An increase in unwanted popups, generally for advertising purposes. These popups may also occur when you’re not surfing the web, visiting Facebook, or streaming movies.
  • If your PC has become uncharacteristically slow, especially when opening, closing, or saving files, you may have a spyware infection. (Of course, a really old or un-optimized computer may act the same way)
  • A sudden, unintentional change in your browser’s homepage is a classic sign of spyware infection, especially if you’ve repeatedly attempted to reset your homepage back to your original settings.
  • New browser toolbars, desktop icons, bookmarks, or applications installed without your knowledge also herald the arrival of spyware onto your system.
  • A “hijacked browser” that takes you to web sites different from what you typed into your address bar is another classic example of things spyware will do.

In some cases, however, you may experience no symptoms at all, especially if the spyware installed is only monitoring your usage and not actively directing you to web sites or advertisements. That’s where some basic Internet security comes in, by having antivirus, antispyware, and firewall software installed, updated, and running 24/7 to help protect you against the real spyware that’s out there.

Image courtesy of x1brett

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Blog Tagged With: , ,
October 21, 2009

The 411 On How to Prevent Phishing.

Online fraud can come come in a variety of ways; forged emails from financial institutions, fake websites that look like a legitimate brand’s domain, and even in the form of instant messages. When a crook uses a computer to try to get you to reveal sensitive information to them it’s called “phishing”, and the really good phishers make it very difficult to tell the difference between them and the real thing.

Phishing is an example of social engineering, which is any social or interpersonal communication used for fraud of some kind. A phisher works by passing himself off as a legitimate source, often by mimicking a well-known source (a company, a friend, etc.). Under the pretense of being a trustworthy representative, the phisher crafts a message to potential victims that seems authoritative. And while most people won’t click through on these messages, a very small percentage of people is all that is necessary for the phisher to make money and/or wreak havoc.

It’s not just credit cards, bank accounts, and Social Security numbers that they’re seeking. They’ll take usernames, passwords, email addresses, URL history, cookie data… anything and everything that they can get their hands on that might get them closer to parting you and your money. We’re going to show you how to detect the 3 most common online frauds: email, fake websites, and instant messages.

Emails

Email is probably the most common method of phishing attempts. The price is right for spamming (basically free), and distribution of an email can go world-wide in a matter of minutes. A common tactic used by phishers to spread their “bait” is to write an email and use forged email addresses of major banks to inform you that there is a problem with your account. Another trick they employ is to tell you that you’ve won a prize. The safest thing is to not click on any link from an email that you aren’t 100% sure is from a real person or company. Also remember that no company should ever ask for the password to your account in an email! That’s a sure sign of a scam.

Fake websites

If the spam emails don’t ask you to reply back with your account data to “verify” you, they will usually have a link in the email that takes you to a website where you will be prompted enter this information. These phishing websites can look very convincing, too, especially since it’s quite easy to clone another website. Many major ecommerce websites such as PayPal, eBay, and Chase.com have been cloned into a fake website used for phishing purposes.

Fake websites come in a variety of forms, but they all usually have tell-tale signs of being a scam: using an IP address (http://127.0.0.1) vs. a regular domain name (http://example.com/), having a URL that isn’t on the actual domain (for example, http://blog.stopsign.example.com would not be our blog; but at first glance it looks like it), etc. For more information about fake websites, read our blog post on how to detect fake websites.

Instant messages

The scam methods used in IM’s are similar to those from emails. But instead of trying to get you to directly enter information, they usually just provide a link to a website that does all the dirty work for them. It’s best to ignore and/or block unknown users whenever they try to get to you.

Bonus tip: Alternate ways phishers try to catch you

As with most fraud schemes, phishing is a growing resource for crooks and it’s always changing. One alternate method phishers use to scam you is to use a real website to phish. In fact right around the time this post was being written, a Twitter phishing scam made it’s way around the Twitter using their Direct Message (DM) system and tweets, causing a lot of buzz about phishing on the immensely popular service (we even have a StopSign Blog Twitter account). You’ve got to be on your toes all the time to keep yourself safe, but with the tips we’ve written about, you should be able to recognize some of the more common scam methods.

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Blog Tagged With: , ,
October 14, 2009

How to Spot a Fake Website

How to Spot a Fake Website

Have you ever been surfing the web and seen something that warns you that an account of yours, like your bank, has been hacked? Or maybe you were checking your email when you see a message from a department store you shop at that warns you of changes to your account that you need to verify?

