Note: there is some similarity between the tactics used to
spread
computer viruses and those used to spread "spam
": unsolicited commercial e-mail. See the web page on Tips
for Avoiding Spam for more information.
Caution: some viruses are used to gather personal information
to facilitate identity theft, while others leave your computer open to
"pharming" and other identity theft attacks. See the wep page Identity Theft and How to Avoid It for more
information.
a. GET OUT OF THE HABIT OF OPENING EVERY FILE OR CLICKING ON
EVERY LINK THAT ARRIVES BY
E-MAIL! In general, you should not open any file unless
it
is something that you are expecting, and you should not click on a link
in an e-mail unless you are absolutely, positively sure that it came
from a trusted source. Tell your friends to send
you
jokes, etc. by ordinary e-mail and not by attached files. If you
have to send someone a file or link, include enough information (such
as personalized
comments) in your message so the receiver knows the message came from
you.
b. Remember always that Microsoft does not send out updates by
e-mail. If you get a message claiming to be from Microsoft, it
isn't!
c. Among the common virus carriers are Word document files (file extension of .doc). Word includes a “macro” language, and virus writers find it easy to use the macro language to create viruses. Fortunately, Word 97 and later include macro virus protection. Click on Tools, Options, or Tools, Macro, Security to ensure that macro virus protection is turned ON in your copy of Word. That, however, is only the first step. When macro virus protection is on, Word will WARN you if you are attempting to open a file that contains macros (and therefore probably a virus). If you ever see the warning, do NOT open the file. Instead, inform the sender that they may have a virus.
d. Don't use Microsoft Outlook or Outlook Express for e-mail. Eudora (www.eudora.com ) is free and much safer. Also, the big web-based e-mail sites, such as www.hotmail.com and www.yahoo.com have built-in virus checking and are generally safe.
e. Don't assume that files from people you know are
safe!
You are actually more likely to get a virus from someone you
know
than from a stranger. Your friend may have a virus and not be
aware
that he/she is sending you an infected file. Also, many recent
viruses
have spread using the infected computer's e-mail address list, so the
message
you receive may have been sent by a virus and not by your friend.
Finally, the message may only appear
to be from your acquaintance: virus (and Spam) writers are quite
adept at "spoofing" return addresses, i.e., sending messages with someone else's return
address.
Spoofing is also a big problem for businesses. There have been
many occasions of a spammer or virus writer spoofing the return address
of a big company. The result is often that thousands of people
become angry at the company when they get the spam or virus-infected
messages. This cannot
be prevented with current technology, but your IS staff should
be alert to occurrences
and take quick steps to inform and reassure customers.
f. Install anti-virus software and keep it up to date (discussed
more fully below ).
g. Install firewall software and keep it up to date.
This is
particularly helpful in defending against defects
in Microsoft Windows
as described below.
a. (easiest) Avoid using MSIE for your routing web
browsing.
Netscape (version 7.1 or later), Firefox, and several other browsers
work well for most
(but
not all) web pages and have not been the target of this type of
virus.
You can download a free copy of Netscape from http://home.netscape.com
. Unfortunately, the file is large; plan for several hours of
download
time with an ordinary modem unless you know someone who has a copy on
disk.
Get assistance if you have never installed downloaded files.
b. Set MSIE so that "dangerous" activities can only be done
with your knowledge and consent. Procedure:
c. Run Windows Update frequently. When defects in Windows XP, MSIE, and other Windows programs are discovered, Microsoft makes "fixes" available for free download through the Windows Update program (Windows 95 and 98 are no longer supported). Click Start, All Programs, Windows Update. Unfortunately, the update files are often large; some take several hours of download time with an ordinary modem. The procedure is simple, however, and you can generally just follow the on-screen instructions. Always focus first on the "critical" updates; "recommended" updates are much less important.
Note: the Windows Update feature can also be used to keep
Microsoft
Office, Outlook, Outlook Express, and other Microsoft
software
up-to-date.
Also note: Windows XP can be set to automatically download
critical updates for you. Click Start, Control Panel, (Classic
View), System, and set “Automatic Updates” to prompt before
installing. When updates become available, you will automatically
be notified to install them, which you can do at your convenience.
d. Install anti-virus software and keep it up to date (discussed more fully below ).
e. Install firewall software and keep it up to date.
This is
particularly helpful in defending against defects
in Microsoft Windows
as described below.
a. Run Windows Update frequently as described above. This won't eliminate the danger, but the risk will be lessened.
b. Install "firewall" software. This type of software is
available from several sources and is capable of both preventing
intrusion
into your computer from outside and preventing your computer
from
attacking other computers if it should happen to become infected
anyway. One of the easiest to install and use is the firewall
software that comes with Windows XP. To activitate it, click
Start, Control Panel (classic view), Network Connections.
Right-click on your network connection and choose Properties.
