Institutional Education Programs
Tips to Stop Phishing for Spyware and Spam
Spyware is the means through which hackers gain access to your computer and your private information. Spyware is defined as any software that covertly gathers user information through your Internet connection without your knowledge, usually for advertising purposes. It watches everything you do on the Internet and sends that information, including private e-mail, passwords, and credit card numbers to the hacker invisibly, without your knowledge.
No matter how careful you are, regardless of what virus protection you buy, you will always be at risk without the proper antispyware tools to protect you. How do you know if you have been infected? If the Start page in your Web browser keeps changing by itself, if your computer starts crashing more often than usual, or if you have tried to uninstall unfamiliar programs only to find they are still there after you restart your computer, then you are infected. Spyware can be pretty malicious.
Keyloggers watch your every keystroke and mouse click, then records your passwords, logons, and account numbers. You might think you don’t need to read this Tech Tip because you’ve taken steps to protect yourself. Well, if you have all the most current antivirus software, have installed Service Pack 3 for Windows XP, and have a very powerful firewall to protect you, then you would be WRONG! The fact is that all of these items do absolutely nothing to protect your computer from spyware at all, leaving you completely vulnerable to attack. Also, you know all those updates that Microsoft Windows installs? None of them protect you from spyware writers, who exploit ways to transparently install spyware through your Internet Explorer browser. These programs can even prevent Service Pack 3 from installing correctly. Once these programs infect you, your computer becomes very slow, because all your computer processing power is eaten up by the spyware itself. Don’t allow yourself to be lulled into a false sense of security from any one anti-spyware program that claims to provide total protection, it doesn’t exist.
Spam is the most virulent form of abuse that any Internet user must endure. The problem is so common that most people find they are forced to change their e-mail address just to avoid getting junk email. Unfortunately, changing your e-mail is worse than changing your phone number because nobody knows how to contact you. Microsoft Outlook 2007 and Eudora 6 are two of the major programs that have the ability to filter incoming e-mail as messages are received. If a message is believed to be spam, the message is filtered to the spam folder for later review.
Internet phishing (pronounced “fishing”) is when a hacker sends you an e-mail falsely claiming to be an established legitimate enterprise. The idea is to try to scam you into surrendering private information that will be used to steal your identity. This e-mail asks you to visit a web site where you are asked to update your personal information, such as passwords, credit card numbers, Social Security number, and bank account numbers information that the legitimate organization already has. The scam is that this web site is bogus and is set up only to steal your confidential information.
You must be careful whenever you receive an email from what appears to be a trusted company. Hackers are very good at writing convincing letters that appear to be genuine. You must never ever click on a link in one of these e-mails, because even though it might look authentic, it almost always is not. It is very simple matter for a hyperlink to show one web site and send you somewhere completely different when you click on it. These links are designed to take you to the hacker’s site. Don’t even cut and paste these links into your browser, because the hidden information in the URL takes you directly to the hacker instead of where you intended to go. When you need to go to a web site, open a new browser window and type in the address by hand.
Another sign of phishing is when e-mails are not addressed to you specifically by name but instead say, “Dear Customer.” If an email doesn’t take the time to address you by name, something is wrong! When you receive an e-mail, ask yourself, “Why am I receiving this note?” If you are unsure, call the company directly and ask. Never assume an e-mail is authentic just because it looks like it came from a trusted company. Hackers easily spoof the “from” field of an e-mail to make it appear it is a legitimate correspondence.
Posted:February 8, 2010