Thanks for being a Loyal
This Newsletter is sent out periodically,
but only to those people who have
registered for the Security Alert and Report Alert Services from one or more of the websites
published and maintained by
www.RichardPresents.com. If you are
no longer interested in up-to-date Security Alerts, use the link at the end of
this letter to un-register.
|Here's your "Security Alert News Reporter"
for August, 2004
is published to keep you up-to-date on the latest
gather for avoiding and surviving the hectic hacker attacks
on your computer
security and personal identity that take place constantly
internet. Many of our comments are based on personal experiences.
your safety, security, and privacy is not a simple task.
We are trying to make it a bit easier for you to accomplish.
Latest Virus Threats
August 22, 2004 by McAfee:
Full descriptions including virus characteristics, symptoms, aliases
and removal instructions are available by clicking on each of these
Another new and potentially dangerous trend, one that appears to be
the joining of forces of virus writers and spammers, has been reported
by the Security Group 'MessageLabs', of New York. MessageLabs scans
more than 50 million customer emails daily for their clients.
They found that 1 in 12 of these emails contained some type of virus
that could penetrate the firewalls that were designed to stop them.
The results of this collaboration will be seen in much more
sophisticated viruses attached or hidden in emails by spammers.
Because there is so much more Free spam blocking software available,
spammers are hiring virus writers to write viruses that attach to
email messages and elude the spam blockers.
What does this mean to all of us ordinary internet users?
It certainly emphasizes the vital importance of maintaining our
computer operating systems, browser programs, firewall and anti-virus
software with the latest patches available. Ignoring update notices
that come from Microsoft, McAfee, Symantec, etc., is just downright
Consider these statistics compiled by the Internet Storm Center (ISC):
"on average, an unpatched Windows PC connected to the internet
for about 20 minutes before it is compromised by malicious
software (commonly called "malware")
The software scanning robots (bots) can scan anywhere from tens of
thousands to millions of internet address every day, looking for open
The flood of Spam on the internet and the spread of virus infected
email is at or near epidemic proportions.
What can we, the ordinary internet users do about it?
We can all help by spreading the word that the internet is not getting
safer -- that the virus creators are becoming
more vicious -- and that our personal security and survival
is becoming more endangered every time a new virus is released.
As individuals, we must be vigilant, adhere to all of the safe
practices, and above all, we must have firewalls, anti-virus and
malware detection software on our computers that is always kept
If you use MS Windows and Internet Explorer, be certain to take
advantage of the free Microsoft Update Service available for your
Windows operating systems. Since Internet Explorer holds a nearly 90
percent level of use among all Windows users, it is a gigantic, and
easy target for the virus writers of the world. Those downloadable
patches from Microsoft are absolutely essential as a part of your
internet security protection plan.
And to help your family, friends and associates avoid the rampant
spread of 'virus grief' -- direct them to newsletters and websites
like this, where the primary goal is to help our readers and visitors
maintain safe and secure computer systems without the threat of
identity theft, loss of valuable data, and personal compromises.
With that said, have you checked your computer for viruses over the past few days?
Do you have an up-to-date anti-virus scanner?
If you haven't updated and haven't
been infected by any of the MyDoom variations or Sasser yet, you're lucky. Update now. Try
the FREE scanning and removal tool available on the Firewalls and
Virus Protection website at
STINGER. It also checks for
40 other active viruses and worms
Look for the STINGER Icon
Please, If you get nothing else
we hope that you take heed of the importance of keeping your
security shields up to date!
Simply put -- Every Online Computer
Spyware/Malware detection (Malware is malicious ware)
Without these, you face the possibility of really serious virus
infestations that could cause loss of data, programs, records,
and even worse, the need to completely wipe your hard drives and
to reload your operating system.
Many authorities suggest replacing the Internet Explorer browser
altogether -- a formidable and frightening task for the average
We'll discuss some of the alternatives to IE in future issues.
In our last issue, we reported on the
we had with the CWS (Cool Web Search) hijacking worm.
It was just after clicking on a link for a special report
offered in one of the more recent newsletters to which we subscribed,
that a new browser window popped open with a very explicit
pornographic site that would not delete. Each attempt to remove it
opened more and more of these XXX pages, until finally, shutting down
the computer was the only way to get rid of them.
Tip: You can often stop this madness by
pressing the CONTROL + ALT + DELETE keys at the same time, then
selecting the offending link in the dialog box that opens and using
the End Task button to clear it.
And as we reported last month, these unwanted pages contained some
trojan horses which planted the most insidious virus we have ever
experienced - - that CWS hijacking worm.
The CWS worm does a lot of really nasty
It stopped our Internet Explorer from operating properly,
Our computer locked up time and time again and crashed
Browser links either disappeared or new ones
many other programs became unstable
and our computer slowed down to a crawl
If you experience similar problems with your computer, there's a good
chance that CWS or some other hijacking worm has been planted on it.
Be sure that your spysweeping software is up to date, as well as your
Firewalls and anti-virus programs..
Our up-to-date virus scanning programs could not find the worm.
