Your PC is a Window
The Myths of Security
Credit & Identity Theft
Invasion of Privacy
What You Can Do
Viruses & Worms
Software Security Holes
Virtual Access Memory
Microsoft Outlook Errors
Using BCC in emails
How to Format Hard Drives WinXP
What is White Listing of Emails
This file does not have a program associated with it
The Myths of Security
I don’t have anything on my computer they would want.
Whether you know it or not, you do have personal information stored on your computer. Your computer saves information for you constantly without your knowledge. If you use your computer at all on the Internet, you have plenty of information about yourself and your financial profile stored on your hard drive. This is how your credit and identity can be stolen so easily.
Even if you don’t store anything you consider important on your computer, hackers really only want your computer for it’s processing power, and if you have a high speed Internet connection, they want that too. For a hacker, it’s
not about what is on your computer. They want to use your computer to send spam emails, to distribute pornography, and to attack other people. Your computer, if turned into a zombie PC, becomes a weapon and a money making opportunity for hackers.
Off-the-shelf anti-virus and a firewall is all I need.
The reality is that anti-virus and firewall programs alone are not enough to protect you against many types of hacker tools and other cyber-attacks. Even using both a firewall and anti-virus together, you are still vulnerable to
spyware, Trojan horses, remote access tools (RATs), password crackers, keystroke loggers, and much more.
Just as important, anti-virus and firewall programs do not provide you with critical security patches for your computer software. Microsoft issued thousands of security patches to their operating systems and other software last year. How many of those patches did you apply to your own computer? How many software security holes do you still have in your Windows operating system, Word, Excel, Outlook, Internet Explorer, etc? Closing these well-known security holes is imperative to keep hackers and the new hybrid worms off your computer.
You need more than just your anti-virus program or a firewall; you need a comprehensive security solution for your PC if you don’t want hackers, viruses and worms on your system invading your privacy.
And if you ever have a security problem with your PC, who would you call? You will pay a small fortune to get help from any of the cheap off-the-shelf security programs. Those products are not made to provide a total solution,
rather just a piece of a good overall protection strategy.
Without other programs that are available on the net FREE – chances are good that you will become a victim of a cyber-attack. You may have already been hacked and you would never know it! Don’t make the mistake of thinking
popular retail security programs are enough.
How much is all the time and money you’ve put into your computer worth to you? How important or valuable is the information on your computer? Would you really trust your privacy and security to a $40 security product?
My high-speed modem/router has a built-in firewall – I’m safe.
New high-speed cable and DSL modems, as well as other Internet hubs or routers have built-in firewall technology. These modems and routers are typically pretty good at shielding your computer or your small network of computers from random scans by hackers. BUT – those routers and modems must open up specific ports in order to allow computers behind those devices to connect to the Internet. Once a computer is connected to the internet – through one of these devices – that computer is OUTSIDE the protected network, and can be
attacked and infected.
High speed modems do absolutely nothing to protect you against spyware and hacker tool infections, or against viruses and worms. These routers and modems must allow your email program to connect to the Internet, as well as your instant messenger programs, file sharing programs, as well as your web browser itself.
Hackers can get to your computer through any of those programs. Your modem or router can’t do anything to protect you in that way. About the only thing they are good for is to shield your computer from random scans by hackers from the internet. While most of these devices will make your PC invisible online, they leave
you vulnerable to a wide array of cyber-attacks.
I am on a secured office network, so I am protected.
The type of network security afforded by small businesses and small home networks does nothing to prevent attacks via e-mail, web surfing, instant messenger programs, file sharing programs, wireless (WI-FI) access points, and more. Network security helps shield the network itself, but doesn’t do much to lock down each PC on the network.
Another huge problem with network security alone is that it does nothing to protect against “Insider hacking”. Any one computer on a network can be used easily to hack into another computer on the network because all the systems are already behind the network firewall. In order to protect against insider hacking, each computer must be protected individually with specific security technologies such as a personal firewall.
Network security systems also lack of ability to stop random outgoing connections from any one computer on the network. Many hacker tools work by getting planted on a PC via email and then automatically opening up and
connecting back out to the hacker’s computer. When this happens, the hacker gets the information they need to get inside the network. In simple terms, this means that if you can’t stop random outgoing Internet communications, hackers can get into your network fairly easily. The only way to stop these hacker tools from
automatically “phoning home” without your knowledge, is to stop the attack at the desktop level with a desktop firewall and intrusion detection system.
