The following information comes from the WEBSENSE blog (LINK: http://community.websense.com/blogs/securitylabs/) concerning this new FB attack, included below is a video from websense showing how the attack happens.

Posted: 28 May 2010 09:11 PM

***************************************************************************************************************

From PandaLabs Website (LINK:http://pandalabs.pandasecurity.com/irs-1042-w-identity-theft-scam/)

IRS 1042-W Identity Theft Scam

• Posted on 04/9/10 by Sean-Paul Correll

It’s tax season in the United States and the April 15th filing deadline is approaching quickly. Every year around this time U.S. citizens stress about getting their finances in order and reported to the Internal Revenue Service in time to avoid penalties. Careful though, because that nervousness might just help a cyber criminal steal your identity. A fake IRS Tax Form (1042-W, which apparently doesn’t even exist) has been spammed out and is currently circulating on the Internet.

The e-mail arrives disguised as an official correspondence (irs@irs.gov) from a rep named Cindy at the Internal Revenue Service.

Fake IRS E-mail

Two PDF attachments are included with the email, both of which were authored in Microsoft Word 2007.

Fake IRS PDF Documents (1042-S B.PDF and 1042-S A.PDF)

The first document introduces the 1042-W form and reads:

Dear Sir/Madam,

Our record indicates that you have not submitted your form 1042-W. As a result, you are exempted from United States of America Tax reporting and withholdings, on interest paid you on your account and other financial dealing to protect your exemption from tax on your account and other financial benefit in rectifying your exemption status.

Therefore, you are to authenticate the following by completing form 1042-W, and return to us as soon as possible through the fax number: +1-780-669-7364

Fake IRS Document

The second PDF document is the form itself.  It asks for the following:

1. Name
2. Date of Birth
3. Nationality
4. Place of Birth
5. Address
6. Passport Number
7. Mothers Maiden Name
8. Social Security Number
9. Profession
10. Bank Name/Account/Pin – Date bank account was opened and branch location
11. Attached photocopy of passport

Fake IRS Tax Form (1042-W)

After completing the form, the instructions call for faxing it over to a phone number (+1-780-669-7364) located in Alberta, Canada.

Sending this form over to the criminals would most definitely result in a stolen identity.  The IRS has stressed year after year that it does not make unsolicited requests via e-mail.    Here are some tips on how to spot an IRS scam and what to do if you receive one in your inbox:

How to Spot a Scam

Many e-mail scams are fairly sophisticated and hard to detect. However, there are signs to watch for, such as an e-mail that:

• Requests detailed or an unusual amount of personal and/or financial information, such as name, SSN, bank or credit card account numbers or security-related information, such as mother’s maiden name, either in the e-mail itself or on another site to which a link in the e-mail sends the recipient.
• Dangles bait to get the recipient to respond to the e-mail, such as mentioning a tax refund or offering to pay the recipient to participate in an IRS survey.
• Threatens a consequence for not responding to the e-mail, such as additional taxes or blocking access to the recipient’s funds.
• Gets the Internal Revenue Service or other federal agency names wrong.
• Uses incorrect grammar or odd phrasing (many of the e-mail scams originate overseas and are written by non-native English speakers).
• Uses a really long address in any link contained in the e-mail message or one that does not start with the actual IRS Web site address (www.irs.gov). To see the actual link address, or url, move the mouse over the link included in the text of the e-mail.

What to Do

The IRS does not initiate taxpayer contact via unsolicited e-mail or ask for personal identifying or financial information via e-mail. If you receive a suspicious e-mail claiming to come from the IRS, take the following steps:

• Do not open any attachments to the e-mail, in case they contain malicious code that will infect your computer.
• Do not click on any links, for the same reason. Also, be aware that the links often connect to a phony IRS Web site that appears authentic and then prompts the victim for personal identifiers, bank or credit card account numbers or PINs. The phony Web sites appear legitimate because the appearance and much of the content are directly copied from an actual page on the IRS Web site and then modified by the scammers for their own purposes.
• Contact the IRS at 1-800-829-1040 to determine whether the IRS is trying to contact you.
• Forward the suspicious e-mail or url address to the IRS mailbox phishing@irs.gov, then delete the e-mail from your inbox.

