Gio
Well-Known Forum User
Hi All - the IT bod at the place where my better half works sent round this following email on the above subject. It seemed like wise words, mate so I post it here fyi.
--------------------------------------------------
Hi Allstaff,
Many of you have computers at home, and have perhaps grown bored of by
technobabble and warnings of the end of all good things, especially
from me, but I figured I better warn staff of the continued growth of
pretty nasty things if you use a (nominally WINDOWS) computer (home or
work..)
You may want to print this as we go..
Windows systems that are not up to date, are woefully inadaquate at
protecting you from potentially fairly serious situations. Its now been
a fair while since using a non updated and protected Windows (and
perhaps other system) on the internet was a wise move.
The latest little whizz in spyware is loading dialer's on your or some
other poor person's machine without your/their permission, then dialing
numbers that carry ludicrious premiums overnight or similar. A very
easy and nasty way for some slimeball scumbags out there to take money
from you, all without ever asking you. Nice. Not. Now.. Many people may
not have a modem attached to the computer. This little whizz is not
effective if that's the case. But if you do have a modem, it may well
be a bright idea to make sure that if you don't keep your machine in a
pristine secure way, to remove the phone cable from it when not in use.
At least that way if you did get a rogue dialler it can't ring
anyone..But that's only a workaround. You'd have to fix it .
The only systems being properly updated by Microsoft are Windows Server
2003 and windows XP SERVICE PACK 2. In their wisdom Microsoft assume
that you know this and that you will throw away their last latest and
greatest product (Windows 95, 98, 98se, 2000, NT, ME, others..) for
their current one. It is important to note carefully that XP, and its
first service pack, SERVICE PACK 1 DO NOT PROTECT YOU. Take careful
note. Microsoft are incapable of understanding how you would not do
this, but you need to understand their mentality before you can make
yourself safe.
So... In some simpler terms, some advice.
Make sure that you are using Windows XP SP2 (SP2 = SERVICE PACK 2). If
you are not, then find a way of making your machine Windows XP SP2.
That may mean buying XP SP2, or doing an upgrade if you already have XP
in a previous version. It may mean spending money. It may mean throwing
away an old computer, it may mean many things - your mileage may vary.
So TICK HERE WHEN YOU ACHIEVE THIS GOAL .......................
Once you reach that stage, (and potentially before as well..) make sure
you run AND KEEP UP TO DATE an Anti virus product. This can be any
major brands, Norton, McAfee, or similar. Ahhh, money may again be
needed. There is I believe a free one called AVG if you'd like to
google for it. Your mileage may vary.
So TICK HERE ONCE YOU ACHIEVE THIS GOAL .......................
Then, go and collect and install a copy of the following software tools
- all currently free: (use google to search - but please don't go
grabbing other products, I can't vouch for them or the problems the
bring. Many spyware tools CARRY the very junk they claim to remove)
Microsoft Antispyware (beta, but good.)
TICK HERE WHEN YOU COMPLETE THIS GOAL .......................
Spybot search and destroy (currently version 1.3)
TICK HERE WHEN YOU ACHIEVE THIS GOAL .......................
Ad-Aware (from lavasoft)
TICK HERE WHEN YOU ACHIEVE THIS GOAL .......................
You'll need to run these, and keep them updated on a regular basis.
UPDATE WINDOWS VIA WINDOWS UPDATE .......................
UPDATE ANTIVIRUS and scan whole machine .......................
UPDATE MICROSOFT ANTISPYWARE + full scan .......................
UPDATE Lavasoft Ad-Aware + full scan .......................
UPDATE Spybot search + destroy + scan .......................
Notes How many incidents or problems did you find
..................................................
..................................................
UPDATE WINDOWS VIA WINDOWS UPDATE .......................
UPDATE ANTIVIRUS and scan whole machine .......................
UPDATE MICROSOFT ANTISPYWARE + full scan .......................
