Wire_Master

1. Run anti-virus software and keep the virus definitions up to date.
*Free* AVG anti-virus software:
http://www.grisoft.com/us/us_dwnl_free.php

Avast! 4 Home Edition is a full-featured *FREE* antivirus package.
http://www.avast.com/eng/avast_4_home.html

Kaspersky Active Virus Shield - Active Virus Shield is *FREE* anti-virus for your PC that combines traditional antivirus programs, stopping them before they can infect your computer.
http://www.activevirusshield.com/antivirus/freeav/

*Free* AntiVir Personal Edition:
http://www.free-av.com

If you suspect you may have a virus or Trojan horse or that your PC is not secure several online virus scanners are available for *FREE* These are great if you suspect your system has been compromised or to use as an assurance that your virus checker is not missing something.
Note: Some online scanners do not remove the virus threats but will point you in the right direction for removal, most all require a small download.
There are many online virus/spyware scanners I have only listed a few of the free ones. There are others that are free and some that are subscription as well.

Symantec offers a **FREE** online virus and security check.
http://security.symantec.com/sscv6/d...d=ie&venid=sym

Trend Mico's *FREE* online virus scan and *FREE* CWShredder to remove CoolWebSearch
http://housecall.trendmicro.com/

Panda's *FREE* Virus/Malware Scan (this scans for both viruses and spyware)
http://www.pandasoftware.com/products/activescan.htm

Bit Defender *FREE* Online Scanner
http://www.bitdefender.com/scan8/ie.html

Computer Associates eTrust Antivirus Web Scanner *Free*
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

McAfee FreeScan *Free*
http://us.mcafee.com/root/mfs/default.asp


One last note on anti-virus software: If your Anti-Virus Software hasn't been updated within a month, your Computer is at risk! To be safe on the Internet these days, one must have easily updateable Anti-Virus Software! Just having anti-virus software installed is not good enough. Each week, new Viruses, Trojans and harmful Macros are found lurking on the Internet and in innocent looking email. It is these new infectants that are most likely to inflict damage on your Computer, and if your Anti-Virus Software isn't new enough with up-to-date virus definitions to detect any of these new infectants, it is almost worthless to you. Keep your virus software updated at least weekly! Mine is updated daily. Most virus software offers automatic updates, be sure this option is turned on and verify it's updating manually from time to time.

Recent or Upcoming threats: Viruses, Trojans & Spyware
Latest New Threats
Downloader.Affiliase
Trojan.Nickzul
RegistryPowerCleaner
W32.Patahme@mm
Infostealer.Lingling
W32.Spotface.A
O97M.Darksnow
W32.Darksnow
W32.Jacksuf.A


See http://www.symantec.com/home_homeoff...er/threats.jsp for other current threats.

Do you use an Instant Messanger (IM)? Did you know that IM attachments, just like email attachments, can carry destructive viruses, Trojan horses and worms. Some new worms use IM software to send themselves to every member of your buddy list. Don't open attachments or click on Web links sent by someone you don't know. Don't send files over IM. If a person on your Buddy list is sending strange messages, files or web site links, terminate your IM session.
IM SPAM Some Spam can contain offensive language or links to Web sites with inappropriate content and especially Web sites with content inappropriate for children. Reject all Instant Messages from persons who are not on your Buddy list. Do not click on URL links within IM unless from known source and expected.
IM Vulnerabilities Most instant messages still travel unencrypted across the Internet, exposing private conversations to anyone who can find a way to listen in. Never send personal information through an IM. Keep your IM software up to date.

The Sky is Falling! The Sky is Falling! Chicken Little told Henny Penny who told Cocky Locky who told Goosey Poosey...who told Foxy Woxy...
*DO NOT* depend on or pass on dubious hearsay advice or information! Too many times I have seen well meaning people passing on information that comes from ignorant and uninformed sources that amounts to nothing more than misleading information, rumors, hearsay and urban legend. Don't be a Chicken Little and make yourself look silly by forwarding on tall tales of falling skies.

Unless the information comes directly from an *informed* trusted source or you can personally verify the information via anti-virus/security experts, DO NOT PASS IT ON! You will only be doing everyone in your groups or circle of friends a great disservice by passing on tainted, false, or inaccurate information. This newsletter is thoroughly researched and only passes on information that is *verified* with the experts. Just forward this newsletter rather than forward hearsay rumors or dubious advice; you'll be doing a favor to everyone!


2. Run a Firewall, and keep it updated.
*Free* Zone Alarm Firewall software:
http://www.zonelabs.com/store/conten...id=zadb_button
**NOTE: Zone Labs has ceased it's support Windows 98/98SE/Me with the introduction of version 6.5
R-Firewall is a *FREE* program comparable with commercial firewalls
http://www.r-firewall.com/

Sunbelt Kerio Personal Firewall (KPF) is a software agent that builds a barrier between your personal computer and the Internet. KPF is designed to protect your PC against attacks from both the Internet, and other computers in the local network. *Free* for personal use. http://www.sunbelt-software.com/Kerio.cfm

Comodo Free Firewall - It's Free. Forever. No Catch. No Kidding - WIndows 2000 / XP
http://www.personalfirewall.comodo.com/

Jetico Personal Firewall for Windows 98/ME/NT/2000/XP
http://www.jetico.com/index.htm#/jpfirewall.htm

NetVeda Safety.Net offers Internet security, content security and advanced Internet firewall protection
Safety.Net works on Microsoft Windows 95, 98, ME, NT, 2000 and XP platforms
http://www.netveda.com/consumer/safetynet.htm

Windows XP Firewall -Windows XP has a firewall built into it...it's lame but it works and the price is right.

