Primary links


Guide to spyware and not getting scammed on the web

Introduction

The Internet has brought many benefits to so many people, but there are many risks to being online and they are multiplying all the time as criminals find new and varied ways to get into your computer and part you from your money.

PC magazines and other sources contain a lot of good information about how to secure your computer. Making sure your computer has the latest security updates and the right security software is a very important part of minimizing your chances of becoming a victim, but this is only half the answer to prevent being scammed on the Internet.

Criminals (to make things easy, I'm going to refer to all scammers, spammers, virus writers, etc as criminals) now realize it's getting harder to use their old tricks to get access to your computer, so they're now turning their attention to 'social engineering' tricks. These are new and inventive ways to fool you to get your money or gain access to your information or computer.

Here's an example. A common non-Internet social engineering trick is for a criminal to steal your bank card then quickly phone you and say they're from your bank. They then tell you they need your PIN number to verify it was your bank card. This is simply a ruse to get you to divulge your PIN number, account information or passwords. Many people unwittingly believe these criminals are from the bank and happily tell them their PIN number. Armed with this information, the criminal then withdraws a large amount of money from your bank account. Money gone. And the money is gone for good when you realize your bank won't help you out since you happily gave away your PIN number.

Let's fast forward a few years to the age of the Internet.

Phoning people to try and scam them is a lot of work. It's much easier and faster to send thousands of emails and make them appear like they are from a bank. If it's a large bank with lots of customers then the chances of that email being accepted as genuine are probably pretty good. This is what is happening all the time, right now. It's called 'Phishing' and a lot of people are losing a lot of money. Another name for it is simply, 'Identity theft'.

There's a good chance you've seen one of these phishing emails. Here's how they work.

The scammer uses spam (bulk unsolicited email) to send the phishing messages. You'll receive an email or pop-up message that looks like it's from a business or organization that you deal with - e.g.

  • your Internet service provider (ISP), AOL, MSN, Yahoo, and Earthlink
  • your bank e.g. Citibank, Wells Fargo, Westpac
  • your online payment service e.g. PayPal
  • a government agency

The message usually says that you need to "update" or "validate" your account information, and there's usually a threat they will do something bad if you don't respond within a short period of time, like close your account or charge you a fine.

So, you click on the link in the email and it takes you to a website that looks just like the legitimate organization's site, but it's actually a carefully constructed fake. This fake site tricks you into entering your personal information. Using this information, the scammer can then steal your identity and run up bills or commit crimes in your name.

Unless you know what you're looking for, it's easy to be fooled

Phishing is becoming big business.

It is estimated that between May 2004 and May 2005, approximately 1.2 million computer users in the US suffered losses caused by phishing, totalling approximately $929 million. U.S. businesses lose an estimated $2 billion USD a year as their clients become victims.
- Paul Kerstein, "How Can We Stop Phishing and Pharming Scams?" , CSO Online, July 19, 2005.

In March 2005, the amount of money lost in the UK was approximately £504 million.
- Tim Richardson "Brits fall prey to phishing" , The Register, May 3, 2005.

Phew, that's a lot of people and a lot of money!

The biggest phishing scam in history occurred in November 2003, when a PayPal phishing message was sent to millions of people irrespective of whether they had a PayPal account or not. The scammers knew that there would be enough people with PayPal accounts to make it worthwhile for them.

Analyst firm, Gartner estimates that in 2005, Identity theft will claim 10 million victims resulting in losses of around $15 billion from 50 million accounts!

The banks themselves are expected to lose $50 billion in 2005 from similar scams.

We've been compiling a list of fake bank sites for our new product, SiteHound, and the list has now got over 4,000 fake banks and we're adding around 20 new ones every day!


How to avoid fraud

OK, now that I've got your attention, let's step back a bit here and focus on what you need to do to avoid falling into the traps the criminals have set for you.

First of all, you need to make sure your computer is properly protected with the kind of software you need.

Then we'll give you lots of tips and information so you know how to identify risks, know how to spot fraud and not get scammed in the first place.

Security Software

On your computer you should have the following bits of software installed - at a minimum.

  • Firewall
  • Anti Virus
  • Anti Spam
  • Anti Spyware

You don't need to pay a premium for these things - there are many perfectly good free products available.

Firewall

Let me tell you what a firewall does first so you don't think its some arbitrary piece of software you don't need.

A personal firewall is a software application which filters traffic entering or leaving your computer.

