Devious Trojan Attacks Online Banks

A new Trojan called "W32.Silon" is the latest headache for online banks and their customers, packing a one-two punch that helps it evade security tokens and steal customer log-in information at the same time.

The two-headed Trojan, according to online security software vendor Trusteer, uses a "two-pronged payload" to steal log-in information and commit financial fraud at popular online banks.

"This new Trojan illustrates how advanced malware writers have become in their ability to dynamically execute multiple, bank-specific attacks with a single piece of software," Amit Klein, CTO and chief researcher at Trusteer, said in a statement. "The level of sophistication built into W32.Silon is concerning, as is its focus on circumventing strong authentication systems like card and PIN readers."

W32.Silon is a new malware variant that intercepts Internet Explorer Web browser sessions and has been associated with fraud incidents at several large banks, according to Trusteer researchers.

To steal user credentials, W32.Silon performs its initial attack when a user begins a Web log-in session and enters his username and password. The malware intercepts the log-in POST request, encrypts the requested data and sends it to a command-and-control (C&C) server.

When it targets users of online banking applications that are protected by transaction authentication devices such as tokens or banking card readers, W32.Silon waits until the user has logged in and then injects dynamic HTML code into the log-in flow between the user and the bank's Web server.

First, the malware presents authentic-looking Web pages that appear to be from the bank asking users to employ their transaction authentication device. Next, the user is asked to enter information from the device into the Web page.

This information is then used by the criminals to execute fraudulent transactions on behalf of the user

How hackers find your weak spots

A look at some of the ways hackers use social networking tools to gain access to victims' systems

While there are an infinite number of social engineering exploits, typical ones include the following:

Stealing passwords: In this common maneuver, the hacker uses information from a social networking profile to guess a victim's password reminder question. This technique was used to hack Twitter and break into Sarah Palin's e-mail.

Friending: In this scenario, a hacker gains the trust of an individual or group and then gets them to click on links or attachments that contain malware that introduces a threat, such as the ability to exploit a weakness in a corporate system. For example, says Netragard CTO Adriel Desautels, he might strike up an online conversation about fishing and then send a photo of a boat he's thinking of buying.

Impersonation/social network squatting: In this case, the hacker tweets you, friends you or otherwise contacts you online using the name of someone you know. Then he asks you to do him a favor, like sending him a spreadsheet or giving him data from "the office." "Anything you see on a computer system can be spoofed or manipulated or augmented by a hacker," says Desautels.

Posing as an insider: Imagine all the information you could extract from an unknowing employee if you posed as an IT help desk worker or contractor. "Roughly 90% of the people we've successfully exploited during [vulnerability assessments for clients] trusted us because they thought we worked for the same company as them

How dangerous could a hacked robot possibly be?

What happens when the robots are turned against us?SO THIS IS MY REQUEST TO ALL READER READ THIS ARTICLE CAREFULLY SPECIALLY THOSE WHICH ARE USING ROBOT OR WORKING WITH ROBOT......AJEET

But researchers at the University of Washington think it's finally time to start paying some serious attention to the question of robot security. Not because they think robots are about to go all Terminator on us, but because the robots can already be used to spy on us and vandalize our homes.

Robots have emerged as popular consumer devices over the past few years -- primarily as toys, but also as household chore robots such as iRobot's Roomba vacuuming machine.

In a paper published Thursday the researchers took a close look at three test robots: the Erector Spykee, and WowWee's RoboSapien and Rovio. They found that security is pretty much an afterthought in the current crop of robotic devices.

"We were shocked at how easy it was to actually compromise some of these robots," said Tadayoshi Kohno, a University of Washington assistant professor, who co-authored the paper.

The researchers aren't so much worried about the scenario depicted in James Cameron's movie Terminator, where machines develop self-awareness and decide to wipe out humanity. They're afraid of a world where hackers can take control of the robots we've brought into our homes.

Some of today's robots operate as wireless access points, and Kohno's team found that a nearby attacker could connect to someone else's robot quite easily. Robots such as the Rovio can also be controlled over the Internet, meaning that if a hacker could somehow sniff the victim's user name and password, he could turn the robot into a remote-controlled spy machine.

"We think that consumers should at least be aware that there is the possibility that someone would listen in on their robot and take over their robot and have mobile eyes and ears in their home," said Tamara Denning a PhD student who also worked on the paper. "They're little computers."

The University of Washington team says that as more sophisticated robots come online -- especially future generations of powerful household robots -- they could be misused in ways that their designers have not foreseen.

In their paper, they discuss ideas such as "robot vandalism" -- even weak robots can push something fragile down a flight of stairs -- and "robot suicide." Robots could be used to eavesdrop on conversations or frighten small children too, the researchers said.

The attacks that they can actually pull off may sound more creepy than scary, but Kohno said that robot makers will serve their customers best by thinking of these issues from the start, rather than having to patch machines after they get compromised. "Let's think about security and privacy as one of the initial design goals,"

Hacker Claims First Windows 7 'Zero Day'

Windows 7 hasn't even been on the street for a month, yet one hacker has already found what he claims is a zero-day (define) vulnerability -- albeit so far the result of an attack is simply to crash the new system.

Hacker Laurent Gaffié, who last August found a problem in the "release candidate" (RC) version of Microsoft (NASDAQ: MSFT) Windows 7, announced his find on Wednesday. He also published proof-of-concept code to cause such crashes.

After some controversy last summer, Microsoft said that the bug Gaffié found that time affected some late, pre-release code, but that it did not impact the final released Windows 7 code.

The company subsequently patched the hole in affected operating systems in October.

Microsoft did patch a pair of "important" security holes in Windows 7 in its October Patch Tuesday bug fix drop. However, they were not rated rated as "critical" -- the top tier of Microsoft's four-tier bug severity scal.
The bug that Gaffié found this time is related to the same problem he found last summer. It resides in a networking protocol called System Message Block or SMB. While the hole he found in August was only related to version two -- known as SMB2 -- the new hole affects both SMB1 and SMB2.

"Whatever your firewall is set to, you can get remotely smashed via IE [Internet Explorer] or even via some broadcasting [NetBIOS Name Service] tricks (no user interaction)," Gaffié said in his blog post.

The result, he said, is to cause a software kernel crash in either Windows 7 or in Windows Server 2008 Release 2 (R2). The crash causes a denial-of-service but doesn't compromise the user's PC -- at least not so far.

So far, Microsoft has said only that it's looking into the issue.

"Microsoft is investigating new public claims of a possible Denial-of-Service vulnerability in Windows Server Message Block. We’re currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," Christopher Budd, security response communications lead at Microsoft, said in an e-mail.

