virus hoaxes

Virus Hoaxes, As Bad As The Real Thing?

computer viruses cause real damage to systems or lead to data theft. The consequences are lost time, broken programs and sometimes real money stolen.

A hoax can have these same consequences.

A virus hoax is typically distributed by e-mail to 'warn' recipients of a new threat to computer systems security. After detailing how this new virus is a serious threat, the e-mail advises you to forward the message to everyone you know. This 'chain letter' effect causes one kind of real harm.

Virus hoaxes can circulate widely. Suppose a recipient distributes it to 10 people and each of those 10 people distribute it to 10 more people, and so on down the line. After only six generations, one million bogus e-mail messages will circulate throughout the Internet. By the seventh generation the number reaches 10 million, and by the eighth generation - 100 million e-mail messages that serve no purpose are clogging up networks worldwide.

This effect can cause servers or routers (specialized computers that route Internet traffic) to slow down or even crash.

Often such hoaxes are forwarded with good intentions. A classic example is the e-mail warning about a virus called 'Deeyenda', circulating since 1995. It claims a virus called Deeyenda is circulating via e-mail. The e-mail explains the FCC (Federal Communications Commission) has issued warnings about this virus, and advises the recipient to pass the message on.

Everything about the warning is false. Viruses can't be activated by reading a text e-mail and the FCC doesn't issue warnings about viruses. (Spyware, yes. But then it's not usually a warning, but the annoucement of a criminal indictment.) Furthermore, there has never been a virus called Deeyenda.

Even a hoax can do real system damage. Some warn the user to delete certain files allegedly containing the virus. Such files are typically (unknown to the average user, of course) critical to proper computer operation. Deleting them may have no immediate effect - until the system is re-booted and fails to start.

How to Combat Virus Hoaxes

Fighting a hoax starts with 'recognizing the enemy'.

One clue that a warning is bogus is the use of technical jargon. The 'Good Times' virus hoax contained this warning: 'If the program is not stopped, the computer's processor will be placed in an nth-complexity infinite binary loop which can severely damage the processor.' This sounds very impressive, but in fact there is no such thing as an nth-complexity infinite binary loop. Also, no processor can be harmed by excessive use. Your system may be too busy to process desired commands, but no actual harm is done to the hardware.

Virus hoaxes often contain references to real organizations such as the FCC or a company specializing in antivirus software. If the warning is real, it'll be easy to verify on these organizations' web sites. If the virus warning is real, you can expect to find references to it in print, on television, as well as all over the Internet.

It should go without saying, though some have fallen prey, one should never 'buy' from someone unknown proposing to 'cure' your virus infection. There are many legitimate antivirus vendors - some offer downloadable products, others provide a service over the Internet. But all can be verified by reviews in trade publications and valid testimonials from trusted sources.

trojan horse virus

Trojan Horse Viruses, Not A Myth

Most people are familiar with the legend of the Trojan horse. During the siege of Troy, the Greeks left a large wooden horse outside the gates, allegedly as a peace offering. The Trojans brought the horse inside the city walls only to discover it was full of Greek soldiers who quickly sacked the city.

A computer Trojan horse is similar. It looks like a benign or useful program but actually contains hidden code that can destroy data or install spyware.

A Trojan horse is often referred to as a virus, but unlike a true computer virus doesn't replicate itself. It's simply designed to gain access to your system and wreak havoc - like the mythical Greek soldiers.

Many Trojan horses (or simply 'Trojans') are spyware, used to monitor your computer activity and send information to a third party without your knowledge or consent.

Spyware can be used to deliver unsolicited pop-up ads, or to log private information such as credit card numbers and passwords, or even reroute your browser to a commercial site. The unscrupulous vendor at that site usually paid the spyware creator to do just that.

Another common use for a Trojan is to install a 'backdoor' - an access point to your computer which bypasses the normal login procedure. Hackers use backdoors to gain control of your computer to send spam or to wreak malicious damage. Since the damage appears to originate from your system it can be hard to combat.

Geeks make a distinction between 'crackers' who gain access to a system to do harm, and 'hackers' who just want to understand the details of how a system works. We'll stick with the more common, though less accurate, term.

How Trojans Are Distributed

Trojans are hidden in programs which appear useful. You visit a free utility site, download one and run the program. Your system is infected.

They can also be spread by e-mail attachments. If the attachment contains an executable file, that program can also contain a Trojan which will infect your computer as soon as it is run.