These are just a few examples of the kinds of trickery a phisher (scam artists who try to get you to reveal sensitive information like credit card numbers, bank accounts, etc.) will use to get your sensitive, personally identifiable data from you. And they’re great at it.

One of the more popular method used by phishers to scam you is to hire a web developer to create a fake web site to do all of the phisher’s dirty work. Because it’s relatively simple for a decent web developer to copy another web site, it’s very easy to be fooled with a fake web site if you don’t know what to look out for. These fake sites are even more convincing when you see the name of your bank or some other online service in the URL (commonly know as the Internet address, or “web site”); but there are simple ways to spot a fake web site.

Common URL set ups

All HTTP URLs (i.e. your basic web site) follow a common format:

http://domain.tld/

For example:

http://example.com/

The “domain” is the actual domain name (e.g. “example”) and the “tld“, or top level domain, is the “com” portion.

The actual domain and the tld (e.g. “.com“, “.net“, “.org“, etc.) will always be the last parts of the URL before the first single forward slash (“/”) or a question mark (“?”) in an Internet address. Find that, and you’ll immediately know if you’re where you think you are online.

It’s important to note that a domain can have sub-domains before the “domain.tld“, such as our own http://stopsign.com/blog/, but only the real domain owners will be able to use the domain.tld format as described above to build/use their web site.

How to spot a fake or scam web site

Spotting a fake site is as simple as looking for the domain.tld (in the right place) in the URL. If your bank is Chase, then you would expect to see http://www.chase.com; but if you saw http://www.chase.com.example.com/ then you know that you’re not really on chase.com; you’re on example.com. This is one of the most important ways to tell a fake website from a real website!

Examples of valid example.com URLs:

  • http://www.example.com/
  • http://example.com/
  • http://blog.example.com
  • http://www.example.com/blog/
  • http://www.example.com?string

Examples of invalid example.com URLs:

  • http://www.example.fakeurlgoeshere.com/
  • http://example.fakeurlgoeshere.com/
  • http://www.example.com.fakeurlgoeshere.com?string

Did you see how all of the valid URLs have “example.com” before the first single forward slash and/or the first question mark? That’s the key to knowing what is real and what is a scam.

Learning how to spot a fake website is relatively simple, will save you a ton of frustration, headaches, and maybe even money. Make sure you know what you’re really clicking on, or you could wind up as the victim of a phisher or an identity thief.

Image courtesy of geekandpoke

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Blog Tagged With: , ,
October 6, 2009

National Cyber Security Awareness Month 2009.

This month, October 2009, marks the 6th anniversary of National Cyber Security Awareness Month (NCSAM) in the United States, and President Obama has issued a presidential proclamation regarding this event. The use of technology has been a staple of the current administration’s public discussions, and online security concerns have been a part of the conversation from the beginning. President Obama spoke about the the need for securing the US cyber infrastructure during a speech in May of this year, noting:

America’s economic prosperity in the 21st century will depend on cybersecurity.

Clearly internet security will continue to be an important topic for American families, businesses, and government networks now and in the future. As part of the information campaign surrounding National Cyber Security Awareness Month, the Department of Homeland Security website lists 3 core practices they recommend, which include topics we discussed in our blog post regarding the basics of Internet security:

  • Install antivirus and antispyware programs and keep them up to date,
  • Install a firewall and keep it properly configured, and
  • Regularly install updates for your computer’s operating system.

Special Offer: During National Cyber Security Awareness Month we are offering our StopSign Internet Security software (which includes antivirus, antispyware, and an available firewall) at a discount of 20% off with the coupon code “NCSAM” at our shopping cart https://shop.stopsign.com/. (The site will open in a new window.) Please note that the discount will not be applied to the StopSign CD box.

If you don’t see the coupon entry form right away, click on the coupon code link in “Step 2” on the cart to enter your coupon code before you order!

 

There are many events planned for National Cyber Security Awareness Month on a national as well as a state level, and we encourage you to attend and/or view them online and use that information as a base to evaluate your current cyber security level and update if necessary. For more information on National Cyber Security Awareness Month or government recommendations on cyber security, please visit StaySafeOnline.org.

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Blog Tagged With: , , , , , ,
September 30, 2009

The Need for Internet Security Software.

Why do I need Internet security software?

In a world where nearly 25% of the world’s population actively uses the Internet (including over 74% of North America), it shouldn’t even be a question that you need to protect yourself from online predators with a suite of Internet security software. In order to illustrate why, we’ve come up with a few examples. This article touches on a few key areas that can be easily remedied with software so that you don’t even have to think about what you need to do to stay safe: you’re just protected.

