Current Blog Posts
Dec 31, 2004
Dec 23, 2004
Dec 17, 2004
Dec 10, 2004
Read a recent Issue and
- Get your FREE report
"23 Critical Security Alerts"
from the subscription
to our Free
Latest Virus Threats
No. 1 Use of the Internet?
Please take this one minute mini-survey.
Let us know how we can best serve your
primary interests while avoiding Hacker and spy ware intruders
give you a Free eBook
for your time
to date on Internet Security with
the Firewalls and Virus Protection
Security Alert Blog
Valuable Information for the everyday Internet User and Web
(web log) is a quick and easy way to share timely information
(alerts, updated news, trends, and developments), answer questions, express
opinions and exchange views.
The really valuable and outstanding features of blogging are that it
is interactive -- news, views and opinions are exchanged in a
Visitors to this Security Alert Blog are encouraged to express their views and
opinions on our postings (easily done by clicking on the highlighted
'COMMENT' at each post). You'll notice
that our most recent Posts appear first. You can use the links in
the left column to jump to posts from earlier weeks.
Please let us hear from you. We'll look at
your comments and remove anything inappropriate (hateful, abusive,
explicit, etc.), before posting your replies.
Please stick to the theme of "Security Awareness and Safety on the
Internet'. Your email address will never be displayed and will not
be shared with third parties.
We are very pleased that you are here today,
forward to your early return.
December, 2004 Posts
and Readers Comments
31, 2004 A Big 'Thank You' to all of our
Readers who have helped get our "Security Awareness Campaign"
The campaign started in
January, 2004, with the initial 5 pages of our
Firewalls-and-Virus-Protection website going online.
More than a very large
handful of 'problems' have come this way during the past dozen years
or so of using the internet. Originally, they were just "How to do
this - or that" type, but recently, all of us everyday internet
users have been deluged with so many nasty viruses, worms, trojans
and spyware intruders, the focus has changed to "How NOT to".
How not to get infected by these pests and intruders, and of
course, how not to let them take over our our computers and
The comments, questions and advice received from many online and
offline friends made it abundantly clear that we needed help. It
needed to be provided in a manner easy to understand and
The theme of the
Firewalls-and-Virus-Protection website, the
and now this Blog has been and will continue to be
"simplicity": information that can be used and easily understood by
the youngest internet users to the oldest of us Senior people, many
of whom were fearful of even starting to use a computer.
So as a rather senior 'Senior', I chose to use the Internet and my
online publications as the platform from which I could help the
unwary and lesser experienced understand what is happening in the
Cyber Jungle and how not to be caught in the ambushes along
Thanks again to the many visitors and readers for their part in
carrying on my "Security Awareness Campaign" in 2004 and on into the
New Year, 2005.
December 29, 2004
Nasty Meddlesome Curiosity or Useful Entrapment?
Did you know that there is a
controversial Free service that will let you Discover potential
sexual predators in YOUR personal life?
This Free Service is offered to anyone who wants to ANONYMOUSLY find
out who they know that has an interest in child pornography!
The service was created by International Locator, Inc, (a 12 year
old investigation agency). PervCheck.com is in response to hundreds
of inquiries they received from concerned parents, educators and law
enforcement officers around the world looking for better ways to
sniff out the potential sexual predators in their children's lives.
You select the person you wish to target, send their email address
PervCheck.com and they send a tempting and salacious email to your
Beware, if you get one of those enticing, sexy emails, it could be
the real thing... or it could be your next door neighbor
PervChecking YOU! Conclusions are drawn based on the response of the
Right or Wrong.
Is it right to lure an unsuspecting person into danger, difficulty,
or a compromising situation that could falsely ruin their
reputation, or does the potential discovery of a sexual predator
overshadow the moral implications of such Offensive Inquisitiveness?
Care to share your opinion?
The full article is available
courtesy of http://www.bgchecks.com. You can read it at this
Readers comments (1)
December 27, 2004
Shouldn't your New Year's Resolutions include improving your
About 75 percent of of Home
Internet Users believe their computers are safe from viruses and
online threats and about 60 percent believe they are safe from
Hackers. (based on an October
2004 survey of 329 people conducted by the National Security
Alliance), while two thirds of
the respondents admitted that their anti-virus software is not up to
date, and some don't even have a Firewall at all.