***********************************************************************************************************

Facebook Password Reset Confirmation NR.2033
From: The Facebook Team | Date:
17/03/2010 8:09 AM | Email
To: xxxxxxx@xxxxxx.com
Attachments: Facebook_password_2264.zip (62 KB) (62 KB)
Hey xxxxxx ,
Because of the measures taken to provide safety to our clients, your
password has been changed.
You can find your new password in attached <document.
Thanks,
The Facebook Team.

***********************************************************************************************************

     Considering how many calls and messages I’ve gotten today about infected machines, I’m know people are falling for it.  So lets start with a simple lesson : FACEBOOK DOES NOT RANDOMLY CHANGE USERS PASSWORDS AND IT DOES NOT SEND YOU VIA EMAIL YOUR UPDATED INFORMATION IN AN ATTACHMENT. SO DONT OPEN THIS EMAIL IF YOU GET IT.  OK with that being said, here are some tips while using Facebook (Directly from the Facebook Blog http://www.facebook.com/security?ref=blog#!/security?v=app_7146470109&ref=mf )

When we talk about security, we’re talking about scams, viruses, and hacks that could infect your computer or take over your Facebook account and result in a lot of annoyance for you and your friends.
Security isn’t just an issue on Facebook, but all over the web, which is why it’s important to be aware online, and to learn how to protect your accounts and your computer.
Here are some ways to be smart and aware on Facebook and across the Internet:

• Use different passwords for your various online accounts. If you use the same password everywhere, and it’s stolen, you could lose access to all of your accounts at once.
• Be wary of where you enter your password. Just because a page on the Internet looks like Facebook or another site you use, it doesn’t mean that it is. Check the address bar in your browser, and learn to tell the difference between a good URL and a bad one. If you ever have doubts about the legitimacy of a link, simply type the website’s URL (for example, http://www.facebook.com) into the address bar.
• Don’t share your passwords with anyone. Don’t do it. Most reputable online services will never ask for your password through any form of communication.
• Don’t click on links or open attachments in suspicious emails. If the email looks weird, don’t trust it, and delete it from your inbox immediately.
• Use a complex password that can’t be easily guessed. Avoid common words, and make sure your password is at least eight characters long and includes capital and lower case letters, numbers, and symbols.
• Be suspicious of any email or message that contains an urgent request or asks you to update your information or provide new information.
• Be suspicious of emails or messages that contain misspellings or use bad grammar, especially if they’re from someone who is usually a good writer.
• Make sure you have an up-to-date web browser equipped with an anti-phishing blacklist. Some examples are Internet Explorer 8.0 and Firefox 3.0.10.
• Make sure you have up-to-date comprehensive security software on your computer that includes anti-virus, anti-spyware, anti-phishing, and a firewall.
• Make sure you’ve set your operating system to update automatically.
• Make sure you’ve listed a security question and answer for your online accounts. This will come in handy if you ever lose access and need to prove who you are. You can do this on Facebook from the Account Settings page. You should also add a mobile phone number from this page, which will help if we ever need to send you a text message to confirm your identity.
• Remember that you choose what you share and with whom you share it. Think before you post, especially if the information is sensitive or personal in nature. You can learn more about how to control your information on Facebook, including how to choose an audience for each and every post you make, in our Privacy Guide

In addition here are some known threats that you can find while using Facebook (Also directly from the Facebook Blog http://www.facebook.com/security?ref=blog#!/security?v=app_4949752878&ref=mf )

