A Security guide for the everyday, non-technical
internet user who just wants to be safe doing basic stuff
Alert News Reporter"
for April, 2006
The "NewsReporter", a security alert newsletter,
is published to keep you up-to-date on the latest information we
gather for avoiding and surviving the hectic hacker attacks on your computer
security and personal identity that take place constantly on the
internet. Many of our comments are based on personal experiences. Protecting
your safety, security, sanity, and privacy is not a simple task. We're trying to make it a bit easier for you to accomplish.
This security alert Newsletter
is sent out periodically to everyone who has registered for the
Alert Services from one or more of the websites
published and maintained by www.RichardPresents.com.
If you are no longer interested in up-to-date Security Alerts or
Safe Surfing Suggestions -
please use the
the end of this letter to un-register.
CLICK ON ANY
TOPIC YOU'RE INTERESTED IN - OR READ THIS NEWSLETTER FROM TOP TO
The trends in the activities of cyber criminals seem quite
They're going after the money. That's your money and mine.
They're using some very sophisticated methods to do it, too.
These perpetrators are hard to catch, but efforts to catch and
incarcerate them have intensified lately. I've covered some of
the recent FBI, DOJ and other watchdog agencies successes below.
I believe they are encouraging.
Latest Virus Threatsreported by McAfee , US-CERT, Panda and other advisory services. (US-CERT is the
of the National Cyber Security Division (NCSD) at the
Department of Homeland Security)
Full descriptions including virus characteristics, symptoms, aliases
and removal instructionsare available by clicking on the
links. This virus alert is in addition to those posted in previous
month's News Reporter
issues. You can review previous Virus Alerts in the Archive files.
descriptions and Removal Advice
symantec AdvisoryThere are no
Severe Threats at this time ●
Spyware.Watchdogstill rated as High Risk spyware
Systems affected: Windows 2000, Windows 95, Windows
98, Windows Me, Windows NT, Windows Server 2003, Windows
From the US-CERT,
this timely Cyber Security Tip STO6-003
Internet Explorer is the most popular browser used for
web surfing and is installed by default on each Windows
system. Unpatched or older versions of Internet Explorer
contain multiple vulnerabilities that can lead to memory
corruption, spoofing and execution of arbitrary scripts.
The most critical issues are the ones that lead to
remote code execution without any user interaction when
a user visits a malicious webpage or reads an email.
The TelnetOn.A worm creates an Administrator
account on the affected computer, which allows it to
take full control of the target system through the
Telnet service. One of the main actions that this worm
carries out is ending processes belonging to several
security tools, such as antivirus or firewall programs.
It also ends processes belonging to other malicious
Once installed on the affected computer, TelnetOn.A
prevents access to certain websites, including websites
of antivirus applications. This worm spreads through the
P2P programs eMule, KaZaA and Morpheus, the mIRC program
Briz.S is a password-stealer Trojan made up of several components
downloaded via the Internet. Its aim is to steal private
information from the affected computer, such as the IP
address, and capture data entered by users in Web forms
through Internet Explorer (usernames and passwords for
accessing email, banking services and other online
It also prevents the attacked computer from accessing
certain websites belonging to antivirus vendors. It uses
the affected computer as a gateway to anonymously
connect to third-party Telnet, SMTP, FTP and HTTP
services. Briz.S needs an attackers intervention to
spread, and can reach computers in many ways: CD-ROMs,
email messages with attachments, Internet downloads, or
All users who want to know whether their computers have
been attacked by these or other malicious code can use
ActiveScan, the free solution available at:
www.activescan.com. Users can carry out a complete
inspection of all the areas of their computers that they
suspect might be infected, free of charge.
information about these and other threats is available
from Panda software's Encyclopedia at:
Up-to-date Firewalls, Anti-virus and anti-spyware
usually stop these pests before they cause
you any grief
Symantec reports that over the last 18 months, an ominous
change has swept across the Internet. The tools driving the
new attacks and fueling the blackmarket are crimeware -
bots, Trojan horses, and spyware.
Threats today have become more
sophisticated. They tend to use multiple paths to spread,
thereby increasing their chances of infecting your system.
Once on the system, these threats tend to show little to no
symptoms so they can survive undetected.