We tried our spy searching programs like AdAware,
Search and Destroy,
. They did
find various bugs, but removing those bugs did not cure the problem with the
We got the most help after visiting the
SpywareInfo.com site at <http://www.spywareinfo.com/>
where we learned more about the worm that Hijacked our computer and was
wreaking havoc on the internet.
There are tools that will eventually clean CWS out of the machine:
'Hijack This' and 'CWSShredder' are the ones we tried,
and now we have
learned that the creators of the CWS worm have reprogrammed it so that
it disables even these tools and blocks access to updating them. With
over 50 variations of the CWS worms, these
malicious virus writers certainly seem to be playing hardball!
We have since tried other spy cleaning software and located one that
actually found another CWS variant still buried in our computer
XOFTSPY by Pareto Logic
(LINK) found the CWS variant - CWS.mrhop
Among the more recent spy searching programs that we've tested are:
and PAL Spyware Remover
(LINK). It seems that each of these programs can detect
certain bugs that the other programs miss. We have not yet found a
single program that finds and destroys all of the bugs.
(Each of these LINKS will take you to a
page where you can get a FREE spyware scan of your computer, and seek
out your hidden bugs).
We strongly urge you to visit
SpywareInfo.com/ It's loaded with
powerful information and helpful advice that zeros in on the hijacking
problem. If you are experiencing any similar problems, be sure to
follow the link to their forum. There are literally thousands
of postings from which you will learn and possibly find the advice
that will help you resolve your own issues.
|A Recent Review of
If spyware is hiding out in your computer, but your adware-removal
program can't track it down, you need HijackThis. The tiny
program examines vulnerable or suspect parts of your system,
such as browser helper objects and certain types of registry
keys. Pressing the Scan button generates a log of dozens of
items, most of which are just customizations, such as Google
Toolbar. To learn more about an entry you don't recognize, you
Clicking Info on selected item tells you why the entry was
flagged as suspicious, but not whether it's actually malware. To
find that out, you'll need to search the Web for that item's
name or go straight to a forum such as SpywareInfo or Computer
Saving the log creates a text document you can post to these
forums. The program installs into whatever directory in which
you unzip the file, which can make it hard to locate.
Don't check off an item and hit the Fix checked button unless
you're sure it's malware, though--you can do damage. HijackThis
is a serious tool for any user who needs to root out a serious
infestation, but wield it with caution.
You can download HijackThis from the Software link on the
SpywareInfo website. Be sure to read and follow their instructions to
the letter if you want good results.
We receive no compensation from SpywareInfo, but we do support their
completely Free website, newsletter and software with a small
financial contribution so that they can continue to provide this
outstanding service to their thousands of appreciative followers, like
us. If you have occasion to use it, would you consider doing the same?
Google and Yahoo searches will help you
identify many of the terms that are unfamiliar to you when you use
tools like HijackThis, CWS Shredder, and any of the other spyware
scanning programs. These search engines are so advanced that they will
even provide answers to searches you make as specific questions (Yes,
that you end with a '?').
Check out the
Federal Trade Commission (FTC)
website with its many publications relating to protecting
the security of your family, both on the internet and off. They are
FREE at their website.
Go to their pages covering Consumer
Family Safe Sites
The Crayola website goes
beyond being just for Kids with its sections for Parents
and Educators, too. We wouldn't hesitate to send our children
and grandchildren here for entertainment and education. Here's
PBS Kids is a respected and trusted site.
We would not hesitate to send our children and grandchildren
very assuring. Families visiting the site can feel safe
regarding potential threats to family privacy and their children's
welfare. Jump to it from
website has been Certified 'Family Safe' by the
Institute of Family Safe Businesses.
have posted some interesting
discussions and helpful family related links on the 'Identity Theft'
pages at the
Firewalls-and-virus-protection website, including some very recent
If you are concerned for your own security and that of your family, we
suggest a visit
the 'Identity Theft' pages
Here's a way you can help your
family and friends:
We have repeated this announcement
because of its popularity. We will continue to create similar reports
that can be downloaded, printed and shared with friends and family for
Many people using the internet wonder
if their firewalls and virus protection are good enough to
keep them safe. For
those of you who have visited our Firewalls site, you
know that the information there is directed toward
keeping you safe from hacker and cracker attacks.
Because it isn't always convenient to share your computer
with family and friends, we have excerpted some important chapters from our
Firewalls site and created small downloadable reports
that can easily be printed and distributed to the people you'd like to help
avoid 'virus grief'.
Special Report Alerts
| Is Your
Firewalls and Virus Protection Safe Enough?
This report will help you identify viruses, prepare for attacks
and infections and guide you in their removal. It's a 9 page,
easy reading guide that covers the threats we all face in our
daily use of the internet. It's a basic education in
understanding and Avoiding Virus Grief
Down load it from this link (it's in PDF format):
The download includes a ReadMe page with instructions for
unzipping and using your Acrobat Reader, and even a link to the
Adobe website where you can get your own free Acrobat Reader if
you don't already have one
Is a Keystroke Logger Being Used To Spy
Many of the tools and tricks in use today to spy on
your internet activities are exposed in this 7 page report. This
look into spyware will alert you to the ease in which your
identity could be compromised, or stolen.