"Once we’re done investigating, we will take appropriate action to help protect customers,

SOME PC Security Threats for 2010

1) Windows 7 will come in the crosshairs of attackers

Microsoft has already released the first security patches for its new operating system. As long as humans are programming computer code, flaws will be introduced, no matter how thorough pre-release testing is. And the more complex the code is, the more likely that undiscovered vulnerabilities exist.

Microsoft’s new operating system is no exception, and as Windows 7 hits the pavement and gains traction in 2010, attackers will undoubtedly find ways to exploit its users.

2) Fast Flux botnets will increase

Fast flux is a technique used by some botnets, such as the Storm botnet, to hide phishing and malicious Web sites behind an ever-changing network of compromised hosts acting as proxies. Using a combination of peer-to-peer networking, distributed command-and-control, Web-based load balancing and proxy redirection, it makes it difficult to trace the botnets’ original geo-location.

As industry countermeasures continue to reduce the effectiveness of traditional botnets, expect to see more using this technique to carry out attacks.

3) URL-shortening services become the phisher's best friend

Because users often have no idea where a shortened URL -- particularly from Twitter -- is actually sending them, phishers are able to disguise links that the average security conscious user might think twice about clicking on.

In an attempt to evade antispam filters through obfuscation, expect spammers to use shortened URLs to carry out their evil deeds.

4) Mac and Mobile Malware Will Increase

In 2009, Macs and smartphones will be targeted more by malware authors. As Mac and smartphones continue to increase in popularity in 2010, more attackers will devote time to creating malware to exploit these devices.

5) Spammers breaking more rules

As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the Federal Trade Commission's Can-Spam Act, there will be more organizations selling unauthorized e-mail address lists and more less-than-legitimate marketers spamming those lists.

6) As spammers adapt, volume will continue to fluctuate

Since 2007, spam has increased on average by 15 percent a year. Spam volumes will continue to fluctuate in 2010 as spammers continue to adapt to the sophistication of security software and the intervention of responsible ISPs and government agencies across the globe.
7) Specialized malware on the rise

Highly specialized malware was uncovered in 2009 that was aimed at exploiting certain ATMs, indicating a degree of insider knowledge about their operation and how they could be exploited. Expect this trend to continue in 2010, including the possibility of malware targeting electronic voting systems, both those used in political elections and public telephone voting, such as that connected with reality television shows and competitions.

8) CAPTCHA technology will improve

This will prompt more businesses in emerging economies to offer real people employment to manually generate accounts on legitimate Web sites -- especially those supporting user-generated content -- for spamming purposes.

Symantec estimates that the individuals will be paid less than 10 percent of the cost to the spammers, with the account farmers charging $30-$40 per 1,000 accounts.

9) Instant messaging spam will surge

As hackers exploit new ways to bypass CAPTCHA (define) technologies, instant messaging attacks will grow in popularity. IM threats will largely be comprised of unsolicited spam messages containing malicious links, especially attacks aimed at compromising legitimate IM accounts.

By the end of 2010, Symantec predicts that one in 300 IM messages will contain a URL. Also, in 2010, Symantec predicts that one in 12 hyperlinks overall will be linked to a domain known to be used for hosting malware.
SO BE PREPARED TO WELCOME OF 2010------AJEET KUMAR

PC Security Threats for 2010

We love to click,Clicking on links and attachments that are accompanied by just the slightest bit of social engineering appears to be a basic human need."
A report released earlier this year by the Anti-Phishing Working Group (APWG) found that fake anti-malware and security software programs soared up more than 585 percent in the first half of 2009 alone. In 2007, Gartner said that more than 3.6 million people lost more than $3.2 billion to malicious phishing scams.

1) Antivirus is not enough

With the rise of polymorphic threats and the explosion of unique malware variants in 2009, the industry is quickly realizing that traditional approaches to antivirus (including both file signatures and heuristic/behavioral capabilities) are not enough to protect against today’s threats. We have reached an inflection point, where new malicious programs are actually being created at a higher rate than good programs.

Approaches to security that looks for ways to include all software files, such as reputation-based security, will become key in 2010.

2) Social engineering as the primary attack vector

More and more, attackers are going directly after the end user and attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent. Social engineering’s popularity is at least in part spurred on by the fact that what operating system and Web browser rests on a user’s computer is largely irrelevant, as it is the actual user being targeted, not necessarily vulnerabilities on the machine.

3) Rogue security software vendors escalate their efforts

In 2010, expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users’ computers, rendering them useless and holding them for ransom. A less drastic next step, however, would be software that is not explicitly malicious, but dubious at best.

For example, Symantec has already observed some rogue antivirus vendors selling rebranded copies of free third-party antivirus software as their own offerings. In these cases, users are technically getting the antivirus software that they pay for, but the reality is that this same software can actually be downloaded for free elsewhere.

4) Social networking third-party apps will fraud targets

With the popularity of social networking sites poised for another year of unprecedented growth, expect to see fraud being targeted toward social site users to grow.

As this occurs, and as these sites more readily provide third-party developer access to their APIs, attackers will likely turn to vulnerabilities in third-party applications for users’ social networking account information, just as we have seen attackers take advantage of browser plug-ins more as Web browsers themselves become more secure.

Prevent Your Home Robot From Being Hacked!


Commercial, tele-operated home robots are vulnerable to hacking and leave users open to potential risk, according to a recent paper by researchers at the University of Washington.

Tele-operated robots let users remotely interact in the physical world through them, usually through a wireless connection (think of a primitive form of the robots in The Surrogates). Equipped with wheels, cameras, microphones and speakers, ‘tele-presence’ robots stream audio and visual information from the home or office so a user can check the

home or office while away to say, chat with children or scold a misbehaving pet.

The researchers found security vulnerabilities in 2008 models of the Erector Spykee (left), and WowWee’s RoboSapien and smaller Rovio. They say on their website that these vulnerabilities could let a hacker hijack the house robot to look around the house, listen in on conversations, take pictures, or knock over objects.

To protected one’s self from this risk, the researchers recommend keeping networks and robot control encrypted, avoiding remote access, and turning off the robots when they’re not in use

Robot security: the next threat

Researchers at the University of Washington warn that most robotic software is not secure.

According to Network World,Tadayoshi Kohno, a University of Washington assistant professor said that research into robotics shows that security is mostly an afterthought.

He said that he was shocked how easy it was to compromise robots and the damage that they could do as a result.

