PC – SOS

An Internet Security Blog

Now on Twitter

Posted by Bob Zenith on October 10, 2010

Well folks, PC-SOS is now on Twitter.

So far, my feelings with Twitter have been mixed, at best.

1. As part of the registration, I was asked to choose my email provider (Gmail, Yahoo, AOL, or Linkedin) in order to “securely connect” to my address book. Uh, I’m not sure about everyone else, but I sure don’t want Twitter going through my address book to see if anyone in there has a twitter account.

2. About 2 minutes after I registered, I noticed that I already had 2 followers. I think, ‘huh?’ – no one even knows I have this account! Then, I check the users:

ehJocely8l996
Arabella Gorman
hello and welcome! just looking for cute guys haha

AdellRowe255
AdellRowe
hello and welcome! just looking for cute guys haha

Oh. Now I understand; I already have spammers following me, and I’ve only had an account for a few minutes. Luckily, Twitter offers the option to block accounts from following you, so I blocked them both and reported them as spam. IMO, you should have to approve ‘followers’ before they are allowed to follow you, in order to combat spam.

3. I also hate that bar on all Twitter pages that says “Psst… the new version of Twitter is here. Try it now!” – that bar stays on the top of the window, even if you scroll down – there’s no “x” or “close”; very annoying. Twitter veterans, anyway to get rid of that?

4. 120 Character limit – I see there’s a 120 character limit for tweets. Argh, I suppose I’ll have to use URL shorteners *shudder*. I detest URL shorteners in all forms – they mask the URL, therefore you have no idea what site you’re going to. Pf course, you can extract the real URL with services such as URL Void, but that takes time. Therefore, I will be shortening my links not with bit.ly, TinyURL, or any other common service. I will be using http://saf.li/ – it scans all shortened URLs with BitDefender antivirus (not top-notch, but will have to do…)

Well, I’m still playing around with Twitter, but expect my first Tweet soon!

Posted in Site Updates | 1 Comment »

October: CyberSecurity Awareness Month

Posted by Bob Zenith on October 5, 2010

According to StaySafeOnline.org, October is CyberSecurity Awareness Month. The first question that pops into my head is that why is it just for a month? CyberSecurity should be practiced every minute that you’re on the internet.

Here are some tips that you should already know about being safe and secure online:
* Use anti-virus software and keep it up-to-date: My recommendation, Avira (free), Symantec or NOD32 (paid)

* Use anti-malware software: My recommendation, MalwareBytes (offers both free and paid versions)

* Use a firewall: …Most anti-virus software comes with a firewall

* Use less common browsers: My recommendation, Firefox or Opera

* Use strong passwords: Learn how to make strong passwords. Don’t forget to change them regularly.

* Back-up your work: Regularly back-up important documents either on a portable storage system (USB drive), or a unused hard-drive.

* Encrypt your files: You can encrypt your files by using WinRAR

* Run your email client and your browser via a sandboxed environment: My recommendation, Sandboxie (free)

* Use security and privacy browser add-ons (for Firefox): My recommendations

* Never enter any PII (Personally Identifiable Information) online without seeing ‘HTTPS’

* Manage your hosts file: hpHosts

* Learn about threats and how to protect yourself! My recommendations: hpHosts IssViews, TeMerc Internet CounterMeasures, WOT: Web of Trust

Safe surfing, everyone!

Posted in CyberSecurity | Tagged: | Leave a Comment »

Google’s Shopping Spree

Posted by Bob Zenith on September 28, 2010

Well, if you’ve been paying attention to tech news, you’ve probably already heard that Google has been acquiring quite a lot of companies; however, it may not have dawned on you just how many Google has bought.

note: this shows Google’s acquisitions over several years (2001-2009), not 2010. Image courtesy of leavegooglebehind.com

So far, in 2010, Google has bought 23 different companies, ranging from social networking to search engines, even a gaming site. In comparison, Microsoft has bought none.

This is not a surprise (At least not to me). Like other large companies, Google’s primary goal is to monopolize it’s area of expertise. First, that was search engines. Check. Second, Google went after Email. Check. Thirdly, it is going after browser market share with the rapidly growing Google Chrome browser. Google Docs is also having Microsoft Office for lunch.

We’ve all heard this story before in school. In the U.S, some famous monopolies included Rockefeller, Carnegie, and AT&T. What is different with Google? (except that it is modern, obviously.) The fact is, Google is a modern monopoly.

What to do? Boycott Google!

Instead of Google, use Scroogle (no cookies, can even use encryption!)

