Digital Wild West

In this September memo to staff, I try to nudge them further toward actually thinking about what it means to use a computer, and take some responsibility for their actions.

Using the convenient and authoritative hook of the Sophos newsletter, I select the dramatic item about the fake Norton antivirus download because 1) it has a dramatic and easily-digested video 2) I get to nag them about SiteAdvisor, the greatest thing since search engines 3) a friendly slap on the wrist of those who keep trying to fix their PC without telling us.

—————————- 

To Company Staff

Our security vendor Sophos, in their latest newsletter, warns of the risk in downloading anti-virus software from an “uninformed” or casual search on the Internet.

A Sophos video demonstration shows the extraordinary effort attackers make to present their Trojan-infected software as legitimate. Before viewing the video (links provided at bottom) please keep in mind two important points:

1.  In the Sophos video, their Google search lacks SiteAdvisor ratings that identify known bad websites.

Google paid advertisements (sponsored listings at the top and right-side of Google search results) regularly contain websites that can only be described as criminal, which suggests Google accepts “dirty” money even though they have the technology to filter their advertising.

Be aware that you cannot trust advertisers even though they appear in a Google-sponsored listing.

This screenshot shows, as many of you know, how a SiteAdvisor-filtered Google (MSN, or Yahoo) search page appears. Note the red SiteAdvisor icon in the paid listing at right, in the screenshot below:

The McAfee popup mentions “11 red downloads.”

A “red download” presents as legitimate software but contains a virus or Trojan to damage your computer (for the fun of it), steal information (business-related, banking, or personal ID), or use your PC to attack others (a zombie!). When installed it might appear to progress normally, while secretly installing malicious programs. And if nothing appears to happen, rest assured, something did.

SiteAdvisor is a free download from http://www.siteadvisor.com/download/ie.html (a known valid program from McAfee) that is installed on most company computers. You should install free version on your home & personal PCs.

2. We have found that malicious software masquerading as “free antivirus” installed by staff (with the best of intentions) on our computers are the most difficult and time-consuming to remove.

If you believe your computer is infected, please confirm the Sophos shield is visible - on screen at bottom-right, near the clock - and does not display a red cross.

If missing, or displays as shown below, please send a ticket to “helpdesk@ourcompany.com.au” stating in the subject your name and “Sophos issue” with optional details in the message body.

Now to the Sophos newsletter and direct video link:

Free Norton AntiVirus? Take care over those Google ads
Internet users should be on their guard about downloading fake anti-virus products, following the discovery of malicious Trojan software that poses as a free copy of Norton AntiVirus 2008.
Google adverts are being presented to Internet users who search for “free antivirus”, leading them to a professional-looking website that claims to offer an anti-virus product for download.
Learn more about this threat at the Sophos blog:
http://www.sophos.com/blogs/gc/g/2008/09/23/free-norton-antivirus

Direct to video:

http://www.viddler.com/explore/SophosLabs/videos/22/

———————————————–
Regards,
IT Team

I created this website 5 years ago … and did nothing. But now I’m all fired up with five years online experience to share.

To be exact, I’ve been online since 1985 when I used Viatel and a 1200/75 modem to do online banking and some browsing of the bulletin boards that preceded the graphical web we all know and love .. to hate.

This website - now morphed into a WordPress blog with one of Milo’s delightful free themes - will be harping somewhat on malware from now on.

Malware is software with malicious intent. The spectrum ranges from simple commercial tracking cookies through to viruses (virii) of the worst kind - that mindlessly destroy your computer data for no purpose of all.

No, hold that. The worst kind of malware is not destructive, but insidious.

Viruses that succeed in the biological world might destroy their host but not before infecting others. The common cold is not destructive, simply irritating, and probably the most successful living virii.

Virologists would have a better example, but nevertheless describe the most successful virus as one that does least damage to the host.

The silliest computer viruses - that have no equivalent in the realm of life - destroy their host too quickly. It’s the infected host (your PC) that spreads the virus. A host is no good when it’s dead. Mass infection only occurs initially from a mass mailing - then ‘poof’! Nothingness.

What does this mean for you and your computer? Beware the virus/malware infection that has no affect on the operation of your computer.

First, you won’t know it’s infected.

Second, and therefore, the virus writer will probably completely achieve his purpose: from quietly stealing your data, to spying on your life (even via the microphone  - and video camera, if attached), to totally destroying your ability to function as an economic individual in what would comprise a catastrophic theft and destruction of your identity and assets.

Malware, my best friend? No, I exaggerate. Just my oldest online acquaintance.