Phishers who lure victims by posing as legitimate
companies, are the major scourge of the Internet along
with spam, viruses and spyware. A recent study showed that
online fraudsters launched a record number of phishing scams
last year, with nearly 17,000 unique e-mail-based fraud attacks
detected in November alone, and even more in January, 2006.
16-Oct-06: APWG Releases the
Crimeware Landscape Report The APWG in coordination with
the US Department of Homeland Security releases its
Crimeware Landscape Report. This document tries to help
executives grasp just what crimeware is, how it works, and
how prevalent it is.
The Phishing Attack
Number of unique phishing reports received
Countries hosting the most phishing websites
The Phishing Attack Trends are
published monthly by the Anti-Phishing Working Group,
an industry association focused on eliminating the
identity theft and fraud that result from the growing
problem of phishing and email spoofing.
anti-spyware software providers invest a major portion
of their resources in developing and updating their
software to try to keep up with spammers, virus
writers and other undesirable persons.
They are certainly entitled to be paid for these
efforts. Often, users have the opportunity to try demo
and trial versions before purchasing. This is
especially helpful when deciding which security
program to buy. It's even more important when
reviewing the sales information published by the
developers when they announce new versions of security
Like phishing, some devious providers of anti-spyware conceal malicious code in their free trail programs.
These are often described as Rogue Anti-Spyware.
Even before deciding to
download a trial version of an unfamiliar product, a
good source, probably one of the best online, to
determine if you might be un-suspectingly downloading
a rouge product is
They currently (April 5,
2006) list more than 280 rogue/suspects!
Awarenesscontinue to be the key words
for protecting your security during the coming year, 2006. (Security Alert News Reporter Editor's opinions)
Privacy Theft -
Be on the alert for the latest spyware and Scams, sources of
malware and Zombie (hijacking)
programs that often lead to stolen personal and financial information
and Identity Theft.
The "MySpace" web community is being
invaded by Scammers and criminals, reports
Such a web community provides a modern online environment for
people who want to make friends, talk online, singles meeting
singles, networking, being involved with people who share these same
interests, and having fun while expanding their social circles.
They are also fertile hunting grounds for spammers, phishers,
predators, and all sorts of unsavory types who prey on lesser
experienced internet users who may drop their guards in the
excitement of their social and fun quests.
MySpace has a massive user base of more than 60 million members or
visitors. These visitors share pictures of themselves and all kinds
of personal and even private information with complete strangers.
The predators, (that's what they are), act just like the rest of the
web community visitors, but they load their email communications
with malicious software like trojan horses and even keyloggers.
They take advantage of users' trust in the networks' recognized
names to create bogus links that appear to be legitimate. These
links can lead to dangerous Web sites that capture sensitive
If visitors to these web communities practice the same restraints
and cautions as when they communicate by Instant Messaging, and read
their email, there's a good chance they won't become victims of the
phishers, spammers and other physically dangerous predators.
Usually, it's very difficult to repair the damage
phishing scams cause, however, there
are some really
Programs available to Home and Small
users to improve online security and minimize adware, Trojan horse/Zombie and
general malware threats. You'll need
at least two or three.
Among the many reputable online security resources that I monitor,
Warrior" website is one that does an outstanding job of not only
reviewing and recommending the best and latest anti-spyware software,
but advises how best
to use it.
It has my Highest Recommendation.
Keep in mind that you must also have up-to-date anti-virus software(*)
strong firewall, plus the latest updates for your browser (Internet
Firefox, Netscape, Opera... whichever one you use).
Xoftspy is the latest in spyware detection and removal.
Xoftspy will hunt down and remove from your machine all known
spyware/adware that is on the market today. 91% of PC's are
infected with spyware.
Try Xoftspy right now for FREE and see for yourself if
your PC is infected!
Spyware & Adware are files that are installed on your computer
without your knowledge. They allow companies to monitor your
Internet browsing patterns and even allow companies to inundate
you with those annoying "pop up" ads! Most people are familiar
with freeware, shareware, cookies, media players, interactive
content, and file sharing. What they may not realize is that
some of the aforementioned may contain code or components that
allow the developers of these applications and tools to actually
collect and disseminate information about those using them.
