• Return to Home
• Blog Home

Archives

• September 2010
• August 2010
• July 2010
• June 2010
• May 2010
• April 2010
• March 2010
• February 2010
• January 2010
• December 2009
• November 2009
• October 2009
• September 2009
• August 2009
• July 2009
• June 2009
• April 2009
• March 2009
• February 2009
• January 2009
• December 2008

Categories

• Business
• Individual

Recent Comments

• Karen on Leveraging Unsuccessful Interviews
• Larry St Pierre on Leveraging Unsuccessful Interviews
• Sophie on Resiliency- How Do You Measure Up?
• Dean F. Wolff on Resiliency- How Do You Measure Up?
• Sherri Edwards on Making Ends Meet in a Slow Economy

Internet Risks, Part 1: The Problem – contributed by MyOffice Tech

There is no doubt that folks in the job market spend a lot of time on the Internet doing research, visiting many different sites to research companies, read blogs, and study articles.  Every job seeker and employed individuals receive many emails with employment-related links and attachments, some of which may not be legitimate.  And, let’s not forget about all those “free” tools available to us out there on the web, along with those ubiquitous “work-from-home” ads and links!

Most people know that your electronic link to the outside world can be very hazardous to your computer’s health and can spiral into nasty personal consequences if your personal and confidential information is stolen.  Without a doubt, there is nothing as destructive as malware getting onto your system.  In fact, instances of system downtime resulting from malware infection far exceed downtime resulting from hardware failure.  The current status of online threats can be summarized as simply as this:  they are dangerous, rapidly-evolving and widespread. But, many people don’t know how a computer becomes compromised, and what to do to minimize the risks.

The information provided here applies predominantly to Microsoft Windows systems.  Apple Macs and Linux-based systems (such as Ubuntu) are more secure at the moment, since they are less-targeted (there are fewer of them) and their architecture is different.

I.  Types of Threats and Terminology: The most common threats to us currently are:

• Malware (broad classification): Viruses, worms, trojans, rootkits, bots, scareware, meanware, hidden proxies, and keyloggers.
• Scareware: A special sub-class of malware which uses fake anti-virus pop-ups to inform you that your system is infected when it really isn’t.
• Meanware: A special sub-class of malware that damages or destroys your system just for the sick amusement of whoever wrote it.
• Hidden proxies: Silently redirects all of your internet communications through a third party which watches your web browsing.
• Keyloggers: A special sub-class of malware that records your keystrokes and sends them to the criminals.
• Bots: Hidden malware which runs undetected in the background, usually hijacking your email address book and sending out spam without your knowledge.
• Phishing: Anything that tries to trick you into doing something that will cause you to reveal personal or confidential information.
• Scams: Anything that tries to get you to pay for or send money for something that doesn’t exist, is phony, or disreputable.
• Spam: Useless or unwanted information, in the form of emails, blog or forum posts, pop-ups, or text messages that tries to get you to perform an action that results in any of the above, or for the purpose of spreading website URLs for search engine ratings increases, or just to bother people.

II.  Anti-virus systems can’t keep up: Today, most malware is written and deployed by organized crime.  This software is smart and is getting smarter.  Old-school malware had static “profiles” or “signatures” and could be easily detected by anti-virus suites.  Now, new malware constantly changes its internals so that it is not detected by traditional “signature-based” anti-virus software.  This is frightening.

To attempt to keep up with such insidious, shape-shifting threats, state-of-the art anti-virus software utilize what is known as “heuristics” to detect and halt suspicious activity.  Some advanced anti-virus software, in addition to signatures and heuristics, send unrecognized executable files and known executables that have been altered to the “cloud” for multiple scans.  However, be aware that these do make mistakes and “false positives” result, and malware still slips though undetected.

III.  Methods of Infection: The primary “attack vector” today is the Internet.  The old-school infection method used to be to get the computer user to open an infected email attachment.  While this still happens, it is no longer the preferred attack vector.  The Internet is a far more efficient means of infection.

Today, to become infected with malware, all you have to do is visit an infected (”compromised”) website.  You don’t even have to click on anything in the site.  It is that simple.

