Technology Bulletins

Spam Scams | Security Threat | Virus Threat | Spyware

District Network Status

Security Focus – (National) Malware hitches a ride on digital devices. In the past month, at least three consumers have reported that photo frames -- small flat-panel displays for displaying digital images -- received over the holidays attempted to install malicious code on their computer systems, according to the Internet Storm Center, a network-threat monitoring group. Each case involved the same product and the same chain of stores, suggesting that the electronic systems were infected at the factory or somewhere during shipping, said the director of the Internet Storm Center. The incidents underscore that the proliferation of electronic devices with onboard memory means that consumers have to increasingly be aware of the danger of unwanted code hitching a ride. While many consumers are already wary of certain devices, such as digital music players, USB memory sticks, and external hard drives, that include onboard memory, other types of electronics have largely escaped scrutiny. While a compromise at the manufacturer is the most likely scenario, the director of SANS Institute’s Internet Storm Center also pointed to retailers as a possible point of infection. Returned products, which could have been infected by the consumer, are frequently put back on the shelf, if they are in sale-able condition, and attackers could take advantage of a store’s poor digital hygiene, he said. Consumers will have to be careful with any device that can be connected to a PC, including USB thumb drives, GPS devices, mobile phones, video players, set top boxes, portable hard drives, memory card readers, aneventually even microwave ovens and other appliances, he said. Source: http://www.securityfocus.com/news/11499, Posted January 9, 2008.

SPAM SCAMS

Protect yourself from these clever and cunning con artists. Visit OnGuardInline.gov for FREE practical tips from the federal government and the technology industry on how to guard against Internet fraud, secure your computer, and protect your personal information.  http://onguardonline.gov/

Thank you,
Debbi Minchew, Network Administrator, Posted: May 22, 2006

Security Treat - All Internet Users

Phishing (E-Mail Scams): A phisher is a person who sends out millions of emails looking for that one sucker who will respond. A phisher will send you out an email with subjects like:

Your Citibank Credit Card Number has expired

You must update your Ebay Account Information

Bank America needs to update your information

Amazon.com has a FREE Ipod for you

So, you click on the link and you are immediately sent to a Web Site that looks exactly like your Citibank Web Site (for example). In reality, you have been sent to a Web Site that has been cloned to look like the Citibank Web Site. You are asked to enter your user name and password. You enter the information, and nothing happens. You have just been “scammed.”

The phisher now knows your user name and password.

You assume that because you have a Citibank Credit Card that your email was legit. However, the phisher sends out millions of similar emails. It is likely that one percent or more of those getting that email will have a Citibank Credit Card just by chance. If you enter your user name and password, you have become a fish. The phisher can take your user name and password, enter the real Citibank site, change your account information, address, and even buy a boat using your card. It happens all the time.

How do you avoid being a fish? Most of the time, it’s fairly easy. However, we are willing to bet that everyone will get caught at least once, no matter how smart you are. When you get an email asking you to click on a link, always be suspicious. It is always better to enter the link in your browser. For example, instead of clicking on the Ebay.com link, actually type in the name ebay.com. If you do click on a suspicious link, you can right click your mouse in a blank area on the Web Site. Scroll down to properties and click. If you see something like Citibank.com, you are probably at a good site. However, if you see something like 1232.232.232.232 or scamcitibank.com, you are probably not at the real site.

Please remember, Citibank is only being used as an example here. When Citibank sends you an email, they normally include the last four digits of your credit card on their email to verify that it is the real Citibank sending you the email.

So, let’s say you were “scammed.” You clicked on the Citibank site, entered your user name and password and updated your credit card information on the phony site. Who has your credit card number now? According to the Wall Street Journal, it is likely that a Romanian teenager (or kids anywhere) now has your credit card number and password. He searches certain sites on the internet for organizations who will purchase that credit card information and sells it to a buyer for a commission. The person who now has the information transfers money into his account and pays the original phisher his commission.

Now here is the most bizarre thing. Why does the phisher trust the person who is getting the credit card information? How does the phisher know that he will really receive his commissions. Well, even thieves have ratings. You can go to a site that rates credit card thieves according to their honesty in paying commissions to phishers.

Just fascinating.

For more information about phishing, go to

http://www.antiphishing.org/

or go to wsj.com (Wall Street Journal) and search for phishing.

Thank you,
Debbi Minchew, Network Administrator, Posted: June 28, 2005

Virus Threat - All Internet Users

There have been an unprecedented number of computer virus outbreaks within the district since the beginning of this school year.

What is a virus? A virus is parasitic program written intentionally to enter a computer without the users permission or knowledge. A virus is designed to reproduce its own code by attaching itself to other executable files so that the virus code is executed when the infected executable file is executed.

The Internet is currently the main virus entry point. This is due to the enormous possibilities it offers for exchanging information (e-mail, browsing web pages, file downloads, chats, newsgroups, etc) which in turn make the mass proliferation of viruses, Trojans and worms possible. Viruses may also enter your system from CDs, floppy disks, and even IT networks.

You can help minimize the risk of infection by following a few simple procedures

• Do not open suspicious e-mails.

• Do not open e-mail attachments with the extensions ".vbs," ".exe," ".com" and ".js".  All of these types of files contain programs that can be executed.

• If you suspect an e-mail may contain a virus, delete the message from both your 'inbox' and 'deleted items' folder.

• Disable the "preview" pane in Microsoft Outlook's email window. Using the preview feature is the same thing as opening an email. Although it won't open an attachment, some viruses execute just from viewing the email.

• Do not download from unsafe Internet sites.

• Do not visit questionable web sites.

• Do not fall for virus hoaxes. Hoaxes are not viruses and take no damaging action on your computer. A hoax is simply a message warning of a virus (non-existent) that antivirus programs cannot detect. If you receive a hoax, pay no attention to the content of the message. Don't forward it to anyone. Do not follow any of the advice or instructions in the message (Many people often fall for certain hoaxes and format their hard drives, as instructed by the hoax). Delete the message. Get information from a reliable source (recognized antivirus companies).

If your computer is running badly and you think you may be infected with a virus, run an online antivirus check. We recommend Panda Software’s free Active Scan, which searches a computer's hard drive for malicious programs. Scan by visiting http://www.pandasoftware.com/ and clicking on the ‘Panda Active Scan – Free online virus scan’ Icon.

If you come across a virus or malware that you are unable to remove or clean, please fill out a computer work order and submit it to the Technology Department.

Thank you,
Debbi Minchew, Network Administrator, Posted: September 9, 2004
 

Spyware Threat - All Internet Users

Be aware of Spy’s and malware.

What is Spyware?

The term spyware refers to software that gathers personal information from your computer, sometimes without your knowledge. The information is often used for advertising purposes. Spyware may cause your computer to slow down or encounter errors. Spyware has also been known to cause unwanted pop-up advertisements, an inability to connect to the Internet, and problems printing.

Spyware applications can be bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Once installed, spyware can monitor your activity on the Internet and transmit that information to a third party. Some forms of spyware can gather information about e-mail addresses, passwords, and even credit card numbers.

A common way to get spyware is through installation of file-swapping programs that are used to download music and movies from the Internet.

The best way of finding if you have any spyware installed on your computer is to use a good, up-to-date program that detects malware and carry out a full scan of your computer. We recommend Spybot - Search & Destroy, download here.

If you come across a virus or malware that you are unable to remove or clean, please fill out a computer work order and submit it to the Technology Department.

Thank you,
Debbi Minchew, Network Administrator, Posted: September 9, 2004