About VirusesVirusesViruses usually spread via e-mail, and the simplest preventive measure is to be careful about clicking on attachments. Unless you know exactly what the attachment is, do not click on it. Be suspicious, especially about attachments you weren’t expecting, or those whose message does not specifically say what they are. Viruses may appear to come from people you know, so don’t necessarily trust the sender. SpywareSpyware comes from websites and from some downloaded software (file sharing software and fake spyware scanners are common sources). It keeps track of browsing, but, more importantly, can do things like hijack your home page or create popup ads. Popups that show up when you go to a new website are probably part of the website itself, but if you get popups when you are not clicking on a link, it’s probably spyware. To avoid being infected, be careful when installing ActiveX controls in Internet Explorer. This is easy to do: if one is being installed, a yellow bar will display. Unless you are doing something specific that requires a program (for instance, using an online virus scanner, or using the Microsoft Windows Update site), do not run these. For even greater protection, use a different browser, such as Firefox, Safari, or Netscape. PhishingThis is a scam technique where rip-off artists send an e-mail pretending to be some financial institution (a bank, Paypal, the U.S. Department of Education, etc.) and ask for personal or financial data. If you send the information, or click on the link, you can end up losing a lot of money.
These are only a few of the possibilities, and there are many variations in the actual wording. Do not click on any links in these messages; they are disguised and do not go where they look like they're going. If you have any questions, contact the bank by phone or by typing in the bank's web address directly in your browser. Never give out personal or financial information in response to an e-mail. Legitimate businesses never use e-mail to contact their customers unless you've specifically signed up for it. No matter how plausible the explanation or how impressive the message is, do not click on the link in any e-mail purporting to be from a bank. For information on Phishing and specific scams, see the Anti-Phishing Working Group. Click on the Phishing Archive for information on past scans. You may also want to install Spoofstick. This is an add-on to Internet Explorer that tells you if the website is what it's supposed to be. You can check to see if you're actually on the site you thought you were. The SANS Institute "Ouch" newsletter also discusses common phishing threats. Virus HoaxesVirus hoaxes are messages warning you about a "new" and especially destructive virus. They often drop names ("AOL announced today . . . " "Microsoft confirms . . ."). The two most obvious signs of a virus hoax are:
Spoofed AddressesMany viruses "spoof" the e-mail address in the "From:" field. This leads to the following issues:
|