Spammy Wall Posts, Inbox Messages, and Chat Messages
When criminals gain access to a Facebook account, they usually post spammy comments on friends’ Walls, or send spammy messages through Inbox or Chat. These messages ask you to click on a link and often try to entice you by claiming there’s a new photo or video of you somewhere on the Internet that you need to check out. The link then takes you to a phishing site that asks you to enter your login information, or a malware site that prompts you to download malicious software.
Don’t click on strange links in posts or messages, even if they’re from friends. If it seems weird for an old friend to write on your Wall or send you a message, it’s possible that the person’s account has been taken over by a spammer. Be particularly cautious of posts or messages that contain misspellings or use bad grammar.
Money Transfer Scams
Scammers sometimes post status updates, or send Inbox or Chat messages, from a friend’s account claiming that the friend is in some difficult situation and in need of money. These messages ask you to help by wiring funds through a money transfer service.
Never send money without first verifying the story through some other means, such as by talking to the person over the phone. If a friend’s account has been taken over, contact us so that we can block access. If you’ve sent money, report it to the money transfer service, and, if you’re in the United States, the Federal Trade Commission or the Federal Bureau of Investigation. You’ll find more tips and a complete transcript of a real conversation with a scammer here.
Fake Notification Emails
Spammers and scammers sometimes send phony emails that have been made to look like they’re from Facebook or another reputable website. These emails can be very convincing, and the “From:” field can even be spoofed to include “Facebook” or “The Facebook Team.”
If an email looks strange, don’t click on any of the links in it, and delete it from your inbox immediately. Be especially wary of emails that ask you to update your account, tell you to open an attachment, or warn you to act quickly before something happens.
Chain Letters and Messages from Phony Facebook Employees
You might occasionally see a status update or message making some claim about Facebook and urging you to take an action. Examples include:

• Facebook is becoming overpopulated.
• Facebook is going to start charging money.
• Certain users have special access to profile information.
• Facebook is selling your data.

Sometimes, these come from people claiming to be Facebook employees who then ask you to provide your password or other personal information.
If a status update or message doesn’t look right, don’t believe it. Disregard it, and tell your friends that it’s phony. If someone pretending to be a Facebook employee asks you for your password, don’t give it out, and report the person immediately by clicking the report link either on the message or the person’s profile.
For more information about Facebook site governance and privacy, check out these documents:
Facebook Principles
Statement of Rights and Responsibilities
Privacy Policy
Suspicious Applications
Facebook has strict policies for developers to help make sure that applications don’t misuse your data. While most applications play by the rules, you may occasionally come across one that doesn’t quite look right.
Use caution when interacting with applications. If you think an application is violating our policies, report it to us through the link on the application’s About page. You may also want to block the application by clicking the “Block” link on its About page.

     Now that you have seen the information directly from Facebook let me add one more thing. I will acknowledge that having to chase down and fix computers for people who fall into the traps above (as well as other know internet virus/malware/rogueware traps) is job security.  Seriously this is not the type of job security I had in mind.

- No African Prince was going give you millions

- Emails that say that they are from a friend or family with that weird looking attachment could actually be fake

- Hot College Girl……well this one just really doesn’t have much beyond “Don’t do it”.

ETC ETC ETC…….

     In those lines a new email starting this week, that has only 1 goal, to trick you into downloading and installing some really nasty software (more of the fake antivirus software).  This new email says that “You have received a postcard”……

The following information comes from PANDALABS blog ( http://pandalabs.pandasecurity.com/the-thousand-faced-rogue/)

******************************************************************************************************************

The Thousand-Faced Rogue

Mar 5

• Posted on 03/5/10 by Olaiz

We want to inform you of a new flood of email messages that seem to contain a postcard but are actually distributing malware. Concretely, we’ve seen several thousands in a few hours.

It’s not the first time we see emails like this in circulation, as subjects like “You’ve received a postcard” are very recurrent.

The message is like the following:

The message seems to have been sent by a member of your family through a legal website to download and send postcards, so that users don’t suspect. In order to view the postcard, you have to open the attached file. It’s a file compressed with zip and if you run it, a rogueware program will be installed in your computer, which is different depending on the message and the operating system you have.

The following are some of the names of the fake antivirus that can be installed in your computer if you run this file:

% Antispyware 2010

Antivirus % 2010

% Guardian 2010

% Guardian

% Defender 2010

% Antivirus

% Antivirus 2010

% Antivirus Pro

% Antivirus Pro 2010

% Internet Security

% Internet Security 2010

where % stands for the operating system of the computer in which it is going to be installed. Some examples: XPAntispyware2010, Vista Guardian, Win 7 Antivirus Pro.

Let’s take as an example Antivirus XP 2010 and see the actions it carries out once it has been installed in the computer.

As every rogueware, it starts scanning the system to check if the computer is infected.

Once finished, it displays a list with the malware that has detected in your computer to make you believe that you’ve got a problem and that this program will offer you the solution:

However, all the malware it has detected makes reference to unexisting files, so the only threat you have is the own rogue.