Instead of Gmail, use Hushmail – even Yahoo or Hotmail

Instead of Google Docs, use Microsoft Office – better yet, use Open Office; (free, open source)

Instead of Chrome, use Firefox or Opera

Posted in Google | 2 Comments »

New Collection, New Resource

Posted by Bob Zenith on September 24, 2010

I’ve finally created a collection of add-ons for Firefox, something that I have been meaning to do for some time. (The collection focuses on security and privacy, as well as tools for analyzing suspicious websites.) Take a peek, you probably use most of them, but there might be one or two that are new to you. If you think of any more, I’d love to hear about them!

Also, I have added a new website reputation tool to the Useful links page, Anubis. The tool allows you to send in an EXE file for examination (like Virus Total) (max size: 8 MB) and / or analyze a URL.

Posted in Site Updates | Tagged: , | Leave a Comment »

I have a virus. Now what?

Posted by Bob Zenith on September 17, 2010

I am always asked this question when helping out friends who’ve fallen victims to a virus or a Trojan. The problem is, most of these viruses (especially fake anti-viruses) will disallow your connection to the internet and other programs, such as your real anti virus. So, people ask me, “what do I do now?”

I’m amazed how many people don’t know how to gain access to the internet via safe mode. If you get a virus that disallows your connection to the internet, you should:

1. Re-Boot your computer into safe mode with networking: Restart your computer and continuously press the F8 Key until a screen with 3 options comes up. Choose “Safe Mode with Networking”

2. Once you login and are at your desktop, start Internet Explorer. It is likely you will receive a message saying that you’ve failed to connect to the internet. If so, go to Tools -> Internet Options -> Connections (tab) -> LAN settings (button). Uncheck the box “Use a proxy server for your LAN”. Once unchecked, and you press OK and apply the settings, you should be able to access the internet via Internet Explorer.

3. Download a free removal tool: I always recommend installing MalwareBytes Anti-Malware and running a quick scan. Once you remove the infected items, I would recommend rescanning your computer, just to make sure everything is removed.
I would also install SUPERAntiSpyware, or SpyBot Search and Destroy, which ever you prefer (Personally, if find SUPERAntiSpyware a bit better, but they are both excellent programs).

4. You should be clean 🙂: If you removed the infected items found by these programs, your computer should be clean – If these programs didn’t find any infections, you probably aren’t infected, something else is disallowing your access to the internet, like some settings in the Control Panel, or some Internet Settings.

Posted in Viruses | Tagged: , , , , | 3 Comments »

Facebook > Google

Posted by Bob Zenith on September 12, 2010

I found this article to be very interesting.
Basically, Facebook is now more popular than Google. (at least in the U.S.)

Initially, I took this with a grain of salt, because, when you think about it, people spend maybe 10 seconds on Google; Searching doesn’t take a long time to do.

However, I then found out that other Google owned websites (ex: Gmail and Youtube) were included. This is very intriguing; I would expect that each day a person would spend at least 30 minutes on Youtube, 10 on Gmail, and 5 on Google. That would mean, every day, a person would spend at least 55 minutes on Facebook. Is it really that addicting? I’ve never used it, so I suppose I could be very dense about the subject, but my god – 55 minutes a day on one website?

As the AP reports, comScore says that US net users spent 41.1 million minutes on Facebook, or about 9.9 per cent of their total web surfing. By comparison, they spent 39.8 million minutes on Google sites, or 9.6 per cent of their total time. This includes not only Google’s search engine, its Gmail web-based email service, and other Google-branded sites but YouTube as well.

I can’t decide whether I’m happy that users spend more time on Facebook than Google or not… I hate both Google and Facebook for numerous privacy concerns.

Well, readers, I urge you to use neither Facebook nor Google. Instead, use email for communication and Scroogle for searching

Posted in Facebook, Google | Tagged: , | 1 Comment »

Privacy Policy updated

Posted by Bob Zenith on September 11, 2010

…Well, not really “updated”. I just added the Cookies page into the Privacy Policy, which was far overdue. Nothing else has changed.

In other news, PC-SOS is looking for guest authors!
If you are interested in becoming an author of the blog, (this would involve posting about current internet security news – as little or as often as you like) please contact me.

Posted in Site Updates | Tagged: | Leave a Comment »

“Here you have”… a virus?

Posted by Bob Zenith on September 10, 2010

Throughout Thursday and early Friday, a malicious email being sent out with the subject “Here you Have”. However, this virus is nothing new.

Victims receive an e-mail appearing to be from someone on their contact list. The body of the socially engineered e-mail then directs them to a malicious link disguised as a PDF, hosted on the Web. Users become infected once they click on the link.

Once installed, the worm spreads rapidly through the victims’ instant message, mapped drives and e-mail by taking contacts from the address book. It then spreads by pushing out hundreds of e-mails to other users on the victim’s contact list.

