|
| |
Hey!
That's Not Me!
By Lyne Royce
What can infect anyone, annoy you more than Brussels sprouts and stick like glue? A computer virus, if you didn’t already guess.
Three things you should never underestimate:
-- Women shopping a shoe sale
-- teenagers (I’m told)
-- computer virus writers
From what I’ve read in the trade mags, it looks like Microsoft underestimated criminal virus writers because, even as I write this, things are changing on the Internet due to the latest in designer computer viruses. Personally, I’d prefer that these people create more detailed smiley
emoticons, but I guess that’s not an option.
Microsoft was told about a hole (yes, you read right, A Hole) in Internet Explorer
SIX MONTHS AGO that could cause this problem. I could have built three Wal-Marts and raised five kids in that amount of time. Okay, end of ragging on Microsoft and back to what exactly has happened and what we can do about it.
‘Criminal’ is the correct word to describe these people because it has been established that whomever is writing these viruses plans to steal your identity. They can do it by lifting passwords, your bank account, your social security number and your credit card numbers. Just for laughs they could maybe take your teeth and a kidney while they’re at it.
Remember reading about the 3 twelve-year-old boys in Israel who brought their country’s defense system to its knees by hacking into the network? They probably did it for fun or to see if they could actually accomplish their task. They’re also probably employed by the Israeli military by now. And these were only kids.
Microsoft has offered patches to plug the holes in Internet Explorer so get over there and sign up for their notification service and download their offered patches immediately. Here’s where to go to do just that:
http://www.microsoft.com/security/antivirus/mydoom.asp
Updates for Internet Explorer can be found here:
Internet
Explorer Updates.
If you haven’t read about it already, here’s a scenario:
You’ve just gotten an email from your bank telling you that the bank’s data has been compromised by a virus in their computer systems. They ask that you confirm your information immediately before identity thieves can access your accounts. If you click on the link included in the email to confirm your entry data, you may have just given out your bank account information to thieves. It’s called “phishing”; it’s very successful and when they send the email, it looks like it’s an email from your bank. The link in the email looks legitimate and it takes you to what looks like the real bank website. But it’s a fake site made up to look like your bank’s website so these people can steal from you. That little trick is called “spoofing” a website.
As this column is written, these people are sending out bogus Citibank emails to thousands of people telling them to click on the link in the email and enter your password and your PIN. They explain that this is purely to make sure no one else can get to your accounts.
Pullease. Just on the off chance that you need to be reminded: NEVER give your password or your PIN to anyone!
These are real criminals and the banking community thinks it may be a criminal ring aimed at fleecing consumers.
Geez, ya think?
You may ask, ‘Why would these people want my information? My credit’s not that good anyway.’ Doesn’t matter. You have an identity that (hopefully) doesn’t include a criminal history. If you have any access to credit or have a bank account, you’re toast. Thieves can take out loans in your name, write checks to pay for tacky clothing, and even take a cruise complete with a new set of ugly green luggage, all paid for by you.
Incidentally, unless you’ve been living on the moon for the last two years, you already know that PayPal was successfully “spoofed” for a short time a couple of months ago until they could get the word out to tons of innocent customers that they should be absolutely sure that when they go to PayPal’s site, they see
“https"-- accent on the ‘S’-- in the website address. Criminals who spoofed the site can’t use the last ‘S’ in their code for the URL. The only way you can be sure you’re at a legitimate banking site, credit card site or any other financial site is to type in the site name yourself. Do NOT click on the site link in an email or you’re liable to get nailed.
Remember the advice about your bank or credit card company calling and asking for your account information? “YOU INITIATE THE PHONE CALL, not the other way around.” Same thing for web sites. ONLY YOU can trust YOU when it comes to financial information. We need to get a lot more serious about protecting ourselves. It’s safe sex for technology. Think of it as a big condom over your computer. Well, it does present a picture you can deal with.