Additionally, it prevents the execution of programs whose window title makes reference to the following programs:

Internet Explorer

Firefox

Several security suites.

When you try to run any of these, a message is displayed informing you that these programs are infected and recommending you to install the fake antivirus to solve the problem.

The following image belongs to the message that is displayed when Firefox is run:

It also contains code to uninstall different security solutions. This way, the computer would be unprotected and the real antivirus programs could not detect it.

A few days ago Google presented their brand new phone, called Nexus One:

And some days later we find out that if a user searchs for “buy Nexus One” he will obtain around 4,000 malicious links:

When clicking on any of these links, you will see some of the typical fake antivirus sites:

It will try to infect your computer with a rogueware called LivePcCare. Be careful while searching, and use at least some free web filtering tools. (Like Web of Trust)

Update: 5 out of the 6 first results are malicious, including the 1st and the 2nd one.

Update 2: Now the same crew is using the Haiti earthquake

     The add-on which is easy to install, will show the following type of notice on searches (Green as safe sites, Red as sites that would be recommended you avoid)

     In addition when visiting sites that could put you at risk you will see the following message

     As already noted above, this is only an alert, this add-on with all of the browsers will still allow you to “Click here to continue to the page anyways”. That means that this program does not replace common sense, it is a tool to help you better chose but ultimately its still up to the user to use their own common sense. 

     Since I like giving real world examples to explain, here is how I explain Web of Trust.  Consider WOT like your house or car alarm. When you leave your house, you set your alarm, but because you set the alarm doesn’t mean you don’t lock your doors (At least I hope it doesn’t).  Consider your common sense as the looking of your door, if you don’t do it, your still at risk. 

Internet Explorer Add-On (LINK: http://www.mywot.com/en/download/ie)

Firefox Add-On (LINK: http://www.mywot.com/en/download/ff)

Opera Add-On (LINK: http://files.myopera.com/PH%60/UserJs/wot.js)

From the Panda Labs post here is an example they show with results that will do nothing but infect your pc.

Google Search:

     If you happen to access one of these fake sites you will get infected with an old favorite, the fake antivirus notices that wont go away until you give the bad guys your credit card information (One of the many others names you may have heard of this is AntiVirus2009 LINK:http://techgeekandmore.com/2009/10/19/rogueware-with-new-ranson-technology/), since they will claim your infected until you but their product. At the moment you do, in a miracle your pc is clean, but a good chance that so would your bank account or credit card since you would have handed the bad guys your information.

In case if you do click on a bad link, you will see the screen just like it shows in the example below (or a slight variation). What you will need to do is follow the information from the recent post “What to do if you get a virus or malware” (LINK: http://techgeekandmore.com/2009/11/23/how-to-what-to-do-if-you-get-a-virus-or-malware-via-a-pop-up-message/) to attempt to clean your pc.

Fake Antivirus Page:

     As always take precautions and use common sense when going to links including those that come up on search engine sites (Like Google, Bing, Yahoo).  If your trying to get to the site of a major site, but the link showing says pleaseclickme.cm/SoIcanmesswithyou (This is just an example), then you may really want to think about it before clicking on the link.

**Images for this post are from the Panda Labs Post.  Presented for the benefit of TGM readers.

     Sometimes the infection isn’t really bad and a simple scan and delete will clean things up, other times, its a matter of recover/save what you can from the pc and format/reinstall everything (and yes that could mean saying goodbye to important documents or a long downtime). On top of everything else keep in mind that hiring someone like me to clean up your pc could cost $100 / HR or more, and in some cases it may be more cost effective to buy a new pc.

     So where do we start, we start at a couple of common things that are DO’s and DONT

1) If your on any website and see a messages like the following

DO NOT CLICK ON YES OR OK, it is a trick used by the writer of the virus or malware (known as social engineering) to get you to install the malware or virus.  Since the message will probably pop up as part of the page your on, you may just think that its a natural part of Windows and agree to it, at least that’s what the bad guy hopes you will believe. 

