WebSpawner.com Blog

Malware (short for “malicious software”) is a general term encompassing various ill-intentioned software programs including Spyware, Adware, and Viruses.

Malware programs are installed without the user’s knowledge or consent. Often this occurs when the user installs or runs another program which has hidden malware bundled with it… free “shareware” program downloads are a frequent source of infection. Malware is commonly spread through the use of file sharing programs including Limewire, Kazaa, Morpheus, P2P and other peer-to-peer programs, as well as through BitTorrent sharing; when users download software, music, or movies from unknown sources through file sharing programs, a virus, spyware, or adware program may be received as well. Malware infections can result in slow, bogged-down computer processing speeds, hard drive data corruption, and (even worse) financial and personal data theft.

Spyware programs are a specific type of malware which collect information about the way a person uses the computer and delivers the information secretly to another person’s computer via the internet. Spyware programs can track web sites visited, usernames and passwords entered, and can even log all keystrokes entered including credit card and account numbers; this information is then used for profit-driven purposes by the receiver. Spyware programs may have very little impact on computer performance, allowing the spyware to run unnoticed.

Adware programs force pop-up advertising windows to appear in a web browser. Adware programs may be bundled with other software provided for free and may work along with spyware programs to display ads targeted to the user’s interests as determined from internet usage patterns. Adware programs often target users of the Internet Explorer browser, as it is used by a large portion of the internet population and is frequently found to contain vulnerabilities in its programming which can be exploited. Adware often has a noticeable negative impact on computer speed and performance.

Virus programs can secretly cause a computer to do a scammer’s work for him, including sending out spam emails or even “hijacking” a computer entirely and using all of the computer’s resources for nefarious deeds. Viruses can result in data corruption and loss as well as extreme reductions in processing performance.

When it comes to malware, preventing an infection is easier than detecting and curing one. Following are some basic safeguards you can practice to help protect against a malware infection.

• Use a Firewall - Windows and Mac computers have a built-in software firewall under the Control Panel or System Preferences; make sure it is turned on. Many modems and routers also include a firewall feature. Configure your firewall(s) to offer the highest level of protection while still allowing your activities (email, instant messaging, etc.) to function. Firewalls can prevent malware from transmitting your sensitive information.
• Install OS and browser updates - Keep your computer’s Operating System and web browser updated with the latest available versions. Updates usually include security patches to prevent the kinds of unauthorized access that malware utilizes to do its dirty work. Only download updates from reputable sources.
• Beware of risky downloads - Avoid peer-to-peer type file sharing programs and make sure your children and teens do as well. Music or movie files shared from unknown sources are common vehicles for distribution of hidden malware. Only download software or media files from well-known trusted online sources.
• Beware of email attachments - Be suspicious of any executable programs (with filenames ending in “.exe”) which may come attached to emails, even if they come from someone you know… these can spread malware, so if in doubt, don’t open the attachment and simply delete the email.
• Choose your browser wisely - As Internet Explorer is used by a large portion of the internet population and is occasionally found to have security vulnerabilities, it is the most common target for malware attacks. Other browsers may be a safer alternative, like Mozilla’s free FireFox or Apple’s free Safari (both are available in both Windows and Mac versions).
• Use anti-virus software - A good anti-virus program can prevent virus infection as well as detecting and curing some virus problems. While some free shareware virus programs are available online, it is best to purchase a good anti-virus program from a reputable company like McAfee, Norton, or AVG. Also be sure to update your anti-virus software regularly with the latest virus definitions to prevent against the latest virus attacks.
• Use anti-malware software - Software to detect and remove spyware and adware is also available from well-known providers including McAfee and Norton. If you use Microsoft Windows, they also offer their own program called Windows Defender which you may consider.

While the internet was created to allow an open flow of information, entertainment, and ideas between people and businesses, it is unfortunate that not all users of the internet can be trusted to use its capabilities for honest purposes. Today’s post is the first in a series of planned articles to help you avoid becoming a victim of common internet pitfalls.

“Phishing” scams are one of the latest internet dangers, and can be quite damaging for their victims. In a phishing scam, deceptive e-mail messages are sent which appear to come from a legitimate business or organization (retailers, local or national banks, government agencies, or companies like eBay or PayPal) in an attempt to trick the individual into responding with sensitive information such as account numbers, passwords, social security numbers or other personal details. These fraudulent e-mails may appear to be authentic at first glance, even using actual company logos in order to be convincing, and will instruct the individual to reply or click a link to fill out an online form with requested information. Individuals who fall for a phishing scam e-mail and provide personal sensitive information can end up dealing with fraudulent transactions, stolen identity, and credit problems.

While the consequences of falling for a phishing scam are quite serious, you shouldn’t stop using the internet or e-mail out of fear of becoming a victim… there are a number of precautions you can take to protect yourself:

1. Be SUSPICIOUS - You should ALWAYS be cautious about any e-mail that asks you to provide information. Retailers and businesses only need your account details when you go to their web site on your own (for online shopping for example). Banks that you do business with already have your account number and all the information they need, and should never send you an email requesting that you help “update their records” or demanding that you click a link and fill out a form to provide additional information.
2. Learn to IDENTIFY a fraudulent e-mail - Don’t trust the name which appears in the ‘From’ portion of the message… use your e-mail program’s option to “View Full Message Headers” and check the actual email addresses appearing in the ‘From’ and ‘Reply to’ lines. An email from PayPal or your bank will never come from a freebie-type e-mail address ending in “hotmail.com” or “gmail.com” or other. But be careful here too, as even the e-mail address can be spoofed by a particularly crafty scammer to look legitimate. Sloppy scammers may send e-mails containing misspellings, while scammers overseas may send e-mails that contain broken English or awkwardly-constructed sentences, resulting from using a translation program to create the text of the message from another language.
3. Refer back to Step 1… be SUSPICIOUS and if you have reason to doubt the authenticity of the message, simply DELETE it. Do not reply to suspect messages, and definitely do not click any link or images within the message, as this will confirm for the sender that he has reached you through a valid address (which can result in more unwanted e-mail messages). Clicking a link in a phishing e-mail will take you to an impostor web site designed to appear legitimate where you are requested to fill in a form with the personal information requested… but if you provide a spoofed web site with your information, you may as well just gift-wrap your credit cards and checkbook and send them to the scammer directly.

If you have any doubt about the authenticity of an e-mail message which appears to come from a bank or business that you do business with, you can contact the bank or business directly using a phone number which you know to be correct to see if they have sent the e-mail message.

In the event that you think an e-mail message is authentic, you still typically will not need to click a link within it in order to provide the needed information… it is safer to go directly to a web site by opening a blank window in your web browser and entering in the full URL address - http://www.bankofamerica.com/ for example - where you can then safely log in to your account and take the needed action or access any alerts directly. Or you can contact the business by phone or visit and handle the matter that way.

Only in specific instances (for example, to activate a new account that requires email address verification), should it ever be necessary to click a link in an e-mail message; and in that example, the e-mail would arrive within minutes of your action taken to create the account, rather than just appearing in your inbox unexpectedly.

By keeping these tips in mind, you should be able to continue to use the internet and e-mail while avoiding the potential traps of phishing scams.