Spiked Security

Hope everyone is having a wonderful and safe holiday season.  I bet some of you either got or gave cell phones in your holiday gift-giving.  I also bet you didn’t know that you may have inadvertently enabled someone to become a victim of cyber bullying or digital abuse. 

You laugh?  Nope, Spike is being serious here. Digital abuse is on the rise and more and more teens are being targeted. A Thin Line, a website created by MTV to help educate teens about digital abuse, is an excellent place to start.  You can read more about MTV’s accompanying study here.

Digital abuse is not just about cyber bullying, cyber stalking or cyber impersonation - studies also show that one-third of all teens use their cell phone for inappropriate texting and imagery.  Wow, one third!  That means that parents are not making our youth aware of the permanency of the digital forum.  Once taken and sent, a picture becomes part of the digital universe and can resurface anytime when you least wish it.  Most of you spend the time to talk to your youth about this and Spike applauds that.   Remind them that even if they are responsible with their digital phones and cameras, other are not, so be careful not to put themselves in compromising positions where others can capture their image.  (Too bad many of Hollywood’s stars don’t heed that advice!)  Pay attention to your family members, talk about both the positives and negatives of the Internet and cell phones and help everyone stay safe.  It would be sad to ruin little Suzy’s* run for president in 25 years by having pictures of some high school party show up just before election day!

More resources for parents and youth:

www.internetsafety.com

www.ftc.gov/youarehere
Federal Trade Commision site for youth and Internet safety

www.stopbullyingnow.hrsa.gov/kids/  
National Health and Human Services’ site about cyberbullying

www.ncpc.org/cyberbullying
You all remember another famous animal helping kids be safe?  NO!  Not Smokey Bear, I am talking about McGruff the crime dog!  Yep this is his site on cyberbullying.

The Internet is full of snakes; don’t let them eat you!

Spike

*”Little Suzy” is a fictional character and has no resemblance in real life to anyone anywhere that Spike may or may not have met.  But she could be ANY OF YOU!

Yep, you can use Facebook for business.  As talked about in this nice blog from PC World’s David Coursey, you can keep your friends from being bored by your  business posts, as well as prevent your business associates from seeing the embarrassing posts by your sophomoric friends.

Read to keep your life separated!

The Internet is full of snakes; don’t let them eat you!
Spike

Spike loves it when popular services work toward improving your control over your privacy.  So, a big piggy YAY to Facebook for their new privacy options.  Now that Facebook has done this, you should check them out and use them.  One big area to look at is the privacy settings for applications.  Fix these - the default options share way to much!

So check out your privacy settings and adjust them to your personal level of comfort!

Also check out these great articles from the computing press on these new tools, and take special note of how to keep yourself from being tagged in a photo, how to keep your friends information off the search, and how to stay off a Google search.

AllFacebook: 10 New Privacy Settings Every Facebook User Should Know

Network World: New Facebook Settings: 5 Things You Should Know

The Internet is full of snakes; don’t let them eat you!

Spike

Spike has been following Roger Thompson’s  blog for a while now and it is always interesting, but this post is down right SCARY!

Please read Roger’s blog about his Facebook information and friends!!!

go to:     thompson.blog.avg.com – DON’T click here, go type this into your browser and read.

The Internet is full of snakes, don’t let them eat you!

-Spike

A number of respected security sources are reporting fake swine flu emails that are pretending to be the CDC (Centers for Disease Control) and then ask you for information.  Don’t follow these links and read these attached links to see what the emails look like.  This is yet another reminder that hackers like to prey on our fears to fool us into doing things we shouldn’t.  And by the way as a “guinea pig” I am constantly offended at the name “Swine Flu”, its not our fault!

This is the same malware which was infecting people with a fake IRS email.  No the IRS is not suddenly going to give you money if you follow a link in a email out of the blue!

Symantec example of the swine flu email:  http://www.symantec.com/connect/blogs/zeus-trojan-catches-swine-flu

McAfee example of the swine flu email: http://www.avertlabs.com/research/blog/index.php/2009/12/01/h1n1-vaccination-profile-a-path-to-infection/

and for more information about this infection path you can check out the network world article here: http://www.networkworld.com/news/2009/120209-fake-swine-flu-emails-lead.html

The internet is full of snakes; don’t let them eat you!

-Spike

Cyber Monday is becoming almost as big a shopping day as Black Friday.  You should have already started to see the upswing in email advertising.  As you are getting pummeled with email ads you need to be more diligent in your email review.  When real ads increase so to do the scam ads.  Scam ads are very clever this year; they look real, in fact they look just like the real vendor being spoofed. So read them carefully, and ask why you got this ad. Is it part of your normal advertising based on places you frequent (GOOD!)?  Or have you never seen this store before? How did they get your email?

How to stay safe?   Don’t click on and follow ANY link in email ads.  Try to start your shopping by going to the vendors site and put in a sale code from the email or log on as a customer to find your offer.

Before you buy, make sure the vendor is legitimate.  Check the Better Business Bureau (bbb.org), or search the vendor on the web with the word “scam” after their name and look for scam listings.

LOOK FOR THE LOCK on your browser.  Make sure the browser is in secure mode so you are not sending your payment information across the net in the open.  Somewhere depending on your browser of choice there is a lock or indicator you are in secure mode.  Look for the address to start with HTTPS not HTTP, look for the top bar to turn green, or a padlock to follow the URL line.

Shop where you know, don’t follow links you are not sure about, check with the BBB, and have a happy and safe holiday shopping season!