If you fit in this group, then the answer to the question
is Definitely YES. With so many new virus and spyware threats
hitting the Internet daily, one of the most important things you can
do for the Year 2005 is to Resolve that you will--
1. update your anti-virus
program at least weekly if it doesn't update
2. set your spyware
sweeping software to automatically sweep your
hard drive each time you boot up your computer
3. check your firewall to
be sure that it is blocking incoming, and
also outgoing traffic
4. install at
least two different spyware sweeping programs. Our experience
indicates that there isn't one single program that will find and
ad tracker, spyware bug or malware pest. At least install the free
versions of AdAware and Spybot Search and Destroy. There are
others listed in our
Security Alert News Reporter
and on our
Best wishes for a Healthy, Happy, Prosperous and Safe New Year
Our Wish List on Christmas
To wish is to express a
desire or hope concerning the future.
On this special day, our
wish is that all of the people of the world will someday soon be
free of oppression, sickness, poverty, hatred, acrimony, cynicism,
greed, and poor fortune -- that they can live their lives in peace
with their neighbors and within themselves -- and that a wisdom and
awareness will descend upon mankind to bond us all in a crusade for
peaceful co-existence, regardless of race, creed, color or religious
Greetings of the season and sincere wishes that major progress will
be made in this crusade during the coming year -- 2005.
Helping your children
practice safe surfing habits.
"Young people between the ages of 2 and 11 are increasing their
use of the Internet at a faster rate than the overall internet user
statistics were reported in the January 2005 issue of PC Magazine.
They show that this group of young people has viewed more than twice
as many web pages this past October than they viewed in October,
(The increase for average web users was only about 15 percent for
the same period).
Young boys increasingly viewed entertainment sites like Disney-channel.com
and cartoon sites.
Young girls were more interested in the instant messaging sites like
MSN Messenger and AOL instant messenger.
This fact should raise an alarm for parents.
It does for us!
Predators are known to lurk in Chat Rooms waiting to lure children,
especially young girls into unsafe situations. Here are some
Internet safety policies and practical guidelines that will help
make the Internet safer for any family.
1. Position the computer monitor so you can see and
showing from the internet.
2. Bookmark child safe web sites so your your children
can easily get
back to them.
3.Teach children that they should never give out personal
over the Internet.
4. Make it clear to your children that people in chat
rooms are ALWAYS
strangers, no matter how often
they chat to them, and no matter how well
they think they know them
5. Take an active interest in your child's activity
online. Do NOT use the
Internet as a babysitter!
There's a lot more information for providing Family Security on the
page of out Firewalls and Virus Protection website. Some Child and
Family Safe websites that we have reviewed and recommended to our
grandchildren are listed in our News
December 17, 2004
Return of the Cws.MrHop hijacker*
After having been free of this nasty
hijacker since my initial attack earlier in the year, it returned
with a vengeance this week... and it was my fault that it did.
Just this one time, I made the fatal mistake of opening an email
attachment from a friend whose emails never caused any trouble in
the past. However, this was one of those that had been forwarded
to them from someone who forwarded it. You know -- forwarded +
forwarded + etc.
It did all of the mean and awful things that CoolWebSearch is known
It hijacked my browser
Changed my Desktop
Disabled my printer (this was a major surprise)
Disabled shortcuts to some of my anti spyware and anti virus
Disabled every RSS feed I was following
Changed my Default Search links
... and more
It was missed by all of my security programs. Since my Anti-virus
and Firewall programs are automatically updated by McAfee, it seemed
logical that my spyware monitoring software could be out of date.
It is really very easy to update these programs from the 'UpDate'
Many of these services offer update notifications, available by a
But the main frustration and wasted time comes from restoring all of
the damage done.
LESSON Learned: Don't take anything for granted. Vigilance
must be practiced when using the Internet. Before opening that
attachment, I should have contacted my friend and asked if they had
any trouble before forwarding it to me, but I didn't.
a bit of information about the CoolWebSearch hijacker and
MrHop, which is a CoolWebSearch variant that poses a Severe Threat.