Some robots operate as wireless access points, and Kohno's team found that a nearby attacker could connect to someone else's robot. Robots such as the Rovio can also be controlled over the Internet and turn the machine into a remote-controlled spy machine.

Do the cleaning yourself, puny human

People forget that robots are little computers and as such can be hacked. But robots could do more than just spy. Robot vandalism could be a major problem as even weak robots can push something down a flight of stairs.

US government opens $9m cyber security center

The US government is promising a more coordinated approach to cyber attacks, with the creation of a new $9 million cyber security center.

The National Cybersecurity and Communications Integration Center in northern Virginia will integrate the US Computer Emergency Readiness Team and the National Coordinating Center for Telecommunications.

Apparently, US government computer systems are scanned millions of times a day by potential hackers, criminals and hostile nation states.

Meanwhile, speaking to Chamber of Commerce executives, Senator Joe Lieberman - head of the Senate Homeland Security and Government Affairs Committee - said the US was lagging in the fight against computer crime.

He called for the creation of a central hub for federal agencies and private companies to share information on cyber threats.

It would be headed by a presidential cyber security csar who would oversee cybersecurity budgets and spending by federal agencies, including the Defense Department - a post which has already had the green light from president Barack Obama.

Timeline of computer viruses and worms

This is a timeline of noteworthy computer viruses, worms and Trojan horses.
1970-1979
1971

* The Creeper virus, an experimental self-replicating program, is written by Bob Thomas at BBN. Creeper infected DEC PDP-10 computers running the TENEX operating system. Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I'm the creeper, catch me if you can!" was displayed. The Reaper program was later created to delete Creeper.

1974

* The Wabbit virus, more a fork bomb than a virus, is written. The Wabbit virus made multiple copies of itself on a single computer (and was named "Wabbit" for the speed at which it did so) until it clogs the system, reducing system performance, before finally reaching a threshold and crashing the computer.[citation needed]

1974/1975

* ANIMAL is written by John Walker for the UNIVAC 1108.[3] Animal asked a number of questions to the user in an attempt to guess the type of animal that the user was thinking of, while the related program PERVADE would create a copy of itself and ANIMAL in every directory to which the current user had access. It spread across the multi-user UNIVACs when users with overlapping permissions discovered the game, and to other computers when tapes were shared. The program was carefully written to avoid damage to existing file or directory structure, and to not copy itself if permissions did not exist or if damage could result. Its spread was therefore halted by an OS upgrade which changed the format of the file status tables that PERVADE used for safe copying. Though non-malicious, "Pervading Animal" represents the first Trojan "in the wild".

1980-1989
1980

* Jürgen Kraus wrote his master thesis "Selbstreproduktion bei Programmen" (self-reproduction of programs).

1981

* A program called Elk Cloner, written for Apple II systems and created by Richard Skrenta. Apple II was seen as particularly vulnerable due to the storage of its operating system on floppy disk. Elk Cloner's design combined with public ignorance about what malware was and how to protect against it led to Elk Cloner being responsible for the first large-scale computer virus outbreak in history.

1983

* The term 'virus' is coined by Frederick Cohen in describing self-replicating computer programs. In 1984 Cohen uses the phrase "computer virus" – as suggested by his teacher Leonard Adleman – to describe the operation of such programs in terms of "infection". He defines a 'virus' as "a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself."[citation needed]
* November 10, 1983, at Lehigh University, Cohen demonstrates a virus-like program on a VAX11/750 system. The program was able to install itself to, or infect, other system objects.

1984

* Ken Thompson publishes "Reflections on Trusting Trust", a theoretical paper which describes how a virus can be inserted into a program's object code, when the virus itself cannot be found in the source code.

1986

* January: The Brain boot sector virus (aka Pakistani flu) is released. Brain is considered the first IBM PC compatible virus, and the program responsible for the first IBM PC compatible virus epidemic. The virus is also known as Lahore, Pakistani, Pakistani Brain, as it was created in Lahore, Pakistan by 19 year old Pakistani programmer, Basit Farooq Alvi, and his brother, Amjad Farooq Alvi.
* December 1986: Ralf Burger presented the Virdem model of programs at a meeting of the underground Chaos Computer Club in Germany. The Virdem model represented the first programs that could replicate themselves via addition of their code to executable 1987

* Appearance of the Vienna virus, which was subsequently neutralized—the first time this had happened on the IBM platform.
* Appearance of Lehigh virus, boot sector viruses such as Yale from USA, Stoned from New Zealand, Ping Pong from Italy, and appearance of first self-encrypting file virus, Cascade. Lehigh was stopped on campus before it spread to the wild, and has never been found elsewhere as a result. A subsequent infection of Cascade in the offices of IBM Belgium led to IBM responding with its own antivirus product development. Prior to this, antivirus solutions developed at IBM were intended for staff use only.
* October: The Jerusalem virus, part of the (at that time unknown) Suriv family, is detected in the city of Jerusalem. Jerusalem destroys all executable files on infected machines upon every occurrence of Friday the 13th (except Friday 13 November 1987 making its first trigger date May 13, 1988). Jerusalem caused a worldwide epidemic in 1988.
* November: The SCA virus, a boot sector virus for Amigas appears, immediately creating a pandemic virus-writer storm. A short time later, SCA releases another, considerably more destructive virus, the Byte Bandit.
* December: Christmas Tree EXEC was the first widely disruptive replicating network program, which paralysed several international computer networks in December 1987.

1988

* June: The Festering Hate Apple ProDOS virus spreads from underground pirate BBS systems and starts infecting mainstream networks.
* November 2: The Morris worm, created by Robert Tappan Morris, infects DEC VAX and Sun machines running BSD UNIX connected to the Internet, and becomes the first worm to spread extensively "in the wild", and one of the first well-known programs exploiting buffer overrun vulnerabilities.

1989

* October 1989: Ghostball, the first multipartite virus, is discovered by Friðrik Skúlason.

1990-1999
1990

* Mark Washburn working on an analysis of the Vienna and Cascade viruses with Ralf Burger develops the first family of polymorphic virus: the Chameleon family. Chameleon series debuted with the release of 1260.

1992

* Michelangelo was expected to create a digital apocalypse on March 6, with millions of computers having their information wiped according to mass media hysteria surrounding the virus. Later assessments of the damage showed the aftermath to be minimal.[citation needed]
1993

* "Leandro & Kelly" and "Freddy Krueger" spread quickly due to popularity of BBS and shareware distribution.[citation needed]

1995

* The "Concept virus", the first Macro virus, is created which attacked Microsoft Word documents.[citation needed]

1996

* "Ply" - DOS 16-bit based complicated polymorphic virus appeared with built-in permutation engine.

