Information on Viruses, Popups, SPAM, and more
Want a handy trick for seeing through to the truth of all these attacks? click here.
Phishing (like fishing-only they try to put the hook into you!) |Top|
Description: Individuals try to get account information and access/passwords by pretending to be an official institution (usually a bank/financial service, EBay, or similar.) They send you a very convincing “official” email requesting that you update or verify your account information. This almost always includes some sort of account suspension threat to put urgency into the request. The Official link takes you to a site that is NOT the bank’s, and if you “verify/update” your account, the “wolves” will have access to you checking account, etc.
Phishing is one of the most dangerous frauds currently being played on the ‘net. Recently, the quality of the emails Phishers send has improved to the point where they are truly indistinguishable from the “real deal.” There are even people pretending to be Microsoft to get you to download their virus / spyware packages.
What to do: Just delete it! No real financial institution will ever ask you to verify your personal information via an email. If you are giving information to people who should already have it, you’re asking for trouble. When in doubt, call your bank. Sites like EBay offer account management at their site and wouldn’t have any need to contact you. Never click a link in an email – they aren’t necessarily what they appear to be.
Adware / spyware: |Top|
Description: Hotbar, Mysearch, WeatherBar, etc. “Helpful” software downloaded from the web – usually providing “advanced” search features, etc. - that sends you “context sensitive” ads in the form of annoying pop-ups. On the surface, these aren’t particularly bad – until you realize what exactly they are doing.
Big Brother is watching! After programs like these are installed, your computer reports your web travels back to an ad-generating computer every time you go anywhere on the Internet. If you have several of these programs reporting back to their “Mother Ship,” the amount of time necessary to get to the site you wanted can increase drastically. If that amount of time becomes too great, your browser will simply time out and tell you the requested site is unavailable.
Adware / Spyware is a major (if not the greatest) cause of computer problems in the district. Problems caused by these programs run the gamut from merely annoying all the way up to requiring that the computer be wiped clean and all software re-installed. Once installed, many of these programs open the door for other programs to install themselves, further complicating the clean-up. To make matters worse, there are sites which will install spyware on your computer simply by visiting them if your security setting are too low.
What to do: Don’t download these types of programs to begin with. The weather channel provides a great up-to-the-minute weather report for Vista at http://www.weather.com/weather/local/92084. Web search “assistants” have nothing to offer that you can’t get for free – without downloading anything. Google and Yahoo are the best search engines for a reason. “Free” pop-up blockers mostly just intercept other sites’ pop-ups so that they can flood you with their own. Information Systems blocks known-harmful spyware sites as we become aware of them, but they are very numerous and can change their location quickly to evade blocking. Remember - once you open the door to these wolves, closing the door may include erasing everything on your computer.
Spam (The irritating problem with the nutritional name) |Top|
Description: Spam is simply unsolicited email. Modern spam was technically born on April 12, 1994 [details]. Most spam email is trying to sell you something you neither need nor want. Examples include – but aren’t limited to – Viagra, home loan refinancing, various personal “enhancement / entertainment” solutions, get rich quick schemes, ad-nauseum. Since actual spamming is illegal, a common practice is to alter the email so that its original source can't easily be determined. Most spammers will use free email return addresses (HotMail, Yahoo, etc.,) which can be created en masse rather quickly. Often a piece of spam will arrive with a return address that appears to be someone you know - that person probably had nothing to do with the spam, but occasionally a user's computer can be "hijacked" (see viruses) and forced to send out messaged on behalf of the spammers.
Why do they do it?
Here’s a quick (rough) analysis of what it costs to reach 1 million customers with a 1-page flyer through the mail:
|Lease of the addresses*:
|Printing / folding /addressing ($0.15 / page)
|Postage ($0.112 / piece – bulk rate)
|What does it cost to send the same message to 1 million email accounts?|
|Lease of addresses:
||$500.00 – or less**|
|That's it! There are no printing or mailing costs, so the success rate of a spam campaign can be almost nill and still be considered a success.
What to do: Aside from being irritating, Spam presents no real threat save the occasional offensive picture contained in some of the “enhancement”/entertainment letters. While we block as many known sites as possible, this is still a rather dubious solution (see Spyware.) There are "Spam Filters" available, but they all work by picking keywords out of the subject line and the odds of a, "real," message being blocked increase as the aggressiveness of the spam filtering increases.
Email scams (ahh, those whacky Nigerian spammers!) |Top|
Here's the scene: The son (nephew, brother, etc.) of a deposed (former, assassinated, etc.) ruler of Nigeria has millions of dollars tied up in frozen bank accounts and needs your help (money) to get the accounts "unfrozen." Being a fair guy, he will be happy to give you a large percentage of the recovered money once he has regained control of it. Are you buying any of this? Some people actually have and remember - just like spam, it doesn't take many people falling for the trick to make the scam a success. Like the Phishers, scammers have worked hard to increase their credibility.
What to do: Like spam, the Nigerian money scam and the countless other scams out there don't pose any real threat - unless you fall for them. These, "Get robbed quick," scams come and go and, like spam, are an inescapable part of an electronic, "connected," world.