Free Firewalls, an "Endangered Species"? Although I was able to locate a few other Free Firewalls you may have noticed that our list of Free Firewalls has significantly decreased. Free firewalls are becoming an extreme rarity. One of my favorites, Tiny Firewall, was bought up by Computer Associates and shelved! Sygate, yet another free firewall provider, has been absorbed by Symantec as of Nov 30, 2006, it's firewall products are gone from the scene and you are repointed to the Symantec website. Most of the freebees that are still available are trialware and become crippleware after 30 days of use. If you still have Windows98 as an OS you've been pretty much left out in the cold and you will have an increasingly difficult time finding a firewall, even if you pay for it.


Not having a firewall is like leaving your front door open and allowing technically savvy crooks to walk right in and help themselves to your personal information, credit card numbers, bank account balances, and leave Trojan horses and so forth through your computer's insecure connection to the Internet. Don't think you are just a small fish in a big pond and that no one will notice you, a high tech crook using high-speed "Internet Scanners" can probe every computer in a small country within a short time! Don't think it can't happen to you. it will! Get that firewall up and protect yourself!

**A note about routers: A router *does not* offer you firewall protection...you should have a personal firewall even if you are behind a router, I do!

A good firewall monitors *BOTH* incoming and outgoing traffic, do your homework before investing in a product!

ShieldsUp! - Test your firewall! The Internet's quickest, most popular, reliable and trusted, *FREE* Internet security checkup and information service.
http://www.grc.com/



3. Keep your Windows Operating System updated via Windows Update


http://windowsupdate.microsoft.com/

Microsoft products being the dominant operating systems are the #1 target for hackers. If there is a security hole, a hacker will find it. Keep your Operating System Up-to-Date. If your OS allows it, turn on automatic updates. Nothing more needs to be said about this...it's a no-brainer!

**Note - Microsoft issued a dozen security updates for February to patch critical vulnerabilities in Windows, Office and Visual Studio, as well as in its antivirus software.

Of the 12 bulletins Microsoft released Feb. 13, five affect Windows; two are related to Microsoft Office; one affects Visual Studio; one impacts Windows and Office; one relates to Step-by-Step Interactive Training; one relates to the Microsoft Data Access Components; and one will patch the company's antivirus lineup, including Windows Live OneCare, Windows Defender, Antigen and Forefront.

At least five of the dozen bulletins will be pegged as "critical," the most serious ranking in Microsoft's four-step rating system.

A total of 10 high-priority, nonsecurity updates were posted addressing 20 individual problems..
.
An important note: Internet Explorer7 was officially released as part of the November 2006 Update.
IE7 is a significant upgrade to IE6, and offers tabbed browsing, an anti-phishing toolbar, a redesigned interface, and a variety of security features, including increased protection against rogue ActiveX controls. It's Microsoft's first launch of an all new browser since the release of IE6 in 2001.
Microsoft releases it's updates the second Tuesday of each Month - Celebrate "Patch Tuesday" with a visit to the Windows Update Page!
Microsoft Office Update is a separate site from Windows Update.
http://officeupdate.microsoft.com


An important note about browsers: Security holes are discovered in *ALL* browsers regularly. Be sure to keep whatever browser you use updated!
**The following was somewhat of a surprise to me as I'm sure it will be to others, If you use Firefox because you've heard it's secure then you are living in a "False Paradise"(http://www.theregister.co.uk/2005/09...hreat_report/). According to Symantec Corp.'s twice-yearly Internet Security Threat Report (http://www.symantec.com/enterprise/t...port/index.jsp) , hackers found 47 bugs in Mozilla Corp.'s open-source browsers and 38 bugs in Internet Explorer (IE) during the first six months of this year. That's up significantly from the 17 Mozilla and 25 IE bugs found in the previous six months. And while Internet Explorer remained the most popular choice of attackers, no one is invulnerable. According to the report, 31 percent of attacks during the period targeted more than one browser, and 20 percent took aim at Mozilla's Firefox. Keep in mind that if you use Firefox or Opera or any other browser you are just as likely to be exposed to security holes so don't get drawn into a false sense of security.
"There is no safe browser," said Vincent Weafer, senior director with Symantec Security Response. "If you've got a browser, make sure you're configuring it correctly," he added. "That's a far better strategy than running some browser just because you haven't heard of it."
Some folks use an odd-ball browser thinking it's a good stratagy. What they don't think about is that the less popular browsers also get less support and ther holes and flaws are less likely to get reported and patched. That's why you hear most frequently about updates and patches being released for the more popular browsers like Internet Explorer and Firefox, it's not that they have more flaws, it's that their support and reporting structures are vastly greater than the off the wall browsers.
To be fair, also take a look at the Secunia report on both Firefox and Internet Explorer.
Internet Explorer 6.x http://secunia.com/product/11/
Firefox 1.x: http://secunia.com/product/4227/

For the record Secunia sells reporting tools not security add on products like Symantec. So their only goal is accurate reporting and identification of risks.
Firefox Updates - http://www.mozilla.com/
Opera Updates - http://www.opera.com

Microsoft has released the final version of Internet Explorer 7 for Windows XP and made it available for free download at the Internet Explorer 7 site (http://www.microsoft.com/windows/ie/default.mspx).
Widespread distribution of the IE7 browser went into full effect with November's updates, it is available as a high-priority update via Automatic Updates, and has been downloaded automatically onto millions of users' desktops.
Mozilla has released Firefox 2.0 - Free Download http://www.mozilla.com/en-US/
**Notice to Windows 98 and ME Users: Microsoft says these operating systems are "outdated" and "pose security risks' to customers, which is why it ended support for them on July 11. There will be NO updates for these operating systems ever again. You are now on your own! The time to upgrade has arrived.
Be aware that with Microsoft dropping support for Windows98 & ME that other software manufacturers will also be discontinuing their support within their software products. Your security is now even more at risk, and you should upgrade your OS ASAP to avoid possible catastrophy. If your hardware isn't up to snuff for XP or VISTA, I recommend Windows2000, it's a solid OS and it isn't as hardware demanding as XP or Vista..

