Finally the FTC Steps In

You know your actions have to be really egregious before the FTC steps into the picture. This last week this finally happened to one of the more ingenious spyware scams going around.

If you have a copy of Spy Wiper or Spy Deleter on your system you were a victim of the scam developed by Seismic Entertainment Productions, Inc., Smartbot.Net, and Sanford Wallace.

Since December 2003, they have operated Web sites that distribute spyware. According to the FTC, the defendants used a variety of techniques to direct consumers to their Web sites. At these Web sites, consumers had spyware downloaded onto their computers. The spyware attacks a feature of Internet Explorer’s Web browser to download software, so consumers received no notice that it is being installed and did not consent to its installation.

The spyware changed the consumers’ home pages, changed their search engines, and triggered a barrage of pop-up ads. According to the FTC, the spyware also installed additional software, including spyware that can track the computer use of consumers. As a result of the spyware and other software the defendants installed, many computers malfunctioned, slowed down, or crashed, causing consumers to lose data stored on their computers.

Having created serious problems for consumers, the defendants offer to sell them a solution. The spyware causes the CD-ROM tray on computers to open, and then tells consumers “FINAL WARNING!! If your cd-rom drive(s) open. . . You DESPERATELY NEED to rid your system of spyware pop-ups IMMEDIATELY! Spyware programmers can control your computer hardware if you failed to protect your computer right at this moment! Download Spy Wiper NOW!” Spy Wiper and Spy Deleter, another purported anti-spyware product the defendants promoted, were sold for approximately $30.

One of the nice features Microsoft added to Internet Explorer was the ability to download in the background without the users being aware of it. This was intended to allow a website to download things like new version of Flash or other programs but was soon discovered by people who were a bit more challenged in the ethical sense than even Bill Gates.

Protect yourself from spyware and other rogue code. Keep the security settings on your Internet Zone set to High unless you are familiar with the site. Use the Trusted and Restricted Sites zones to track sites you trust and those you do not.

Lockdown That Laptop

Laptop loss can ruin more than your day

Does your laptop accompany you everywhere? Is it full of work material or just your Great American Novel? Statistics show that the likelihood of your laptop being stolen is almost one in twelve. Here are some things you can do to prevent a.) your laptop being stolen and b.) the thief from profiting from the information on your laptop.

Laptop Theft Prevention
1. Never, ever leave your laptop unattended even if you are only fifteen feet away. A thief can pick up your laptop and be gone in the time it takes you to order a refill for your latte. If you get up, unplug you laptop and carry it with you.

2. Use a lock cable to secure your laptop to the table or furniture where you are using it. Practically every laptop has a lock tab that allows you to insert one end of a locking cable (much like a bicycle lock). Wrap the other end around the table or desk leg and make sure it is secure. These are available for under $50.Use the lock in your hotel room or even a client’s office if you are going out for lunch.

3. Use a laptop case that doesn’t look like one. Dump that black leatherette case that scream laptop and buy a fabric or hard case that looks more like a regular bag or attaché case. You can acquire a padded inset to actually carry the laptop in to protect it.

4. Purchase the software service that announces your laptop’s position if it is put on the Internet after being stolen. There is an annual subscription for this service (about $50). Once notified of the theft of the laptop, these services can often track it to a specific address and possibly even the floor where it is being used.

Most thieves don’t care about what you have on your laptop; they will fence it for just a few dollars anyway. But your boss or client might not like having their business plan, deposition or financials floating around on a stolen laptop.

Laptop Data Protection
1. Use a password-protected login and screensaver. Make sure your account requires a login name and password to login. Most thieves, if they can’t get your operating system to run without a password, will simply reformat your drive and reload the operating system from disc. Your laptop is still stolen but your data will be wiped.

2. Encrypt your data. There are a number of programs out there that will encrypt your data so it is unreadable without the correct password. If you carry sensitive data on a laptop, this should be the first thing you do when you purchase one.

3. Make frequent backups of your laptop data. Even if the data on your laptop is personal, it will take your hours if not weeks of labor to reproduce it. Most laptops today have CD or DVD burners installed so it is easy to copy your data files to CD-Rs or DVD-Rs periodically.

4. Carry and use a surge suppressor. You can purchase quality surge suppressors from APC or other vendors that have only one to two outlets. One good voltage surge can fry a laptop and make it a paperweight.

This isn’t rocket science or even complex. Use common sense and you should be safe from most any problem short of a mugging.