On its quest, it also evades and disables various related security programs. Source

At its peak, the infection rates of the email virus were about 2,000 e-mails per minute, with about 106,390 copies, according to Symantec Hosted Services.

This is quite shocking – it is a reminder that many web users do not follow the most basic internet safety practices regarding emails:

  • Never open any email attachments from senders that you don’t know. Even if you know the sender, scan the attachment BEFORE opening it. How do you do this? Forward a copy of the email to scan@virustotal.com (You must delete the full body of the message and write “SCAN” in the subject field of the forwarded message. (limit is 20 MB) Once sent, you should receive a virus report in the next few minutes.
  • Don’t go digging in your spam folder unless you know what you are doing and have the proper security protections in place (Such as anti-virus, anti-malware, anti-spyware, Security Add-ons, and are running your browser in a sandbox).
  • Receive your emails in Plain-Text Format. With the development of HTML in email, just viewing emails could cause you to get a virus. By viewing your emails in plain text format, your emails are safer, and you can see where the links in emails really go.
  • Don’t click on links in emails supposedly from an account you have on a website (banking, gaming, etc.). Odds are, these websites won’t email you to notify you about your account; they will use other means. Instead, physically type in the website that you “need to visit”. For example, if receive an email pretending to be from your banking website about changing your password, or some other notification, manually type in the URL in your browser’s address bar (ex: https://paypal.com or http://citibank.com)

Posted in Email Spam, Viruses | Tagged: , , | Leave a Comment »

Experian.com

Posted by Bob Zenith on September 8, 2010

Experian.com

This site, like many others, claims that you can get your credit report for only $1! Yay! It’s amazing!

A rule of thumb, if it’s too good to be true, it usually is.

In actuality, experian.com is the parent company of many other credit report sites. US visitors may recognize freecreditreport.com and freetriplescore.com; UK visitors may recognize creditexpert.co.uk; All of these sites are owned by the company Experian.

Experian.com

FreeCreditReport.com

CreditExpert.co.uk


Experian’s BBB rating: D

1650 complaints in 36 months.

When you sign up to get your “free credit report” from these sites, you are automatically enrolled in a program called “Triple Advantage”.

This program charges $14.95 on your credit card account each month, and is extremely difficult to get unsubscribed from, let alone get your money back.

These websites are SCAMS! Do NOT enter in any of your credit card information or attempt to get your “free credit report” from these sites!

The only real website to legitimately get your credit report from is https://www.annualcreditreport.com/cra/index.jsp (US government site)

These are all Experian (or affiliated with) domains:

experian.com
experian.experiandirect.com
experiandirect.com
experian-ems.com
marketswitch.com
metromail.com
consumerinfo.com
66.161.61.100

freecreditreport.com

67.225.213.244
magnetmedia.com
magnetmediainc.com
freereport.com
creditscore.com
free3bureaucreditreport.com
freecreditreportservice.co.uk
mycreditscore.com
myfreecreditscore.com
207.178.148.11
creditreport.com
free2010creditscore.com
freeonlinereportnow.com
freescreditreport.org
creditchecktotal.com
66.151.247.105
freeonlinescore.com
3-bureau-report.com
3bureaureportandscore.com
3freecreditreportsinstantly.com
3freescores.com
creditmonitorservice.com
easyfreequotes.com
onetechnologies.net
freescore360.com
free-online-score.com
freeonlinescore.com
freescoreonline.com
free3in1report.com
freecredithistoryonline.com
freecreditratingonline.com
freecreditreportresource.com
freereport-freescore.com
freescore-freereport.com
freecreditreportsinstantly.org
identityrepair.com

Posted in Phishing or other Scams | Tagged: , | Leave a Comment »

SiteMeter

Posted by Bob Zenith on September 8, 2010

Several users have requested that I remove SiteMeter from this blog (not sure why they couldn’t have voted in the poll… grr…)

I’m not sure what the big deal is – you can easily block any information being sent to SiteMeter by using RequestPolicy Add-on (for Firefox) and block the destination “sitemeter.com”; or by visiting via Tor or some other proxy server.

However, my #1 goal of this site is to be completely transparent about privacy, as well as to respect users’ privacy. If visitors aren’t happy, then I’m not happy.

Thus, I am removing SiteMeter from my blog.

This still leaves the default WordPress Stats on the website; -Sorry, I cant get rid of it 😦    – But don’t worry, it is much less detailed than SiteMeter. It only includes the number of visits, the referrer (if applicable), and any links you click on. Your IP Address is not shown, nor is your OS or browser, or your location.

Thank you for your continued support.

BTW, feel free to contact me at any time with any more suggestions or improvement ideas.

Posted in Site Updates | Tagged: , | Leave a Comment »