**Notice to WindowsXP SP1 users: As of October 10th 2006, Microsoft is no longer supporting Windows XP Service Pack 1 and 1a. You are strongly advised to upgrade to Windows XP Service Pack 2 which has far better security features. http://support.microsoft.com/gp/lifean19

Windows 2000 Users - Microsoft has discontinued it's support for SP1 & SP2, you should upgrade to at least SP3, but SP4 with it's increased security features is highly recomended.

Microsoft Office Updates
Microsoft has released a number of updates for Office. Without these updates, some MS Office users can be compromised simply by viewing malicious email messages. Fixes are available.
. Click to Visit Microsoft Update http://update.microsoft.com/microsof....aspx?ln=en-us


**Windows XP Firewall Alert - Hackers have published code that could let an attacker disable the Windows Firewall on certain Windows XP machines. The code, which was posted on the Internet Oct 29, could be used to disable the Windows Firewall on a fully patched Windows XP PC that was running Windows' Internet Connection Service (ICS). This service allows Windows users to essentially turn their PC into a router and share their Internet connection with other computers on the local area network (LAN.) It is typically used by home and small-business users. If you use a router or NAT then this does not affect you.

4. Spyware

Spyware/Adware has really become a problem, you should regularly scan, detect and remove Adware/Spyware from your computer. Today's spyware goes far beyond annoying software that tracks a user's Web browsing habits to sell them discount drugs or a cheap vacation. Spyware is instead one of a virulent ecosystem of harmful software that work together to clog systems, frustrate help desks, steal confidential information or even shake down victims for protection money.

Adware is any software application in which advertisements are displayed while the program is running. These applications include additional code that displays the ads in *pop-up* windows or through a bar that appears on a computer screen. Some Adware is also Spyware.

Spyware is defined as any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising or demographics purposes but sometimes for criminal intent. Spyware now rivils Viruses as causing the most damage to your PC's Operating System...and YOU! Spyware applications are sometimes bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. Be aware of the source of any free software or toolbars that are offered to you through a pop-up window or banner, sometimes if it says "free" there is a "price to pay". Remember Bonsai Buddy is *NOT* your buddy! Some spyware also installs itself without your knowledge from websites you may have visited. Certain tracking cookies are also spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to "someone else". Spyware can also gather information about e-mail addresses and even passwords and credit card numbers. Spyware is similar to a Trojan horse in that users can unwittingly install the product when they install something else or it's installed when they visit a dubious website. Webroot recently discovered tens of thousands of stolen identities that were collected by a Trojan Spyware that was installed via visiting a website. This is an example of a "banking" Trojan, which are programmed to spring to life when computer owners visit one of a number of online banking or e-commerce sites.[LINK]
Note: Spyware also eats up your memory, system resources and bandwidth and can cause your computer to run slow and crash frequently. Is your computer crashing frequently? Does it seem to be running slow? Getting pop-up windows from nowhere? Has your homepage changed to some other page? These are a just couple of things that might indicate a spyware problem. Download anti-spyware software to help protect your PC from spyware and other potentially unwanted software.
DO NOT underestimate the threat to you or your business from spyware, if you do, you'll do so at your own peril. It's a huge problem that opens you to a variety of risks including confidential information loss, Identity Theft, compromised compliance, and all the legal, financial, and PR nightmares that come with them.

• Spybot Search & Destroy (S&D) http://www.safer-networking.org/microsoft.en.html
*Free*
Lavasoft Ad-aware http://www.lavasoft.de/ms/index.htm
*Free*
AVG Anti-Spyware http://www.ewido.net/en/download/ - a product formerly formerly known as Ewido until it was acquired recently by GriSoft. Ewido started life as an anti-trojan scanner but has been repositioned as an anti-spyware scanner by the new owners and the new name reflects that re-positioning. Whatever ever it is called it is an excellent anti-trojan and a fine anti-spyware program as well.
*Free*
SpywareBlaster http://www.javacoolsoftware.com/spywareblaster.html - SpywareBlaster "inoculates" your Internet Explorer browser against the installation of unwanted spyware and adware from the internet.
*Free*
SpywareGuard http://www.javacoolsoftware.com/spywareguard.html - SpywareGuard actively monitors your PC and prevents spyware infestations
*Free*
SpyCatcher™ Express: http://www.tenebril.com/consumer/spy...er-express.php Free Spyware Removal Software
*Free*
Microsoft Windows Defender: http://www.microsoft.com/athome/secu...e/default.mspx is a free program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. This is no longer BETA. The final release is now available.
*Free*
Bazooka™ Adware and Spyware Scanner http://www.kephyr.com/spywarescanner/index.html
*Free*

*RootKit Scanners and Removers*
Rootkits are a special kind of software tool used to hide trojans, viruses and other malware from your anti-virus scanner and other security products. Unfortunately, they are extremely effective which means that some of you reading this will be infected even though you believe your PC to be totally clean. Thankfully there is a new class of security product now available called rootkit detectors that use specialized techniques to detect these dangerous intruders.

http://www.f-secure.com/blacklight/ Free beta, Windows 2000 and later, 808KB
http://www.sysinternals.com/Utilitie...tRevealer.html Freeware, All Windows versions, 210KB
http://www.sysinternals.com/Forum/default.asp
http://www.gmer.net/ Freeware, Windows NT and later, 450KB
http://majorgeeks.com/Icesword_d5199.html Freeware, Windows XP and later, 1.9MB
http://www.softpedia.com/get/Antivir...-Rootkit.shtml Windows 2000 and later, 626KB
http://www.techsupportalert.com/rootkits.htm <= How to deal with the threat of rootkits

**Important: Makers of spyware and other unwanted software sometimes disguise their programs as anti-spyware tools or use unethical/unlawful practices in marketing. Click the links to the programs above or ask someone knowledgeable you trust to recommend a tool *before* you download and install it.