So, how do the bad guys utilize the web for their nefarious activities?  The most common methods are:

• They understand and use human nature against us.  They target popular but weak websites, hack into them, insert their malicious code, and wait for people to visit them.  Or, they place infected ads, or just set up their own infected websites.  They know what application and operating system vulnerabilities exist and write their malware to exploit them.  High-risk website categories are: social networking, celebrity, cooking, music lyrics, adult sites, work-from-home schemes, avatar generators, free stuff – anything that draws large numbers of visitors.  Anything “free”, such as free anti-virus, screensavers, toolbars, desktop themes, video player codecs/plugins, picture viewers, utility programs, drivers, etc., are extremely risky if they come from untrusted sources.
• They prey on the human errors:  at some point in time you will misspell a URL or use “.com” instead of “.org” or “.gov”.  There are malicious websites set up under these common errors just for these opportune moments.
• They utilize “social engineering” to get you to visit bad websites.  They send you emails and messages that look legitimate or official, but have a link that will take you to a malicious website.  Users of social networking sites like Facebook, Linkedin and Twitter are at particular risk.  “Official” email links are usually clicked out of uncertainty or fear (i.e., the email appears to be from your bank, the IRS or Census Bureau).
• They “poison” the web infrastructure’s “DNS” servers, your “DNS” cache, or hosts file so that when you try to go one site you actually go to another.

Another common attack vector is exploiting insecure application programs that run on your computer:

• Unpatched Adobe Reader, or Adobe Reader with JavaScript enabled is a prime target.  If you click on a web link that opens an infected PDF file, or you open one in an email attachment, and you have a vulnerability it can exploit, your system will be infected.  Adobe regularly updates their software with security patches but unfortunately, on many people’s computers these updates are broken.
• Java’s run-time environment and its components are another prime culprit.  Many computers are operating with old, insecure Java versions because the updating mechanism is broken or old versions co-exist with new versions.  Java’s updating mechanism is truly a mess.

Many firewalls are ineffective because they are weak, faulty, or configured improperly:

• Such firewalls allow unsolicited and malicious traffic into your system.
• The firewall replies to Internet “pings” from malicious sources, revealing to them that your system “exists”.  They will now try to attack your system with even more zeal.
• The firewall allows malicious processes already on your machine to communicate with their criminal “command and control centers”, sending out personal or confidential information.

Please continue to Part 2 to read about how to fight back and minimize your risks.

Ed Meadows
Manager
MyOffice Tech, LLC
http://MyOfficeTechLLC.com
Support@MyOfficeTechLLC.com

360-769-0050

Internet Risks, Part 2: Fighting Back – contributed by MyOffice Tech

How in the world can anybody be safe today?  The short answer is that you cannot be completely safe. There are just too many attacks on too many fronts for you to be successful in fending off all of them.  But, short of disconnecting yourself, there are specific things you can do to reduce your risk:

• Windows updates: First and foremost, keep your system updated.  Apply critical updates immediately and reboot when instructed to do so.
• Backups: Make sure you have an excellent computer backup system and methodology.  You need to use a backup system that automatically and regularly creates image backups of your hard drives to a USB or network drive.
• High-risk website categories: If at all possible, stay away from them.  If you must browse risky sites, do so while logged on to a “limited” or “standard” Windows user account as opposed to an “administrator” account.  This will limit the amount of damage that malware can do if it does get on your system.
• Links: Do not click any links in emails, instant messages, or in other communications unless you are certain of the authenticity of the message and trust the destination of the link.  Never click any link in an unsolicited message.  This is the primary attack vector for social networking sites, and phony messages from “friends” can appear to be quite real, so be very suspicious of any links in them.  Do not click on ads or external links on high-risk websites.
• Suspicious emails: Immediately delete strange emails from unknown senders without opening them.
• Anti-virus Systems: Select and use a top-rated anti-virus program or suite.  There are quite a few that cluster around the top but all of these have strong and weak points.  Remember that some free anti-virus programs are quite good, while some you have to pay for are sub-standard.  Visit www.av-comparatives.org for unbiased ratings and reviews.
• Secondary Anti-Virus Systems: Run several manual/”on-demand” anti-virus programs in addition to your main suite for a “second opinion”.  No single anti-virus suite or program is good at finding every type of malware.  I recommend that you download and install Malwarebytes (www.malwarebytes.org), Superantispyware (www.superantispyware.com), HitMan Pro (www.surfright.nl), and SpyBot (www.safer-networking.org).  Update them and run them often, but be aware of false positives.  Any malware found should be quarantined if possible, not deleted, to allow recovery of a file or files in the event of a false positive.
• Hardware Firewall: Use a quality appliance, one that performs “stateful packet inspection” and employs NAT (network address translation).  You must keep your firewall’s firmware updated.
• Software Firewall: These are usually included with higher-rated anti-virus suites.  Carefully read any messages presented to you by them, and research the processes that are requesting access before you allow it.  Generally, hardware firewalls and software firewalls do not conflict with each other.
• Applications: Keep your non-Microsoft applications, such as Adobe Reader and Java, updated.  Bear in mind that Windows Updates do not update such applications, and many of their update mechanisms are broken.  The best way to keep them secure is to use a fantastic piece of software called Secunia Personal Software Inspector (PSI). It identifies apps on your machine that are insecure and suggests how to fix them.  This program is free to non-commercial users and can be downloaded at:  http://secunia.com/vulnerability_scanning/personal
• Internet Browser: Use a more secure browser.  Mozilla Firefox is regarded as being more secure than Microsoft’s Internet Explorer, and is faster, too.  If you can tolerate re-logging into your favorite sites every time you reopen your browser, I recommend that you set your browser to automatically delete your history and cookies every time you exit.
• Browser add-ons: For Mozilla Firefox, I emphatically recommend “Web of Trust” and “BetterPrivacy”.  Web of Trust is one of best security tools you can have.
• Scan your downloads: Send any files you have download to Virus Total (www.virustotal.com) for analysis before you open, execute, or install them.  The current upload limit size is 15 MB.
• JavaScript: Disable JavaScript in your Adobe Reader.
• Email Preview Pane: If you can live without it, turn it off.
• Online banking: If at all possible, avoid it.  You can always use a bank’s automated telephone service for many of the tasks you perform online.  There is a new class of malware in the wild called “banker trojans” that are truly scary.  The usual method of operation is like this:  It sits on your computer, disguised and undetected, and waits for you to visit a banking site.  When you do, it redirects you to a phony, look-alike site where you “log in”.  This is where your credentials are stolen.  It then sends you to your bank’s real site and logs you in.  From your perspective, everything appears to be normal.  The malware then quietly deletes itself.  Funds are then transferred out of your bank account, usually in small amounts over a period of days or weeks so as not to trigger bank alerts.

