HOW TO PROTECT YOUR PC/MAC FROM THE ATTACKS

 

 

 

 As the chip-and-pin technology is heralded as a success in reducing the credit/debit crimes the thieves are turning to IT, internet and the hackers to beat the system and continue with their activities.

 

Hackers are increasingly focusing on desktop and web applications, rather than attacking operating systems and web servers.

 

Every day, people browse the internet's wild frontiers with virtually no locks on their computers. Even the experts are vulnerable to security attacks.

 

The bank-job hackers tried to break into the system using key-logging soft­ware to relay passwords from employees' computers to the perpetrators, who could then access accounts to transfer money overseas. Police foiled this online heist, but they won't be there to protect your

home computer.

 

It takes, on average, only 17 minutes for a computer connected to the Internet to become infected with viruses or spy-ware - in effect, wide open to a total stranger. So you have to act as your own security guard against the growing army of digital villains who want to grab your cash, because they wield an ever-­growing arsenal of weapons.

 

Virus writers used to be kids out to gain a bit of notoriety, almost like graffiti artists. Nowadays, we're seeing many more professional gangs who are after money. They're working with spammers and criminals who steal credit cards and­ are involved in other forms of identity theft.

The whole business is changing.

 

More than 100,000 viruses, worms and Trojan horses genetically known as malware – are currently circulating on the internet, industry experts estimate and numbers are growing by about 1,000 per month. .

 

The good news is that the past two years have seen more than 20 arrests of suspected malware developers, based all over the globe, from Belgium to Taiwan.

 

What all the experts agree on, however, is that the consumer must become his own spy-catcher, helping to win the fight by adopting prudent online tactics.

 

There are three main steps you can take to protect your computer:

1-Install an internet firewall.

2-Keep your computer’s operating system updated.

3- Install an up-to-date anti-virus software and keep it updated.

 

The worst attacks have less to do with technology and more with tricking the public into doing something they shouldn’t, which is why we should try to educate people on how to cope.

 

Here is a short guide to keeping your computer secure and safe from these malevolent 21st-century crooks.

 

 

 

THE VIRUS WRITER

 

Viruses, worms and Trojan horses are all malicious programs designed to infect and affect your computer, but they differ in significant ways. A virus travels from computer to computer through human action, such as clicking on an e-mail attachment. A worm can travel without assistance (eg, by sending itself

automati­cally to the people in your e-mail address book). A Trojan horse cannot replicate or travel, but is often installed surreptitiously in order to take over a computer and make it do the bidding of a remote operator.

SYMPTOMS

Computers may behave erratically, rebooting, running slowly or displaying strange messages or pop-ups.

Trojans tend to leave little or no trace, and the only clue is increased activity on your net connection for no good reason.

FIX

It's vital to keep your operating system, firewall and anti-virus software switched on and updated. Out -of-date anti-virus programs are useless, but the better ones, such as the free AVG (www.grisoft.com), have excel1ent auto-update features. Perform an online scan if you suspect mischief - try Panda’s version at

tinyurl.com/455j. And install a good anti-Trojan package, such as Trojan Hunter (www.misec.net/trojanhunter).

 

 

 

 THE ROGUE DIALLER

 

A virus that secretly connects your computer to the net to rack up huge phone bills by calling premium-rate or international numbers ­over a dial-up modem. It is often transmitted in e-mails. People may also be fooled into downloading one while browsing, malicious gambling or adult websites. The telecoms ombudsman,  Otelo, says that the onus is on con­sumers to protect  themselves from rogue dialers, as they must pay any resulting bill. BT recently launched www.bt.com/premiumrates to provide advice.

SYMPTOMS

The first most people know of these nasties is a phone bill for hundreds or even thousands of pounds. You may notice that your computer dials the internet unexpectedly, or frequently disconnects and reconnects, or that the dialing sounds last longer than usual (reflecting longer international numbers).

FIX

Disconnect the modem from the phone line when not in use (this includes broadband subscribers who have a stand-by dial-up account) and install a software guard, such as the free Modem Protection program from BT (www.btmodemprotection.com) or Reconnect Warning (£6 from www.reconnectwarning.com).