In the NEWS http://www.computerworld.com/action/...=NLT_AM&nlid=1 - Spyware Slayer penalized for breach of spyware and consumer-protection laws

The folks at Spyware Warrior have a short list of "Trustworthy" anti-spyware products; pay them a visit before you decide on a product. http://www.spywarewarrior.com/rogue_...tm#trustworthy

Rogue/Suspect Anti-Spyware Products (stay far away from these *deceptive* products)
Check this page BEFORE choosing any Anti-Spyware Product!!
http://www.spywarewarrior.com/rogue_...e.htm#products
Be sure to check out the rest of the Spyware Warrior site too...all good info!

Spyware Removal and Other Resources - Specific Instructions for removal of Spyware from Bonzai Buddy to ZY Web Search - Lots of other good info and instructions for dealing with stubborn files and ugly cookies.
http://www.pchell.com/support/spyware.shtml

Note: This is something to also be aware of... even legitimate major software companies like Sony, Broderbund and Intuit have in the past released software with hidden spyware/adware components. (I'm sure we all remember Sony's Rootkit scandal and Turbo Tax's C-Dilla malware) Although these spyware components do not usually have criminal intent, they do use up your system resources, slow down your computer & internet connection and in many cases pose a security risk. Choose your software carefully and if you find that a legitimate software company is including spyware/malware with their installation make a lot of noise, demand a full refund and tell everyone you know not to use that product. Overley intrusive software registration processes are also something consumers should not have to put up with. Consumers should avoid software that includes difficult registrations that intrude on privacy for demographic gathering and/or anti-piracy that extracts information from your computer without your knowledge.

**Bogus Security Pages


Rogue anti-spyware products have long been known for using aggressive, misleading advertising and marketing, but a number of these programs are being pushed on users through incredibly deceptive web pages that were often forced on users through browser hijacks. Many of these pages are deliberately crafted to look like the Windows XP SP2 Security Center or other legitimate support website, and they may be coupled with flashing tray icons that are designed to look like notices from the Security Center as well as false warnings that malware, spyware or viruses have been detected on the user's PC.

**No single anti-spyware scanner removes everything. Even the best-performing anti-spyware scanner misses one quarter of the "critical" files and Registry entries. It's probably a good idea to have more than one anti-spyware program to insure your system is clean. Below is listed a couple of free online spyware scanners, these are great supplementary spyware scans and a good place to start if you don't have one at all.

Trend Micro offers a free online spyware scan, Trend Micro Anti-Spyware for the Web is a *FREE* online tool that checks computers for spyware, and helps remove any infections found. (small download required)
http://www.intermute.com/spysubtract...ware_scan.html

Webroot Spysweeper also offers a *FREE* online scan for spyware (8+ meg download)
http://www.webroot.com/land/freescan...ca721ab0a85788


One last note on spyware. Be sure to keep your spyware definitions updated just as you would your virus software, most have an update option, USE IT! As with viruses there is new spyware every week too! I don't think I need to say this but when you install and run anti-spyware, read the instructions for properly setting it up and pay special attention to what it does pick up, so you can exclude some directories that might be misinterpreted as spyware.

Have you had "Badware" installed on your system just by visiting a website? Do you want to avoid that happening?
http://www.stopbadware.org/


5. Scams abound

Securing your PC is just part of protecting yourself, you also need to become "Net Street Smart" so that you aren't flim flamed out of your Identity and Money by Crooks and Shady Snake Oil salesmen. These crimes cost you and your country billions of dollars each year -- and they are increasingly used by terrorist groups to finance their activities.

Scams are a popular way of getting your personal information. The most common scams are fake login pages and forged emails that ask for your password, credit card number, social security number or other sensitive information. This is called Phishing. *Be very suspicious*. Anyone, anywhere in the world, can register for an ISP account, register a domain and setup a fake webpage and Internet email protocols allow anyone to send a message that appears to be from any other person. Don't assume an email from "EBay", "PayPal, or "The IRS" was actually sent from someone you know or trust, and don't assume that an unsolicited message from user@yahoo.com was really sent by that account. Ignore or report anything you see that strikes you as questionable or suspicious. Most of the time these type of emails are "Phishing," "Spear Phishing" or "Spoof" Scams or they could have attached Trojans . Phishing schemes use 'spoofed' e-mails to also lead consumers to counterfeit websites designed to trick recipients into divulging sensitive personal and financial data. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent. Pharming has been called "phishing without a lure."Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly. Below is a list of addresses, that if you should get anything that is questionable, you should forward the email in full to the appropriate address and they will take action and advise you whether or not the email was legit. Most banks and other institutions have proper email addresses for online security issues and some do respond verifying the legitamacy of the email, needless to say, I can only list a few here so you should find out from your bank or other institution what proper channel to contact there. Remember *no* legitimate email from Yahoo, PayPal, EBay , your bank, your government, the IRS, the CIA, the FBI or any other legitimate institution will ask you to divulge personal information. *Never* provide private information in response to an e-mail, regardless of how authentic it appears to be. Never open an attachment from this sort of email!! The Federal Trade Commission reports that identity theft now affects more than 10 million people every year representing an annual cost to the economy of $50 billion. The Anti-Phishing Working Group reports that the frequency of these phishing attacks increases 24% every month.