1998

* June 2: The first version of the CIH virus appears.

1999

* Jan 20: The Happy99 worm invisibly attached itself to emails. Displayed fireworks to hide changes being made and wished you a happy new year. Modified system files related to Outlook Express and Internet Explorer on Windows 95 and Windows 98.
* March 26: The Melissa worm is released, targeting Microsoft Word and Outlook-based systems, and creating considerable network traffic.
* June 6: The ExploreZip worm, which destroys Microsoft Office documents, is first detected.
* December 16: Sub7, or SubSeven, is the name of a popular backdoor program. It is mainly used for causing mischief, such as hiding the computer cursor, changing system settings or loading up pornographic websites. However, it can also be used for more serious criminal applications, such as stealing credit card details with a keystroke logger.

2000 ---2009
2000

* May: The ILOVEYOU worm appears. As of 2004[update] this was the most costly virus to businesses, causing upwards of 5.5 to 10 billion dollars in damage. The backdoor trojan to the worm, Barok, was created by Filipino programmer Onel de Guzman; it is not known who created the attack vector or who (inadvertently?) unleashed it; de Guzman himself denies being behind the outbreak although he suggests he may have been duped by someone using his own Barok code as a payload.

2001

* February 11: The Anna Kournikova virus hits e-mail servers hard by sending e-mail to contacts in the Microsoft Outlook addressbook. The creator of it, a Dutchman so-called OnTheFly, has been sentenced to 150 hours of community service.
* May 8: The Sadmind worm spreads by exploiting holes in both Sun Solaris and Microsoft IIS.
* July: The Sircam worm is released, spreading through Microsoft systems via e-mail and unprotected network shares.
* July 13: The Code Red worm attacking the Index Server ISAPI Extension in Microsoft Internet Information Services is released.
* August 4: A complete re-write of the Code Red worm, Code Red II begins aggressively spreading onto Microsoft systems, primarily in China.
* September 18: The Nimda worm is discovered and spreads through a variety of means including vulnerabilities in Microsoft Windows and backdoors left by Code Red II and Sadmind worm.
* October 26: The Klez worm is first identified.
2002

* Beast is a windows based backdoor trojan horse, more commonly known in the underground cracker community as a RAT (Remote Administration Tool). It is capable of infecting almost all Windows OS i.e. 95 through XP. Written in Delphi and Released first by its author Tataye in 2002, its most current version was released October 3, 2004
* August 30: Optix Pro is a configurable remote access tool or Trojan, similar to SubSeven or BO2K.

2003

* January 24: The SQL slammer worm, aka Sapphire worm, Helkern and other names, attacks vulnerabilities in Microsoft SQL Server and MSDE and causes widespread problems on the Internet.
* April 2: Graybird is a Trojan also known as Backdoor.Graybird.
* June 13: ProRat is a Turkish-made Microsoft Windows based backdoor trojan horse, more commonly known as a RAT (Remote Administration Tool).
* August 12: The Blaster worm, aka the Lovesan worm, rapidly spreads by exploiting a vulnerability in system services present on Windows computers.
* August 18: The Welchia (Nachi) worm is discovered. The worm tries to remove the blaster worm and patch Windows.
* August 19: The Sobig worm (technically the Sobig.F worm) spreads rapidly through Microsoft systems via mail and network shares.
* October 24: The Sober worm is first seen on Microsoft systems and maintains its presence until 2005 with many new variants. The simultaneous attacks on network weakpoints by the Blaster and Sobig worms cause massive amounts of damage.
2004

* Late January: MyDoom emerges, and currently holds the record for the fastest-spreading mass mailer worm.
* March 19: The Witty worm is a record-breaking worm in many regards. It exploited holes in several Internet Security Systems (ISS) products. It was the fastest disclosure to worm, it was the first internet worm to carry a destructive payload and it spread rapidly using a pre-populated list of ground-zero hosts.
* May 1: The Sasser worm emerges by exploiting a vulnerability in LSASS and causes problems in networks, while removing MyDoom and Bagle variants, even interrupting business.
* August 16: Nuclear RAT (short for Nuclear Remote Administration Tool) is a backdoor Trojan Horse that infects Windows NT family systems (Windows 2000, XP, 2003).
* August 20: Vundo, or the Vundo Trojan (also known as Virtumonde or Virtumondo and sometimes referred to as MS Juan) is a Trojan Horse that is known to cause popups and advertising for rogue antispyware programs, and sporadically other misbehavior including performance degradation and denial of service with some websites including Google and Facebook.[18]
* October 12, 2004: Bifrost, also known as Bifrose, is a backdoor trojan which can infect Windows 95 through Vista. Bifrost uses the typical server, server builder, and client backdoor program configuration to allow a remote attack.
* December: Santy, the first known "webworm" is launched. It exploited a vulnerability in phpBB and used Google in order to find new targets. It infected around 40000 sites before Google filtered the search query used by the worm, preventing it from spreading.
2005

* August 16: The Zotob worm and several variations of malware are discovered on Microsoft systems. The effect was overblown because several United States media outlets were infected.[citation needed]
* October 13: The Samy XSS worm becomes the fastest spreading virus by some definitions as of 2006[update].
* Late 2005: The Zlob Trojan, also known as Trojan.Zlob, is a trojan horse which masquerades as a required video codec in the form of ActiveX. It was first detected in late 2005.[20]
* 2005: Bandook or Bandook Rat (Bandook Remote Administration Tool) is a backdoor trojan horse that infects the Windows family. It uses a server creator, a client and a server to take control over the remote computer. It uses process hijacking / Kernel Patching to bypass the firewall, and allow the server component to hijack processes and gain rights for accessing the Internet.
2006

* January 20: The Nyxem worm was discovered. It spread by mass-mailing. Its payload, which activates on the third of every month, starting on February 3, attempts to disable security-related and file sharing software, and destroy files of certain types, such as Microsoft Office files.
* February 16: discovery of the first-ever malware for Mac OS X, a low-threat trojan-horse known as OSX/Leap-A or OSX/Oompa-A, is announced.
* Late September: Stration or Warezov worm first discovered.