UPDATE Lavasoft Ad-Aware + full scan .......................
UPDATE Spybot search + destroy + scan .......................
Notes How many incidents or problems did you find
..................................................
..................................................
UPDATE WINDOWS VIA WINDOWS UPDATE .......................
UPDATE ANTIVIRUS and scan whole machine .......................
UPDATE MICROSOFT ANTISPYWARE + full scan .......................
UPDATE Lavasoft Ad-Aware + full scan .......................
UPDATE Spybot search + destroy + scan .......................
Notes How many incidents or problems did you find
..................................................
..................................................
UPDATE WINDOWS VIA WINDOWS UPDATE .......................
UPDATE ANTIVIRUS and scan whole machine .......................
UPDATE MICROSOFT ANTISPYWARE + full scan .......................
UPDATE Lavasoft Ad-Aware + full scan .......................
UPDATE Spybot search + destroy + scan .......................
Notes How many incidents or problems did you find
..................................................
..................................................
UPDATE WINDOWS VIA WINDOWS UPDATE .......................
UPDATE ANTIVIRUS and scan whole machine .......................
UPDATE MICROSOFT ANTISPYWARE + full scan .......................
UPDATE Lavasoft Ad-Aware + full scan .......................
UPDATE Spybot search + destroy + scan .......................
Notes How many incidents or problems did you find
..................................................
..................................................
If you do this (the above) once a week for one month, you should remove
all the horrible spyware to a greater degree, and give yourself the
protection needed for use of the systems. You will have to continue
beyond one month off course because the bad guys don't go away.
Sometimes even these tools leave a machine in a bad state due to the
level of infections. I guess you'll need further help if that's the
case..
If members of your family use the computer, I think that you'll need to
educate them on the use of these tools, but also, as a group, steer
clear of unusual topics or websites. Many people get requesters on
screen while visiting a website and just answer yes. They fail to
realise that requestor is arranging for (potentially) nasty things to
happen to your system. And the majority of requesters don't say 'I'm
about to install a rogue dialler here, and it'll cost you thousands, is
that ok?'. Far from it. Sometimes the damn requester keeps coming back
until you say yes (example). These issues can in fairness only be
learned from by experience. Most of the developers who write these
things use human nature, or social interaction to override security by
annoying the user, harrassing the user, or tricking the user. Even with
all the latst patches, fixes, super tools, - if a user says YES to
'delete my hard drive, thank you!', nothing can save you from being
responsible for the consequences..
By repeating a question with a yes answer until you finally say yes is
typical of the chicanery that is used to load software on people's
machines. Estimates in 2004 indicated that 67% of computers on the
internet were infected with spyware. Now in 2005, it carries estimates
of 90+ %.
If you choose to ignore the advice, well that is upto you. All I can do
is try and forewarn people that 2005 is going to become a nightmare in
terms of your information/security, your identity and its potential
theft, and financial theft. All you can do is arm yourselves with
whatever information you can, and act on it, rather than waiting for it
to happen. In terms of the rogue dialler programs, these can literally
cost you thousands of pounds, and you may not be aware until the bill
arrives. Thus far BT has been very very unhelpful to victims of the
scam, so the onus lands on you to make sure you don't become one.
For more information:
http://www.unite.net/display/faq
Choose the faq on the left of interest
http://www.cable-direct.co.uk/PREMIUM%20RATE%20INTERNET%20DIALLING%20FRAUD.pdf
http://www.pcworld.com/howto/article/0,aid,112903,00.asp
http://www.theregister.co.uk/2005/01/28/rogue_diallers_cuffed/
http://www.tiscali.co.uk/money/guardian/news/2004/12/18/fightbackbeginsonnetroguediallerscam.html
http://news.zdnet.co.uk/internet/security/0,39020375,39171014,00.htm
http://www.computing.co.uk/news/1158591
--------------------------------------------------
And if you find it useful, why not look kindly on the next Cancer Research collecting box waved under your nose
www.gci.ac.uk
--------------------------------------------------
Hi Allstaff,
Many of you have computers at home, and have perhaps grown bored of by
technobabble and warnings of the end of all good things, especially
from me, but I figured I better warn staff of the continued growth of
pretty nasty things if you use a (nominally WINDOWS) computer (home or
work..)