They can track your surfing habits, abuse your Internet
connection by sending this data to a third party, profile your
shopping preferences, hijack your browser start page or pages,
alter important system files, and can do this without your
knowledge or permission. The security and privacy implications
of these exploits should be quite obvious and undesirable on any
system or network!
Here's the Download link to
Grisoft's AVG Free anti virus software, in case you missed it in recent issues of
Saving it to your desktop will make it easier to find the
Install icon placed there as part of the installation process.
Click on the icon and follow the instructions to complete your
installation. Spend a few minutes becoming familiar with the
AVG Anti-Virus Control Center.
Be sure to check for updates, get them and then do a complete
I set my AVG program for automatic updates once every day...
makes me feel more secure, and I also use two anti-virus
programs on each of my computers.
However, I use only one
firewall software program on each computer ... Richard
STINGER, (compliments of McAfee's Anti-virus and
Vulnerability Emergency Response Team -
updated on February 2, 2006 to detect and remove more than 50
current viruses including Sober.
It's a great
little program that still fits neatly on a floppy disc - a perfect way to
clean up your computer if a worm or other 'rogueware' has disabled
your ability to get back on the Internet to update your
Whenever updated versions become available,
a notice here, on the Firewalls and Virus
Protection website and
in the Security Alert Blog.
recent additions to our reviews of Family Safe sites
At the top of the list of results at a recent Google search for
Child Safe web sites was "FirstGov for
Kids", the U.S.
government interagency Kids' Portal. It's a great site.
The National Center for Missing and Exploited Children has many
great publications, too. I put a
download link for their "Personal
Safety for Children -
A guide for Parents" in the Features Supplement.
out in the new Features Supplement CLICK HERE
these Kid Safe Sites, because like you, we care about
the safety and security of our children and grandchildren....and
to help parents, grandparents and guardians guide today's young
internet surfers to safe sites. There are many other website creators
who feel the same concerns and responsibility. These are just a few of
their sites that we have personally reviewed and tested as safe for
our Grandchildren. Check them out and share them with the young people
you care about.
Help for Parents and Grandparents.
Keep the Children and Grandchildren safe when they're using your
Predator Guard provides real-time protection for
children in chat rooms, instant messaging, and e-mail
The Home Edition Features:
in Instant Messaging, Chat Rooms, E-mail and Attachments
E-mail notification to parents
Reviews both outgoing and incoming data
User defined library to prevent distribution of personal
Detects, captures, logs and reports violations
Works as a stand-alone application or with existing site
blocking programs (AOL Parental Controls, Cyber Patrol, Net Nanny,
Guard provides real-time protection for children in chat
rooms, instant messaging, e-mail and attachments from online
predators and pedophiles. In addition,
Predator Guard can prevent all outgoing personal
information, such as a child's home address, phone number and
school information, or other information that is essential for a
predator to make contact with a child.
Inexpensive Protection Now
Publications -Use these Reports to help your
family and friends: . For
those of you who have visited our Firewalls website and Security Alert Blog, you know that the information there is directed toward keeping
you safe from hacker and cracker attacks. Additions to our bookshelf
are selected with the same purpose - and we encourage you to share our
miss the NEWest
Copy or Download these reports from the
Publications Page in the new
CRITICAL ALERTS You Should Consider
Your Computer Security and Protecting
Your Personal Safety"
and Family from Dangerous Chat Rooms and
Online Security while Traveling in the United
States and Abroad.
"Travel Cheap - Travel Well!"- Confessions of A
Internet Junk Mail and Spam out of your email inbox The
Microsoft Vista Operating System Identity
Thieves - Internet Outlaws
Choosing Anti-Virus, anti-adware and anti-spyware
Federal Trade Commission (FTC)
website with its many publications relating to protecting the security
of your family, both on the internet and off. They are FREE. You can go to their pages covering
of the News (more encouraging news
SPAM, SCAMS, pornography, and protecting Personal Consumer
Settles Data Security Breach Charges
ChoicePoint Settles Data Security Breach
Charges; to Pay $10 Million in Civil Penalties, $5 Million for
At Least 800 Cases of Identity Theft Arose From Companys Data Breach
Consumer data broker ChoicePoint, Inc., which last year acknowledged
that the personal financial records of more than 163,000 consumers in
its database had been compromised, will pay $10 million in civil
penalties and $5 million in consumer redress to settle Federal Trade
Commission charges that its security and record-handling procedures
violated consumers privacy rights and federal laws.