Click Advanced, then click "Protect my computer...." and OK to
exit. Important: a
firewall will warn you if network activities occur that it isn't sure
are safe. If you get a warning, be careful how you respond!
The Microsoft XP firewall is automatically activated if you install the
"Service Pack 2" update.
c. Install anti-virus software and keep it up to date (discussed more fully below ).
1. "Phishing": you receive an e-mail message that
appears to come from a financial institution. Often, it tells you
that there is a problem with your account, and you are prompted to
click on a link to fix the problem. Don't! The link is to a web
page that either collects your information to use for fraud or identity
theft
purposes, or that will infect your computer with a virus! Real
financial institutions will never send you such a
message. Note: Paypal (used for e-Bay and other Internet
transactions) is an extremely common subject of these attacks.
2. "Pharming": this refers to one of several techniques
to re-direct your attempt to log in to a legitimate site (particularly
a bank or other financial institution) to a fake site that looks like
the real thing but isn't! If you fall for the scam, your account,
password, and possibly other information will be harvested and used to
log into the real site under your name--and steal your money!
Most commonly, these occur when your computer is infected with a virus
that modifies your browser favorites to direct you to the fake
site. There have also been cases of DNS (domain name system)
servers being infected, resulting in re-direction of everyone whose
browser accesses that server (even though their computers are not
infected). Tip: if you aren't 100% sure whether the
site you are entering is actually your financial institution, type in
an incorrect account
and password. If you are at a real site, it will tell your
information is incorrect. If you are at a fake site, it will let
you in (since it doesn't actually know your account and password).
3. Fake electronic greeting card. It works like this: you get an e-mail telling you to click on a link to receive an e-card sent by someone you know. Unfortunately, the link actually takes you to the virus site, or sometimes the site of an undesirable advertising company. You will be notified that you have to install an "ActiveX" control in order to view the card. If you are foolish enough to bite, a "EULA" (End User License Agreement) pops up. It is very long, and you will probably not read it. They're counting on that. When you scroll to the bottom of it and click "Accept," you have agreed to the terms of the EULA.
Part of what you will have agreed to is to have monitoring/spyware software installed on your computer which will periodically report a vast array of data back to the card company. The other part that you've agreed to is to have the software send mail to every address in your address-book (if you are using Outlook or Outlook Express). Your friends will then get the same virus that you have. This can be distressing, since these often link to porn sites! The following have been reported to send such cards, so be wary of anything you receive from them: friend-card.com, friend-card.net, friend-cards.com, cool-downloads.com, cool-downloads.net, friend-greet.com, friend-greeting.com, friend-greeting.net, friend-greetings.com, friend-greetings.net, friend-cards.net, laugh-mail.com. There are surely more--see tips below for how to avoid.
4. Fake "returned" mail. You receive a message that looks like you sent it, but it was returned. The message includes a web link or a file. If you are foolish enough to click on it, you get a virus or very undesirable advertising (often porn).
5. E-mail allegedly sending you a "patch" for Windows (i.e., a program to repair incorrect Windows files) or a program to get rid of a virus. In fact, the patch or program is almost certainly a virus itself! See tips below.
6. Forged return addresses, making e-mail appear to have been
sent from someone you know even though it wasn't (forging a return
address is sometimes called "spoofing").
b. Do NOT SEND obscure messages with attached files! If you need to send someone an attached file, let them know ahead of time, then include a personal narrative that will make it clear to the recipient that YOU sent the file and not a virus or "spam" writer.
c. NEVER click "OK" to download, install, or run anything that you did not specifically request. Make a habit of doing that, and you WILL get burned eventually.
d. Install anti-virus software and keep it up to date (discussed
more fully below ).
a. The “virus” arrives as an e-mail telling you not to open any e-mail message with a particular subject. One of the most famous is the “Good Times” virus, which warns against messages with a subject of “Good Times.”
b. (most dangerous) The “virus” arrives as an e-mail telling you to check for the presence of an obscure file on your computer, and erase it if you find it. A common version refers to a file named sulfnbk.exe . In actuality, the file referred to is a normal component of Windows, and erasing it damages your system!
c. Chain letters. Like the old fashioned snail mail chain letters, these either promise you a reward if you send the letter on to more recipients, or claim that you will suffer bad luck if you “break” the chain. Some common ones indicate that you will win $1000 or some other valuable prize. There is, of course, no prize. New twist: current chain letters often have built-in means of harvesting the e-mail addresses to which the message is sent, then sending the addresses to organizations that send spam ! Send on a chain letter, and everyone on the list may become an immediate spam target!
Solution for all virus hoaxes is simple: ignore them. If you aren’t sure whether a message is a hoax, check any of the big anti-virus software sites, such as www.mcafee.com . There are also dedicated hoax sites, such as http://hoaxbusters.ciac.org/ .