Executable files have extensions such as .exe but sometimes the extensions are hidden to make the file look like a harmless text file. An example of this would be a file named 'look_at_me.txt.exe. The user may not notice the '.exe' part of the filename (the extension) and think it's a text file. Some operating systems allow users to hide extensions, so in this case the user would simply see 'look_at_me.txt'. 

Newer tactics involve embedding them in certain image files. The lesson is: never open a file from someone unknown, or when its arrival is unexpected. Even well-meaning individuals pass on viruses this way.

It's common for Trojans to be spread through operating system vulnerabilities. An operating system controls the basic functions of the computer. Computers connect to the Internet through 'ports', some of which present security risks. Malware takes advantage of these vulnerabilities.

One well-known Trojan is called Sub7. Some claim it has legitimate uses (such as remotely controlling your own computer), though it's often used for illegal activities. Computers with Sub7 installed are accessible from a remote location and can be used to steal credit card numbers by logging keystrokes for example.

Fighting Trojans - The modern way

Most antivirus software will detect and remove Trojans. Keep your virus database up to date to provide the best protection. Some antivirus programs require you to manually scan attachments or other incoming files. Get one that does it automatically. The cost difference is negligible.

Always use caution when opening email attachments, even if they come from a known source. If the attachment is unexpected it should be suspected.

Firewalls should also be used to close vulnerabilities when using the Internet.

worm virus

Worm Viruses, Deadliest Of All

Of the three most common types of malware (malware is short for malicious software, i.e. designed to harm) - viruses, Trojans and worms - the latter is the most harmful because only worms can function without human intervention. 

Worms, like viruses, replicate themselves but unlike viruses are completely self-contained. Viruses need a 'host program' to spread, but worms propagate independently.

Though they can be designed to do the same kind of harm (file deletion, program corruption, etc), worms usually affect networks. Networks operate by means of servers and routers. The Internet is just a large set of mutually cooperating public computer networks.

Servers are similar to PC's, though usually faster and with more storage and other resources. They 'serve' other systems by making those resources available to multiple users. Routers are just specialized servers, typically of different hardware and operating systems, used to route network traffic. Hence the name.

Worms can be released into a network and their self-replication behavior causes damage. Since routers use memory, processor time, etc worms - like viruses - can overwhelm them, causing them to slow down and become unstable. Viruses don't have to delete files to do harm, they can cause the CPU - central processing unit, used to run programs - to be constantly busy. That leaves no resources for other programs to run.

Worms often carry 'payloads' - other types of malware such as spyware or backdoor installation programs. Spyware is used to monitor your computer activities and backdoors are hidden access points to your computer which can be exploited by hackers to send spam or steal data from your computer.

The fastest spreading worm ever was 'MyDoom'. First released in January 2004, it was distributed by e-mail and contained the message "andy; I'm just doing my job, nothing personal, sorry."

The author was never been discovered, but many believe it was designed to attack software company SCO (Santa Cruz Operation). Programmed to flood SCO's web site with Internet traffic, it quickly spread to the Internet at large causing a world-wide slowdown.

For individual computer users, the worm's payload is the biggest threat. Payloads can be designed to work around computer security by turning off antivirus functions or opening up computer ports. Ports are used by network software to move data in and out. Once done, the computer is open to data theft or malicious acts such as deleting files.

De-Worming

Firewalls are moderately effective in protecting your computer against worms. They can be set up to restrict network traffic and can help to 'cloak' your computer. If your computer can't be 'seen' it can't be infected with worms which spread over networks.

However, worms are also distributed in e-mail attachments so use caution when opening mail from unknown recipients or when someone known sends unexpected files.

Despite your best precautions, your system may become infected. You may notice your computer acting sluggish or rebooting on its own. Internet access may become very slow.

If you suspect your computer is infected with a worm, scan your system with antivirus software. If it fails to remove the worm, instructions for manual removal can be found on the Internet.

fight virues

Two simple precautions can help keep your computer virus free - install and use software from reliable vendors and avoid opening unexpected e-mail attachments.

Almost all e-mail attachments are potential virus carriers. Some of the most famous viruses were distributed by accessing address books of infected computers and sending e-mail (with attachments) to everyone in the address book.

Even those from known senders should be regarded with suspicion - e-mail addresses can easily be faked to appear to be from someone you know.

The 'Melissa' virus that appeared in 1999, originally posted on an Internet newsgroup, was distributed in a Microsoft Word document. When downloaded and opened the virus accessed the user's address book and sent copies of the document (along with the virus) to the first 50 people in the user's address book.

Every computer that received the virus sent out an additional 50 copies, creating a worldwide slowdown in Internet networks. The effect took only a few hours.