The stipulated final judgment and order for settlement requires
ChoicePoint to implement new procedures to ensure that it provides
consumer reports only to legitimate businesses for lawful purposes, to
establish and maintain a comprehensive information security program,
and to obtain audits by an independent third-party security
professional every other year until 2026.
The message to ChoicePoint and others should be clear: Consumers
private data must be protected from thieves, said Deborah Platt
Majoras, Chairman of the FTC. Data security is critical to consumers,
and protecting it is a priority for the FTC, as it should be to every
business in America.
NOTE: A stipulated final judgment and order is for settlement purposes
only and does not constitute an admission by the defendant of a law
violation. Consent judgments have the force of law when signed by the
~~~~~~~~~~~~~ New York AG Eliot Spitzer brings suit
against another spyware installer
The Sans Institute reported on April 7, 06 that New York Attorney
General Eliot Spitzer filed a lawsuit against Direct Revenue LLC,
alleging the software distributor "surreptitiously installed millions
of pop-up ad programs on consumers' computers."
Spitzer's lawsuit asks that Direct Revenue be enjoined from installing
spyware without users' permission and from sending advertisements
through software that is already on computers. It also asks that the
court make the company disclose its revenues and "impose monetary
Direct Revenue has posted a rebuttal to the allegations on its web
site, saying the case is founded on activity in which they no longer
engage. A lengthy investigation indicated that Direct Revenue had
installed the spyware on people's computers when they installed free
applications and neglected to mention the bundled spyware.
The suspect software was downloaded to consumers' computers by Direct
Revenue's own servers once the free application had been installed.
Results of an investigation also indicate that the software was
designed to be difficult to detect and uninstall and in some cases,
reinstalled itself after users removed it.
~~~~~~~~~~~~~ Congratulations to the FTC for progress-to-date and
aggressiveness in enforcing the consumer protection laws, and to NY
Attorney General Eliot Spitzer who has been pursuing companies
involved in alleged Internet fraud and other misconduct..
They get another of our
check marks√ Good Guy Check Marks to date
√ √ √ √ √ √ √
√ √ √ √
√ √ √ √ √√ √ (See Archives)
- many Free. It's
easy to install the latest Firewall, anti-virus(*), spam blocking, and spyware removal software on
your computers. Download all of these programs, and more, mostly for FREE, from our
Firewalls-and-Virus-Protection website pages.
Check them out. If you need to
block Spam, find the links on the 'Spam and Spyware' page. Same thing for Cookie
Crumbling tools, Spyware protection, etc. Most of them have a purchasable Upgrade option, and by trying the
free versions, you can upgrade the ones that work best for you.
Browser Hijacking is still
a major problem. One of the outstanding
sources for information about browser hijackers and tools
to remove these predators is still available on the
It's loaded with
powerful information and helpful advice that zeros in on the hijacking
problem. If you are experiencing any similar problems, be sure to
follow the link to their forum. There are literally thousands
of postings from which you will learn and possibly find the advice
that will help you resolve your own issues.
You can download HijackThis from the Software
"Privacy and Protection" link on the
SpywareInfo website. Be sure to read and follow their instructions to
the letter if you want good results.
We learned about this program from the extraordinary website and
forums built and maintained by James Healan, webmaster of SpywareInfo.com.,
and whenever we can, we send a small donation to help keep them
DOWNLOAD latest cws shredder
(Version 2.19, Nov 05) Free from Trend Micro
It'll find and remove
those nasty Cool Web Search trojan horses.
Here's a powerful, inexpensive, and helpful resource
to help you maintain your Internet Security and Personal
Hacker's Nightmare a retired FBI Special Agent tells
you exactly how to really Keep Hackers,
Worms and Germs out of your PCs. Here's what Bill Hely has
to say about his eBook:
I was researching and writing
The Hacker's Nightmare I was determined that
there would be chapters that alone would be worth
the cost of the whole book. Different chapters to
different people that is... depending on individual
needs and interests. Based on feedback from my
readers I am confident that I have achieved that
aim. I mean, read the testimonials for yourself!"