When you're connected to the Internet, information is flowing to and from your PC in a near-constant stream through your PC's "ports". There are thousands of "ports" and they are like little gates that let information in and out.

Some of the information moving through the ports is obvious to you. For example, when you:

  • send and receive emails
  • access a website
  • fill in and submit a form on a website
  • download software

However, a lot of information flows to and from your PC without you knowing about it. This can include:

  • your copy of Windows talking to the Microsoft website to check for security updates
  • software applications talking to their own companies' websites to check for new versions
  • anti-virus software checking for the latest virus updates

Most of this invisible information flow is good. However, some of it poses a grave threat to your PC and your privacy.

Your email isn't the only way bad things can get into your computer. They can come in through your PC's open ports without you even knowing about them. The "Blaster" worm of August 2003 was the most widespread example of this. In case you don't remember, that was the one that caused your PC to shut down about a minute after you'd started it up!

If you leave your PC's ports open and don't monitor them, then you are at extreme risk of the following nasties:

Viruses: Programs or pieces of code that "infect" one or more of the programs on your PC. Basically, your programs "get sick" and start performing in weird ways, which can sometimes lead to a system crash.

Worms: Malicious programs that propagate over a network, reproducing as they go. Worms cause the same effects as viruses but they are more dangerous since they spread by themselves.

Port Scanning: Hackers scan the open ports on your PC to figure out if they are open or exist at all. If your computer reports an open port, a hacker can send a worm and virus to it. They can even use an open port to take control of your PC.

Cookies: Small data files placed on your PC by a website that you've visited. A cookie can store your personal information after you enter it online. For example, if you type in your credit card number, a cookie might store it until you come back next time. This is not a bad idea - most shopping sites use cookies completely legitimately so you don't need to keep entering your personal details. But problems can occur when other people decide to use your credit card too!

Trojans: Programs that appear legitimate but do something illicit when run. Just like the wooden horse the Greeks gave Troy as a "gift", users mistake the Trojan for a useful or interesting program that they then choose to download. Once installed and run, Trojans can secretly open remote access channels to hackers, relay passwords and credit card data or destroy user files. It's similar to a virus but generally does not replicate itself.

Denial of service(DOS) attacks: This kind of attack happens when a hacker finds a responding port on your PC and sends a huge amount of data to it. The port is just unable to accept all of the data, the system resources exhaust and the system crashes and denies service.

Spyware: These are programs secretly placed on your PC that gather information about you (such as your surfing habits, what other software you have on your PC, etc.) without your knowledge or consent. Spyware is mostly used by online or software companies for marketing purposes.

So how does a firewall help to stop all of these bad things from happening?

As I said at the start, a firewall controls communications to and from your PC. It permits or denies communications based on a Security Policy.

According to the security policy you set, a firewall can:

  • make your PC invisible on the Internet. Your ports don't just appear closed, they don't even appear at all. This is very good!
  • automatically block suspicious incoming traffic
  • alert you every time a program on your PC tries to send information to another computer. This stops spyware and trojans from sending hackers your confidential information, such as credit card details and passwords
  • do a lot more things too, but these are the most basic and important functions it carries out

So in short, if you don't have a firewall installed, then as soon as you connect to the Web (before you even start your browser or email client) you are open to attack - because some or all of your ports are open and unmonitored. A firewall is especially important if you have a high-speed Internet connection. Hackers love to take over broadband machines because then they can use them to spread spam even faster!

Here are some firewalls we recommend:

Zone Alarm: www.zonelabs.com
Very simple to use, setup and understand.
They have a free version and a Pro version.

Look n Stop: www.looknstop.com
Not free, but top rated.


Anti-Virus

Briefly, a virus is a program or pieces of code that "infect" one or more of the programs on your PC. Basically, your programs "get sick" and start performing in weird ways, which can sometimes lead to a system crash. Just like biological viruses, they like to replicate and spread to other hosts.

Where as virus writers used to write viruses to destroy your personal data and cause your computer to play up, they are now taking more of a commercial angle and would rather infect your computer and take control of it remotely to send spam, plunder the information from it and use it for scams.

Viruses appear in all sorts of forms to trick you and your computer in to being loaded on to your computer. Some appear as legitimate looking files, others are inside files and some are even embedded in pictures! You don't want a virus so make sure you have an anti-virus tool installed.

We recommend any of the following:

AVG www.grisoft.com
They have a free version for personal use.

NOD32 www.nod32.com

Anti-Spam

Spam is that never-ending deluge of junk email that ends up in your inbox. People who send spam are trying to sell you something via email, or scam you as well. Since it costs almost nothing to send an email, spam can be very profitable. You might not buy anything from senders of spam but obviously some people do.