The bottom line is, if any one computer is compromised in any one of these ways, all of the other computers and the servers on the rest of the network are at risk – regardless of what network security measures have been implemented. Every individual computer on a network must be protected separately. By securing each
computer on the network individually you gain a critical layer of protection that is fundamental to a solid security strategy.
My Internet Service Provider keeps me safe.
Internet Service Providers (ISPs) do very little to protect you. Some ISPs try to filter your emails for viruses, but can’t catch all of them. But ISPs do not protect you from hackers, spyware, and other cyber-attacks. Don’t be
fooled by any marketing pitches about security from your ISP. They do not protect you on your own computer, period.
My PC manufacturer will take care of my security needs.
PC manufacturers are not in the Internet security business. They do not provide comprehensive security on their new computers, and they do not have trained experts waiting to help you when you have a security problem. These companies generally include a trial version of an anti-virus program, but this isn’t done with your security needs in mind. Rather, they do it to make a little extra money from the anti-virus companies. Some PC manufacturers now offer very limited help with virus or spyware infections – but customers have to pay a steep
price for each incident. And, unfortunately, in today’s environment, you will also likely end up speaking with a technician from India when you are looking for help from these big manufacturers. This is not the kind of security service you need to protect your privacy.
When you go online, your PC is potentially connected to EVERY OTHER computer on the Internet around the world. And while the Internet provides you with endless information about anything, that same Internet creates a wide open window into your computer and your personal life from the outside world!
If you are like most people, you tend to guard your privacy closely in your own home. We don’t like people looking in our windows, or waiting outside to see when we come and go. We don’t even like people calling us to sell us something.
Yet, you can unknowingly expose yourself, your family and your business every day on the Internet.
Not adequately protecting your computer is like leaving the front door to your home wide open 24 hours a day. You might as well put a big neon “Open” sign on your house. You wouldn’t ever do that because you know better. BUT – that is exactly what you do if you don’t take the necessary steps to lock down your computer(s) and protect your privacy on the Internet.
The media has used the term “hacker” to describe the malcontents and deviants that create problems and cause damage to personal and business computers. Although not all hackers do things with the intent of causing damage
or harm, hackers write malicious programs to gain access to other people’s computers without the victim’s knowledge or permission.
Hackers can invade your privacy in minutes from anywhere in the world. They can be on your computer, watching your every keystroke, and you would never know it. Everything you have on your computer is available to them. Credit card information, access to your online banking, family information and records, business information, contracts and other confidential documents are freely available. If you use passwords, they can crack them in seconds. If you have a web camera, they can turn it on and watch you! And this is just the tip of the iceberg. They can do all this anonymously, in the privacy of their own home, or even from a public library. It’s a free-for-all, because for the most part, they cannot be tracked or traced.
Over the years, hackers have developed tens of thousands of different hacker tools to break every system and program out there. Their list of tools includes password crackers; remote access tools (RATs), back doors, Trojan horses, keystroke loggers, spyware, time bombs, and more. There is virtually nothing they can’t do or break.
That’s the result of the work of millions of hackers each pounding away for hours upon hours to crack everything they can. This is a never-ending battle as new hacker tools are being created on a daily basis.
These dangerous hacker tools can be planted on your computer without your knowledge, and they now even come as a hidden payload inside new computer viruses. The only way to find and remove these dangerous hacker tools from your computer is to have the right technology on your PC, along with expert support when you need it.
Viruses & Worms
Hackers have become very good at writing computer viruses and worms and have caused literally billions of dollars in damage. You’ve probably heard about the more damaging ones on the news. And there’s a good chance that you’ve been infected with a virus or worm yourself, or you know someone who has. You may not even know
you’ve been infected in most cases if you don’t have the right anti-virus protection.
Viruses in the past have been more of an expensive nuisance than anything, infecting millions of computers with no real purpose. Viruses of the past caused performance problems on computers, possibly even shutting them down, forcing victims to have a professional remove the virus or reformat the computer. But the resulting
damages has been staggering.
. There are over 500 new viruses and worms released on the Internet each month.
. At least 82% of current anti-virus users have been recently infected with a virus.