Hely, 20 plus year veteran of internet security consulting. has loaded
it with valuable information and plain common
sense. We could fill this and future issues of our News
Reporter for the next few months just talking about them.
I've included some of Bill's outstanding, informative, and
helpful articles in the Articles and Reports pages of the
Firewalls and Virus Protection website. Please visit and
check them out.
Bill has designed a webpage that describes many of the security
tricks and tools that will help keep that nasty stuff out
of your computer.
Review The Hacker's Nightmare Story HERE.Some
sample (Free) chapters are available to early visitors.
You have probably noticed the
various references to it throughout this newsletter,
the Firewalls and Virus Protection website
and my Blog.
International Council of Online Professionals,i-Cop for short. I
believe anyone actively using the internet to
provide information, services or sell products will
benefit by subscribing to i-Cop's publication -
The Internet Marketing Trade Journal.
It truly sets the
standard for Honesty and Integrity Online. I'm proud
to be a member.
This FREE ezine is
vitally important to online business owners and
anyone even considering making money online! We keep
informed about all online issues and programs to
in, or avoid. Subscribe to The Internet
Marketing Trade Journal
As a P.S. to the above comment,
encourage your friends to check out these timely posts in our "Security Alert Blog".
Recent Blog entries
for March and early April included comments on these current issues.
Buying a new computer now?
Will it be Vista ready? With the latest
announced Vista reschedule, it doesn't appear as if we'll be able to
purchase a Vista equipped computer until well after then end of the
year holiday season.
Irresponsible adult Internet activities can now
lead to Police searches.
Curious teenagers and younger children with
unsupervised access to the Internet could view and download banned
pornographic images placing a family in jeopardy.
U.S.Treasury Department Releases Free Identity Theft DVD The Treasury Department free DVD, titled "IDENTITY THEFT -
Outsmarting the Crooks" is an excellent expose' of many of the
tricks, scams, and lures cybercriminals are using. Tells how to get
Add our information blog to your list of
Must Read spyware
The more useful
information you have about
the scourge of malicious spyware, the
better chance you'll have of
avoiding the grief
and frustration it
Our blog is RSS
● There are dozens more posts available in the Blog
Archives. Read our
Blog Posts HERE. I urge you to Comment, Challenge and
add your own opinions to ours.
It appears as if some positive progress is being
made in alerting your friends and family of spyware dangers.
Many of the Spyware monitoring organizations and individuals
have noted the changes in Hacker and Spammer tactics. Because so
many internet users have built up their defenses against
malicious spyware, these cyber criminals have had to develop
increasingly more devious and sophisticated attack schemes,
challenging the anti-spyware software developers. We're caught
in the middle of this battle. We cannot drop our guard now.
Now you can do even more.
Heed the CALL TO ACTION: BE A CYBER SECURE
Securing your personal computer plays a crucial role in
protecting our nation's Internet infrastructure. The National
Cyber Security Alliance
(NCSA) is a public-private partnership
focused on promoting cyber security and safe behavior online. It
drives awareness and response to pressing cyber security issues;
providing tools and resources to empower home users to
stay safe online.
Please help us help your
family, friends, and associates enjoy a safer and less
frustrating internet experience. We encourage you to share this
information with them or suggest they
subscribe to this newsletter.
I like to say that
Sharing is Caring ......Richard
All of us, too, need to
act, by educating ourselves and by making
sure we obtain the necessary programs to protect our computers.
Those programs include a firewall; installing and updating
anti-virus software; using anti-spyware software that can identify and
delete programs that have migrated to our computers; using spam
filters to protect
e-mail; and downloading patches that update
It is one of the most beautiful compensations of this life that
no man can sincerely try to help another without helping
~ Ralph Waldo Emerson
Keep in mind that
these programs are only as good as their
I hope your machines aren't infected with any viruses that send out spam.
How can you be sure? Do
some 'house-cleaning' on your system. Scan for spyware and
viruses and while you're at it, install a diagnostic program so
that you can discover any viral ills on your PC.
Have you checked the health of your computer's Registry? I have,
errornuker. It's apowerful diagnostic utility
that scans the Windows Registry to identify errors and
to optimize it's performance.