Good news is coming, I promise. The SoBig and Bagle.A viruses were bad and experts are saying this latest assault could only be a probe; a harbinger of things to come. Already discovered as having the capability of logging user’s keystrokes, which means stealing passwords, SoBig.F and Bagle.A can also be programmed to send major spam to your Inbox. That’s why these viruses are being classified as low to medium risks; because they’re nuisances but not necessarily dangerous to your hard drive data. Except for one thing:
Their latest creation is a new virus with two more variants. The first virus works like SoBig and sends itself out to everyone in your email address book. This new virus goes the next step after
SoBig. After the virus sends itself out, it leaves a back door open so the next variant can climb into your computer and find your passwords and any other sensitive information on your system.
Allow me to introduce you to the ‘MyDoom’ family of viruses. Now there’s an appropriate name for a computer virus and so accurate. Every time you accidentally get a worm virus like this, you have the power to help spread it across the Internet without even realizing it. If that happens… Congratulations! You are now part of the problem.
If you’re reluctant to do your banking on line because of the possibility of someone getting into your bank accounts, I’ve got news for you:
Financially, you’re already flapping in the breeze. If you have a bank account, it’s already online for any criminal to steal, whether you’ve activated it or not. So you may as well make it easy on yourself and set up passwords for your accounts and take advantage of the safety net the passwords can give you and use the Internet convenience as long as the bank doesn’t charge you for it. Just make sure you know the rules and stay one step ahead of the bad guys. Here are some suggestions:
- Set up a bank PIN on your web bank account and keep it secret. Change your passwords often; at least once a month. TIP: Hackers are very good at guessing passwords by looking for information about you so don’t use just letters for your password – use a combination of letters and numbers.
- Read what PayPal tells you and make absolutely sure that their URL starts with ‘HTTPS’.
- Look to see if any credit cards you own do not charge you if any fraudulent purchases are made on your account. Most don’t these days but there are exceptions.
SOLUTIONS, WARNINGS & AFTER-THE-FACT
-- Shopping on the Net:
Yes, Virginia, it’s safe to shop on the net. A few caveats, however.
-- Don’t enter your bank card number, your credit card number or your social security number unless the little yellow padlock shows up in the lower right corner of your screen. If you call the vendor because the padlock doesn’t show up and they tell you their site really is encrypted even though the padlock doesn’t appear, don’t you believe it. YOU probably know more about software than the person on the other end of the line.
-- Software Registration (or any other registration, except your car)
DON’T YOU DARE DO IT! Register that new software program and your name will be sold faster than Madonna dumps boyfriends. It’s not necessary to register it because most software companies don’t offer software support anymore. So guess why they want your name? Because your name and your demographics are valuable commodities like a hunk of pork to be sold for a profit. Could make you feel like you’re a member of the world’s oldest profession, huh? No, not a politician, Dope, the other oldest profession – the one that requires your own lamp post.
Okay, so if they don’t offer software support, what would they want your name for? To notify you that your software program could malfunction and crash into a building and take you with it?
-- This site checks and removes the MyDoom virus if you have it: www.microsoft.com/security/antivirus/mydoom.asp
-- Shred, Shred, Shred:
Know why you can buy a confetti shredder so cheap these days? Because they can shred half a ream of paper in 30 seconds and munch down a stack of CD’s faster than you could fry an egg on a Phoenix sidewalk in July. The days of standing over the wastebasket after you get the mail are over. Get a good shredder and use it. Anything with your name on it should be shredded. I just got another one of those endless credit card offers. I started to throw away the return envelope but I noticed a bar code on the flap. THE FLAP! It said above the bar code “NOT TO BE TAMPERED WITH UNDER PENALTY OF
LAW.” (Yeah, right – they have to catch them first. I expect they’ll make me do that.) When I emailed the company to ask what fresh hell they were attempting to put me through this week, they assured me it was only an offer code. I am not assured. I got four of these offers in one day from two companies. You guessed it: there were 2 different codes on the return envelopes. I’m so paranoid now that I shred return envelopes even if there’s mashed bug juice on them.
What you can do to protect yourself:
1. DON’T open email attachments that end in .exe, .pif, dll or .zip, .dat,
.cmd, .scr and .com even if it’s a friend sending it. Your friend may have unknowingly sent you the attachment. Ask everyone you know to please mention in the body of the email that they sent an attachment and list the filename.