Suspicious of an Email? Forward it to the appropriate address below and it will be usually be verified as real or a phishing scam. Some Banks and Institutions do not have a reporting address, in that case visit their website or contact them via telephone.
Yahoo - mail-spoof@cc.yahoo-inc.com
PayPal - spoof@paypal.com
EBay - spoof@ebay.com
Amazon - stop-spoofing@amazon.com
Bank of America - abuse@bankofamerica.com
Capitol One - abuse@capitalone.com
Citibank - emailspoof@citigroup.com
Charter One- abuse@citizensbank.com
Citizens Bank- fraud_prevention@citizensbank.com
Household Bank- bib@us.hsbc.com
Key Bank- emailfraud@keybank.com
Regions Bank- phishing@regions.com
South Trust- callcenterwebmail@southtrust.com
Sun Trust- abuse@suntrust.com
TCF Bank- emailfraud@tcfbank.com
Washington Mutual- spoof@wamu.com
Bank One - Now merged with Chase
Chase Bank - abuse@chase.com.
Mid America Bank - abuse@midamericabank.com
Bancorp - fraud_help@usbank.com
Bank of the West - abuse@bankofthewest.com
Banknorth - CustomerSecure@banknorth.com
BB&T - InternetFraud@bbandt.com
Consumers Bank - fraudprevention@consumersbank.com
First Merit - identitytheft@firstmerit.com
Huntington - idtheft@huntington.com
Key - emailfraud@keybank.com
LaSalle - emailhoax@abnamro.com
NorthFork - InternetSecurity@nfb.com
Regions - phishing@regions.com
SouthTrust - Now merged with Wachovia
SunTrust - reportfraud@suntrust.com
TCF Bank - emailfraud@tcfbank.com
Wachovia - abuse@wachovia.com
Westpac Banking Corporation - operationssupport@westpac.com.au
Western Union - customerservice@westernunion.com
Barclays Bank - internetsecurity@barclays.co.uk
NatWest - nwolb@natwest.com
Lloyds TSB - emailscams@lloydstsb.co.uk
Halifax and Bank of Scotland (HBOS) - onlineemailinvestigations@hbosplc.com
Alliance & Leicester - frauddepartment@alliance-leicester.co.uk
Intelligent Finance - onlinesecurity@if.com
IRS - phishing@irs.gov
VISA - askvisa@visa.com

All Phishing (report here in addition to your Bank or Institution)
reportphishing@antiphishing.org (Anti-Phishing Organization)
report@reportphish.org - Send email as attachment (Anti-Phishing Organization)
All US Bank Phishing should be forwarded as well to- phishing-report@us-cert.gov
All Stocks & Securities Fraud/SPAM should be forwarded to:
United States - enforcement@sec.gov
Canada - consltcomm@fin.gc.ca
Germany - poststelle@bafin.de
New Zealand - seccom@sec-com.govt.nz
Australia - infoline@asic.gov.au

You should also forward deceptive email to the US Governments Federal Trade Commission at spam@uce.gov I cc them on all of the emails I get that are phishing. Forward the entire email to the appropriate address above and cc spam@uce.gov to be sure they have all the tracking info that shows where the email came from.
**If you don't live in the U.S. you should find out if the government where you live has a corresponding address.
The Nigerian Letter or 419 fraud, named after the section of the Nigerian criminal code that it violates. Originally sent by mail, and later by fax, the Nigerian Letter is now sent almost exclusively by e-mail. A typical letter claims to come from a person needing to transfer large sums of money out of the country. As the Nigerian letter variation of the fraud has become well known, the gangs operating the scams have developed variations. The target is often told that they are the beneficiary of an inheritance or invited to impersonate a beneficiary of an unclaimed estate.
Where to report 419 or "Nigerian" scams
**Use these ONLY if you have become a victim of a 419 - All others should be reported by sending a copy to the Internet Service Provider (ISP's) from where the 419er email has originated. These emails to the ISP's should be addressed to: abuse@"the ISP's name" (for example abuse@yahoo.com, abuse@hotmail.com, abuse@onebox.com). By this method the ISP's will be able to quickly terminate the accounts that abuse their systems
USA - 419.fcd@usss.treas.gov
UK - waocs@ncis.gov.uk
Australia - er-waoc@afp.gov.au
Canada - wafl@phonebusters.com

A Little Entertaining Fun with 419 scammers - http://www.419eater.com/
More 419 info - http://home.rica.net/alphae/419coal/
NO, You didn't win the LOTTERY. Have you recieved an email telling you that you've won a large sum of money in a foreign lottery you don't remember entering? http://www.snopes.com/crime/fraud/lottery.asp (Also visit snopes.com for full coverage of urban legends and all "those" emails you get forwarded)
Are you a Stock Market Trader? Getting email (spam) touting quick gains in some cheap stocks? Don't even think about it unless you like giving your money away! "Pump and dump" schemes, also known as "hype and dump manipulation," involve the touting of a company's stock (typically microcap companies) through false and misleading statements to the marketplace. After pumping the stock, fraudsters make huge profits by selling their cheap stock into the market. Forward all these type emails to : enforcement@sec.gov and visit http://www.sec.gov/answers/pumpdump.htm for more info.
If you’re in a certain income bracket, you might get an e-mail threatening your life. A new group of spammers, posing as professional hit-men, http://www.sophos.com/pressoffice/ne...eathphish.html claim that recipients have been targeted for assassination and ask for up to $80,000 to drop the contract on their lives. Recipients are warned against contacting the police or FBI.

Remember, these are *BAD GUYS* and they DO mean *YOU* harm so don't even hesitate to turn these low lifes in. Keep in mind that 99% of emails from PayPal, Ebay and *your* Bank are FAKE and are sent to you to dupe you out of your money and/or your Identity.

Drop me a note if you have the proper link for reporting phishing/scam mail to your bank, institution or government and I'll get it listed here.


US IRS Fraudulent Email

It's tax season again... Be especially aware of Tax Scams. The IRS will never send you unsolicited email and ask or direct you to anywhere that asks you to divulge any personal information!
Marketing pitches masquerading as the 1099 forms detailing non-payroll income have been arriving in taxpayer mailboxes, while e-mails that appear to be from the Internal Revenue Service are really identity theft scams designed to collect personal financial information. And scammers are capitalizing on the fact that more than half of all tax returns are expected to be filed electronically this year.
If you receive any unsolicited e-mail purporting to be from the IRS, take the following steps:

1. Do not open any attachments to the e-mail, in case they contain malicious code that will infect your computer.
2. Contact the IRS at 1-800-829-1040 to determine whether the IRS is trying to contact you about a tax refund.