Another widespread virus distributed by e-mail was the 'ILOVEYOU' virus of 2000. When double clicked it sent copies of itself to every e-mail address in the infected computers address book. But far from a problem of the past, viruses are still very much with us.

What to do?

ANTIVIRUS SOFTWARE 

Antivirus software is available in both commercial and freeware versions with a variety of features and prices, usually from free to less than $50.

Most antivirus software works by examining files as they arrive at the computer and by scanning later at configurable pre-set times. The programs work by examining each e-mail attachment and downloaded file looking for virus 'signatures'.

If a virus is found the user will be alerted and infected programs and attachments can be cleansed of the virus or, if not possible, infected files can be deleted or placed into 'quarantine' where they can't be run.

UPDATES

Whare are signatures? All programs have instructions in a pattern. Computer viruses - like their biological counterparts - come in known, though evolving, patterns. The fact of evolution is the reason virus-checking files need to be regularly updated. Updated files contain lists and the characteristics of new signatures.

Most antivirus software can be configured to alert you when the virus checking files are out of date, and even to automatically refresh signature files with the latest versions.

USER PARTICIPATION

Users can become complacent after installing antivirus software, thinking they're totally protected and don't need to worry about becoming infected.

Apart from the fact that antivirus software is written by humans, who can make errors, vendors can only react to viruses after they're created. By that time, much damage can already have been done. An e-mail attachment or program may be infected with a new type of virus that your software cannot (yet) detect.

Some antivirus software can - to a limited extent - detect virus activity even without being able to identify a particular virus. This is an extra level of protection against the latest viruses, but still shouldn't allow users to become overconfident. 

Always use trusted sources for downloading software and treat every e-mail attachment with caution.

OTHER INFECTION ROUTES

Lastly, a special note about CDs and DVDs. While they can't be written to (those that can are called CD-R's, DVD-R/W or some variation), they can still contain viruses. Users who burn their own CDs or DVDs - inexpensive and easy these days - can accidentally copy infected programs onto the disc. Since CDs can contain files that automatically act when the disc is inserted, it's possible - though rare - for viruses to be spread without additional user action.

Once again, the lesson is clear. Only accept material from those you know and trust, and who practice 'safe file sharing'.

Be safe out there, now.

what is a virus computer

What Is A Computer Virus, Anyway?

Combating infections and removing viruses is now big business. Lesson one is 'knowing the enemy'.

THE ENEMY - Crackers and Hackers

Geeks make a distinction between crackers, who break into systems to do damage, and hackers who enjoy taking programs apart just to see how they tick. We'll stick with the more common, though less accurate, term of hacker. (The term 'hacker' originally meant 'someone who makes furniture' with an axe. Crude, but effective - like most computer viruses.)

Viruses are actually a particular type of computer 'malware' - a general term covering all types of malicious software. The most common types are viruses, worms and Trojan horses.

VIRUSES

A virus is usually hidden inside another program such as an installation program delivered via e-mail attachment. (Biological viruses require a host organism to live and reproduce, hence the name.) When the 'host' program is run, the virus program also runs. Once it's in memory the virus is able to do its dirty work, which usually includes infecting other programs.

After the infection stage of the virus, there's a destructive stage. The virus waits for a pre-determined trigger (such as a specific date or a certain number of times the virus has replicated itself) before delivering its 'payload'. Payloads range from simple messages to file deletion commands to destruction of the core operating system.

When first developed, computer viruses were commonly distributed on floppy disks. With the growth of the Internet downloaded files and e-mail are the preferred delivery mechanisms. E-mail can contain attachments which can be any kind of computer file. Any executable file can be infected with a virus, and shouldn't be run unless you're confident they're virus free. 

WORMS

Worms are similar to viruses in that they're self-replicating. They reproduce themselves across networks without human assistance, such as e-mail sending. A worm, though, doesn't need another executable program to be distributed.

Worms usually affect networks more than individual computers on the network. Their self-replicating behavior can overload network resources, causing slowdowns in data transmission by consuming massive bandwidth normally used to forward normal traffic. Network systems that route Internet traffic are just specialized computer hardware and software. They, too, can be affected by malware.

Worms can also be designed to carry a payload, using a 'backdoor' installation program. A backdoor is a hidden access point to a computer that bypasses the normal login procedure. They're commonly used by spammers to distribute junk e-mail, for example.

TROJAN HORSES

Trojan horses are the third common type of malware. A 'trojan' is a program that pretends to do one thing but actually does something different. (The term comes from the story of the Greeks who built a large wooden horse in which to hide. Their enemies, the Trojans persuaded they'd receive a gift, took the horse inside their compound giving the Greeks easy access to wreak havoc.) Unlike viruses or worms, a Trojan doesn't replicate itself.