Viruses & Trojans & Worms (oh MY!) |Top|
Description: Malicious programs installed - usually without you knowing about them - designed to damage your computer, attack another machine, propagate itself, etc. Most of these programs exploit security flaws in operating systems and applications in order to take control of some part of the computer. Many of these programs are written by hackers who envision themselves as a modern-day Don Quixote - using their destructive code to make companies like Microsoft look bad [example]. The real result can be billions of dollars lost to system down-time, theft of personal information and even worse.
Congratulations - you're now a spammer! Far and away the most well publicized of all of the "'Net nasties," these programs can perform a number of illegal actions - one of which is turning your computer into a spam-portal. True spamming activity is illegal. If spammers used their own accounts to send the stuff out, they would quickly be shut down. Many of the virus packages take control of your email program and begin forwarding copies of themselves or some other message to everyone in your computer's address book. Some will even leave a "portal" to your computer open that will allow the virus author to send out emails using your computer.
No particular computer is entirely safe from attack. The notion that Viruses, etc can't be written for Mac, Linux, Unix, etc is entirely false. The reason few of these viruses are seen is simply a numbers game. The vast majority of computer users today use a windows-platform computer. If a hacker wants to achieve maximum effect, the program he/she writes must target the maximum number of computers. Viruses do exist for these other machines and if the diversification into non-Microsoft operating systems continues, it is likely the number of viruses for these "safe" platforms will increase as well.
What's being done: VUSD has a number of tools in place to prevent the proliferation of viruses. The Etrust anti-virus (AV) program monitors all files coming into computers on the network as well as checking attachments on all incoming emails for virus packages. In addition to this, our email system does not allow particular types of attachments that are known to be used to carry viruses (.exe, .zip, etc.) For the most part, the only time you will be aware of a virus attack is when you receive an email like this: [example]. This is just a note to let you know that the system is doing its job.
When you receive an unexpected email with an attachment - even from someone you know - take the time to contact them and verify that they really sent it.
Don't open any file - in an email or on a website - unless you know exactly what it is and what it is expected to do.
Resist the temptation to "disable" your virus scan software. Some people have claimed that their computer runs better if the AV program is disabled. While it is true that the AV software does use a small amount of system resource, if its presence is having a noticeable impact on performance - it's time for a new computer.
What can you do:
Anti-virus software is not an optional component if your computer is going to be connected to the Internet.
Hoaxes (urban legends, emergency fixes, protests, etc.) |Top|
Have you ever received an email saying that there is a "Virus" file on your computer that needs to be deleted immediately to prevent further damage to your computer? What about the one identifying Target stores as, "anti-Veteran?" These and similar hoaxes travel around the Internet on a regular basis and can damage your system or make you look rather silly if you don't check your facts before acting.
Boycott hoaxes like the "Target charity [details]," usually start as a small amount of mis-information being blown out of proportion or a desire for revenge on the part of an individual or group. Given the speed of the Internet and the convincing nature of the argument being presented (see Phishing and Scams), it's not surprising that these sorts of things can take hold very quickly.
Virus file hoaxes like the "Java-script debugger [details]," are a malicious attempt to get you to delete a necessary file or files from you computer. These are nothing but malice - often fueled by fear and ignorance. The emails advising of this "problem" are written to convey urgency and usually indicate that the sender just had to delete the files themselves as well.
What to do: Hoaxes would be totally ineffective were it not for a certain amount of gullibility in the general public. The anonymous "totally-connected" nature of the Internet is a breeding ground for false scares such as these.
Never delete any file off of your computer as a result of instructions from anyone other than Information Systems. If you feel you have a virus that has gone undetected, have your site manager put in a work order to Info Systems - That's what we do!
With Hoaxes as well as any other bit of nastiness sent through email, there is a simple trick that will almost always reveal the truth. Simply point your browser to Google, type the subject line from your questionable email into the search box and see what comes up. The Internet as a community is one of the best at self-policing that civilization has ever seen. In the case of all of the above situations, you will find numerous sites identifying the hoax/spam/scam/Phish/virus you are seeking.
Parting thoughts |Top|
Don't talk to strangers.
If it sounds too good to be true, it is.
Check the facts with a reliable source before you tilt your lance at a windmill.
When in doubt, call and verify the message with whomever sent it.
If all else fails, just delete it and go on with your day.
A common sense approach to everything you see on the Internet is always best. These simple guidelines - many of which are "eternal parent" rules - will serve you well in all cases:
* source: 745,745 single mailing names from lists.infousa.com = $57414.67. Number extrapolated at 7.69 cents/address.
** Many spammers use computerized, "Web-crawlers," that scour websites for email addresses. These automated programs can collect email addresses from any website, and con cover millions of pages of web content in a frighteningly short period of time.
Note: Links to external sites contain information not maintained by VUSD and we are not responsible for their content. If you find a link in this document which is dead or no longer appears to present relavant information, please contact Information Systems at 760-726-2170 ext. 2929.