Spyware and Adware

Spyware consists of two types of software, surveillance software such as keystroke loggers (sometimes installed by paranoid corporate systems administrators or even spouses) and advertising software. Both are typically installed without the knowledge of the user. Advertising spyware is designed to harvest information from your computer. Much adware is relatively benign, it only tracks the websites you visit then transmits this information back to the advertiser to help them market you more effectively.

There are a number of spyware programs however, that harvest personal information, passwords and anything else they can locate on your hard drive. The major players in the spyware dissemination game are the popular peer-to-peer programs available today. Kazaa, Bearshare, Limewire, etc. although there are lots of other sources as well such as free software advertised on the web such or downloaded when you join a new ISP or Internet service of some kind.

The loss of privacy problem is annoying enough but many of these programs are also designed to present “targeted” marketing to you via pop-up ads. A number of the worst ones also take control of your browser to such a degree that it becomes unusable. In the worst cases you may have to reinstall your operating system and applications.
How do I know if I am infected with spyware?

The following symptoms may indicate that spyware is installed on your computer:

• Pop-up windows begin appearing even if you don't open a new page.
• When you select a favorite or type a URL in your browser you are redirected elsewhere.
• When you click "search" you get an unexpected search engine.
• New toolbars appear in your web browser.
• New, unexpected icons appear in the task tray at the bottom right of your desktop.
• Your browser home page suddenly changes.
• Your computer seems very slow when opening programs or processing tasks (saving files, etc.).
• Certain keys fail to work in your browser. For example, the Tab key no longer works when you are in a form.
• You begin getting Windows errors.

How do I get rid of Spyware or Adware?
There are several good spyware remover programs that are free. Two of the best known are Ad-Aware and Spybot Search and Destroy. Just like anti-virus programs, they are constantly updating their definitions files so be sure to check for updates frequently.

In some cases, you may have to make registry changes or run specialized software to try and resolve the problem.

How do I avoid getting reinfected with Spyware or Adware?
The best way to avoid reinfection is to clamp down on your browser security. Many say that moving to Mozilla's Firefox browser is enough but they are already finding security holes in that product as well.

These are basic steps to avoid possible infection.

• Don't click on buttons or links within pop-up windows - Because pop-up windows are often a product of spyware, clicking on the window may install spyware software on your computer. To close the pop-up window, click on the X icon in the title bar instead of a Close button or link within the window. Don't even use the Close or Cancel buttons in the pop-up.
• Be wary of free software downloads - Many sites that offer toolbars or other features that are designed to appeal to you. Never download programs from sites you don't trust. If you do, you may expose your computer to spyware by downloading some of these programs.
• Don't follow email links claiming to offer anti-spyware software - Like email viruses, the links may serve the opposite purpose and actually install the spyware it claims to be eliminating.
• Set your browser security to a high setting - If you are using Internet Explorer, this is easy. From the menu select Tools Internet Options and clink on the Security tab. Click on the icon for the Internet Zone to highlight it then move the sliding control to High and click the OK button. Some pages won't load very well because you have disabled running Active-X controls but, hey! Active-X is the same language used to run the bad stuff as well!

If you're more computer-savvy, you may want to make the following changes to your Internet Explorer instead.

1. From the menu select Tools Internet Options and clink on the Security tab.
2. Click on the icon for the Internet Zone to highlight it then click Custom Level.
3. Choose Medium from the drop-down box at the bottom.
4. Click the Reset button.
5. Click OK, then click Custom Level again.
6. In the Security Settings box, set your options as listed below:

NET Framework-reliant components

• Run components not signed with Authenticode (Disable)
• Run components signed with Authenticode (Prompt)

ActiveX controls and plug-ins

• Download signed ActiveX controls (Prompt)
• Download unsigned ActiveX controls (Disable)
• Initialize and script ActiveX controls not marked as safe (Disable)
• Run ActiveX controls and plug-ins (Enabled) (This actually refers to Java and Flash, not ActiveX)
• Script ActiveX controls marked safe for scripting (Prompt)

Download (This is optional based on whether or not you download files from the web in HTTP mode)

• File download (Enable)

Miscellaneous

• Access data sources across domains (Disable)
• Drag and drop or copy and paste files (Prompt)
• Installation of desktop items (Prompt)
• Launching programs and files in an IFRAME (Prompt)
• Navigate sub-frames across different domains (Prompt)
• Software channel permissions (High safety)
• Userdata persistance (Disable)

Scripting

• Allow paste operations via script (Prompt)
• Scripting of Java applets (Prompt)

Some stuff from sites won't load with your security locked down like this but that has more to do with the poor security-mindedness of many web designers than anything else.