2007

* January 17: Storm Worm identified as a fast spreading email spamming threat to Microsoft systems. It begins gathering infected computers into the Storm botnet. By around June 30 it had infected 1.7 million computers, comprised between 1 and 10 million computers by September. Thought to have originated from Russia, it disguises itself as a news email containing a film about bogus news stories asking you to download the attachment which it claims is a film.
2008

* February 17: Mocmex is a trojan, which was found in a digital photo frame in February 2008. It was the first serious computer virus on a digital photo frame. The virus was traced back to a group in China.
* March 3: Torpig, also known as Sinowal and Mebroot, is a Trojan horse which affects Windows, turning off anti-virus applications. It allows others to access the computer, modifies data, steals confidential information (such as user passwords and other sensitive data) and installs more malware on the victim's computer.
* May 6: Rustock.C, a hitherto-rumoured spambot-type malware with advanced rootkit capabilities, was announced to have been detected on Microsoft systems and analyzed, having been in the wild and undetected since October 2007 at the very least.
* July 6: Bohmini.A is a configurable remote access tool or trojan that exploits security flaws in Adobe Flash 9.0.115 with Internet Explorer 7.0 and Firefox 2.0 under Windows XP SP2.
* July 31: The Koobface computer worm targets users of Facebook and Myspace.
* November 21: Computer worm Conficker infects anywhere from 9 to 15 million Microsoft server systems running everything from Windows 2000 to the Windows 7 Beta. The French Navy, UK Ministry of Defence (including Royal Navy warships and submarines) Sheffield Hospital network,[28] German Bundeswehr and Norwegian Police were all affected. Microsoft sets a bounty of $250,000 USD for information leading to the capture of the worm's author(s). Five main variants of the Conficker worm are known and have been dubbed Conficker A, B, C, D and E. They were discovered 21 November 2008, 29 December 2008, 20 February 2009, 4 March 2009 and 7 April 2009, respectively.

2009

* July 4: The July 2009 cyber attacks occur and the emergence of the W32.Dozor attack the United States and South Korea.

Fighting off Viruses:----kbsmp

How to Protect Your Computer Fortunately, protecting your computer against the latest viruses is much easier with the improvements that have been made in antivirus software programs. Antivirus software is an integral part of a computer's defense against malicious software, such as viruses and bad programs. This software can help to defend your computer against viruses, which can enter your system through e-mail, servers, or by simply surfing the internet. This software also provides a centralized control feature, to deal with deploying, updating, and configuring your settings. Every computer user should carefully follow a simple procedure to protect them against virus threats:

1. Examine your computer's existing security system.Because these new viruses can infiltrate your system in so many different ways, you'll need a number of different antivirus programs to combat them all. Computer users need to be absolutely sure that all parts of their systems, including areas such as connectivity services, are secure. For the best security system, you'd want a comprehensive system that has features like antivirus protection, a firewall, content filtering, and intrusion detection. The virus will have a harder time getting into your computer with this type of system working and fighting for you.

2. Never install antivirus software, unless you are sure it comes directly from a reputable source. It is vitally important for you to update your antivirus software regularly so that you are protected against the viruses that are unleashed on a daily basis. Learn how to use the real-time scan feature, and set it up to start each time you start your computer. This will give your computer automatic protection, scanning it each time you turn it on.

3. As a general practice, scan every new program or file even if it comes from a source you consider trustworthy. If you received binary, Word or Excel documents from an unknown source, especially via online chat or as an email attachment, exercise extreme caution when attempting to open them. 4. Schedule and perform regular system backups to ensure that you do not lose any vital data due to a possible system corruption. There may be no other option for recovering your information if your system is compromised.

5. Recommended Antivirus Software: There are a number of antivirus software applications available today. You can identify the best program for your needs, if you just do a bit of research. Often you can download a trial version of the program so that you can try it out. But keep in mind that uninstalling some anti-virus programs can prove to be difficult. To be on the safe side, it is a good idea to establish a System Restore point prior to installation. The following programs are notable for their affordability, support services, effectiveness, and intuitive interfaces.

6. By giving you long-term support and downloadable updates, the Shield Pro 2005 ™ can deliver comprehensive protection against viruses and hackers. When a virus does hit your computer, the Shield Pro 2005 ™ will make sure that you have a patch for it in three hours, and a complete fix within five hours. Your computer can be set up to update virus definitions each week, and then it will run a complete scan with the new definitions.

7. One program, BitDefender 9 Standard, defends your computer by protecting its interaction with other computers, through its Peer-2-Peer and e-mail defense mechanisms, as well as virtual environment heuristics. This offers extra security against newly-released viruses, by scanning for pieces of code that do not match any released virus signature, but are nonetheless malicious.

8. Kaspersky Anti-Virus Personal 5.0 program is easy to set up and navigate. Three levels of protection are available for the user to select from. It can be set to update as often as once per hour, but is guaranteed not to disrupt your computer. You will also get two-tier email protection and 24 hour technical support, with this program.

9. PC-cillin Internet Security protects the user from viruses and other dangers that abound on the web, including worms, hackers, and Trojans. Spyware is detected, removed and spam is blocked. It also protects you from identity theft since it blocks phishing and pharming attempts.

10. AVG Anti-virus Free Edition, a free downloadable antivirus program, received praise for reliability. Previously, free readily available anti-virus programs have been viewed as unreliable. However, one of the best free anti-virus programs is Grisoft's AVG. Though AVG isn't available for servers it is still a reasonable selection for home computer users. You can try it for free, and you have no obligation to buy anything!

Five rules for protecting Windows with antivirus software

Good antivirus software is a critical part of any Microsoft Windows system that communicates with other computers, particularly if it is connected to the Internet and deals with browser, email, or instant messenger traffic. It seems like everybody has his or her favorite antivirus solution and it is different from everyone else’s. For personal desktop systems, however, there are some rules of thumb that seem to be fairly universal among security experts:
  1. Install your AV software before connecting to the Internet. Any MS Windows computer should have antivirus software installed before connecting to the Internet. I have seen malware insinuate itself onto a computer in less time than it took to download antivirus software to use on the computer. If you have not seen that, and you use that as evidence you do not need to worry about antivirus until after you have opened a browser and navigated to a Website where you can download AV software, you are just playing Russian roulette with your computer’s security.
  2. Don’t use default AV software. Norton and McAfee, once among the most trusted brands for home antivirus, have taken significant damage to their reputations. These days, most home desktop security experts recommend that any computer that comes with either of these brands of antivirus software get something else installed instead, as quickly as possible. Regardless of what you think of Trend Micro’s enterprise antivirus offerings, the free AV software from Trend Micro that comes with some new computers has never been regarded by many as good enough on its own. In general, the “free” antivirus software you get with your computer will come from a big-name vendor that has more money for marketing than any of the others, and is not the best option for your purposes.
  3. Get AV with a real-time scanner. You need an on-access, real-time scanner to ensure that some of the most common infection vectors for viruses and worms are checked “live”, to prevent an infection from spreading when your computer first encounters the virus or worm. Real-time scanning can be a real burden on system performance, and there may be times when you will want to turn it off to get your performance back, but be very careful about that. Browsing the Web and checking email are not the times to turn off your antivirus real-time scanner for extra performance.
  4. Perform regular full-system scans. A real-time scanner is not enough. You should also make sure you perform full-system scans often, and automate the process with a scheduled nightly scan if possible. Real-time scanners only detect an incoming virus before it infects your system if it happens to pass through a point of access that the scanner can effectively protect, and even then sometimes something might get through before there is a virus signature available for your AV software.
  5. Don’t use two AV programs. Using two antivirus programs at the same time is just asking for trouble. Whether it is because their real-time scanners fight over access and between the two of them can slow your computer to a crawl, or because one might misidentify virus signature files maintained by the other as actual virus infections, many problems can crop up that make using two desktop antivirus applications effectively incompatible with each other.