Additionally, when online, DO READ WHAT THE POP MESSAGES SAY AND DONT JUST CLICK ON THEM TO GET THEM OUT OF YOUR WAY. ADDITIONALLY DONT BELIEVE EVERYTHING THAT POPS UP (I know this is a hard concept for most). The following are just some of the MILLIONS of possible messages that you could see

     Now lets talk about how these happen, they can happen because the website your visiting has been infected by a virus.  These days its not just pc’s that get infected it can also be websites both minor and major (Scareware Pop-Ups Target Google, New York Times), so DONT think that because the only sites you visit are major sites (Google, NY Times, Twitter, Facebook, etc) that your entirely safe.  You MUST always stay alert. 

What if you machine is under attack from a Virus or Malware

     Take immediate action as soon as the message or popup comes up. The majority of viruses and malware is written in such a way that not only will your machine get infected, but the infection will go out to the internet (completely automatically) and download additional files and infections to reinforce itself. So the longer you take to address the issue the harder (and probably more expensive) it will be to clean your machine.  Image your self getting the flu, you take care of yourself and in a few days your body recovers and everything is normal again. However, if you get the flu and ignore it and just let it continue without doing anything about it, you could get sick enough to end up in a hospital or even dead. (Sorry to make it so over dramatic, but really that’s what it boils down to).

     As soon as you receive a one of these type of scareware/malware/virus pop up windows, you need to use the task manager to close whatever program your using to get to the internet (You should NEVER try and close the program with the ok or cancel button on the program as all the buttons no matter what they say will download unwanted files on to your pc). You can access the task manager 1 of 2 ways

Task Manager via Ctrl Alt Del key

Hold down ctrl, alt, and delete at the same time.

If your on WindowsXP you will see this box. Just select task manager.

If your on Windows Vista or 7, then you will see this window. Select Start Task Manager from here.

 Task Manager via Right Click

Use an empty space on the task menu (that’s the bar on the bottom where you see your programs) right click, you will see Task Manager as a choice. Select Task Manager from there.

     Once you have opened the Task Manager, you will see the following window.

     From the applications tab you will see all programs that are currently running.  You should highlight any program that is connected to the internet (Internet Explorer, Firefox, Chrome, etc and Anything email) and select End Task. You will be prompted with

and select End Now. Continue doing that until you remove everything that is connected to the internet.

Once you have closed the Window – what next?

     This may take a little time, but its best to check you pc and make sure nothing stayed on it that shouldn’t be there.  There are 4 things you need to do at this point. 

Step#1 -

If you use Internet Explorer

     Go to Tools –> Internet Options –>  select delete in the browser history section and delete all

If your using Firefox

     Go to Tools –> Options –> Privacy and select clear your recent history and remove individual cookies ( you may need to change the setting to remember history to get to the settings)

If you use any other browser look for the area to remove, cache, temp or cookies and remove all. 

***Also make sure you empty your recycling bin.***

Step# 2-

     If you don’t already have a copy on your pc, download Super Antispyware (LINK: http://superantispyware.com/) and install Super Antispyware. **There is a Free and Pro edition, all you will need is the free edition.**

- During the install you will see the following screens. Make sure you say YES to “Would you like Super Antispyware to check for the latest updates….” then select the default or recommended setting for the remaining screens. On the screen asking for email address you do NOT have to enter anything, you can just select the next button.

     Once installed you will see the following screen, just make sure that the definition date (on the bottom right) is current (shouldn’t be more than a day or two old, if not click on check for updates) then select scan your computer (on top left)

You will then see

At which point, select all your hard drives and select “Perform complete scan” and hit next.

Once the scan completes,

You will see the list of items found.  I would recommend that all shown items remain with checks and then select next.

The lastly once the clean up completes. You will be prompted to reboot.  I recommend you close anything that is still open and select yes to reboot.

 Step# 3

If you don’t already have Malwarebytes, download and install (LINK: http://www.malwarebytes.org/). **There is both a free and paid version, home users just need to get the free version.

  – During the install you will see the following screens, you can select the default choices. Toward the end of the install you will see a choice for “Update Malwarebytes Anti-Malware” make sure you have a check next to that choice.

As soon as it is installed, you will see the following screen.  Make sure to select “Perform full scan” and select all your drives and run your scan.

Once completed you will see a list of all items found.  Select all and remove.  Then reboot pc. 