More info here: IRS Warns of e-Mail Scam about Tax Refunds http://www.irs.gov/newsroom/article/...151065,00.html

How to Protect Yourself from Suspicious E-Mails or Phishing Schemes.. http://www.irs.gov/individuals/artic...155344,00.html

Forward all suspected IRS Phishing mails to - phishing@irs.gov
** I recently recieved a scam-mail from someone posing as the IRS
View the Email I recieved here http://security.solarnight.com/fake_...keirsemail.htm I mirrored the FAKE IRS Site so you can see how "Official" it does look (the original site was actually in Russia and they were properly reported)...don't be taken in by something that looks Official, as you will see...ANYONE can make a FAKE website that looks just like the real one!
View mirrored FAKE IRS Website. http://security.solarnight.com/fake_irs/
As you can probably figure out, the crooks were after credit card information.
In the same way you may get email from PayPal, Ebay, Your Bank or other Institutions, and they all look "Official" but be wary they are most likely SCAM MAIL! A good indication is that the links in the email they want you to click on probably go to an IP address link rather than the legitimate site...and those FAKE sites look just like the real ones!
What is Law Enforcement doing? OPERATION "WEB SNARE" Tightening the Net on Cyber Criminals
http://www.fbi.gov/page2/aug04/websnare082704.htm
CyveillanceTop Tips for Online Holiday Shopping
http://www.cyveillance.com/web/newsr...2006-12-06.htm
Donating to a Charity this Holiday Season? - Check 'em out BEFORE you do!
http://www.charitynavigator.org/inde...liday.main.htm



6. SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM!

Need I say more? Controlling spam is a continuous pain in the backside. I too recieve those sometimes offensive, often shocking spam messages. I am at War with SPAM. I suppose you are wondering how SPAM figures into your PC's Security. Easy answer. Spammers today are diverse. They work with adware and spyware; they control botnets of computers; they are virus & Trojan Horse writers. Today's spammers don't just want to sell you penny stocks, Hoodia, fake rolex watches, work at home schemes, weight loss products, Viagra, Memberships to Pornography sites or Refinance your Mortgage; they want to trick you into handing over your credit card number, or even infect your system and turn it into a SPAM Zombie. SPAM has become a criminal industry! Many spammers shield their identity by using hijacked PCs--referred to as spam zombies--to send their spam. If your computer doesn't have up-to-date virus protection as well as spyware protection, your computer can be turned into a spam machine without your knowledge! Your computer could be a Spam Zombie and sending out Spam even as you read this! Don't be so sure it's not, this might be a good time to get your virus and spyware definitions updated and scan your system to be sure. Everyone HATES SPAM...keep your system secure so these low lifes will have one less zombie to send their SPAM. I really have to wonder what idiot would refinance their home, buy prescription drugs or buy *anything* for that matter via SPAM? SPAM has such a bad reputation that using E-Mail to advertise has become next to worthless. No ethical or responsible company will ever send you unsolicited bulk email. Anyone sending you unsolicited bulk email, no matter how legitimate it may look, is a spammer. If you think SPAM isn't really a problem and you just deal with it via your delete key then you are living a sheltered existance and probably have a fairly new email address. "The mounting onslaught of email pitches for porn, pills, and penis enlargement has some techno-pundits declaring that spam is on the verge of destroying the Internet." To give you an idea of how big the SPAM problem is, one of the large U.S. defense contractors recieves about 55 million emails a month through their servers, in one day they recieved 5.37 million emails of which 93% of them were SPAM! Research has shown that up to 85 percent of all e-mail received in the European Union is SPAM. Research from such organizations as Spamhaus indicates that four-fifths of all spam can be traced to 200 criminal gangs operating internationally...and Spam rates are on the rise. Spam Made Up 94% Of All E-Mail In December 2006! (Information Week http://www.informationweek.com/showA...leID=197001430 )

Whether you know it or not there is a Cyber War raging between the Spammers and the Anti-SPAM community involving mass spamming, denial-of-service (DoS) attacks, Joe Jobs, and Blackhole Filtering by SPAM crooks, bringing down multitudes of Blogs, Websites and Servers. Even if you have a personal website, your guest books and forums are continually under attack by spammers. Remember, Spammers are BAD GUYS. Many break the law to make a living. They hijack your mailbox, clog the internet, intrude on Blogs, Guestbooks and Forums to hock their illegitimate products or dupe you out of your money or identity. They cost YOU money by taking up valuable bandwidth and storage space (not to mention the amount of time it takes to deal with the SPAM) that you end up paying for via your ISP and Webhosting bills. Last year, Ferris Research estimated spam to cost over $51 billion worldwide, while fellow researcher Computer Economics calculated malicious software to cost $14.4 billion worldwide. Research published last year suggests that this works out to $1,000 per employee per year in lost productivity and higher computing bills.

Spam continues to plague the Internet because a small number of large Internet Service Providers sell service knowingly to professional spammers for profit, or do nothing to prevent spammers operating from their networks.

Although all networks claim to be anti-spam, some network executives factor revenue made from hosting known spam gangs into corporate policy decisions to continue to sell services to spam operations. Others simply decide that closing the holes in their end-user broadband systems that allow spammers access would be too costly to their bottom lines.

Help win the fight against the criminals who wish to control the Internet

Mailwasher http://www.mailwasher.net/ *FREE* View, delete, and bounce SPAM before it gets to your inbox.. This program also has filters for setting addresses to blacklists or friends list. MailWasher is fast, very sophisticated and extremely simple to use. MailWasher is free to use and won't ever expire. It also integrates with SpamCop, a great combo for fighting SPAM!
(Most all POP3 Email Clients like Outlook, OE, Incredimail, Eudura)

SPAMCOP http://www.spamcop.net/ - Spamcop is all about reporting spams to the providers who host the people sending spams and hosting their websites. Spamcop maintains ongoing spam reports from users and compiles them into a database used by ISP's, Webhosts and others to blacklist Spammers. I report ALL SPAM I get to Spamcop. SpamCop is the *only* publically available reporting service. Sign up for a FREE reporting account!