Internet Viruses Can Target Your Computer

No matter who you talk to, everyone has either had a computer virus or knows of someone who has gone through the agony of trying to get rid of the problem. Computer viruses are a hot topic that seem to affect everyone who owns a computer system, whether at work or at home.

The companies that produce software programs that catch and delete these computer viruses are constantly updating their databases for virus types and definitions so that they can better protect your system against all the newest viruses. Creating virus protection programs is a multi-billion dollar business that is growing more and more everyday.

The number of viruses being created and uploaded to the Internet is growing at an astounding rate of a new one every eighteen seconds! This definitely keeps the virus protection companies on their toes with research and development.

Because these viruses copy themselves to any computer system they come in contact with, the spread of viruses throughout a computer network or the Internet is a very fast and deadly thing to happen to your computer. Because computer viruses are a hot topic, they routinely are the subject of magazine articles and forum topics online. While some viruses do nothing more than frustrate you with pop-up ads or other messages, others are completely malicious and set out from the start to destroy the files and operating systems of your computer.

Of the 53,000 viruses that have been identified and classed, more than 80 percent of them have been classed as malicious and capable of harming your computer system or data files. These computer viruses behave in much the same way as biological viruses by contaminating any computer systems they come in contact with. These self-executing programs are generally very small and work at damaging the way your computer works or by damaging or completely removing key system files.

When computer viruses are a hot topic, more and more people find out about the destructive power of these programs. In this way a great many people find out about virus protection programs and rush out to get the newest protection programs or they ensure that their computer virus protection is up to date. Many magazine and news articles about computer viruses have the effect of sometimes panicking people into believing that their computers are at risk. Having a good anti-virus program and current updates is one of the best ways to protect your computer system against virus attacks.

This must also be coupled with good file habits such as scanning all downloaded files with the anti-virus program before opening them. It is always a good idea to take the time to ensure that the file you thought you were downloading is indeed the file you have. For instance, a file that labels itself as a movie file and is less than one megabyte in size is not a movie file. Movie files are generally nearly a thousand times that size and therefore, the file you have downloaded is most likely not a movie file and may in fact be a computer virus.

Computer viruses are a hot topic at the office when a virus attack manages to get past protection protocols put in place by the network administrators. All it takes is one person allowing some executable files they have been sent to open and start replicating itself through the network of computers to make life Hell for that company. Virus attacks can cripple office systems very quickly resulting in lost revenue and consumer confidence which can affect the way that stocks in that company are traded resulting in even further financial losses. That is why it is so important for larger businesses to have comprehensive computer virus protection programs in place.

These virus programs are much more detailed and powerful than the anti-virus programs that many consumers have protecting their computer systems. Because the fallout from a virus attack is much more financially damaging to a large corporation, the virus protection program needs to be much more robust and capable of protecting multiple systems within the corporation. Computer viruses are a hot topic among businesses simply because of the way that they can affect the company financially.

Firewall Protection - Why You Need It?

If your house has an alarm system, surveillance cameras, or any type of security equipment to prevent burglars, then you can compare it to a firewall. A firewall will monitor and limit connections to your computer from the internet and other users. A computer without a firewall is defenseless, and makes it easier for hackers or unwanted programs to invade your computer. There are two types of firewalls, hardware or software.

Routers are devices that act as hardware firewalls. They prevent other users and unwanted software from entering your network. Routers are not only great for firewalls, but also can be used for sharing and connecting computers to a network. Some people use Network Address Translation (NAT) routers as firewalls, even though NAT routers primary purpose is to share an internet connection with local computers. If you do not have a router firewall, you can use a software firewall that will do the job.

There are many software firewalls out there, but only a few are free. Most of the software firewalls are shareware, trials or subscription. Some free versions only have some features and if you want the full package, you will need to pay. Window XP comes with a decent firewall, but you need to make sure you have Service Pack 2 and the latest updates installed.

You can check to see if your Windows XP firewall is running by clicking Start / Control Panel / Windows Firewall, or another way is My Computer / Control Panel / Network Connections / Right click your "Local Area Network" and click properties / Click on the Advance tab then click Settings. You can click to turn your windows firewall on or off.

Software firewalls can be very complex as they contain several features. Some of the features are antivirus and antispyware, program control, e-mail protection and privacy control. These features help boost your protection for your computer, since a firewall alone cannot do everything. A disadvantage of having a software firewall instead of a hardware firewall is that it will use your computer's resources to function. Make sure you have enough memory to prevent your system from crashing. Software firewalls can manage inbound and outbound traffic by placing policies or rules. These policies will allow or reject your programs from accessing the internet, and prevent any unwanted internet programs from invading your computer. These policies are at the owners control and may change any setting as they wish.

Firewalls may give the user increased security by protecting your computer from hackers, as opposed to having no firewall. Hackers will try anything to get into your computer by searching through your computer's ports. Your computer has many ports. They are used to connect to the internet, but sometimes they are left open. Hackers can send a virus or spyware to these ports, and take control of your computer. To prevent this from happening, a firewall will make sure all unused ports are closed.

If you plan to access the internet without a firewall, it is like putting your hand in a beehive. The risk of you being stung are high, and it is the same risk for your computer to be hacked. Without a firewall your ports will be opened, and make it vulnerable for hackers. Therefore, choose a proper firewall that suits your needs

11 Ways to Prevent Computer Viruses

It doesn’t matter if you’ve been on the Internet for five minutes or five years, you’ve probably thought about ways in which you can prevent a computer virus from entering your machine. A virus can compromise your personal information and even destroy your computer completely. Luckily, there are many low cost things you can do to protect yourself and stay one step ahead of the hackers. Here are 11 things you can do to help prevent computer viruses from invading your computer.