You may want to print this as we go..
Windows systems that are not up to date, are woefully inadaquate at
protecting you from potentially fairly serious situations. Its now been
a fair while since using a non updated and protected Windows (and
perhaps other system) on the internet was a wise move.
The latest little whizz in spyware is loading dialer's on your or some
other poor person's machine without your/their permission, then dialing
numbers that carry ludicrious premiums overnight or similar. A very
easy and nasty way for some slimeball scumbags out there to take money
from you, all without ever asking you. Nice. Not. Now.. Many people may
not have a modem attached to the computer. This little whizz is not
effective if that's the case. But if you do have a modem, it may well
be a bright idea to make sure that if you don't keep your machine in a
pristine secure way, to remove the phone cable from it when not in use.
At least that way if you did get a rogue dialler it can't ring
anyone..But that's only a workaround. You'd have to fix it .
The only systems being properly updated by Microsoft are Windows Server
2003 and windows XP SERVICE PACK 2. In their wisdom Microsoft assume
that you know this and that you will throw away their last latest and
greatest product (Windows 95, 98, 98se, 2000, NT, ME, others..) for
their current one. It is important to note carefully that XP, and its
first service pack, SERVICE PACK 1 DO NOT PROTECT YOU. Take careful
note. Microsoft are incapable of understanding how you would not do
this, but you need to understand their mentality before you can make
yourself safe.
So... In some simpler terms, some advice.
Make sure that you are using Windows XP SP2 (SP2 = SERVICE PACK 2). If
you are not, then find a way of making your machine Windows XP SP2.
That may mean buying XP SP2, or doing an upgrade if you already have XP
in a previous version. It may mean spending money. It may mean throwing
away an old computer, it may mean many things - your mileage may vary.
So TICK HERE WHEN YOU ACHIEVE THIS GOAL .......................
Once you reach that stage, (and potentially before as well..) make sure
you run AND KEEP UP TO DATE an Anti virus product. This can be any
major brands, Norton, McAfee, or similar. Ahhh, money may again be
needed. There is I believe a free one called AVG if you'd like to
google for it. Your mileage may vary.
So TICK HERE ONCE YOU ACHIEVE THIS GOAL .......................
Then, go and collect and install a copy of the following software tools
- all currently free: (use google to search - but please don't go
grabbing other products, I can't vouch for them or the problems the
bring. Many spyware tools CARRY the very junk they claim to remove)
Microsoft Antispyware (beta, but good.)
TICK HERE WHEN YOU COMPLETE THIS GOAL .......................
Spybot search and destroy (currently version 1.3)
TICK HERE WHEN YOU ACHIEVE THIS GOAL .......................
Ad-Aware (from lavasoft)
TICK HERE WHEN YOU ACHIEVE THIS GOAL .......................
You'll need to run these, and keep them updated on a regular basis.
UPDATE WINDOWS VIA WINDOWS UPDATE .......................
UPDATE ANTIVIRUS and scan whole machine .......................
UPDATE MICROSOFT ANTISPYWARE + full scan .......................
UPDATE Lavasoft Ad-Aware + full scan .......................
UPDATE Spybot search + destroy + scan .......................
Notes How many incidents or problems did you find
..................................................
..................................................
UPDATE WINDOWS VIA WINDOWS UPDATE .......................
UPDATE ANTIVIRUS and scan whole machine .......................
UPDATE MICROSOFT ANTISPYWARE + full scan .......................
UPDATE Lavasoft Ad-Aware + full scan .......................