SPAMfighter Standard http://www.spamfighter.com/FAQ_Payme...structions.asp is 100% *FREE* for private use (Outlook/Outlook Express)

SpamPal http://www.spampal.org/ *FREE* (Outlook/Outlook Express)

NOTE: If you use a Challenge/Response filter for SPAM you may want to re-think this *flawed* strategy [Follow this LINK for more info] http://linuxmafia.com/faq/Mail/challenge-response.html
.
Most ISP's, Email Services and Webmail providers do offer some *FREE* SPAM protection, check with your ISP or Email Service for more information.

To report SPAM to proper Government agencies forward your SPAM to the appropriate address for you below. I forward ALL my SPAM to uce@ftv.gov here in the US.

United States - uce@ftc.gov
Hong Kong - webmaster@ofta.gov.hk
Germany - mailbox@datenschutz-berlin.de mark for attn. Herr Holzapfel
Finland - vihje.internet@krp.poliisi.fi
Belgium spam@privacy.fgov.be - www.privacy.fgov.be/actualites/boite_a_spam.htm
United Kingdom - www.informationcommissioner.gov.uk
Korea - spamcop@kisa.or.kr
China - spam@ccert.edu.cn

There are also steps you can take to assist the US government with enforcing existing laws that are broken by spammers.
• Spam that is fraudulent - offering products that don't work or don't exist, pyramid schemes and so on - can be forwarded to the US Federal Trade Commission at uce@ftc.gov.
• Spam that promotes stocks and securities can be forwarded to the US Securities and Exchange Commission at enforcement@sec.gov.
• Spam containing or advertising child pornography is illegal in most of the world under existing law. In the US, you can report suspected criminal activity to the Federal Bureau of Investigation via this form. You can also file child-pornography-specific reports with the National Center for Missing and Exploited Children here. https://web.cybertip.org/cyberTipII.html
• If we all do this then maybe some tough laws will be enacted to combat the SPAM problem.
Other Resources -
http://spamlinks.net/ - Excellent resource!
http://spam.abuse.net/
http://www.spamhaus.org/
http://www.spamlinks.net/
Sign the END-SPAM Petition!
http://www.spamnation.info/

NEVER use Opt-Outs!
Do you keep clicking "remove" links in spams, sending back "remove me" requests to spammers, yet your spam volume only seems to be increasing? Here's why.

Most spammers send out anywhere from 1 million up to 100 million spams every day to address lists scraped from all over the Internet, harvested from sites and insecure mail servers, stolen from millions of computers using viruses to grab the contents of users' address books, bought from other spammers, from spam address list CDROMs, etc. Spammers do not know which of the millions of addresses on their lists are real, which are working or not, they're simply spraying adverts at every address they can find.

Then you send the spammer a "remove me" message. *Now he knows your address is real.*
And that's not all he knows...

By sending back a 'remove me' opt-out request you are confirming to the spammer that your address is live, you are confirming that your ISP doesn't use spam filters, you are confirming that you actually open and read spams, and that you follow the spammer's instructions such as "click this to be removed". You are the perfect candidate for even more SPAM.

A live address is a valuable address; spammers sell live addresses at a premium as "confirmed deliverable" addresses to yet more spammers. If you don't want your address to end up on endless spammers' lists, distributed on spam CDROMs to spammers worldwide, *do not* confirm to the spammer that your address is real and working.

NEVER buy anything via SPAM! Remember Spammers are the lowest of the low slime balls of the Internet. If you buy anything via SPAM you may get totally ripped off, you'll probably also be putting your credit card and personal information right into crooks hands and at the very least you'll now be Spammed to death because you've validated your email address.

NEVER enter into a dialog with a SPAMMER! Do not send email or respond to a SPAMMER *EVER*. Don't even think you can get them to stop sending SPAM to you or that you can "stick it to 'em" in any way. Most of the time a SPAMMER uses a false address, a "joe job", or Spam Zombies or the like to send their SPAM and *IF* by chance your email does get received by a SPAMMER all you are doing is verifying that your address is a "Live" address and you will get even more SPAM. Spammers are savvy and they "hide" behind false addresses and Spam Proxies. If you want to "get back" at spammers the best way you can do this is by reporting them to SpamCop http://www.spamcop.net/ .

ISP SPAM Reporting
Many ISP's offer Anti-Spam reporting services, I'd like to start compiling a list of addresses and reporting instructions for as many ISP's as possible. My ISP is Road Runner and they have a SPAM reporting procedure that works quite well. I just forward as an *attachment* the SPAM email I have received to spamblock@security.rr.com and RR analyzes it and blocks the Spammers IP and sends a complaint to the proper source. I also get a detailed report of my submissions daily. This works quite well for me as one address I've had there for well over 10 years tends to be on quite a few Spammer lists. If you have the proper address and reporting instructions for your ISP *please* send it to me and I'll get a list going that we can all benefit from.

Report 'PORN SPAM' E-MAIL - http://www.obscenitycrimes.org/compl...rtPornSpam.cfm

The CAN-SPAM Act simply does not work. Write your Senator & Congressman and encourage them to enact some real SPAM legislation with *Teeth*.
Find Your Congressman/Senators address - http://www.eff.org/congress/
Tips on Writing or E-Mailing a Member of Congress - http://www.thearc.org/ga/legtips.html
UK - http://www.writetothem.com/

