TECH TALK: Porn sites not the only risk factor
By Contributor
In times past, people could protect themselves from computer viruses by staying out of the “questionable” corners of the internet. While this hasn’t been true for years now, many people still believe that watching where they surf will keep their computers un-bugged. Antivirus company AVAST! just released an analysis of infected websites that should, once and for all, put this belief to rest (it won’t, but it should).
They found that, for every “adult” website that is handing out viruses, there are 99 legitimate ones. That’s a pretty stunning imbalance. They also found, in England, that there are more infected domains containing the word “London” than ones containing the word “sex”.
The reason is money. Viruses, spyware and spam are BIG BUSINESS. Top affiliates in one organization were averaging $107,000 per week. They do this in a number of ways. They start by trying to get you to buy things. My brother-in-law bought Antivirus XP 2009, which is a virus not an antivirus, for $100. I’d love to take this opportunity to hack on my brother-in-law but the reality is I’ve seen some very intelligent, capable people sucked in by this.
Once they have processed the credit card transaction you authorized, they sell your information to the highest bidder. I’ve read reports from investigators who have penetrated these organizations, and the level of sophistication is amazing.
From there, they take over the use of your computer. That’s why viruses and other malware slow your computer down. They are actually using your processing power and network connection for their business. I talk to people fairly regularly who say, “I don’t need to protect my computer; I don’t have any sensitive information on it.” The trouble with that perspective is that the bad guys don’t care nearly as much about your information as they do the use of the computer itself.
Once they have the use of your computer, there are a number of ways they make money from your PC. One of the easiest to see is spam. They send the spam to your computer, and have it send to the rest of the world. This way, when someone gets caught sending spam, it’s you not them. I talk to people on a regular basis who have gotten letters from their Internet Service Providers (ISPs) telling them to stop spamming the world or their accounts will be canceled. They generally tell me that they aren’t sending spam to which I always reply, “Yes you are. You just didn’t know it until now.”
Keep in mind that conservative estimates of spam place the money being made in the billions of dollars per day. With that kind of budget, the bad guys can afford some pretty impressive operations.
Another use of your computer is the hosting of illegal content. A bad guy who wants to sell stolen credit card information, for instance, will store the illegal information on your computer. That way, if he accidentally sells to the RCMP or the FBI, the transaction gets traced back to you instead of to him. This happens with all sorts of illegal content but the one that concerns me the most is child pornography. In 2007, an employee of Michigan named Michael Fiola was charged with possession of child pornography when his employer found that his computer was using four times the internet bandwidth it was supposed to. After a year of fighting and $100,000 in legal costs, the charges were dropped when it was determined that, because of being poorly set-up, Mr. Fiola’s computer could have been being controlled by anyone with internet access.
Have I scared the stuffing out of you to the point where you no longer want to go on the internet for anything? Fortunately, that’s not necessary. There are less-extreme measures you can take. First, make
sure you are updating your software. When Microsoft or Apple wants to install software, make sure it’s them, and then let them. These patch, among other things, critical security holds that can leave you vulnerable.
Next, run a decent anti-virus. Kaspersky is very good, and Bitdefender is getting very good rating lately. “What about the free ones?” you might ask. My answer is that they aren’t free. While you’ll spend $60-70 on a decent paid antivirus, I usually end up getting paid $120-160 to de-louse a machine. That makes “free” anti-viruses roughly twice as expensive as the paid ones.
Once you’ve got an up-to-date computer running a good up-to-date anti-virus, the next step is to change your browser. Firefox (www.getfirefox.com) is the most popular alternative to Internet Exploder, but I prefer Opera or Google Chrome.
Finally, be careful what you click on. When a dialog box pops up asking you something, read it before you click “OK” or “Yes”. While it’s an interruption and an inconvenience, it’s not nearly as much of an inconvenience as having to pay someone like me $160 to remove the malware you just installed.
Comments