CoolWebSearch is a name given to a wide range of different browser
hijackers. Though the code is very different between variants, they
are all used to redirect users to coolwebsearch.com and other sites
affiliated with its reprehensible operators.
Severe threats typically are remotely exploitable vulnerabilities
that can lead to system compromise, which means that Attackers can
gain complete control over your computer or install new software on
your machine without your permission.
COMMENT Readers comments (1)
December 13, 2004
Don't become an accomplice of the Hackers.
You may already be an accomplice for Hackers using your computer to
spread their worms, viruses, and spyware.
And yours may not be the only one involved.
In a recent issue of the "Security
Alert News Reporter", we
noted that an unprotected computer could be hacked and infected with
computer viruses and malware within 20 minutes of going on line for
the first time.
More recently, the marketing-communication research group
AventeGarde, conducted a series of tests with a half dozen computers
using different operating systems to find out how quickly they might
Their results showed that an improperly protected computer could be
hijacked within seconds of going online! (Average time for a
Hijacker to take over their test machines was 4 minutes).
The test computers were installed with a variety of current
Microsoft operating systems, some with built in Firewalls.
Generally, firewalls reduce the potential of being hijacked.
Two of the test machines did have firewall protection and actually
survived the two week test without becoming infected.
Scary, isn't it. But of even greater concern is the fact that these
infiltrated computers can harbor the viruses and worms without the
computer user being aware.
Users can unwittingly spread the computer viruses to their family,
friends and other correspondents, reinforcing the Hacker's growing
armada of infected machines. This growing mass of infected zombie
machines, all under the control of the Hacker, can easily be used
for Denial of Service attacks and other disruptive, illegal, and
In our recent post of December 6, we expressed the importance of
having up-to-date anti-intrusion software installed before going
online for the first time.
There are no completely immune computer operating systems. Because
the Microsoft products are installed on the majority of Windows
PC's, (millions of computers, worldwide), the hackers attack this
As more and more alternate browsers come on line, it's highly
probable that their vulnerabilities will become additional targets
for the miscreants and malcontents bent on continuing the
devastation already wreaked on the world wide web.
It certainly seems to us that the responsibility for thwarting this
continuing damage lies with all of us users as well as the
legitimate software providers.
And it's as easy as keeping our firewalls, anti-virus, and spyware
sweeping programs, and operating systems up-to-date. (Microsoft
provides easily used links to their operating system patches, as do
the security software providers).
Ignoring any of the available updates is a real gamble, and
Has a Phishing Attack
tricked you into giving out your Personal Financial Information?
Phishing attacks are becoming so sophisticated and hard to detect
that even the most experienced people can be hooked.
going on the Internet and using email or Web browsers for the first
time could easily to be fooled into giving up their personal
financial information in response to a phishing email or a phishing
If you have been tricked this way, you should assume that you will
become a victim of credit card fraud, bank fraud, or identity theft.
Anti-Phishing Working Group has published some excellent advice
on what to do if you are in this situation
Even if you haven't been hooked, a visit to the
Anti-Phishing Working Group will give you a great head
start on how to avoid this disastrous situation.
December 9, 2004
File Sharing Perils - KaZaA No.1 Pest Threat
According to Computer Associates International, Peer-to-peer file
sharing program KaZaA is the No.1 spyware threat on the Internet.
PestPatrol research, CA found that
KaZaA posed a greater threat than other programs in its top five
spyware list because of its widespread popularity.
KaZaA opens up your computer to millions of strangers is among
the top threats because of the amount if copies in use. (KaZaA
claims that its software has been downloaded 214 million times).
KaZaA slows a machine by adding unnecessary registry entries and
Peer-to-peer file exchange programs, like KaZaA, Blubster, Gnucleus
and WinMX, can degrade network performance and take up storage space
because they are bundled with adware or spyware.
CA said the difficulty in exactly defining spyware was one reason
why their company often referred to certain programs as pests.
"Pest is a broader category that includes spyware, adware and
browser help objects.
