Thursday, April 1, 2010

It's Not Your Father's PC Virus


The world of computer viruses has evolved extensively over the past several years. Gone are the "good old days" of viruses written by precocious, young computer gurus to garner attention and gain fame among their peers. Those old viruses were bad enough - sometimes destructive - but often just an annoyance.

Today's viruses, better termed malware, are different. They are in it to make money. Organized crime operations in other parts of the world, commonly Eastern Europe and China, are coming after your money and your identity and they are doing it through your computer. These organizations are well equipped and have mission statements, budgets and staff meetings! And, if you are not careful and alert, they may soon have your credit card number and other vital personal information.

How are they doing it?

These "bad guys" endeavor to infect your computer by sending you an infected email attachment or by enticing you to visit a web site specifically coded to exploit a vulnerability in your computer. (Methods of malware transmission is a topic for a future newsletter.) Once your computer is infected, the bad guys can have your computer do their bidding. Here's some of what they can do:

They turn your computer into one of their "bots" (as in robots). The "bot" checks in with its master controller server, somewhere on the Internet, and gets further instructions. Perhaps your "bot" (disguised as your innocent little computer) might become a SPAM server, sending out thousands, perhaps hundreds of thousands, of SPAM email to people around the world. It's unlikely you'll know anything is amiss except maybe your computer has suddenly slowed down. On another occasion your bot joins a network of other bots to shut down a website whose owners are being extorted for money or political reasons. By some counts, 15% to 20% of computers worldwide are "bots".

The master server might direct your PC to pop up a virus alert; something like - "AV 2010 has detected 34 viruses on your PC. Click here to remove." (or words to that effect). When you "Click Here" you get a warning stating you don't have the full version of their "product", and that you must purchase the full version in order to remove the viruses - "Enter your credit card number here and click Next". Don't do it! This tactic has given rise to a new term - Scareware. We at Geeks On Call in Charleston see this scenario several times each week.

The bad guys have even been known to extort money from legitimate web sites by using their massive "botnets" to launch an attack. They send so many web page requests in such a short time that the legitimate web servers are overwhelmed and cannot respond to any more requests. Perhaps you've heard the term "Denial of Service attack" - this is an example. It sounds crazy - and it is - but it's true.

What can you do?

Here are a few simple things you can do to protect yourself:

Keep your computer up to date with all of the latest Microsoft Security Updates. The easiest way to do this is to ensure the Automatic Update feature of your PC is turned on and functioning correctly.

Arm your computer with a reputable Security (notice I didn't just say Anti-Virus) product. Make sure it is working correctly and is always up to date. Reputable security software vendors send out automatic updates for their software daily, or more often when the need arises.

If you are a business owner who relies on your computers and your vital business data, you need professional assistance. We are ready to assist and it is time well spent.

Make sure your vital data is backed up. Remote Data Backups is a world class automated, offsite backup solution. Vist their website for further information.

Educate yourself about these dangers and how to protect yourself.

Geeks On Call can provide you with reliable, professional, onsite service for all of your computer and network security needs. We can help you protect yourself and your identity and provide you with peace of mind. Call 1-800-905-GEEK (4335) to make an appointment. (Or visit our website at www.geeksoncall.com)

No comments:

Post a Comment