. Less than 33% of those using anti-virus are working from a current anti-virus database.
. New, fast moving viruses and worms can infect hundreds of thousands of computers in a matter of a few hours.
. It can take many hours, even days, for security firms to create an anti-virus signature to defend against new viruses. Everyone is very susceptible to infection during that time.
. You can be infected through emails, instant messenger, downloads and by simply surfing the web.
There is a very dangerous evolution in computer viruses recently. New hybrid viruses and worms no longer simply duplicate themselves and tie up email inboxes and mail servers, slowing down the Internet and crashing computers.
These new hybrid viruses actually carry a damaging “payload” that is far more hazardous and can cause you a lot of pain and cost you a lot of money.
Viruses and worms like SoBig, MyDoom, and Bagle automatically install hacker tools on the victim’s computer. These viruses that come with hacker tools give the virus writer and other hackers a back door access to your computer – even after the virus has been cleaned off the machine!
Other new hybrid viruses actually scan your computer for your personal information like credit card numbers, passwords, online banking usernames and passwords, and even your address book, and automatically send that information back to the creator of the virus. With these hybrid virus attacks, hackers do more than just crash your computer; they can have complete control over your machine.
Experts believe that many of these dangerous new hybrid viruses may be part of an aggressive effort by hackers, organized crime groups, or even cyber-terrorists.
. The MyDoom virus become the most prolific virus of all time in a matter of a few weeks, infecting millions of PCs around the world and causing an estimated $38 billion in damages thus far. .
All the PCs infected with MyDoom were controlled by the virus creators and used together in a massive international cyber-attack on 2 U.S. corporations in March 2004.
Spyware is created for one reason – to take advantage of other people; to spy on you, watch you, track everything you do, and steal information about you. Spyware comes in a variety of forms. The most common are “spyware cookies” and “spyware programs”.
A spyware cookie is any cookie that is not used only by a single web site for its private interactions with its users, but is shared across multiple sites. When multiple web sites read from the same cookie, or when they pass info from the cookie on to another site, those sites effectively share your personal information without your permission. Although most spyware cookies are not necessarily dangerous, they do invade your privacy and exploit your personal information for gain. Most people hate the fact someone is watching and tracking them while they use the Internet, and then selling your information to unscrupulous marketers and spam operators.
Spyware programs are really commercialized hacker tools built to allow someone to literally watch you and track everything you do on your computer. There are an increasing number of these spying programs now freely available on the Internet for purchase. Some of these newer spyware programs allow the intruder to send electronic greeting cards that install several hacker spy tools on your PC while you are reading the greeting card.
Many of these malicious spyware programs allow others to read your e-mail, see what web sites you visit, turn on your web camera and watch you, gather your computer passwords, and much more. Some other malicious programs also classified as spyware include keystroke loggers and web-dialers. While keystroke loggers track your every keystroke, web-dialers automatically dial certain 1-900 numbers from the victim’s computer without being noticed, running up huge phone bills through the victim’s ISP service. Although with less people using dialup modems these days, this is getting harder for these programs to work correctly.
These types of hacking and privacy invasion tools often lurk silently on your computer until something or someone sets them off. When that happens, you could lose passwords, personal data, credit card numbers, and open up a
back door to let the hacker into your computer or even your entire network of computers in the office. These dangerous spyware programs sneak past your firewall and anti-virus programs to invade your privacy and gain access to your computer. The ability to detect and remove these malicious programs from your PC is a critical part of your overall protection.
. You get infected with spyware every time you surf the Internet.
. Some spyware is sent hidden inside electronic greeting cards, planting the spyware and hacker tools on the computer while the victim is reading the greeting card.
. Some of the popular ant-virus programs now claim to protect against spyware, but they really only scan for spyware cookies and other common nuisances, leaving your computer vulnerable to the tens of thousands of other spyware programs floating around on the Internet.
. The average PC is infected with at least 28 spyware programs.
Software Security Holes
Hackers take advantage of known security holes in popular software programs like Windows Operating Systems, web browsers,email programs, office applications, instant messenger programs, and other popular programs like music sharing technology.