Viruses, spyware, and hackers, oh my!

Facts are facts: there are a lot of bad people out there who like to write computer viruses, worms, rootkits, and all manner of malware. Computer viruses have plagued users and administrators since as early as 1971, and there’s no sign of a slow down.

Antispyware and antivirus software are key components to keeping unwanted spyware and problem-causing viruses off of your computer and/or network. Using automated threat scanning, antispyware and antivirus software seek and destroy anything that isn’t welcome, which leaves you free to run your computer worry-free.

Don’t you want to keep your private data private?

According to the Social Security Administration, identity theft is one of the fastest growing crimes in America, making it a very real, very serious problem. Many of the methods used to steal personal information are offline, but since spyware tracks your computer usage and can even be written to send data back “home” to the person or group who created the spyware in the first place, making a leap to the digital world isn’t that difficult for crooks.

In the current world economy hackers and crackers around the globe are feeling a pinch in their pocketbooks just like everybody else, so they are devising crafty new ways to separate you from your private, personal information and your hard-earned money. If you do your taxes on your computer, keep a file with passwords stored on it, or have anything else that may contain sensitive information, it is completely possible that a spyware application can find or sniff out that information and relay it to the hacker.

But what if I’ve never had a virus (or spyware, etc.) before?

Unfortunately the reality is that even if you’ve never had to deal with malware in the past, the longer you use your computer and the Internet it’s only a matter of time before you become infected with a virus or some spyware if you are running your computer without some kind of protection. Why take chances when there’s a simple, safe, and inexpensive solution?

It’s better to be safe than sorry, so we recommend that you install, use, and keep updated, an internet security software package like our own (cue the shameless plug) StopSign Internet Security software.

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Blog Tagged With: , , ,
September 15, 2009

Staying Safe Online (and Offline).

For all the good that the internet brings to us, it can also be a dangerous place if you’re not careful. Identity theft, burglars reading blogs, and many other issues can catch you in their web if you’re not careful. Because of this we have a few suggestions to help keep you and your family safe both off- and online.

Keep Personal Information Private

It’s easy to reveal too much information on social networking sites like Facebook, Twitter, and MySpace. These sites usually have online forms where you can input your email, phone number, and even home address. Keeping spam out of your inbox is one thing, but with today’s sophisticated criminals and increased use of the internet by organized crime, you have to be careful with your home and family information.

Remember that anywhere you publish your home address might provide an opportunity for a burglar looking to case a neighborhood to find his or her next victim. Just as you wouldn’t put your Social Security number anywhere for the general public to see, keep as much personal information under wraps as possible: home address, work address, home phone number, etc.

Watch Those Pictures and Videos

Sharing pictures and videos with family and friends is great, especially with the ease of use that most gizmos and gadgets have today; but be careful not to let anything personally identifiable leak out accidentally. Pictures of your home are fine, but make sure that nothing that can identify you or your family is visible. For example, anything like a street sign near your home or the name of the school that your kids attend can be dangerous to post since they can be used to track you down in real life. The same goes for your cars. Even news and entertainment shows blur out license plates for the sake of privacy and security. If your pictures have any elements like that, it’s a good idea to cut- or blur-out those things.

Don’t worry though, because you’re not going to have to spend a lot of cash to buy a photo editing software package like Photoshop (a wonderful, albeit expensive, piece of software). If you don’t have photo-editing software, you can find plenty of free online tools that let you blur, clip, or pixelate pictures without emptying your wallet. A few good ones are Pixlr and Picnik.

Don’t Reveal Too Much

Be sure not to give away too many details about your daily activities. Most people have a general pattern they follow day-to-day as they go to school or work, and criminals can use that information to their advantage. If you post info online about going on vacation, a ball game, or even the grocery store, then those who might use that information against you could be given a perfect opportunity to slide in when you step out. Instead, try posting your activities after the fact, with the added benefit of being able to show pictures of the fun you had (keeping in mind the photo safety tips above).

One Last Thing…

Don’t get us wrong.. it’s not like posting a picture online is going to immediately ruin your life. Well, not any family-friendly photos, at least. Some of the examples given may seem extreme, but they happen, and you need to be aware of them. But like with most things in life, it’s better to be safe than sorry. Exercising a little extra caution before clicking that “submit” button can help curb any potential hazards and keep you and your information safe.

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Filed Under: Blog Tagged With: , ,
« Previous Page
Next Page »