Every day when I boot up my computers, I run a registry
check with Error Nuker. In just a few minutes, it finds
broken links to shortcuts, ActiveX entries that shouldn't
be there, unwanted Browser Helper Objects, and a lot more
problems. With a simple CLICK, they're fixed!
The StartUp manager lets me disable those programs that
automatically load on StartUp and use Resources that slow
down. the computer. I can easily select the programs that
I want to keep running in the background.
Personal testimonial from
Your Registry could need a clean up, too, if
you have these Registry Problem Symptoms
PC keeps crashing at
PC needs frequent
unable to remove a program
using add/remove dialog
'unable to load ***.DLL'
'cannot find ***.exe'
PC runs noticeably slower
than when you first bought it
the first time, and seeing how many registry listings
needed to be fixed on my computer, and how effectively
they were fixed, as I noted above, it's now a part of my booting
routine every time I restart. ...
There are no
Dumb Questions!. Don't be too embarrassed to ask.
You probably aren't the only person with the same
.. and help all of those who don't ask.
With your permission, we'll publish your questions and answers in
issues of the
If you have the opportunity to help
family members, associates, or friends by sharing any of the
information in this
please suggest that they subscribe for their own personal copy.
If your friends are hesitant or uncertain
about the benefits of visiting with us, suggest that they review the help that's readily available at
our one page summary of the Online Security Consideration and
Protective Tactics that are designed to keep them safe on the
They Can Check out these Considerations HERE.
And finally for this issue,
we hope you can take our one minute
mini- survey (We'll give you a nifty and entertaining Free
eBook on Coping With Your Stresses for your time)
and visit our Blog Pages, read our postings and contact us with your comments
YOUR Feedback is valued!
I want the 'Security Alert News Reporter' to bring you all the
you look for and the help you need to solve the problems you might encounter,
may I ask you to send me your ideas and tips to make our newsletter
even more valuable.
Everything you have to offer will help us do a better
job of helping you.
Thank you. ...Richard
As promised in our first
issue, we aren't going to stuff your mail box with un-ending mailings every
day, week, or whenever. When there's important news about the
topics we've noted, we'll let you know, usually monthly.
To avoid unwanted and unnecessary filtering of our messages, we will
send a very brief text email to you. It will have a link to this
News Reporter and an un-subscribe link. The email subject line will identify the contents as
"Latest Security Alert News Reporter - Issue ##"
Thank you again, for your interest and trust.
We'll do our best to
honor and preserve it
Thanks for being a loyal subscriber.
Please Take part
in our Computer Virus Awareness Campaign by Sharing this with a friend
We are proud participants in the "Rid the Planet of Viruses" campaign.
for All Family Members
Get the latest News
Take a look at our Security Alert BlogHERE.
A Blog (web log) is a quick and easy
way to share timely information (nearly daily updated news, trends,
developments), answer questions, express opinions and exchange views.
your No. 1 Use of the Internet?
Please take this one
minute Mini-Survey. Tell us how we can best serve your primary interests
Hacker attacks and spyware intrusions.
We'll give you a nifty and entertaining Free
eBook on Coping With Your Stresses
Right Click and SAVE link. Paste it into
your RSS Reader to
Subscribe to our Security Alert RSS feed. It keeps you totally
informed of the latest web page updates, Newsletter Editions and Blog
posts as soon as they're made!
BOOKMARK or Save this Page to your
Favorites. Use Control + D
"It's a TERRIFIC
newsletter" jl scott, ph.d., Director iCop -
International Council of Online Professionals
"Happy One Year Birthday!
I read your newest information--
very nicely written.
You've informed many people over the last year-- a generous
under- taking since
I doubt there is much financial profit involved. Thanks!" Patrick
"Wow, You've really outdone yourself with this
newsletter! It looks and reads like brilliant gold! So much
valuable info! I use it once a day over a full week's time to
carefully digest and implement each of your 'helps', downloads
and updates. Thank you for your incredible dedication to online
security." Victor K Pryles
newsletter is terrific! So attractive to look at,
and such extensive information." Maggie
PCC Margaret Klee Lichtenberg Coaching
is a public service brought to you by a wide range of Internet industry
corporations and public interest organizations .
wants Internet users to be only "1 click away" from the resources they
need to make informed decisions about their and their family's use of the