1. Install a reliable anti virus program – From the first moment you turn your computer on, you should have a trusted anti virus program by your side. Even if you have a machine that isn’t hooked up to the Internet, a reliable anti virus program is a low cost and common sense addition to any machine. There are even free anti virus programs you can download that work almost as well as industry giants like Norton and McAfee.

2. Install anti-spyware and anti-malware programs – As good as the best anti virus programs are, they sometimes need a little bit of help. Thankfully, many of the top anti-spyware programs are completely free. Spybot Search and Destroy and CCleaner are just two free programs that can help prevent computer viruses from doing any damage on your machine. As helpful as these programs are, however, you must update them and run them on a regular basis for them to do any good.

3. Avoid suspicious websites – A good virus protection program will alert you when you visit a website that attempts to install or run a program on your computer. Many less than reputable adult websites do this, so if you get a warning, don’t go back, you may end up with a bug you can’t get rid of.

4. Never Open Email Attachments Without Scanning Them First – The most common way viruses are spread throughout the Internet is still via email. Some attachments, like pictures, now display in emails and don’t require an attachment to be manually opened, but other documents do. Make sure you use an email client that scans all email attachments before you are allowed to open them. This will help prevent computer viruses from getting a foothold on your machine.

5. Set up Automatic Scans – Many of the top anti virus programs, as well as the best anti-spyware programs, now have settings that will let them automatically run during down times or in the middle of the night. Of course, your computer must be on for this to happen, but having daily scans run when nothing else is going on is a great way to prevent even the latest computer viruses from sticking around too long.

6. Watch Your Downloads – Part of the fun of the Internet is downloading music, movies and other items. However, since these downloads are so massive, it can be easy to sneak a virus along for the ride. Only download these files from trusted sites that you can count on, or, at the very least, scan them before you open them.

7. Updates, Updates, Updates – There is a reason why Windows has a feature called Critical Updates. There is an entire branch of Microsoft dedicated to staying one step ahead of the hackers out there so when they manage to fix a possible security loophole, you need to download the patch right away. Help Microsoft help you prevent computer viruses from causing too much trouble.

8. Know What To Look For – Even if you are just a casual computer user, you should have an idea of how your machine operates, what normal pop up windows look like and what popular viruses are out there, that way, when your computer begins exhibiting tell tale signs, you’ll know. You can help prevent computer viruses by staying updated and educated.

9. Stay Away From Cracked Software – It is so secret that you can download illegal, cracked versions of some programs online. As tempting as it may be, these files are almost always infested with advanced and difficult to detect bugs. Play it safe and get your software from the source.

10. Install a Firewall – A firewall is a program that screens incoming Internet and network traffic. Along with your virus program, it can help prevent unauthorized access to your computer.

11. Be prepared to Lock Down – If you hear of a virus that is spreading like wildfire through the Internet, make an extra effort to be careful. Don’t open any suspicious emails or accept any downloads for a week or two until your virus protection program has been updated and you are, once again, safe.

Internet Viruses Can Target Your Computer

No matter who you talk to, everyone has either had a computer virus or knows of someone who has gone through the agony of trying to get rid of the problem. Computer viruses are a hot topic that seem to affect everyone who owns a computer system, whether at work or at home.

The companies that produce software programs that catch and delete these computer viruses are constantly updating their databases for virus types and definitions so that they can better protect your system against all the newest viruses. Creating virus protection programs is a multi-billion dollar business that is growing more and more everyday.

The number of viruses being created and uploaded to the Internet is growing at an astounding rate of a new one every eighteen seconds! This definitely keeps the virus protection companies on their toes with research and development.

Because these viruses copy themselves to any computer system they come in contact with, the spread of viruses throughout a computer network or the Internet is a very fast and deadly thing to happen to your computer. Because computer viruses are a hot topic, they routinely are the subject of magazine articles and forum topics online. While some viruses do nothing more than frustrate you with pop-up ads or other messages, others are completely malicious and set out from the start to destroy the files and operating systems of your computer.

Of the 53,000 viruses that have been identified and classed, more than 80 percent of them have been classed as malicious and capable of harming your computer system or data files. These computer viruses behave in much the same way as biological viruses by contaminating any computer systems they come in contact with. These self-executing programs are generally very small and work at damaging the way your computer works or by damaging or completely removing key system files.

When computer viruses are a hot topic, more and more people find out about the destructive power of these programs. In this way a great many people find out about virus protection programs and rush out to get the newest protection programs or they ensure that their computer virus protection is up to date. Many magazine and news articles about computer viruses have the effect of sometimes panicking people into believing that their computers are at risk. Having a good anti-virus program and current updates is one of the best ways to protect your computer system against virus attacks.

This must also be coupled with good file habits such as scanning all downloaded files with the anti-virus program before opening them. It is always a good idea to take the time to ensure that the file you thought you were downloading is indeed the file you have. For instance, a file that labels itself as a movie file and is less than one megabyte in size is not a movie file. Movie files are generally nearly a thousand times that size and therefore, the file you have downloaded is most likely not a movie file and may in fact be a computer virus.

Computer viruses are a hot topic at the office when a virus attack manages to get past protection protocols put in place by the network administrators. All it takes is one person allowing some executable files they have been sent to open and start replicating itself through the network of computers to make life Hell for that company. Virus attacks can cripple office systems very quickly resulting in lost revenue and consumer confidence which can affect the way that stocks in that company are traded resulting in even further financial losses. That is why it is so important for larger businesses to have comprehensive computer virus protection programs in place.

These virus programs are much more detailed and powerful than the anti-virus programs that many consumers have protecting their computer systems. Because the fallout from a virus attack is much more financially damaging to a large corporation, the virus protection program needs to be much more robust and capable of protecting multiple systems within the corporation. Computer viruses are a hot topic among businesses simply because of the way that they can affect the company financially.

Is Free Antivirus Software Worth It?

If you are planning on hooking up your computer to a network or to the Internet, an anti virus protection program is an absolute must. Along with a firewall, these two programs are the only real line of defense you have against hackers, viruses and other problems that can plague Internet users.

The world of anti virus software is divided up into two main categories: programs that you pay for, such as BitDefender and Kaspersky and ones you can download for free. While having free anti virus software is significantly better than no protection at all, the time tested versions like BitDefender and Kaspersky are better in every respect. Let’s take a look at just a few of the ways in which store-bought virus protection is superior to free anti virus software.