P2P Defined: Any peer-to-peer file swapping program, such as
Audiogalaxy, Bearshare, Blubster, E-Mule, Gnucleus, Grokster, Imesh,
KaZaA, KaZaA Lite, Limewire, Morpheus, Shareaza, WinMX and Xolox.
Credit Card Scam
This message is being shared
among many people on the internet. I put it here as an alert because
it describes a very clever way that scammers can steal from you.
These scammers didn't sound like thieves, which is the way
internet phishing theft often happens.
The person that was scammed has related
this as a personal experience.
Here's her story--
"My husband was called on Wednesday from "VISA", and I was called on
Thursday from "MasterCard." The scam works like this:
Person calling says, "this is, and I'm calling from the Security and
Fraud Department at VISA. My Badge number is 12460. Your card has
been flagged for an unusual purchase pattern, and I'm calling to
verify. This would be on your VISA card which was issued by bank.
Did you purchase an Anti-Telemarketing Device for $497.99 from a
marketing company based in Arizona?"
When you say "No" , the caller continues with, "Then we will be
issuing a credit to your account. This is a company we have been
watching and the charges range from $297 to $497, just under the
$500 purchase pattern that flags most cards. Before your next
statement, the credit will be sent to (gives you your address), is
You say "yes." The caller continues... "I will be starting a Fraud
investigation. If you have any questions, you should call the 1-800
number listed on the back of your card (1-800-VISA) and ask for
Security. You will need to refer to this Control #" The caller then
gives you a 6 digit number. "Do you need me to read it again?"
Here's the IMPORTANT part on how the scam works. The caller then
says, "He needs to verify you are in possession of your card." He'll
ask you to "turn your card over and look for some numbers. There are
7 numbers; the first 4 are your card number, the next 3 are the
'Security Numbers' that verify you are in possession of the card.
These are the numbers you use to make Internet purchases to prove
you have the card. Read me the 3 numbers." After you tell the
caller the 3 numbers, he'll say ,"That is correct. I just needed to
verify that the card has not been lost or stolen, and that you still
have your card. Do you have any other questions?" After you say No,
the caller then Thanks you and states, "Don't hesitate to call back
if you do," and hangs up.
You actually say very little, and they never ask for or tell you the
card number. But after we were called on Wednesday, we called back
within 20 minutes to ask a question. Are we glad we did! The REAL
VISA Security Department told us it was a scam and in the last 15
minutes a new purchase of $497.99 was charged on our card.
Long story made short, we made a real fraud report and closed the
VISA card, and they are reissuing us a new number. What the scammers
wants is the 3-digit PIN number on the back of the card. Don't give
it to them. Instead,
tell them you'll call VISA or Master card direct. The real VISA told
us that they will never ask for anything on the card as they already
know the information since they issued the card! If ! you give the
scammers your 3 Digit PIN Number, you think you're receiving a
credit. However, by the time you get your statement, you'll see
charges for purchases you didn't make, and by then it's almost to
late and/or harder to actually file a fraud report.
What makes this more remarkable is that on Thursday, I got a call
from a "Jason Richardson of MasterCard" with a word-for-word repeat
of the VISA scam. This time I didn't let him finish. I hung up! We
filed a police report, as instructed by VISA. The police said they
are taking several of these reports daily! They also urged us to
tell everybody we know that this scam is happening.
Please pass this on to all your friends. By informing each other, we
protect each other. Thank-You."
and thanks to our friends, the Smiths from Pennsylvania, USA, who sent it
Prices going up for
We've observed that some of
the security software providers have made moderate increases in the
prices of the individual programs that make up their security
suites, (a combination of firewall, anti-virus, spam blocker, and spyware killers). We've also noticed that the price of the Security
Suites, themselves, seem to be holding fairly steady.
In our opinion, there are a couple of valid reasons for their
marketing policies --
1. More security for the internet user. Having just one of
the parts of the package doesn't provide sufficient protection
against the hackers and spammers.
