Understanding Search Results

I have noticed that my clients are getting “infected” by malware lately. They report that their computer is quite slow and they continually get “pop-ups.” These pop-ups are not in their browsers, they appear while they are simply using their computer.

I decided to try to figure out how my clients are downloading these nefarious programs. They all swear they did not download them but, of course, they did. I had one of my clients demonstrate how she had downloaded iTunes which she knew was the last thing she had tried to download (iTunes was not installed even though she had tried to download it). She typed “iTunes” into her browser search box. The first few results were NOT Apple.com websites. They were ads!
The link results of her search were similar to these:

The word “Download” was prominently displayed which drew her attention to the one she clicked on. I had my answer to how clients are installing these pesky programs. My client, and I suspect, the average computer user, did not understand the structure of a web address. And why would she?! Technology expects so much of the average user.

Her first mistake was to click on one of the “ad” links. Ads are displayed at the top of the search results. If you look closely, you will see “Ads related to: iTunes” and below that a few ads paid for by advertisers, of course. Below that will be the native search results.

The most important thing to pay close attention to in search results is the structure of the web address of the displayed links. The word just before “.com” should be “apple” (in this example). In her results it was “win-install” and “gufile” preceded by “itunes” or “itunes.apple.” These are NOT Apple websites. They are subdomains of win-install.com and gufile.com. These types of websites are not to be trusted. Their downloads will, at the very least, simultaneously download (and silently install) several programs which will start popping up every few minutes trying to get you to pay for them.

Other consequences of downloading from these types of websites are:
Search engine is changed to, for example: Conduit Search
PC Backup software pop-ups
Your Home page is changed

Email passwords – How strong is strong?

types of malware

You need a very strong password for your email and, especially, your bank accounts.

I have often heard my clients say, “It’s just my email. I don’t care if anyone reads them.” Having a strong email password isn’t just about privacy, it’s also security for the Internet in general. One of the main reasons that email account passwords get cracked in the first place is to allow spammers to send spam. Because it is getting harder and harder for spammers to send their much maligned messages, they are constantly having to find new ways to get the deed done.

Not only do spammers use your email account to send spam to everyone in your email address book, they also use viruses of all types to create botnets which send their spam. Botnets are collections of computers (mostly personal computers) that are infected with malware, programs installed without the owner’s consent or knowledge. Once infected the computers are used by the creator of the malware to send spam, make a unified attack on servers, find and infect other computers to add to the botnet and any number of undesirable activity.

As a responsible netizen, you should do your part to protect the general health and well-being of the Internet and do your part to suppress spam. There is another reason and it may inspire you to create a strong password—loosing control of your email account.

In my experience, Yahoo, SBC Global, ATT and AOL email accounts are cracked most frequently. SBC Global and ATT email accounts are hosted by Yahoo. I don’t know if there is something lacking in security at Yahoo and AOL or if they are simply targeted because of their size. Whatever the reason, if you have an email account with one of these providers you had better have a strong password!

If can’t log in to your account, your password has been cracked and you will have to reset your password after verifying that you are the account holder. This usually entails answering a security question that you set up when you opened the account. Sometimes, if your account was set up several years ago, these security questions weren’t set up or you skipped the step because of the annoying and tedious nature of the process. In this case, the process is much, much harder and it could take several days to regain access to your email.

Another verification technique employed by most email providers is using a mobile phone number to send a verification text message. If you are asked for a mobile number when setting up an email account, you should provide one; it is the simplest method of verification because…What IS my favorite restaurant??

Java – What is it? Should I update it?

JavaJava is a programming language first released by Sun Microsystems in 1995. There are many applications and websites that will not work properly unless you have Java installed so chances are you already have it installed. The problem lies in which version or versions are installed on your computer.

First, and most importantly, when you get a pop-up telling you that an update it available for Java, click OK to allow it. Updates are very often security updates, meaning they have found a vulnerability in the program and are fixing it with an update.

Next, go to Control Panel then Programs (or Add/Remove Programs) to uninstall old versions of Java. There should only be one version installed; it will be Java 7 Version 25 or higher if it is “up to date”.

If you have Java 6, uninstall it; there may be multiple versions of Java 6. Uninstall them all. This is very important! Starting with Java 7, old versions will be uninstalled when an update is applied but Java 6 must be uninstalled manually.

Visit Java’s website to remove older versions.

UPDATE: Java is so vulnerable and incessantly updating, I have since revised my policy and now simply uninstall Java. The only folks who seem to need it are those that play online games and don’t get me started on that risky behavior.

WordPress hit by massive botnet | ZDNet

Summary: A massive botnet of tens of thousands of machines is attempting to hack in to weak password protected “admin” accounts of the popular blogging platform.

Blogging and website platform WordPress has been hit by a massive botnet of tens of thousands of computers, but it could be just the surface of a wider, larger attack.

The performance and security firm CloudFare warned in a blog post today that the unknown attacker is using a “relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack,” suggesting a calm before a heavier storm.

The botnet is attempting to “brute force” attack WordPress websites using the username “admin”, with thousands of different passwords. The botnet of machines — often individual machines infected with malware and subscribed to target servers and websites with vast amounts of data — is being used to hack web-based WordPress installations.

This botnet channels some bandwidth from individual computers infected with malware, which in mass and collectively can cause the overloading of servers. Typically, this kind of attack is either used by willing participants to cause a distributed denial-of-service (DDoS) attack against websites to force them offline, or by “slave” computers that can be used to carry out hacking attempts.

It comes only a week after WordPress enhanced user security by rolling out an optional two-factor authentication system.

WordPress founder Matt Mullenwag criticized those who were offering “solutions” to the problem, such as CloudFare, and instead suggested changing default usernames as an additional step to protect their WordPress accounts.

“If you still use ‘admin’ as a username on your blog, change it, use a strong password, if you’re on WordPress.com turn on two-factor authentication, and of course make sure you’re up-to-date on the latest version of WordPress,” he said.

“Do this and you’ll be ahead of 99 percent of sites out there and probably never have a problem.”

WordPress remains a large target for hackers, which has around 64 million individual blogs and websites, with more than 370 million readers each month. Alexa ranks the blogging network as the 21 most visited site in the world.