Open the report in a new webpage by clicking
HERE or here>
(No downloading necessary, and you can print it right from your
There is really no reason for
anyone not to have the latest Firewall, anti-virus, spam blocking, and
spyware removal software installed on their computers. You can
download all of these programs, and more, mostly for FREE, from our
They're there for the taking. If you need to block Spam,
check the links on the 'Spam and Spyware' page. Same thing for Cookie
Crumbling tools, Spyware protection, etc.
It seems as if many of these software designers and providers
are trying to out-do each other with their Free software offers.
Although these protective programs may be stripped down versions, they
do work and no one should hesitate to download their trial or short
Most of them have a purchasable Up Grade option, and by trying the
free versions, you can upgrade the ones that worked best for you.
Start at the
Firewalls page and check out each
page, downloading what you need as you go through the whole site.
The 'Articles and Reports' section has some recent
interesting and helpful additions. We encourage you to visit it, too.
Same thing for protective software. We add it whenever we
find tools that will benefit our site visitors. It would be a
good idea to bookmark and check back regularly so that you don't miss
newly added items.
Reviews (of the news).
Windows Messenger spammer (D Squared Solutions) has agreed to stop
sending Spam over Windows Messenger to avoid a lawsuit by the Federal
Trade Commission (FTC).
Unfortunately for them, (but good for all of us), one of the messages
they sent through the Windows Messenger Service ended up on the
an FTC official. The advertisement was for a product to stop the very
advertisement being used to promote it
The FTC official decided that this was extortion and filed suit
against the company.
D Squared now has agreed to stop using the Messenger Service to send
advertisements, to stop selling messenger blocking programs and is
barred from sending advertisements which customers can not opt out of.
And from another branch of our
Senator Patrick Leahy, (D. Vt) has introduced the Anti-Phishing Act
of 2004. Phishing (which is pronounced fishing) is an exceedingly
harmful kind of internet Identity Theft Scam.
It amounts to the use of fraudulent messages to internet users asking
that they update or verify certain of their private information, such
as credit card numbers, bank account PIN's, etc. These messages arrive
with the appearance of official looking email, and often contain
accurate information as to addresses and telephone numbers, etc.
The messages instruct the user to input up-to-date private and
confidential information and send it back by clicking on a link or
using the Reply feature of their email program. The perpetrator of the
fraud then uses this information to compromise the users identity,
steal from their bank accounts, run up massive credit card charges,
If the bill is passed, it will make phishing a criminal act,
punishable as a felony, subject to
5 years in prison and/or up to a
fine of $250,000.
What can we do to protect ourselves from being hooked?
Be alert! If you have any questions at all about the validity of
messages requesting you to update private and confidential
information, check with the REAL company that is being used to bait
Use the telephone, search out their real website address in Google or
Yahoo, check your own records against the information displayed in the
phony email, etc. and try to talk with a real person at the real
|We were 'phished'
recently with a 100 percent authentic looking email request
supposedly from Earthlink.net requesting that we send a
payment to update our account balance. Because our balance was current,
a telephone call was made to Earthlink where we learned that they
had received many such calls. Earthlink also asked that we send
a copy of the fraudulent email to their Abuse address.
If you read the Articles on Phishing and Spoofing in the
Reports section of our Firewalls and Virus Protection website, you can
obtain a lot more information about how to avoid being hooked by the phishermen.
If you use Yahoo Mail, here's
more Good News
Yahoo fixed two flaws in
its free mail system that could have allowed a malicious user to read
your browser cookies and change the appearance of some pages.
of the company said the flaws were fixed last month by making changes
on the company's Yahoo Mail servers. Yahoo fixed the flaws in its
No patch is required by the Yahoo Mail users.
Send in your
questions. There is no such thing as a stupid question. Some people
are bashful about asking, but there are always many others who share
the same question, and will benefit from the answers to yours.
email your questions to us at
With your permission, we'll publish your questions and answers in
forthcoming issues of the NewsReporter.
If you had the opportunity to help
family members, associates, or friends by sharing any of the
information in this
please suggest that they subscribe for their own personal copy.
They can subscribe here and we'll never share their information with third
As promised in our first
issue, we aren't going to stuff your mail box with un-ending mailings every
day, week, or whatever. When there's some important news about the
topics we've noted, we'll let you know, usually monthly.
To avoid unwanted and unnecessary filtering of our messages, we will
send a very brief text email to you. It will have a link to this
News Reporter and an un-subscribe link
The email subject line will identify the contents as
"Latest Security Alert News Reporter - Issue ##" and the
email "FROM" address will be "email@example.com"
Thank you again, for your interest and trust. We'll do our best to
in our Computer Virus Awareness Campaign by Sharing this with a friend
CLICK HERE to be removed from this mailing
Click to send Un-subscribe email request