The Security software providers know this and their pricing
encourages users to do a safer job of protecting their computer
2. Security software developers have realized higher costs to
maintain updates because of the constant and increasing number of
viruses and malicious software (malware) variations entering the
The most important issue, of course, is to have full, and current
protection. If the renewal subscriptions for updating your
security programs should expire around the same time, of if you
don't have all of the parts of these suites, it could be more
economical to consider the full security suites. Visiting the
providers, such a McAfee, Symantec, etc., through the links at our
Firewalls and Virus Protection site is an easy way to start
December 6, 2004, more on holiday hazards- buying a new computer
If you plan to buy a new computer
this season, there are a couple sources of danger to consider:
Some local shops offering bargain computer system deals may not have
installed the latest patches for the operating systems. Microsoft,
in particular, provides security patches for Windows operating
systems on a regular basis (they have to, to keep with the virus
writers who constantly seem to find holes and vulnerabilities).
Same is true for firewall and anti-virus software. If the local
shops do include them, the versions may not be recent enough to
actually find and destroy the most recent viruses (over 1400 new
virus variants identified in November, alone!)
The same holds true for anti-spyware programs.
An unprotected computer (one with out-of-date firewall and
anti-virus software) could be infected within 20 minutes on going on
line the first time.
Our recommendation is to obtain verification from a knowledgeable
salesperson that the Operating Systems, Firewalls and anti-virus
software are the latest versions available as of the day you
actually pick up your new computer.
... ... Richard
December 5, 2004,
potential e-mail Virus Trap for online Shoppers
The November 2004 issue of our
Security Alert News Reporter
carried an article warning about a new threat of embedded PC virus
links that may appear in e-mail messages.
reports on a new version of the Mydoom virus that will infect
your computer if you click on the link in the text of the
e-mail. Typically, you must download and open the attachment to
be infected with a virus. Not with this one.
Here's our major concern regarding this threat:
Combined with the increasing prevalence of spoofed 'FROM' addresses,
(official looking but fraudulent e-mail requests for personal
information), it's highly probable that
some of the unsolicited (Spam) e-mail offers you receive for all
kinds of products with special deals and outlandish claims could
bait you into this ambush.
Online shopping is generally safe and secure when you buy from
recognized and well known businesses, especially when you search for
their internet addresses yourself and visit their sites.
Our recommendation for opening e-mail from any unfamiliar source is
to Delete it immediately. Don't even open it, or if you do, don't
click on any links that it may contain.
December 3, 2004
About the coming Holiday Season -- Net Security during the
Sharing messages and holiday
pictures will be one of the major and fun uses
of the internet during, and after the coming season.
It's also a 'fun' time for the malcontents and malicious people who
an even greater opportunity to flood our email boxes with virus
messages, spoofing and phishing threats.
Why is this a greater opportunity for them?
Consider the increased use of the internet by family members who
will be testing their new digital cameras and new computers,
scanners (if they don't use a digital cameras), and a host of other
new digital toys and devices.
The hackers, crackers and internet thieves will be ecstatic! For
sure, many of
their targeted computers will be unprotected, subject to intrusion
by their viruses,
trojan horses, spyware and other malicious stuff.
Yes, nearly everyone is now aware that having Firewalls and virus
is an absolute necessity.
And Yes, their computers probably have these tools because they are
included with the software that comes with new computers.
But, have they been updated regular, even recently?
How about your protective programs? When did you update last?
Updating must be done for Operating Systems as well as firewalls,
programs and spyware scanning programs. It's general knowledge that
some browser services are targeted by the hackers (Internet Explorer
one). Actually, viruses and spyware can intrude into your system
others, as well.
Think of all of the unwary and inexperienced people who enjoy
the internet and communicating with family and friends. They are
the prime targets.
How to help them and make them aware, and protect them from the
loss of private and personal information, files, important data, and
identity is the Goal of many organizations, software providers, and
some individual webmasters.
You can be a part of our "Security Awareness Campaign" and direct
family and friends to these helpful websites, such as ours, at
Our message for this holiday season is to "Gift the people you care
by helping them learn how to protect themselves and their families.
Firewalls and Virus Protection website contains the information
really need, and it's easy to read and understand.
Happy Holidays to all. . .............Richard