Step# 4

     Lastly, whatever Anti-virus you have, make sure you update it to the latest updates or signature file (depending on which one you have) and run a full scan of all your drives.  If it finds anything select removal and then reboot. 

     If you don’t have an Anti-Virus program or yours is expired, TGM recommends Microsoft Security Essentials which is free. (LINK: http://www.microsoft.com/Security_Essentials/ )

     I know this was a long post, but the steps listed above would be exactly the steps I would take if you called me (and probably most other techs) to take care of your pc.  Hopefully this information helps you stay informed and helps you save a headache and some money in the future.

1st Thing – A good Anti-Virus program

     You would be surprised how easy this one is, yet how often I find this rule being broken (As I’m being paid $100 bucks an hour to clean up a mess). Your anti-virus program should be current and should be updated regularly.  There paid programs from Symantec, McAffe, or CA (as well as many others) and Free versions from Avast or Microsoft (as well as many others). If you get a new pc you probably will get an Anti-virus program loaded, but that program may only be licensed for 90 days or 6 months or 1 yr, which means it will only update for that time frame and unless you pay to continue using it, you will no longer be protected from new viruses (There are literally 100’s of new Viruses every week). You should also check your anti-virus program on a regular basis, by opening it, and looking to see if it says that your “definitions status” is up to date and that it shows you as protected (Example below is from Microsoft Security Essentials).

You also need to make sure that your anti-virus software does not say that your “At Risk” or “Not Protected”       You wouldn’t believe how many clients tell me “I have ant-virus installed, I didn’t know I had to update it”.  I have even seen clients who are running anti-virus but get infected and when you look the A/V definition files they are from 2005 (that was the worst one so far and I just saw that in Aug. 2009).

     Now the question I’m sure at least a few of you are asking is what should you use. Well here is current recommendations.

Paid for Products –

Norton Anti-Virus “Gaming Edition”. I know what it says “Gaming Edition” but from what I have seen, its the version from Symantec that is least likely to slow your computer down while still protecting you.

NOD32 Anti-Virus 4. In reviews NOD32 always seems to be the one to catch the most viruses. 

Both Symantec and ESET have “trial versions” that you can download and install on your machine for free (trials are 30 days) so that you can see how they work and make sure that the software works on your pc without any conflicts.

     As you will see I’m listing Anti-Virus versions, if you look at either of the Symantec or ESET you will also see listings for “Internet security” or “Smart Security” suites.  In my opinion, I always recommend against a suite package, because you will pay a lot more to get some features you will probably not use, suites are more likely to slow your machine down since they will try and do more than you need (In my opinion its like getting a dead bolt for your door for the Anti-Virus software vs… having an armed guard standing in front of your door for the suite.  Unless you live in a war zone I don’t think you need the armed guard).  Additionally, there is always a chance that if malware does get in, and you have an end all – be all suite that your suite could be disabled by the malware killing all your protection at once.  So I don’t believe in putting all your eggs in one basket. In Part 2 – I will talk about additional software to protect from other malware that is not covered in the Anti-virus software. 

     Remember with paid products, you have to pay for the product and will have to pay on a yearly basis to renew the license so that you can continue to get updates for the product.  So it isn’t a 1 and done situation.

Free Products –

     The fact that there are free Anti-Virus products out there means that you really have no excuse not to be protected.  The main difference between the paid for products above and the free products I’m about to list involves support.  If you pay for the product you will get various support options from the maker of the software, in case you have a problem or need assistance. With free products that support is a lot more limited and if you need assistance you will most likely need to turn to a knowledgeable family member, friend or a tech like myself for assistance.  (Who doesn’t know a teenager they can turn to at a moment like that)

Microsoft Security Essentials. Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.

Avast!Offers a free version for protection of your pc.     

    Both the Microsoft and Avast! software help secure your pc against threats online.  The Microsoft product only has a free version, while Avast! has both a free and paid for product.  (Full disclosure: I currently choose to protect all my pc’s with Microsoft Security Essentials)

Procedures -

     If you use any of these 4 products you will have a line of defense against infections that travel in cyberspace, however remember some important steps.