The Internet is full of snakes, don’t let them eat you!

-Spike

Every day people browse the web, and every day they click on the blinky that says, “You are the 1 millionth visitor – get your prize” or “You won a free car” or “Just send this link to your friends and have them send it to their friends and…. you will get rich”.  And every day, Spike gets sadder.

Internet security and safety is not just about the tools you install, the browser you use, or the operating system you run. It’s also about a healthy dose of skepticism.  I may be only 4 inches tall and have to run around the keyboard to type these (Yes, my owner finds that very amusing), but even my little rodent brain knows that I really didn’t win a free car.  (Side note:  How cool would it be if I could even drive?!)

So when you browse the Net or play in your favorite social media site, be skeptical.  Ask yourself “why” before you click.

Most attacks on the Internet involve you doing something.  Yep, you, yes all of you, and yes, even you, the guy looking around for someone else. Yes, you all click on stuff on a web page and start the attack rolling.  And sadly, these attacks are very, very clever.  They can hide the attack start button to look like the “close” button on the window.

Some tips on how to avoid launching your own attack:

1) Don’t click on strange ads on the edges of the screen.  These are often loaded with issues.  Many have issues that the advertiser is unaware of, so don’t blame them right away.

2) If it is too good to be true in real life, it is STILL too good to be true on the Internet.

3) If you get a pop up, do not click on any button.  If it shows up in your “window bar” at the bottom of your screen, right-click and close it.  If not, use the “X” to the right of the window.

4) Be skeptical.  Before you react, ask yourself “why”, then ask again.  Look for the catch, the flaw, the vile fly hiding in the ointment, the thing you most fear in the dark recesses of.. umm.  Sorry, got into writer mode there – my owner left the TV on SYFY channel all day…but really, ask yourself questions and count to 10 before you click.

The Internet is full of scary alien monsters who will eat anything; don’t let them get you!  (I wish my owner would change the channel!)

Spike

It is that time of year again.  People begin shopping more than ever.  More and more shopping is done on the Internet.  Christmas is fun, and even us little furry piggies love getting presents (hint, hint to my owner: I love chewing on things).  But as shopping increases so do the attempts to trick people into giving away money or information.

A new wave of fake payment requests are targeting email subscribers with subject lines such as, “Payment verification from – (insert your favorite credit card company, payment portal, or shopping site). ”  The message typically says that to stop the payment, you must download and run the attached zip file.

NEVER download a zip file from anyone you are not expecting a file from or normally get files from.  Has your bank or credit card company ever sent you a zip file to run?  Not likely.

Last year, emails about “your shipment” made the rounds, and we will see those again this year. This type of  attack relies on people panicking and thinking that someone has charged something to them falsely and they want to block it.  Don’t panic!

If you are worried about false charges, CALL your credit card company, bank, payment portal, etc., using the number you already have (check the back of your card, previous transactions, the phone book or their website).  Never use a number from one of these emails and never click on any links in these emails.

The Internet is full of snakes; don’t let them eat you!
Spike

Another month and another big patch Tuesay for Microsoft.  Yep, Tuesday Nov 10th saw the release of 6 patches that addressed 12 security issues in Microsoft products.  Microsoft is being very dilegent about patching holes.  If they are going to the trouble of releasing these patches YOU should be installing them!

Go patch your systems right now!  No, don’t put it off until later!  Patch NOW!

Patch info from Microsoft can be found here:  http://blogs.technet.com/msrc/archive/2009/11/10/november-2009-security-bulletin-release.aspx

The Internet is full of snakes, don’t let them eat you!

-Spike

In “Let’s Take a Step Back – Part One I,” I talked about setting up the software on your PC to protect yourself online.  Today I am going to talk about physical hardware devices you should buy to protect yourself. OK, if you are like most people in the free world, you get your Internet access via a cable modem or the equivalent from your phone company.  Mostly gone are the days of 14.4k dial up.  This means that your connection is live all the time, even when you are not using it.  If you leave your systems turned on, your computer is constantly under attack from things on the Internet.  So what can you do to protect yourself from these attacks and to make your connection life easier? 
1. Install a cable router / firewall.
   1. This device physically sits between your cable modem and your computers, and protects your whole network from basic Internet traffic and issues.  This device is NOT a replacement for a firewall installed on your computer.  You should have both.  Spike says, “Defense in depth is the only way to go!”
   2. Your new firewall should be set to NAT, or Network Address Translation, so the inside of your network is not visible (from an address point of view) from the Internet (usually a default setting).
   3. It should be set to deny any inbound calls or traffic (usually a default setting).
   4. Turn on any packet examining capabilities. Not all have this but this will cause your firewall to look into the information sent back to you from a website to determine whether it is dangerous.
   5. Turn on any and all anti-virus, anti-spyware, malware, email filtering, spam blocking and other protections.  The more of these you have, the better. 
   6. Content filtering:  If you have kids (or a spouse/friend/roommate who acts like one) then these settings can control the type of websites they can visit.  Not all models have this, but if yours does, take a look at these – you might like what you see.Mine, for example block hate, hacking, malware, and dangerous software sites.  For the most part it doesn’t bother anyone or keep them from enjoying the Internet.  This is normally a paid subscription addition to the device, but consider what $70 a year can do to protect your kids! 

There are many other settings individual to your brand of device, so read the manual and make use of them.  A firewall on your network does you no good if all the protections are turned off.

The Internet is full of snakes; don’t let them eat you!

Spike