All software created today is tested vigorously for its stability and function, but rarely is software adequately tested for security holes before it is released on the market for purchase. Most companies wait until hackers find the security holes and vulnerabilities in the newly released software, and then they issue patches to fix the security holes that have been brought to their attention. Microsoft alone releases several thousand patches each year to fix security holes and other problems with their software – after it was released!
Hackers count on the fact that nobody is patching their computer software so they can launch their attacks and gain access to systems around the world. For every known software security hole in MicrosoftÆ programs and other software, there are likely dozens or even hundreds of hacker tools and scripts created to exploit that specific software vulnerability. These “exploits” are shared freely among hackers around the world, making PCs that
don’t patch security holes an easy target for attack.
. An un-patched PC connected to the Internet will last only 20 minutes before it is compromised by hackers or other malware.
One of the latest hacking trends is called “Drive-by Hacking”. Popular wireless Internet access points have now become a major target for hackers. Hackers simply take their laptop computers in their cars and drive through business parks or residential neighborhoods remotely scanning for open wireless networks. Millions of businesses and homes have implemented these wireless networks for their convenience, and now hackers can simply pull up
outside, up to 600 ft away, and gain access to the network, the Internet, and every computer on the network. This kind of hacking has become so popular, that you can even find public websites that sell maps to all the known “open” wireless networks around the globe.
Credit & Identity Theft
Identity theft is the fastest growing white-collar crime in America! This rapidly escalating crime can potentially damage your credit and good name – costing you time and money. Identity thieves use your social security number, address, even your medical records to run up thousands of dollars worth of debt – in your name.
Today’s computer systems are an easy target for stealing identities. Identity thieves have many ways of stealing your identity from your computer. There are hundreds of different hacker tools and spyware programs that can track your every keystroke, capture credit card information, and search out home addresses, social security numbers and dates of birth. Some hacker tools simply wait on your computer watching and listening for the right keystroke patterns and for personal information entered on website data entry forms. And other hacker
tools will send this personal information back to the hacker automatically upon discovering valuable data.
To make things worse, the newest viruses and worms spreading around the Internet infecting millions of computers have built-in hacker tools and spyware to find all the private information it can about you, and then automatically send your information back to the virus creator.
Have you heard of the term “phishing”? A Phish virus is an email that tricks users into entering personal information and submitting it to the sender of the email. With these fake emails, the creator of the virus is “phishing” for personal information from naive people. Several major banks like Citibank and Bank of America have been casualties of these types of Phish viruses, where banking customers have been duped into entering their private information into a fake website claiming to be the bank. You don’t have to be targeted by identity thieves to become a victim! Leaving your computer unprotected against these types of hacker tools leaves you at a major risk that your identity will be stolen at some point.
Individuals and small businesses have become prime targets for credit card theft in recent years. For businesses, an experienced hacker, can easily get customer lists, including credit card information, addresses, emails and other private data.
The fact is that business and personal computers left unprotected give hackers a free pass to stealing credit cards and either using them or selling them on the black market. Credit cards are stolen from computer hard drives, not while being used in a purchase on the web! Buying things off the web is actually very safe.
You are just as much at risk buying something from a retail store in a mall as you are when buying online. This is because virtually every business stores your information on their computers and also has access to the Internet, even if it’s just for email, and is vulnerable to hack attacks. It’s what businesses and consumers don’t do to protect their own computer systems that cause credit theft problems.
. Identity theft is the fastest growing white-collar crime in America.
. 1 in 20 adults in the U.S. are now victims of identity theft. (FTC)
. 27.3 million Americans have been victims of identity theft in the last 5 years, including nearly 10 million people during 2003. (FTC)
. It costs an average of $10,000 and 75 hours of time for an individual to try to recover from identity theft.
. There has never been a recorded case where a credit card number has been stolen while being submitted for a purchase on the Internet.
. There is an online black market for stolen credit cards. Stolen credit cards go for as little as $5 to $40.
Zombie PCs – Computer Hijacking
Would you ever know it if your computer were taken over and being used by a hacker? Not likely. When a hacker hijacks a computer, the victim rarely knows. A computer that has been hijacked is one that is completely taken over by a hacker, or a group of hackers, to be used for their own purposes.
The idea is that the real owner of the computer never knows their system has been hijacked, so the hacker(s) can secretly use it whenever and however they want.
