(847) 201-6416

Author: Mike Pontillo

The bad guys are getting smarter

Continuing on the theme of “More Ways Your Poor Computer Is Under Attack,” we look today at the phenomenon of phishing, a scheme which gets hold of your personal information in a very simple way – by tricking you into willingly providing it.

You already know that you should avoid following web links in e-mail messages. A spoofed message claiming to be from PayPal, for example, can direct you to a fake website that looks just like PayPal, which then captures the password and credit card information you type in. Fraudulent purchases, or even identity theft, are likely to follow.

Fortunately for us, most of the hackers behind these tricks know their way around a computer, but not a dictionary. Lousy spelling and grammar are a good tip-off that you’re on a bogus site.

That’s why I was surprised to learn of a new Trojan horse called Kardphisher, which mimics the activation procedure for Windows XP. If the Trojan gets on to your computer, it waits until you reboot and then informs you that you have to “re-activate” your copy of Windows.

 

 
On the next screen, Kardphisher gets down to business.


 
For the record, Microsoft does not request credit card numbers during activation, and it certainly wouldn’t ask for your ATM PIN.

Nonetheless, Kardphisher is a well-designed hack. I saw no grammar or spelling errors; just a clumsy use of punctuation.

The Trojan is not widespread, and Symantec rates it a very low risk. Any updated anti-virus program will be able to deal with it, so odds are you will never see this on your computer.

However, it’s worth knowing about, because anti-virus programs and firewalls are no substitute for vigilance. We all need to pay close attention to what we are doing on the computer, because the bad guys have learned how to spell.

Surfing safely on public wi-fi

Free wi-fi is becoming ubiquitous at restaurants and coffee shops (Starbucks and Panera Bread are two that come to mind). It’s convenient, but it’s not secure.

Once again, hackers have found a way to ruin the fun for the rest of us. By using nothing more than a laptop or handheld PDA with wireless capability, a malicious individual can establish a spoofed access point that looks identical to the one hosted by the store. If you innocently connect to it, the hacker can capture all of the data you send and receive from your laptop, including passwords.

Worse yet, a hacker can use a public access point to launch exploits — code that attacks known security vulnerabilities in both the wi-fi network hardware and your laptop.

Chances are that the fellow jerking lattes at Starbucks is not a network security expert. Therefore, you need to take basic steps to protect yourself and your equipment.

A pcmag.com article by Jamie Lendino lists four things you can do to protect yourself on public wireless networks, which I will summarize as follows:

1. Keep your shields up. Make sure you have security tools installed on your portable device. Antivirus software is a must, as well as a firewall. The built-in firewall provided with Windows XP is sufficient for most purposes, but if you use a wi-fi network frequently, consider a two-way firewall such as ZoneAlarm. A full suite such as Norton Internet Security will cover all the bases, but it tends to be a resource hog, especially on older laptops.

2. Stay up to date. Make sure you have installed all the latest updates for both your security software and Windows.

3. Don’t share. Make sure Windows file and print sharing are disabled when you are out in public. It’s a convenience when you’re in the office or at home, but an unnecessary exposure when you’re not.

4. Watch where you’re going. Before entering any personal info on a secure site, make sure it’s secure. Look for https:// in the address bar, as well as the padlock icon on your browser. Better yet, maybe you should think twice before conducting any major financial transactions on a public network.

I don’t want to scare you off using public wi-fi. It can come in very handy sometimes. These four tips are important for any PC use, public or private. But on a public network, they are vital.

Dell sees the light regarding Vista

The two biggest PC companies, Hewlett Packard and Dell, have continued to offer new PCs preloaded with Windows XP, but only to their corporate and small business customers. All new consumer PCs have been offered only with Windows Vista, which is just the way Microsoft wants it.

In February, Dell rolled out a new Web site called IdeaStorm, which gave customers an opportunity to provide feedback and make suggestions regarding Dell products. The day after the site launched, the following message was posted by a user named javaprog07:

“I would like to see both Home and Business computers, especially notebooks, have an XP Home and Pro option on top of Vista until it has at least been out for a year.”

It was the first of many requests. On April 19, Dell responded.

“We heard you loud and clear on bringing the Windows XP option back to our Dell consumer PC offerings,” began the message.

Dell has announced that they will now offer Windows XP Home and Windows XP Professional on a handful of models — on two Dimension desktops, the E520 and E521, and four Inspiron laptops, the 1405, 1705, 1505 and 1501.

In case you’re still fearless, consider this message I received from a client yesterday.

Heard a horror story from my brother tonight…He just bought a brand new laptop with Vista on it. Said it took him 3 hours on the phone just to get the DSL operating as they are not equipped to work with Vista – no software or whatever. Then when he hooked up his printer, which is only 1 year old – he went online to get the software updated, and they didn’t have anything that would work with Vista. He ended up going out to get a new printer, and then he still had trouble. He was ready to chuck the whole thing. He finally got everything hooked up but he spent a whole lot of time getting it together. Was he mad. He said that the software for all of the hardware is not up to date with Vista. One more reason not to get Vista.

I have heard similar stories from many sources. Hardware manufacturers are notoriously slow to develop drivers for new operating systems. We went through the same thing with XP.

Give it a year.