Privacy/Identity Theft “Joe Job” Spam
Are you a victim of a "Joe Job"??
Joe-job: n., vt. A spam run forged to appear as though it came from an innocent party, who is then generally flooded by the bounces.
Sound familiar? Getting bounces from mail you never sent? Sometimes it's a personal attack, sometimes not, but many individuals, businesses and websites suffer from these Joe Job SPAM attacks because most recipients think that the spoofed return address is actually from that someone or that business in particular when it's not, and that person or business suffers the repercussions.
Find out more and find out what you can do if you are a victim. Here's some links that go into more detail than I have room for here...
Sabotage! Coping With The Joe Job http://www.sitepoint.com/article/sab...coping-joe-job

http://members.cox.net/joejob/
http://www.g4tv.com/techtvvault/feat...e_Joe_Job.html
http://www.atg.wa.gov/consumer/idprivacy/joejob.shtml
*If you have a website*: Spammers have webbots that spider websites and collect email addresses that they can SPAM. Being a web developer, I've found that any email address that can be harvested from a website will be SPAMMED to death. A good practice is to use form mail to communicate with your website users or use a non-machine readable email address routine. There are javascripts available to do this. http://w2.syronex.com/jmr/safemailto/

Spammers continuously change their tactics in order to circumvent spam filters so it becomes increasingly difficult to block spam from getting to your mailbox . These are challenging times and the growth of spam has become a real annoyance for most everyone. Be assured that there are those that are aggressively pursuing additional approaches and tools to control this problem. Remember to use discretion in how and where you provide your e-mail address, publishing it on the Web, posting it in a blog, or other forums will enable spammers to capture it and to use it.

The Ten Most Wanted Criminal Spammers http://www.spamhaus.org/statistics/spammers.lasso This list is based on those Spamhaus views as the highest threat, the worst of the career criminal spammers causing the most damage on the Internet.

More on Scams & Spam from the FTC - The FTC hosts this excellent guide to dealing with spam and email scams.
http://www.ftc.gov/bcp/conline/pubs/online/inbox.htm

IF you think you've been scammed- For victims of Internet fraud, IFCC provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation.
http://www.ifccfbi.gov/index.asp

Are you a Victim?
If you have recently shared your credit card or bank account information in response to an unsolicited email, you should notify your Credit Card Company or bank immediately and discuss whether you should cancel your accounts. In any event, you should carefully monitor your accounts. If you provided your Social Security number, you should contact one of the three national consumer reporting agencies, ask that a fraud alert be placed on your accounts and obtain copies of your credit reports. You also should visit the FTC's Identity Theft Web site (www.consumer.gov/idtheft ) to file a complaint and learn more about how to minimize your risk of damage from identity theft.

Do you have a Wireless Network? Wireless has become a popular convenient way of setting up a home or business network. Beware of "wireless spammers and hackers". One man driving around L.A. used unsecured residential wireless networks to broadcast pornography spam from his laptop. If this happened to you it would be YOUR IP address attached to this SPAM!! When traced it would come back to YOU! A hacker searching for insecure wireless connections can get into your system from a car parked on the street. Hackers can also get into your wired network via a wireless access point in your network.

Here's a list of things you can do to secure your wireless network:
1- Change Default Administrator Passwords (and Usernames)
2- Turn on (Compatible) WPA / WEP Encryption
3- Change the Default SSID
4- Enable MAC Address Filtering
5- Disable SSID Broadcast
6- Do Not Auto-Connect to Open Wi-Fi Networks
7- Assign Static IP Addresses to Devices
8- Position the Router or Access Point Safely
9- Turn Off the Network During Extended Periods of Non-Use

More Info Here http://compnetworking.about.com/od/w...fisecurity.htm


Parental Control - Computer Security should also include the security of your children when they are on the computer, there are plenty of free parental control options available. Parental control software can help block access to adult sites, rate sites based on adult content ( pornography, violence/ profanity, intolerance, militant extremists, gambling, drug culture, etc.), establish time controls for individual users (for example, blocking usage after a particular time at night, or during established homework times) and log surfing activities (allowing parents to see which sites a child has visited). These parental control tools can help block newsgroups and chat areas inappropriate for children. Most of these programs can be configured by the parent to filter out sites that contain nudity, sexual content, hateful or violent material, or that advocate the use of drugs, tobacco, or alcohol. Some can also be configured to prevent children from revealing information about themselves such as their name, address, or telephone number.

Free Parental Control software

Freeshield- http://www.freeshield.com/
US Netizen has a free list and suggestions for parental control - http://www.usnetizen.com/parental-control.html
Freeware/Shareware Parental Control - http://www.freewr.com/security/paren...web-filter.php

Microsoft is currently testing Windows Live OneCare Family Safety Beta that is available for free
http://ideas.live.com/programpage.as...c-b9967270629e



Note from WM about IE7 and VISTA
These are new programs and are having growing problems. When I tried using IE 7 I was getting quite a few browser crashes and hang ups. They stopped when I removed 7 and went back to 6
If you are thinking about switching to Vista, give it another thought. Vista is NOT compatible with a lot of your current programs and guess what, you have to go buy all new ones to replace them. More money for Bill Gates by making last years products obsolete by creating a new operating system that won’t let you use them. If you think I might be mistaken ask Cartooner, he already learned it the hard way

Another note
This year the Daylight Savings Time (DST) date has been moved up into March instead of April and our computers are not set up for this change, so you will have to adjust your computer yourself on the new date for Springing Forward the hour on your clock. I do not know the date at this time and if anyone does please tell us. I will watch for it and pass it on when I find out.
Computer and software people are scrambling to get their patches in place before this happens.
If you are in a state or country that does not do DST, make a note of it for dealing with people or businesses in the places that do.

__________________

Studying Dragon

Thanks for the tips WM!

__________________

Geoff_the_Beard

USA and Canada start Daylight Saving on March 11 and it ends on November 4 this year.

Users of Vista need do nothing, the new dates are already built in.

There is a download available from Microsoft for earlier operating systems, and I will post details here as soon as I've tried it myself. The update will be required, else after you've corrected the clock manually, it will advance another hour 3 weeks later.

__________________

1 Sexy King

I have heard that if you have a router hooked up that is is like a fire wall and anything coming in will get blocked or what I mean is it will send the routers ISP or what ever it is called. Can't seem to word things right tonight, must be that old age creeping up on me.

Bottom line I have heard it is a good security thing-- is this correct? as I have never had a virus or anything come into my comp.

__________________