Block premium-rate and international calls on your phone by contacting your phone company. From

September 15, a new regulation provides 30 days from the date a rogue call is made for consumers to alert the regulator ICSTIS (0800 500212) and your phone company. Also ask for monthly bills.

 

 

THE PHISHER

 

Fraudsters send out millions of e-mails purporting to come from banks and other financial institutions. Typically, they ask you to click on a website link, go to the site and update your account details, in

some cases cheekily claiming that it is "to protect against fraud". Once you're on the fake site, the crooks will ask you to input account details and passwords, at which point your account becomes toast. The latest figures from the security firm Symantec suggest that one in every 250 e-mails is a phishing attack. What's consoling is that, while the Association of Payment and Clearing Services reports that UK banks lost £12m through such online fraud in 2004, that total is small when compared with the £504m lost last year to credit-card fraud.

SYMPTOMS

 A lavishly designed e-mail message with bank letterhead and logo. One of the immediate giveaways may be bad English, poor grammar or mis­spelling, but the more sophisticated mails are perfect in every detail.

FIX

No bank, building society or online service such as Pay Pal or eBay will ever send an e-mail asking you to supply account details, so even if it looks impres­sively official, neither click on it nor reply to it. If you believe that you have become a victim, contact the financial institution immediately.

 

There are three main vulnerabilities in general - e-mail, web browsers and computer ports. Nobody is immune.

 

 

THE PHARMER

 

Pharming is a sophisticated form of attack that uses the net's complex addressing system called DNS, to redirect people from legitimate sites to bogus addresses. So, for instance, you enter www.ebay.com in your address bar and are unaware that you have landed at a look-alike site. As yet, these attacks are rare, but they the potential for serious mischief if perfected. Symantec claims that along with phishing, pharming attacks have trebled in the past six months.

SYMPTOMS

 Examine your browser's address bar, where you may notice that the plausible website name is not exactly

what you typed (www.eebay.com, for example) or has an sign in the middle.

FIX

Install and run a specialised browser such as Deepnet Explorer (www.deepnetexplorer.com) or an antidote tool. such as Spoof Stick (www.corestreet.com/spoofstick). This software displays the real web address you are visiting outside the address box itself, so you know exactly where you are.

 

THE HACKER

 

Hacking - or, more properly, cracking - is a generic term that means breaking into a computer, either remotely or on site. Cracks may include defacing web­sites or installing software to reveal passwords and sensitive personal details, or logging each key-press made on the keyboard. Last year saw a 36% increase in attacks on web servers - with nearly 400,000 attacks logged around the world by the security firm Zone-h.

SYMPTOMS

 Unfortunately, well-written cracks are almost invisible until it's too late, so always be conscious of security. Modern computer attackers have moved into stealth mode. They want to keep your computer running as if nothing is wrong, so they can use it to launch zombie attacks on selected targets."

FIX

Never give out passwords and sensi­tive account details, or allow strangers to remain in your computer room for long periods without supervision. If you think you have been hacked, run antivirus programs or specialist tools such as Advanced Anti Keylogger Lite (www.spydex.com/advanced-anti-keylogger . html) or the free Ewido suite (www. ewido.net/en/lfeatures) and see if they detect intruders.


SPYWARE

 

Software designed to surreptitiously col­lect and report information about your surfing habits is called spyware. The security firm Computer Associates recently claimed that most computers have about 80 or 90 pieces of potentially malicious code on them, with an average of four pieces of serious spyware. These programs are installed on computers when people download certain software or visit dubious websites.

SYMPTOMS

Most spyware, by definition, operates silently in the background, so is difficult to spot. However, be suspicious if you notice your browser running slowly or Internet Explorer crashing unusually frequently.

FIX

Most ad-supported freeware and free toolbars or search bars are funded by trackers, so stay away from this type of software unless it comes from reput­able companies such as Opera, Yahoo! or Google. To locate and remove, download Ad-Aware from www.lavasoftusa.com (note the correct web address, as there are similarly named fakes). Microsoft has released similar anti-spyware protec­tion, described at tinyurl.com/47cus. Remember to set your virtual policeman to perform a scan automatically and regularly. The price of security is eternal vigilance.