Once a computer has been hijacked, the hacker claims ownership of that computer. In fact, in many cases when a hacker has taken over a computer, they will even “heal” the computer by closing the security holes, so no other
hacker can break into the computer and use it too. Computers that have been hijacked and are under the control of a hacker are known as “zombies”.
Some of the more popular uses for a Zombie computer include using it to send Spam emails, distribute pornography, download illegal copies of software, and to anonymously attack another computer, a business, a website, or even a government agency.
There have been many cases in the U.S. and around the world where a business or home computer has been hijacked and used for illegal purposes without the computer owner’s knowledge. These victims have had their computers used to distribute child pornography, deface websites, and even hack into government computers. In many cases, the owner of the hijacked computer (the business owner or the homeowner) has been arrested and hauled off to jail, only to be humiliated, demoralized and even convicted for crimes they didn’t commit.
Hackers are very good at hiding behind their slave or zombie computers.
A hijacked computer is a hacker’s protection of anonymity.
As unbelievable as it may seem, hijacked computers or “zombie” computers actually have a street market value in the hacker community. The better the computer and the faster the Internet connection of the slave machine, and the bigger the hard drive, the more it is worth on the market. Zombie computers are often leased out by hackers to other hackers, or even to organized crime groups, to be used for illegal purposes – without the computer owner’s knowledge. If a hacker or a cyber-gang can take over a hundred or a thousand computers, they have an army of computers at their disposal.
. If your computer has become a “zombie” or a “slave” to a hacker, the use of your computer could be for sale somewhere on the Internet or an auction website. Your computer’s power is valuable to hackers.
. Today, there are organizations that claim “ownership” of more than 450,000 zombie computers around the world that they use to anonymously send spam.
Tens of millions of people now do their banking, pay their bills and trade stocks online. Banks and other financial institutions have spent large sums of money to protect your information on their computers. And they generally do a good job of keeping your personal information secured on their systems.
They tell you that you are safe. But the real question is, can an Internet intruder get to your banking information through your personal computer? Who is keeping hackers from getting your online banking usernames and passwords from your own PC? Passwords for online banking accounts and stock trading accounts are easily cracked if a hacker gets onto your computer.
Even novice hackers can quickly dismantle your entire financial life if you aren’t prepared. Managing your money online is incredibly convenient and can be very safe, if you take the proper precautions to secure your system. You generally don’t have to worry about whether your bank is protecting your private information – you need to worry about thieves getting to your financial accounts through your own computer!
Invasion of Privacy
The online invasion of your privacy is a new concept to many people. The reality is that when you go online, your computer is connected to millions of other computers around the world, and is a window into your personal life. Many hackers are really just voyeurs who get their thrills from simply looking at what other people do or have on their computer. They like to read emails, look at pictures, and see what music you have. If they want a certain program or game that’s on the PC, or if they like the photos or other things, they can have it all if you haven’t locked them out.
You wouldn’t think of going on a vacation and leaving the front door to your home wide open, would you? Yet that is what people do when they go online and don’t take measures to lock down their computer. We shudder at the
thought of someone stalking our children or peeking through our windows at night. Yet we allow people we don’t know to invade our computers and watch everything we do while we are at the keyboard. Because we can’t see the intruder, it’s easy to not worry about it. In this new digital age, the threat to your personal and business privacy through your computer is real.
. 20% of young Internet users have received unwanted sexual solicitations.
Vandalism & Loss of Data
The reality is that most people haven’t been victims of a vandalism cyber-attack. But if your computer is not properly protected, it can be vandalized from anywhere in the world, and you could lose everything you have on your computer. When a home computer is vandalized, it usually means something as simple as having certain files moved, changed or deleted, or something as extreme locking you out of your own computer, disabling your operating system, or crashing your computer altogether.
If you use a computer in your business, think of all the things you have on your computer, and then imagine losing it all. Computer vandalism can be disastrous. Imagine if you came into the office one morning and several of your confidential computer files were missing, or if all your customer data was deleted, or if you accounts receivable file was erased? What if the hacker just changed a few small, un-noticeable things in your files without your knowledge – like the terms of a contract, or the price of certain products? You can only imagine the potential
disaster waiting to happen if you leave your computers unprotected.
By far, the most common problems people have with their computers are the huge hassles and costs of repairing a computer that has been infected with viruses, spyware and other hacker tools. The cost of having to regularly fix or repair your computer can become a nightmare.