When it comes to solid anti virus protection, the key lies in the support that backs the program up, and no one has better support than industry leaders like BitDefender and Kaspersky. They have huge staffs that work year round refining and updating their product so that users are always safe and sound from hackers and viruses. Although the free anti virus software that is available for download does an admirable job trying to keep the public safe, it simply doesn’t have the manpower or the resources behind it to provide the continually updated protection an avid Internet user needs. Again, the protection provided is better than nothing, but you should go with the store bought versions if you can.

Along with more regular updates, programs like BitDefender and Kaspersky can afford to provide around the clock tech support to help you if your computer should become infected. As hard as the free programs out there try, the best you can expect is an email response to your problem in a day or two, and that’s a best case outcome. Many free anti virus software programs don’t offer any tech support at all. It is up to you, the user, to figure out what to do. Even if you consider yourself a computer expert, chances are, at one time or another, you are going to run into a problem you need help with and if you go with one of the major free anti virus software programs, you won’t be able to get any help at all.

Finally, most free anti virus software programs are extremely slow when it comes to scanning your computer and fixing problems it finds. One of the major knocks against Norton Anti Virus, probably the most popular anti virus program on the market today, is that the system scans were too slow. Thankfully, this problem has been fixed Norton now performs better than it used to (depending upon the speed of the computer it it running on of course). Most of the free anti virus software programs out there, on the other hand, are not. In addition, many of these free programs are also resource hogs that eat up your free memory so that you can’t really do much else while it is running.

When you compare the two products side by side, it is easy to see that store bought anti virus programs are far superior to their free counterparts. That is not to say that traditional powerhouses like Norton and McAfee are inexpensive or without flaw, but if you are serious about keeping your new computer safe and sound, there really is no other way to go.

What are XP and Vista Rootkits?

With every new year comes a new batch of malicious computer viruses for us to all be aware of. One of the most common types of viruses are known as XP and Vista rootkits. These viruses allow a third party user to take control of your computer. They can either edit or embed themselves in your operating system and allow someone else to become the root user, or the administrator of your computer. This gives them the ability to look for personal information such as credit card numbers or it can allow them to haphazardly delete information you need. Let’s take a closer look at what rootkits are, how you may end up with one and how to get rid of one once you have it.

The origins of XP and Vista rootkits are somewhat unknown. It is thought that these programs came from the designers of the operating systems themselves. They were used as a way for tech support people to gain remote access over computers that needed help. Even today’s XP and Vista machines come with a program that, with administrative access, can give control of your entire computer to another person at a remote location. It was once these programs became hacked that rootkits started to cause problems.

Rootkits can be acquired in any number of ways. The most popular form of transmission is still via email. The virus can be attached to an email or embedded in an otherwise normal attachment. Windows rootkits are also commonly transmitted throughout the Internet and can be installed on computers that don’t use firewalls. Hackers can use programs that search online networks for computers that are vulnerable. This is why it is so important to always have up to date firewall and anti virus programs on your machine at all times.

One of the most common places that XP and Vista rootkits hide themselves is in firmware. Firmware is the software that peripherals that you attach to your computer use to operate. Once in a while, firmware updates will become available for items like your router or your video card or sound card. If these files are infected, it can be extremely difficult to remove the bug since most virus programs don’t bother scanning firmware. In the future, never download firmware updates for any of your peripherals from any third party sites. Either download the updates from the manufacturer’s website or from the website of your computer’s manufacturer.

Removing XP and Vista rootkits isn’t as difficult as it sounds, assuming your computer is prepared. You should always have up to date anti virus software installed and running at all times. Shutting down your anti virus programs, even for a moment, can open your machine up to an attack. The same goes for your firewall. In most cases, these programs should detect rootkits as they are installed so you can authorize your virus protection to fix the problem.

Be Aware of Phishing Scams

surf the web, purchase products over the web or use the many financial services offered by your credit card company, bank and even Paypal and Ebay, then you should be aware of Phishing scams and how they can affect you personally.

Phishing scams is when hackers or criminals masquerade as a legitimate entities in order to steal sensitive information such as credit card numbers, social security numbers, etc to commit fraud. Phishing scams are numerous on the web and can affect almost anyone. Here are some tips to easily spot phishing scams and what to do if you think your information has been compromised.

How to Spot Phishing Scams A vast majority of phishing scams come in the form of email. Emails are sent to possibly millions of people stating that they are from a legitimate entity such as American Express, Chase Bank, Ebay, Paypal, etc. The email itself looks very convincing (in fact, it is usually an exact copy of official emails sent). Within the email it will usually state that your account information is not up to date and not updating this information could jeopardize your account. It will usually give you a hyperlink to click on to update your account information which will usually ask you for your full name, address, social security number and account number. Once you have given all your sensitive information to this web site, the hacker or criminal organization can now use this info to make purchase online using your credit card information, open up loans using your info and literally steal money from your bank account.

Three ways to spot phishing scams are to make sure that the email is addressed directly to you. Inside the email itself, it should state your full name. If it says "Dear member" or "Dear customer" it probably is a phishing scam. Secondly, the email that you receive the message should be the one that you have given to the company. If you have five email address and use only one email address for all your finance related business, any emails you receive on your other email addresses are probably phishing scams. Thirdly, the vast majority of financial companies will never ask you for your account information or other sensitive info through an email.

An Easy Way to Thwart All Phishing Scams Whether you think an email is legitimate or not, never click on any hyperlink within the email, instead, simply open up a new browser window, type in the financial company's address and log into your account. If your account requires any kind of update, it will state it. Usually, most companies will send you a letter in the mail or call you directly if there is some kind of issue.

HOW TO DETERMINE FAKE MAIL OR FISHING MAIL

Find the link they are trying to get you to click, without clicking on the link highlight over it, and look in the lower left hand corner of the email window. It should show a URL. If the URL does not begin with:

http://www.[domain].com

...where [domain] is the domain of company in which the email is about. So in this example, paypal is the domain - so the URL must begin with http://www.paypal.com. If it has anything else after the http://. IT IS A SCAM! Do not even click it.

Some email programs will not show the URL in the lower left of the window, so you can either take a chance and click the link, hoping that it's not linking to a virus script or play it safe and install antivirus software. Most popular antivirus programs have anti-phishing capabilities built in to detect these sites for you and warn you in advance. If you want to see who we recommend for antivirus software,

Be careful when you receive any email that talks about your account or recent security issues. Also, these scams usually imitate large, popular sites such as Paypal, Ebay, some large banks, etc... If you ever fall for one of these scams, and someone gets ahold of your account information, you could have some major headaches down the road.