• You should only have 1 software product that includes auto-protect installed on your pc (one of the ones I list above or one of your choosing if you pick something else). You should never install more than one that includes auto protect because it will become self-defeating in that when you have more than one software installed with auto-protect, they will each think that the other is a virus and basically work on blocking each other. 
• You need to make sure that your choice  of anti-virus software has auto protect turned on and that it has current definition files for your software choice.
• Once a week – you should run a full scan of your computer with the all files selection on your scan. What I normally do is one night a week I leave my computer on running a scan as I go to bed.  The next morning I just verify the results and if the results show any infection I can address it at that time. A full scan can take up to a couple of hours depending on how many files and how big your hard drive is.

Lastly and most importantly, follow safe computing practices when you are online.

1. Don’t open email attachments or click on links from emails; even if the email is from someone you know because there is a good chance that attachment and email was not actually sent by the person or the person who sent you the email clicked on a link they shouldn’t have and that email was automatically triggered.  (Alert: Hiya:) Email – Just another attempt to get you to click on a link that you REALLY SHOULD NOT!)

2. Don’t download files from places you aren’t absolutely sure are safe. Think of this as the Halloween rule. Your kids go trick or treating and when they get home what do you do, you check the candy so that you make sure its safe before they get to eat any. In cyberspace you need to make sure you know from where you download, don’t just assume that because its in cyberspace its safe.

3. Update all your software regularly.  This one takes a little bit of work.  However, you need to make sure that your operating system (Windows, Mac, or even Linux) gets updates installed when released.  The majority of the time these days, updates involve fixes to the operating system that protect you from something a bad guy is doing.  In addition to the operating system, there are other programs on your pc, that need updating regularly to make sure that the bad guys don’t use those to get into your pc.  Programs like Adobe Acrobat, Adobe Flash, Adobe Shockwave, Real Player, Apple QuickTime, Microsoft Office (and others) all have updates released on a regular basis to correct issues that a bad guy can use to get in.  When its a program that needs an update, image your house as your operating system, you lock your door, and your secure, however the other programs are your windows to your house, and well whoops you forget to lock your window.  Guess what the bad guys can still get in.  All these updates help make sure that your Doors and Windows (No pun intended to Microsoft products) all remain locked to cyber space.

**Coming up in part 2 – We will cover your 2nd layer of defense and what programs you will need for that.

     Malware writers have been using these social engineering tricks for years in an attempt to get people to drop there guard and click on email links or download attachments.  In real life, we hear news stories of bad guys dressing up as city employee’s or law enforcement and then tricking home owners into letting them in, where the bad guys then proceed to steal from the home owner (Here is a release by the Chicago Police Department concerning crooks who use fake uniforms for access http://www.chicagopolice.org/MailingList/PressAttachment/YourCastle.pdf). This email (and those like like it) can be considered the cyber equivalent of the fake cop or fake city worker. 

     In real life we understand that if you aren’t expecting the gas company or phone company and someone shows up at your door asking to check something in your home, that you question them, check there uniform, ID, see if they have a company vehicle, and even call the business that they are claiming to be from to make sure that the person at your door is actually from where they say they are.  In cyber space, it seems because no one really understand how things work (TGM is working hard to change that), that most people just assume if it has someone’s name on it that they know that “it must be from them”.  Well Nope and lets go over a few things in this email that clearly show it wasn’t from my relative –

• “To:” – Its not addressed to me, since To: is blank even though it is supposed to be an email from someone I know to me.
• “Was bored so planned to write you” – I know my relative and there are 2 points here.
• 1 – He knows English and knows how to write in complete sentences
• 2 – He would not say something like “Was bored so planned to write you”.
• “i’m pretty sure your gonna smile after checking it…….:) ” – I know my family member, if they were going to send me a link or attachment would say something about it and try and explain what it is they are sending me, not just tell me hey check this out.
• “It’s easy, secure and free / Try it now” – Again what am I trying.  Would you go to a store and my a food product without a label to tell you what it is, simply on the idea that its a food product in a store, so it must be good?  I dont think you would (would you?)
• “Yours Truly” – This is supposed to be a family member, that a little formal dont you think?

     Ok with that being said, again as always, in cyberspace act the same as you would if you were somewhere outside of your home in real life, pay attention to your surrounding, and for pete-sake if you run into someone on a street corner selling you Jack’s Magic Beans, dont buy them.