Essentially, the spam problem is an economic one. If people didn't buy things from the senders of spam, then the spam would stop. Some of the largest senders of spam in the world are making millions of dollars a year in profits and have no desire to give up sending spam anytime soon. While law makers are trying to outlaw spamming they are having very mixed results and senders of spam are keeping one step ahead of the action.

For example, most spam is now sent by thousands of zombie computers. These are computers which have been infected by a virus which lets these computers be controlled by someone in a far off land. This person then rents out these zombie computers to senders of spam so no one can trace where the spam is coming from.

More than just a nuisance, spam is an easy vehicle for viruses, worms, scams and fraud.

I'm going to give a shameless plug for MailWasher Pro here. It is effective, easy to use and one of the most important things it does is allow you to view your email before it gets to your computer. This means you don't have to download anything you don't want to - meaning you greatly reduce your chances of getting something rogue on to your computer.

MailWasher Pro www.firetrust.com

Anti-Spyware

Spyware sends information from your computer to a third party, usually as part of an advertising supported software product. Spyware has become a generic term for the types of nuisances which are often referred to as: adware, key loggers, malware, phishing attacks and snoopware. Now, these are all generally termed as pests, but they all do different things. For example, not all spyware will spy on you but it may instead pop up an advertisement or redirect your Internet searches.

Most spyware makers want information about your surfing habits to enable them to target pop up advertisements or redirect you to pay advertisements where they benefit financially. In many cases, spyware violates your privacy even further by transmitting your personal information or key strokes without you knowing.

Where does spyware come from?

  • Spyware is often bundled with free software. Usually without you knowing, you accept to also install a pop up advertising service they provide.
  • Websites which require you to install an application before you use their site.
  • Spyware makers also exploit security holes using trojan horses, viruses, insecure websites and spam.
  • Software which looks legitimate but secretly installs spyware on your computer.

Some of the worst spyware products are key loggers. These pieces of software secretly install themselves, record your keystrokes and then transmit them to criminals and con artists. So if you're busy typing lots of confidential information, someone else could also be viewing that information.

We recommend you use:

SiteHound www.firetrust.com
Prevent yourself being infected in the first place by avoiding hazardous websites.

Adaware www.lavasoft.com
Very popular free product

Spyware Doctor www.pctools.com
Highly regarded anti-spyware product

Firetrust Benign www.firetrust.com
Rewrites potentially risky emails in to a benign safe email.

Make sure your windows software is up to date! Its easy to do and free. Check here http://windowsupdate.com

OK. That should keep you pretty well secured - until the next threat comes along! Remember that online security threats are always evolving. Keep your security software updated at all times and run daily anti-virus and anti-spyware scans. It's a good idea to keep your PC running overnight and set up your security software to update themselves and run scans at night-time. This way they won't intefere with your activities during the day.

 

How to spot spyware and scams

But, now lets talk about you and your behavior.

We're going to teach you how to spot spyware, scams, and fraud so you don't get in trouble in the first place.

Just so you understand how things have evolved, in the old days of computer trickery we had viruses which trashed your computer, spam which was just a nuisance and pop-up adverts which everyone hated. These days, criminals and companies who should know better realize they can turn this trickery into money - lots of money.

So now we have:

  • Viruses which allow your computer to be controlled by someone in a far off land to send spam or bring down websites for extortion money.
  • Phishing emails which look like they come from your bank in the hope of tricking you into divulging your personal details.
  • Spam which aims to sell you something, but quite often you'll be left with nothing and a big credit card bill.
  • Hackers who get into companies and plunder personal records to sell to criminals.
  • Websites which, when you visit them, secretly download rogue software on to your computer.

And so on...

So, the motivation is money and they will do dishonest things to get it.

Now you should rightly ask - "How do I know if I'm infected?"

Tell tale signs could be some of the following

  • Poor performance: Your computer is running slowly and sometimes freezing or crashing.
  • Your browser is behaving strangely: e.g, it keeps getting redirected to search results on pages you don't recognize.
  • Pop ups when you're not connected to the Internet.
  • Problems with secure sites: trouble logging in to sites.
  • Your Internet connection is slower than normal.
  • Windows crashes (more often than it normally does!)

If you notice any of these symptoms, you should consider using the anti-virus and spyware programs I recommend, download their latest updates, and scan your computer straight away.