. Disgruntled employees or ex-employees often present the greatest risk to a company’s computers.
. According to InformationWeek, hacking and viruses cost U.S. businesses $266 billion in damages in the year 2000 alone – that’s 2.5% of the USA’s GDP!
. You could pay thousands of dollars having a technician attempt to fix a vandalized computer and retrieve missing files. (It’s cheaper just to protect your PC to begin with.)
The bottom line with this trend in the law is that it is the responsibility of every computer owner to take adequate and appropriate steps to protect their computer(s). There have been many cases where an individual was mistakenly arrested and hauled off to jail because their home computer was used to attack a business or a government agency. In all cases, the people arrested were a victim of a hacker break-in where their computer was taken over and turned into a zombie, and then used by the hacker to attack another computer, to send spam,
or to distribute pornography. The lives of innocent people are being turned upside down, and they are guilty of only one thing – not protecting their computer(s)! It’s a good idea not to risk this kind of personal liability.
There are several recent laws that have been enacted that require businesses and professionals protect the information on their computer systems. These laws demand that businesses protect the private information of their customers from hackers and other breaches of privacy. Here are a couple of the more well-known privacy protection laws related to businesses.
The Graham Leach Bliley Act (GLBA) requires all financial institutions and other professionals that deal with other people’s money to protect their customer’s information. This includes banks, credit unions, financial planners, stockbrokers, CPAs, mortgage companies, insurance agents, and many other groups.
The Health Insurance Portability and Accountability Act (HIPAA) requires all healthcare related organizations to protect a patient’s private health information. This includes health plans, doctors, hospitals, dentists, and other related healthcare organizations.
. Under some laws, the penalties for not protecting your customer’s private information can be as stiff as a $250,000 fine and 10 years jail time.
. Several states, like California, are enacting new laws at the state level that requires businesses of all types and sizes to protect customer information, and to report any attacks to their own customers and the government.
There is a dangerous new frontier emerging in conflicts and political struggles around the world – that of cyber-terrorism. The vast majority of computers around the world are easy to take over and control because the lack
the proper security. When an attacker combines the power of tens of thousands of zombie PCs together in a focused attack, computers can be used to effectively disrupt businesses, lives and entire economies. Power plants can be shut down, dam spillways can be opened, hospitals systems can be taken offline, major phone networks can be jammed, and banking systems crashed – all in attacks from computers. Sounds like a sci-fi movie, right?
Well, it’s a reality – and all of those things listed have already happened in the past according the U.S. Homeland Security Department!
Governments around the world are scrambling to find ways to protect their infrastructures after several countries have been recently attacked by cyber-terrorists. In 2003, the “Slammer” worm began as a targeted attack against
South Korea by a radical Chinese hacker group. In this attack, the entire infrastructure of South Korea was taken down for several days, including air traffic control systems, ATM and banking systems, phone networks and more.
This attack wreaked havoc by paralyzing South Korea’s entire economy and disrupting millions of lives in that country. The Slammer worm attack spilled over to other countries around the world including the United States causing billions of dollars in damages globally.
There are many other examples of terrorist attacks via computers, including a real cyber-war that has been going on between Pakistan and India. Hacker groups from each country have carried out focused hack attacks against hospitals, power grids, and other critical infrastructures. No battles with guns and bombs, just a bunch of computers simultaneously attacking specific targets, causing economic damages and creating chaos and fear.
The U.S. government released their “Strategy to Protect Cyberspace” in late 2003 where they warn of future cyber-attacks against U.S. interests. The reality is that these attacks will include hacked computers within the United States itself! Experts predict that we have only just begun to see the types of attacks that could be brought about through cyber-terrorism.
. The U.S. government named an official “cyber-czar” to oversee the country’s efforts to protect against cyber-terrorism and cyber-warfare.
. Cyber-security is one of the key focal points within the U.S. Dept. of Homeland Security.
. The U.S. government has warned U.S. citizens to protect their portion of cyber-space for their own protection, and to help prevent terrorists or others from using home and business computers in an attack against U.S. interests.
What YOU can do.
Now that you’ve become aware of the many threats and risks, you need to get the best protection you can find. If you use the Internet you are at risk. The threat is real. Make sure you speak to us to get the solution to these