Monday, October 13, 2008

Responding to the Spam Warning Emails from Family & Friends

So, my mom forwarded me an email message warning of some virus ridden email making the rounds. To try and inform her that she was sending SPAM and to try and inform her about other areas of important computer security, I sent her an email similar to what you find below. Feel free to use this information (or any part thereof) to inform and educate others.Please do not forward the type of message you just forwarded. Here is some advice from a computer professional regarding warning emails and more importantly general computer security.
If a friend sends you an email warning of some scary email (scam/phishing or virus) asking you to pass their email on to everyone you know then send your friend this message and empower them with knowledge, and do not email everyone you know as most people consider this ‘warning’ email SPAM (a Stupid, Pointless and Annoying Message).

  1. Always keep your computer's Operating System and Applications up to date. All good programmers know that no code is perfect, so most software companies set aside resources to repair their code as bugs are uncovered. Most viruses attack known security weaknesses. While the bad guys are trying to exploit the weakness the good people at Microsoft and Apple (and most other software companies) are repairing those weaknesses and then issuing patches to fix your software. But, you only get those updates when you update your software, so remember to update.


    1. If you want to know how secure or how insecure your operating system and/or applications are then check Secunia Advisories http://secunia.com/advisories.

    2. If you are interested in the 10 Most Destructive PC Viruses of All Time, check out http://www.techweb.com/showArticle.jhtml?articleID=160200005#.

    3. The SQL Slammer worm virus attacked SQL servers worldwide on January 26, 2003, the technical community was aware of the vulnerability six months prior to the attack and Microsoft issued a fix three months prior to the attack. If you were a system administrator, would your systems be open to attack or would you have patched them?


  2. Have a good firewall/router installed between your internet connection and your computer(s); expect to pay at least $120 at a computer store for a quality simple/home firewall. A firewall will protect your computer from being directly attacked from the outside. And, don’t forget to keep it updated with the latest firmware too.

  3. Use genuine software, counterfeit software often contains key-loggers and other malware that help thieves steal your identity. Microsoft has some good information and real stories of counterfeit software http://www.microsoft.com/genuine/downloads/Stories.aspx.

  4. If a browser pop-up comes up while browsing the internet warning you your computer has been infected know that someone is trying to socially engineer you into installing malware (software with bad intent) or get enough information to steal your identity.


    1. Despite the columnists’ dislike of Microsoft’s Windows Vista, Vista is more secure than all of Microsoft’s previous Operating Systems. One way Vista is more secure is that it provides protection against this attack vector. Consider an upgrade.

    2. Here is an in-depth report on Cybercrime, http://www.mcafee.com/us/research/mcafee_security_journal/index.html.


  5. Use an email service that scans your email for viruses, SPAM and phishing. Many email providers check email messages for SPAM, Phishing & Viruses before the message even touches your computer.

  6. On your computer, use software that scans for SPAM and viruses, most professionals prefer AVG, Nod32 and TrendMicro:


    1. http://www.avg.com/home-and-office-security?type=ps3925e

    2. http://www.eset.com/smartsecurity

    3. http://emea.trendmicro.com/emea/products/personal/internet-security-pro/index.html


  7. Be informed, read up on safe email practices like these Tips to Avoid SPAM http://www.mcafee.com/us/threat_center/anti_spam/spam_tips.html.


    1. The Top 10 SPAM Subject Lines can be found http://www.mcafee.com/us/threat_center/anti_spam/spam_top10.html


  8. Beyond Viruses, the real threats come from social engineering aka phishing.


    1. The Top 10 Phishing Scams can be found here http://www.mcafee.com/us/threat_center/anti_phishing/phishing_top10.html.


  9. If you suspect that your computer has a virus then you should consider calling a professional, if you just call the neighborhood’s geek instead of a professional your results may not be as desired.


    1. Microsoft has a search for professionals available in your area http://www.microsoft.com/smallbusiness/partner/vendorsearch.mspx.

    2. Apple has a search for their certified consultants http://consultants.apple.com/consultant/search.html.


  10. If you must work on your own computer (PC) then some of the tools to use can be found http://us.trendmicro.com/us/products/personal/free-tools-and-services/index.html.

2 comments:

Anonymous said...

A virus does not ask you to send it to all your friends (generally) since it can do that by it self.
I wrote a blog about Where
does spam come from? and am I getting spam? here


Thank's

Tim Carney said...

I agree psman, viruses can send themselves; but, I suggest you read my post. I wrote about SPAM (not a virus) from family & friends warning about some peril (ie: a Virus or Phishing email making the rounds). My mom just forwarded an email from a friend that was a forward from one of their friends. I label her message to me as SPAM since I see this forwarded message as a Stupid Pointless and Annoying Message. I sent her the email stressing prevention and education because her (and many of her friends) don't know any better.