UPDATE Spybot search + destroy + scan .......................
Notes How many incidents or problems did you find
..................................................
..................................................
UPDATE WINDOWS VIA WINDOWS UPDATE .......................
UPDATE ANTIVIRUS and scan whole machine .......................
UPDATE MICROSOFT ANTISPYWARE + full scan .......................
UPDATE Lavasoft Ad-Aware + full scan .......................
UPDATE Spybot search + destroy + scan .......................
Notes How many incidents or problems did you find
..................................................
..................................................
UPDATE WINDOWS VIA WINDOWS UPDATE .......................
UPDATE ANTIVIRUS and scan whole machine .......................
UPDATE MICROSOFT ANTISPYWARE + full scan .......................
UPDATE Lavasoft Ad-Aware + full scan .......................
UPDATE Spybot search + destroy + scan .......................
Notes How many incidents or problems did you find
..................................................
..................................................
UPDATE WINDOWS VIA WINDOWS UPDATE .......................
UPDATE ANTIVIRUS and scan whole machine .......................
UPDATE MICROSOFT ANTISPYWARE + full scan .......................
UPDATE Lavasoft Ad-Aware + full scan .......................
UPDATE Spybot search + destroy + scan .......................
Notes How many incidents or problems did you find
..................................................
..................................................
If you do this (the above) once a week for one month, you should remove
all the horrible spyware to a greater degree, and give yourself the
protection needed for use of the systems. You will have to continue
beyond one month off course because the bad guys don't go away.
Sometimes even these tools leave a machine in a bad state due to the
level of infections. I guess you'll need further help if that's the
case..
If members of your family use the computer, I think that you'll need to
educate them on the use of these tools, but also, as a group, steer
clear of unusual topics or websites. Many people get requesters on
screen while visiting a website and just answer yes. They fail to
realise that requestor is arranging for (potentially) nasty things to
happen to your system. And the majority of requesters don't say 'I'm
about to install a rogue dialler here, and it'll cost you thousands, is
that ok?'. Far from it. Sometimes the damn requester keeps coming back
until you say yes (example). These issues can in fairness only be
learned from by experience. Most of the developers who write these
things use human nature, or social interaction to override security by
annoying the user, harrassing the user, or tricking the user. Even with
all the latst patches, fixes, super tools, - if a user says YES to
'delete my hard drive, thank you!', nothing can save you from being
responsible for the consequences..
By repeating a question with a yes answer until you finally say yes is
typical of the chicanery that is used to load software on people's
machines. Estimates in 2004 indicated that 67% of computers on the
internet were infected with spyware. Now in 2005, it carries estimates
of 90+ %.
If you choose to ignore the advice, well that is upto you. All I can do
is try and forewarn people that 2005 is going to become a nightmare in
terms of your information/security, your identity and its potential
theft, and financial theft. All you can do is arm yourselves with
whatever information you can, and act on it, rather than waiting for it
to happen. In terms of the rogue dialler programs, these can literally
cost you thousands of pounds, and you may not be aware until the bill
arrives. Thus far BT has been very very unhelpful to victims of the
scam, so the onus lands on you to make sure you don't become one.
For more information:
http://www.unite.net/display/faq
Choose the faq on the left of interest
http://www.cable-direct.co.uk/PREMIUM%20RATE%20INTERNET%20DIALLING%20FRAUD.pdf
http://www.pcworld.com/howto/article/0,aid,112903,00.asp
http://www.theregister.co.uk/2005/01/28/rogue_diallers_cuffed/
http://www.tiscali.co.uk/money/guardian/news/2004/12/18/fightbackbeginsonnetroguediallerscam.html
http://news.zdnet.co.uk/internet/security/0,39020375,39171014,00.htm
http://www.computing.co.uk/news/1158591
--------------------------------------------------
And if you find it useful, why not look kindly on the next Cancer Research collecting box waved under your nose
www.gci.ac.uk