Remember, prevention is better than a cure so make sure you always have the latest Windows security updates.

Finally, let's help you spot the scams and prevent yourself becoming a victim.

Let's start with email and a few examples:

  1. Does the email look legitimate?
    Most phishing criminals use very convincing counterfeit emails. They copy the exact look from someone you trust, like your bank, so you need to investigate further. But if the email is from a financial institution you've never dealt with before, then it's almost certainly a scam.

  2. Are there links in the email?
    This is usually where you can tell a fake. Often the link looks like it comes from your bank for example, but on closer inspection you can see the link is to another site. Sometimes the name of your bank is changed slightly to make it look legitimate. Example. www.ABCBank.com is substituted instead with www.ABC-Bank.com to fool you in to thinking it's your same bank.
    In this example, criminals have constructed an email to make it appear like it's from the online payment service, Paypal. Viewing the message in MailWasher allows you to see that the link actually points to a company in Taiwan, which had been hacked to allow the fake Paypal page to be displayed.

    If in doubt, never click on hyperlinks in emails, instead copy and paste them into your browser.

  3. Is the email marked 'urgent' and does it ask you to provide personal information?
    Most often you'll see something like the following:
    • Please update your account!
    • Unauthorized access to your bank account!
    • Please confirm your data
    • We regret to inform you that your account has been suspended
    • Planned software upgrade

    These emails try and scare you in to clicking on a link and to enter your personal information, but in reality you'll be providing the criminals with your confidential information.

  4. Does the email ask you to open an attachment?
    These attachments are often viruses or spyware and will frequently appear to do nothing, but in fact they install key logging software to record your key strokes.
  5. Does the email indicate alternative contacts?
    Most email fraudsters will try and copy the contact information from the bank, but in some cases there will be no other way to make contact except through a free email address or mobile phone.
  6. You've won the lottery or a contest.
    This is a common one. It's a variant on the centuries-old 'advance fee' fraud. You get a message from a lottery that you've never heard of, let alone entered. The message tells you that all you need to do to claim your huge prize is to contact them but don't tell anyone about it. Then they ask for money from you as 'transaction fees'. Of course, there is no lottery, no prize, and you'll certainly never see your 'transaction fees' again!
  7. Who is the email from?
    It's very easy to disguise the sender of an email, so this is no guarantee the email is a fake. Most of the time, a fake email will say something like 'Dear customer' instead of using your real name. You may also receive an email from an official sounding person, business man or a sick person asking you to help them transfer millions of dollars out of their war torn country - but in fact asks you to send money over first (in this type of scam they're called Advance fees, Transfer Taxes, etc). These are called 419 Scams after the piece of Nigerian legislation which forbids these scams. Indications are that these scams gross hundred's of millions of dollars annually.
  8. Misspelled words, bad grammar or strange strings of characters at the bottom of an email.
    Some of the criminals may be from countries where English is not a first language and so they may make mistakes, alternatively, these can be an attempt to get around spam filters. Vague language is also a tell-tale sign of a fake. Example, 'Account problems' without any specific information about the alleged 'account problems'.
  9. The website in the link is not secure.
    When purchasing or logging on, you should see a secure padlock in your browser to indicate it is a secure site, or the site address URL should begin with https://

 

How to avoid getting spyware on your computer

Spyware mostly takes advantage of a) Vulnerabilities in the computer software you are running and b) the ignorance of users knowing how their computer works. So, the first thing you need to do is secure your computer.

  1. Keep your web browser and computer up-to-date with Microsoft's security patches by going to
    Microsoft's Update Page:
    http://windowsupdate.com

  2. Install SiteHound. It will warn you about sites or products which attempt to download spyware on to your computer in the first place.
  3. Many popular free music and file sharing programs often come with adware or spyware installed. If in doubt, don't install these programs.
  4. Always read the license agreements before you install software (especially free software) to see if it contains any reference to advertising or 3rd party programs being installed.
  5. Never click on links in spam messages no matter how tempting it is. Even these links can often download sites which download spyware and hijack your browser.
  6. Use any of the recommended anti-spyware tools in this guide. Many other supposedly anti-spyware tools are inadequate - or can even load spyware onto your computer!
  7. Many anti-spyware programs will often identify 'cookies' as spyware. While you can argue that some cookies are spyware, cookies are normally harmless and without them, e-commerce would be a tiring exercise in filling out forms every time you visited each site. If in doubt, read a site's privacy policy before you enter personally identifiable information at their website.
  8. Using a firewall will identify all programs trying to access the Internet from your computer. If you are unsure about what the program does, just search for it on a search engine.
  9. Turn off Active X in Internet Explorer. This will go a long way to stopping spyware as many spyware programs attempt to use Active X to install themselves. You can turn off Active X by doing the following:

    In Internet Explorer go to:
    Tools > Internet options > Security
    Click on Custom level
    Change settings for all Active X settings to Disable

  10. Install BHO Demon http://www.definitivesolutions.com/bhodemon.htm. This free product alerts you when a BHO (Browser helper object) is installed. Sometimes BHO's are used by spyware to hijack your browser. SiteHound uses BHO's, but these are good ones.
  11. Install Firetrust Benign www.firetrust.com. It rewrites potentially risky emails into a benign safe email and thus limits your risk of automatically downloading malicious code.
  12. If you are using Windows XP, you should upgrade to Service Pack 2. This will prevent Internet Explorer being vulnerable to the IFrame Exploit which in effect allows a website to install any software on you computer.
  13. Always look for alternatives to spyware-laden software. There will usually always be a free non-spyware alternative.
  14. Leave your computer on overnight so your anti-virus and Windows Updates can be always updating/scanning your computer.
  15. Be skeptical. Assume the worst. Many companies will assert that their software has no spyware. But they will often twist the definition of spyware to exclude whatever spyware they wish to install. Simply do an Internet search for the product name with 'spyware' or 'adware' to see what others say about it.
  16. Refuse downloads which were not requested by you. Most often you are asked if you want to install a plugin. Unless you requested it, you should choose 'no' or close the window.
  17. Do not always trust download prompts which insist the software is 'safe' or 'Approved by Microsoft'. These certificates can quite often be obtained quite easily.
  18. Watch out for other people using your computer. Give them a limited user account of their own to limit downloading software and preventing damage to your account. To create a limited account:

    Click Start > Settings > Control Panel > User Accounts
    Click Create a new account
    Enter a name and click Next
    Select Limited and then click Create Account.


Conclusion

While computers make life easier for you and me, computers also make it easier for con artists and criminals to exploit us for their gain. As I said earlier, as many computer security holes are being patched, more criminals are using social engineering to get you to part with your money.

One of the first things fraudsters do is to try and look legitimate. Use as many sources as you can to understand and find out the truth, and don't be afraid to ask the hard questions.

Happy safe computing!

Nick Bolton
Credits to Matthew Miller

P.S. Please tell others to use SiteHound and MailWasher Pro!

Search www.firetrust.com


User Comments

I just love your program, it saves me so much time when checking my e-mail. I am hoping that with continued use that the spam will go away. Your program is worth the money. Thanks for this program.

Craig M. Starks

I don't usually take time to comment on products, but this one deserves special note. I receive 300-500 emails a day...if I am lucky 10% are legit. I was spending 30 minutes a day creating new rules in Outlook until I tried your software... WOW...3 minutes (at the most) and I have a clean useful email box. You guys are a life saver...actually a time saver. I just found 27 minutes a day, that's almost one full week a year that I no longer have to spend on spam.

John A. Margolis

It is so gratifying to have a product with support from a live human being. Thanks for your reply. It's a big world, and you are far away, but you took the time to respond. Thanks again.

Rob Roy

Since using MailWasher® Pro software my stress level when dealing with email has dropped to zero. I love you guys. I no longer have to deal with anything I don't want to deal with. Bless you. Thank you. You have no idea how happy it makes me when I watch MailWasher® bouncing those creeps their mail back. You are the best! Many of the good things in life are coming out of New Zealand these days.

Mercedes Lackey
Fantasy Author

I'm a software professional specializing in, among other things, architecture, UI and design, and I must say I'm extremely impressed. It's very very rare to come across software that justifies all the superlatives on it's company's home page, but I must say that MailWasher Pro does so. It's a pleasure to use, simple, intuitive, elegant, and effective. Whoever is responsible should be congratulated and receive worldclass recognition for building a first class product that has a good chance, in my opinion of becoming the defacto world standard for anti-spam client software.

Shumel Preiszler

I will admit I am very happy with MailWasher Pro and the ease of it's use. I like how you can configure hotmail accounts as well with it. It's so easy to use, even my technophobe girlfriend is able to use it.

Brett

I would like to say that your product does exactly what it is supposed to and I am very impressed with it...I have been slowly overwhelmed by the amount of spam that came my way...up to 60/70 per morning...and it is but gone now... Thank you so much.

Neil