2. DON’T click on a website address in an email that asks you to confirm any of your financial accounts. Type the URL in yourself in the address field of Internet Explorer or Netscape.
3. DON’T open an email that has no subject line. And tell your friends and family not to send you emails unless they put something in the subject line or they won’t hear from you. Remind them that holidays will be no fun without you.
4. Be Paranoid. If somebody says ‘paranoid’ is dumb, let’s see what they do when they get the virus.
5. Subscribe to Microsoft’s free security downloads. Go here: http://windowsupdate.microsoft.com
and you get all kinds of information about security.
6. Set up automatic update for Windows if you haven’t already. Click on ‘START’ on the lower left of your screen when the Taskbar pops up and you should see ‘Windows Update’ listed above
‘PROGRAMS.’ Go here to get more information: http://www.microsoft.com/security/protect/update.asp
7. Get a good anti-virus software program… and set it so that the newest definitions download automatically. Also set it to scan your hard drive daily. Symantec’s Norton Anti-Virus is worth every penny because of how easy the interface is to use.
www.norton.com
8. Do not ever go to bed and leave your internet browser on your home computer open all night. You’re asking for bad company on your computer by leaving it open. More than half of burglaries happened because some bozo deluxe left a door unlocked or a window unlatched. Same goes for computers – don’t leave an invite for a virus to stick to you like a magnet by staying online while you sleep.
9. Install the newest Microsoft patches. Again, find them here: http://www.microsoft.com/technet/security/bulletin/MS04-007.mspx
It’s very simple to be part of the solution. Here’s how:
-- Don’t open any suspicious email, especially one without a subject.
-- Don’t ever open an attachment with the three-letter formats listed above.
-- Always type in your financial web site addresses yourself; NEVER click the link in an email.
We pause now for an interesting bit of info: In an interview with the Reuters news service, the CEO of antivirus vendor Sophos
(www.Sophos.com) described the average virus writer as male, 14-34, obsessed with computers and unable to get a date. Misogynistic personalities aside, they could have interviewed me and even I would have been able to illuminate them. Hello? People with way more free time on their hands! Most baby-boomer women who were forced to take Miss Stack's 8th grade
home-ec class are dead meat for life when it comes to creative geek-in-the-basement technology. Unless, of course, you broke out of your generation's stereotype and became a bartender sporting an Annie Oakley outfit and got to shoot your customers with your cap guns. Those are the women who could grow up to be virus writers. Or president. But I digress with my preferred role models.
These are simple precautions I’ve listed but you won’t believe the number of people who ignore every one of them. In fact, an actual drop in speed on the Internet (by about 50%) has already been measured by Internet technology experts because of the spread of this virus.
There will always be nasty people out there who need a hobby. Too bad some choose to write computer viruses. I’m all for revenge because of my intolerance for people who won’t do their jobs or for the ones who do nasty jobs... I’m in favor of maybe hiring these virus writers to build antivirus programs. They’d make good candidates, in my opinion.
Or we could just get it over with and hang them by their ankles until they turn blue.
And since I’m known as The Zamboni (because I’m told I pretty much mow down people I don’t like)…
I vote for letting them turn blue.
And let’s for cryin’ out loud remember to wear our steel-toed boots to stamp out virus writers.
Copyright © 2004 Lyne Royce
Lyne Royce is a freelance writer living near Phoenix with one devoted husband
and 6 spoiled cats. All are strays, including the devoted husband. Lyne likes
stray cats, the Arizona desert and 80’s rock. After fifteen years teaching
software classes, Lyne decided to listen to Thalia, her muse, who had been
beating Lyne over the head with a baseball bat to get her attention. Lyne
currently belongs to several writers discussion groups and is a member of The
Net Wits, National Association of Women Writers and Southwest Writers
organizations. Lyne is also a contributing columnist at www.ewritersplace.com
& www.absolutewrite.com.
Contact
Lyne at lyne@sugarworksite.com.
| |
Sponsored links
Ring binders
Make a Real Living as a Freelance Writer!
How to find a
book publisher
|
