| How
to identify a Hoax Virus
Warning
What
to do if you receive a
Virus Warning
FIRST, CHECK with
Google http://www.google.com
McAfee http://www.mcafee.com
Sophos http://www.sophos.com
Symantec http://www.symantec.com
to see if it is a hoax.
SECONDLY, sign up for
McAfee's Virus Warning
Emails so you can ignore
all the others.
THIRDLY, delete it without
forwarding it to anybody.
There are several methods
to identify virus hoaxes,
but first consider what
makes a successful hoax
on the Internet. There
are two known factors that
make a successful virus
hoax, they are:
1. technical sounding
language, and
2. credibility by association.
When we say credibility
by association we are referring
to who sent the warning.
If the janitor at a large
technological organization
sends a warning to someone
outside of that organization,
people on the outside tend
to believe the warning
because the company should
know about those things.
Even though the person
sending the warning may
not have a clue what he
is talking about, the prestige
of the company backs the
warning, making it appear
real. If a manager at the
company sends the warning,
the message is doubly backed
by the company's and the
manager's reputations.
Individuals should also
be especially alert if
the warning urges you to
pass it on to your friends.
This should raise a red
flag that the warning may
be a hoax.
Another flag to watch
for is when the warning
indicates that it is a
Federal Communication Commission
(FCC) warning. According
to the FCC, they have not
and never will disseminate
warnings on viruses. It
is not part of their job.
DO NOT circulate
virus warnings without
first checking with an
authoritative source.
Authoritative sources
are your computer system
security administrator
or a computer incident
advisory team. Real warnings
about viruses and other
network problems are issued
by different response teams.
If you download a warning
from a web site or validate
the PGP signature, you
can usually be assured
that the warning is real.
Warnings without the name
of the person sending the
original notice, or warnings
with names, addresses and
phone numbers that do not
actually exist are probably
hoaxes.
PC
Security
You are right to be concerned
about Computer Security
if you connect to the internet.
My computer is secured
with Symantec's Norton
SystemWorks - AntiVirus,
Firewall and LiveUpdate,
so I'm AUTOMATICALLY made
safe as soon as new viruses
appear.
I have personally received
DOZENS of emailed viruses
(7 in the first 4 months
of 2004) but none has harmed
my computer or my data.
If you are not aware of
Trojan Horse viruses, the
chances are your computer
is wide open to potential
attack from malicious hackers
or harmful viruses.
If you think you've got a virus.
For a FREE CHECK on
your computer security, visit
this web site.
Ensure that your PC has
a major company's security
software.
Recommendations:
Buy and install Symantec
SystemWorks or Norton Internet
Security
KEEP Antivirus definitions
UPDATED with automatic
LiveUpdate
Keep the software up to
date with LiveUpdate
Amazon.co.uk teamed up
with Symantec to launch
a new shop, packed with
special offers. Fix Windows
problems at the click of
a button - make your Internet
connection safe - protect
your data.
Visit the Symantec Shop
at Amazon.co.uk (see
sidebar).
Advice
on creating and using passwords
- Never use a password that
is easily guessed by those
who know you, e.g. don't
use names of members of
your family or pets.
- Never use a numerical password
that is associated with
you publicly, e.g. don't
use your telephone number.
- Never use a mixed number/letter
password that is associated
with you publicly, e.g.
don't use your present
vehicle registration plate.
- Never use your name or
User ID also as your password
- or "Fred" or "Password!"
- Never use passwords containing
complete words, in any
language.
- Never let anyone see what
you are typing - either
from the screen or the
keyboard - when logging
on in a public place such
as an Internet Cafe.
- Never tell anyone your
password. Did you know
that someone can copy or
remove your email before
you get to it, if they
know your ISP logon and
password?
- Never re-use the same password
you have used the previous
twelve times.
- Never post or write down
your password in obvious
places.
- Never embed your password
in any automated logon
procedure.
Good
Practices, if the system
allows it:
Change your password at
least every 90 days.
Use a password that contains
a combination of numbers
and letters -
Use six characters or more.
Make your password complicated
but easy for your to remember.
When creating your password,
think of a memorable phrase,
e E.g. "The Quick
Brown Fox Jumps Over The
Lazy Dog" Use the
first letter of each word
and convert some into numbers
that resemble letters,
such as in this example:
tq6fj0tld. Some systems
differentiate between UPPERCASE
and lowercase characters,
so mix some of those in,
too, where possible, e.g.
Tq6fj0TLd
Amazingly, one well-known
UK Bank forces letters-only
passwords, while another
provides you with an unchangeable
password that is all numbers!
Scams
to collect or confirm
your email address
Do not reply, unless you
WANT to give them your
confirmed email address...
Ever wondered how people
get your email address?
One way is simple - they
use 'harvesting' software
to trawl the world wide
web pages - find @ signs,
and, hey presto, they have
millions of email addresses.
Some CDs of address lists
are compiled in this way.
These can be sold to people
who like to "spam" -
or send genuine unsolicited
commercial email (UCE).
Since I installed Norton
Personal Firewall, I have
been amazed at how many
emails that arrive as a "web
page" are being used
to collect my email address.
They don't get it from
me because Norton Personal
Firewall allows me to "block" sending
email addresses to the
requesting web site.
I wholeheartedly
recommend you install
Norton Personal Firewall.
One problem is that the
email addresses are not
confirmed, so this type
of business would like
you to CONFIRM that your
email is correct and that
it is ACTIVE. So, a company
who is doing this just
for the email-list business,
or selling email addresses
as a side-line revenue,
may send you an innocuous
email which ends with something
like...
"If you do not wish
to receive this regular
free report, simply reply
and type REMOVE in the
subject box, to listmanager@aaaaaaaaa.com
Thank you."
The only reason they want
you to reply is to turn
their "possible" email
address they have for you,
into a "confirmed
and active" email
address, which is much
more saleable! If you don't
want them to gain from
confirming your email address,
simply delete the email. |