Trojans may be hidden in otherwise useful software. Once started they can do almost anything including erasing data, corrupting files, installing backdoors and logging keystrokes so that hackers can steal information such as credit card numbers and passwords.

FIGHTING MALWARE

Elsewhere in the series, we'll discuss what is and can be done to combat the spread of malware. In the interim, just remember not to be passive and expect the problem to be solved by others. Fighting viruses requires active participation from vendors, webmasters AND users.

control spyware infection

Control Spyware Infection Or You'll Be Sorry Later

A spyware is a malware that monitors the activities on the computer it is illegally installed in without the knowledge of the computer user. The information is sent back to its creator. Examples of information it collects are passwords and credit card numbers. 

Some spyware programs are designed to monitor the user's surfing habits, like what websites are often visited by the user and the software used as well as other personal information that the user might consider confidential. Some spyware functions as keyloggers and records keyed in passwords. 

The illegally-gotten information through spyware gives the creator a lot of benefits. One of the benefits is a wide database of supposed to be opt in list, a prized asset of internet marketers. Passwords give them access to big amounts of money from e-currency accounts. 

Signs Of Spyware On Your Computer

How does a computer user know that there is spyware lurking around, collecting confidential information? What are the sighs to watch out for? Here are some of the strange behaviors of a computer with spyware: 

1. The home page changes on its own

2. Strange toolbars that you haven't installed appear on the desktop. 

3. More pop ups even inspite of a pop up blocker. 

4. Sudden computer crash

5. Navigating difficulties.

How To Control Spyware Infection

You suspect , based on the computer's strange behavior that there is spyware on the computer. What should be the next course of action? Well, luckily, there is free software available to check and detect if any spyware is present. 

If there is indeed a spyware, there are also available tools to remove the spyware. To prevent or lessen spyware infection, here are some tips:

1. Have the necessary anti-malware tools installed. There are really effective tools available online for free which could provide protection if checking is religiously performed.

2. Be careful in downloading unverified programs or software and other freebies. Usually, there is a spyware hiding somewhere. 

3. Check the programs running in your system. Check the systems tray regularly. 

4. Ask for advice from the experts on the subject. There are many forums where members are generous in giving advice to those who need it. 

The best way to protect the computer from spyware is to prevent its entry into the computer. It is a must that the computer user educates himself or herself to know how to use the needed tools. Protection is the best way to prevent these malwares from creating trouble.

the best password

Choose The Best Password: The Key To Your Account

The password for the various protected internet/computer accounts is a set of characters, in a specific sequence and case sensitive. Together with the unique user name or ID, the password confirms that the user or person trying to access the account is the real one. The user name or ID is normally displayed or shown in the log in box or in the pages of the account but the password is supposed to be known only to the account user or owner and the system that runs the account. 

The minimum and maximum number of characters in a password depends also on the system set and it normally consists of letters in upper or lower cases, numbers and other characters. 

As the password is entered, it appears only as asterisks in the space provided so that its secrecy is maintained. 

The internet has really changed the ways things are done. Very important and secure transactions, like payments for purchases, banking as well as safekeeping and transfer of sensitive documents and other files are processed online. With the increase in online transactions, so are the number of cyber thieves who have developed techniques to crack the passwords. Most of the time, the account owner is to blame because the password isn't strong enough to ward off 'hackers" trying to break it. 

Choosing The Best Password

How do you choose the best password that is strong enough to withstand any attempts to access the account? Here are some tips in creating passwords: 

1. Don't use a password that is in the dictionary, even the foreign ones. There are password cracking software to determine the exact word in seconds. 

2. Don't use passwords that are associated to you like your maiden name, place of birth, Social Security number, children's names, phone numbers. Mix upper and lower case letters with numbers and other symbols allowed by the system like "miG67Ped." This would take a long time to guess and the "hacker" will most likely just leave and go to the next target. However, the account owner should make sure there is a way to remember the password. One way is to associate the words and numbers with easy-to-remember words, dates or names. The password could also be saved on a CD or USB and copied to the log in form. Keep any password record offline.

3. Don't use a password that is used on your other accounts.

4. Don't use commonly used passwords like " 12345678"

5. Use a password generating and auto-filling software. This will solve the problem of keyloggers taking note while the password is being entered and the problem of forgotten passwords. 

The password is like the secret key to a secured internet/computer account. Make sure it can really secure the account.