You may still become infected at some point, despite your best efforts.  The malware may be able to be removed and the damage repaired.  If not, your system will have to be restored from an uninfected image backup from an earlier date.  If no image backups are available, your system will have to be wiped clean and the operating system reinstalled.  Depending upon the extent of the damage, your data may or may not be able to be saved before the restore or wipe.

The burden of remaining secure is high, but the costs of not doing so are much higher.  We cannot reduce our risks to zero, but we can certainly fight back.

MyOffice Tech is experienced in computer security and computer health issues for individuals and small businesses.  We would be happy to answer any questions you may have regarding these subjects and to assist you with implementation of enhanced security measures.

Ed Meadows
Manager
MyOffice Tech, LLC
http://MyOfficeTechLLC.com
Support@MyOfficeTechLLC.com

360-769-0050

Are you ready to React or Effectively Respond?

How fast are you able to take action when an opportunity surfaces or a lead comes your way?

People say the first step to success (winning) is showing up. The next step is knowing how to play the game. Knowledge, strategy and timing are critical. (If you don’t have a strategy then please read all of my previous blog posts.) The third step is taking action.

Immediate responses are much more likely to bring results, but the key is in how well prepared your response is and how it is delivered. There is a big difference between an urgent, yet controlled response and a knee jerk reaction or over reaction. If you have done your homework, then you will have:

Researched the industry you are pursuing. The only way to present yourself well, either through a cover letter, or resume or during an interview is to have an understanding of the industry you are stepping into. That doesn’t happen overnight.

Researched the players. This means all the companies you might be interested in, in advance. Why? Because a last minute prowl on Linked In or Google cannot produce what you could have learned over time by contacting people in the company, long before a position is posted. Waiting until a posting appears is simply too late to learn about internal political issues, project failures, attitudes that have an impact on the role you are pursuing. Developing a strategy requires an awareness of all of that. Interviewing without background information, and having only a mission of getting the job leaves a candidate at an extreme disadvantage.

Prepared a “Master” resume. In order to quickly tailor a resume to fit each and every position you pursue, a detailed “Master” needs to be available to work from. Working from scratch will require too much time to carefully tailor carefully a resume in time to meet the demand of an urgent request. A sloppy resume or a “generic” resume will miss the mark.

Prepared a list of references. The time to notify your references is long in advance. Advise them of what you are looking at and why. Your list of current, relevant references should be ready to take with you when you are called in to interview.

Researched market information for salaries. You can count on being asked the money question. Know the market; know your value. Don’t wait until you get the question to think through your answer.

Resolved any unfinished projects/issues. If you need to go to work, then your house needs to be in order. Repairs to home, car, mind and body need to be completed. If there is anything at all that needs to be done that could interrupt your ability to report for work, then a plan needs to be in place before you interview. Schedule the dates and plan on how you can work around it, so that the needed time can be negotiated at the time an offer is made (not before!). If that is not possible, then you aren’t ready to go to work.

What have you thought of that might throw you into “reaction mode” rather than “response mode”?

Copyright © 2008 Resource Maximizer Blog | Wordpress Theme by Carsen Klock | Powered by Wordpress