Thursday, August 18, 2011

Do You Know Where You Are Going?

A recent warning about a spike in the amount of malware showing up in e-mail reminded me of a safety tip I would like to share with all of you. Malware, as you probably know, refers to programs that find a way to sneak on to your computer to do bad things. These programs which come in various forms called worms, viruses or trojans attempt to either damage or destroy your data, cripple your computer, gather information from your computer or use your computer as a base of operations.

Malware can be present on your computer for months, quietly doing its nasty work without you ever knowing about it. This is why every computer must have anti-virus software with an active subscription to keep the system current and capable of detecting the very latest in malware. There are well over 13 million known signatures, the electronic fingerprints of malware. The statistics on new viruses created and launched every day is equally staggering. Your anti-virus software will constantly require new signatures and time to look around your computer to make sure you remain malware free.

There are many ways malware gets installed on your computer. But it almost always depends on you performing a specific action such as clicking on a button, "hot-spot" or a link. You probably receive emails with buttons or links all the time. You are presented with buttons or links on web sites too. The button may have a words like CLICK_TO_SUBSCRIBE. The hot spot may be embedded in a picture of a deal, a product or an exotic location. The link may look like it will take you to one place such as TRACK_YOUR_PACKAGE or BUY_NOW, when in reality it will actually take you somewhere else and start the process of installing the malware.

The major browsers including Internet Explorer, Firefox and Chrome all have a feature which can help  you avoid making a terrible mistake. Before you click on anything you should simply hover over it. You can determine where you are really going to be sent before you click.

Here is a link LOOKS_LIKE_IT_IS_A_SAFE_PLACE which appears to be safe. Now take your mouse or track ball and simply point at this link without clicking. If you are using IE, Firefox or Chrome, look at the very bottom on the left hand side of the screen and you should see the actual underlying link appear in a gray shaded area. Note how this is different from the text displayed over the link.

Examine links very carefully. Links (like looks) can be deceiving. The most dangerous ones will contain a file name with a suffix of EXE or ASP buried somewhere in it. EXE (executable) and ASP (active server pages) are two types of files that are actually program code. Click on one of these and you will execute this program code on your computer granting it all the rights, privileges and access that you have. Think twice before clicking if the link is not someplace or something you recognize. Look closely since even one or two characters or numbers can make a huge difference.

Be aware the bad guys go to extreme lengths to make the messages appear very authentic. You might believe it came from your bank or credit card company, eBay, PayPal or other popular sites. The counterfeit messages are often almost indistinguishable from the real deal. Do not click on links in the email. Instead, go directly to the company site, sign in and see if the same message is there. If you don't have an account with that service it is unlikely the message is real. Delete it.

To drive the point home I wrote a little poem:

It only takes one click to make a computer sick. 
Then it will take days to erase its malaise. 
So remember my sneaky browser trick 
And take a quick look before you click.

Captain Joe

Follow me on Twitter @JPuglisiLLC