It’s impossible to express how sad many people in the technology world feel at the news of the death of Steve Jobs.

Sickeningly, as with the deaths of other figures in the public eye, there are scammers waiting to take advantage of bad news.

Here’s a scam we have seen on Facebook, claiming that free iPads are being given away “in memory of Steve Jobs”.

In memory of Steve, a company is giving out 50 ipads tonight. R.I.P. Steve Jobs [LINK]

The cool-sounding link sucks you in, tricking you into believing that you may get a free iPad but then goes on to get you to complete online surveys to “qualify”.

The link goes through the bit.ly short url service (we have asked our friends at bit.ly to shut the link down) and we can see that over 15,000 people have already clicked on the link which was set up within hours of Steve Jobs’s death first being announced.

Of course, if you were one of those people who clicked on the link you may be wondering what the chances are that you will receive a free iPad. I hate to disappoint you, but it’s pretty unlikely.

The webpage you are taken to is very similar to ones we have seen pointed to by other scammers. Here’s what I saw:

I am writing this article from the Virus Bulletin conference in Barcelona, and you can see that the page has auto-magically determined where I am in the world and adjusted its language and wording as appropriate.

Below you’ll see how the survey pages look if you visit them from Sydney, Australia, for instance.

If you don’t click through within a few seconds, it plays an audio message urging you to do so:

You’ll notice that the audio message spectacularly fails to mention the 50 free iPads, which have by this time been reduced to the promise of “an exclusive reward”, whatever that might be.

My colleague Paul Ducklin captured the audio and – being a fountain of interesting but not always entirely relevant information – tells me that the speaker is an Australian who grew up in South Africa.

When Duck visited the page a second time from Sydney, this is what he saw:

How do the scammers make money? Well, they are earning affiliate cash – in a nutshell, they make more money the more traffic they can direct to websites, driving more people to become customers, or take online surveys and competitions.

Cynically, they exploited the death of Steve Jobs in the hope of driving large numbers of internet users to websites offering content such as contests, surveys and online gambling. The fact is, of course, that they could just as easily have taken those users to a webpage containing malicious code or a phishing page designed to steal credentials.

Chances are that this won’t be the only scam we see regarding the untimely death of Steve Jobs. It wouldn’t be a surprise, for instance, to see scams which might try to take advantage of those moved by the loss of Apple’s founder with lures like “Donate to Steve’s favorite charities as a tribute”.

If you do want to pay tribute to Steve Jobs, the most appropriate place it seems to me would be Apple’s website itself.

The truth is that the scammers are not geniuses like Jobs, and they don’t contribute anything to the world of technology or wider society as Steve Jobs did. It’s a shame that they can’t be inspired by speeches like the one Jobs gave at Stanford University in 2005, and make something better of their lives.

Steve Jobs’ 2005 Stanford Commencement Speech

I think that’s how we should remember Steve Jobs today.

Computer Clarity

Online trading can be an easy, cost-effective way to manage investments. However, online investors are often targets of scams, so take precautions to ensure that you do not become a victim.

What is online trading?

Online trading allows you to conduct investment transactions over the internet. The accessibility of the internet makes it possible for you to research and invest in opportunities from any location at any time. It also reduces the amount of resources (time, effort, and money) you have to devote to managing these accounts and transactions.

What are the risks?

Recognizing the importance of safeguarding your money, legitimate brokerages take steps to ensure that their transactions are secure. However, online brokerages and the investors who use them are appealing targets for attackers. The amount of financial information in a brokerage’s database makes it valuable; this information can be traded or sold for personal profit. Also, because money is regularly transferred through these accounts, malicious activity may not be noticed immediately. To gain access to these databases, attackers may use Trojan horses or other types of malicious code.

Attackers may also attempt to collect financial information by targeting the current or potential investors directly. These attempts may take the form of social engineering or phishing attacks. With methods that include setting up fraudulent investment opportunities or redirecting users to malicious sites that appear to be legitimate, attackers try to convince you to provide them with financial information that they can then use or sell. If you have been victimized, both your money and your identity may be at risk.

How can you protect yourself?

* Research your investment opportunities - Take advantage of resources such as the U.S. Securities and Exchange Commission’s EDGAR database and your state’s securities commission (found through the North American Securities Administrators Association) to investigate companies.

* Be wary of online information – Anyone can publish information on the internet, so try to verify any online research through other methods before investing any money. Also be cautious of “hot” investment opportunities advertised online or in email.

* Check privacy policies – Before providing personal or financial information, check the website’s privacy policy. Make sure you understand how your information will be stored and used.

* Conduct transactions on devices you control – Avoid conducting transactions on public resources such as internet kiosks, computers in places like libraries, and other shared computers and devices. Other users may introduce security risks.

* Make sure that your transactions are encrypted – When information is sent over the internet, attackers may be able to intercept it. Encryption prevents the attackers from being able to view the information.

* Verify that the website is legitimate – Attackers may redirect you to a malicious website that looks identical to a legitimate one. They then convince you to submit your personal and financial information, which they use for their own gain. Check the website’s certificate to make sure it is legitimate.

* Monitor your investments – Regularly check your accounts for any unusual activity. Report unauthorized transactions immediately.

* Use strong passwords – Protect your computer, mobile devices, and accounts with passwords that cannot easily be guessed. Use different passwords for each account.

* Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses. However, because attackers are continually writing new viruses, it is important to keep your virus definitions current.

* Use anti-spyware tools – Spyware is a common source of viruses, and attackers may use it to access information on your computer. You can minimize the number of infections by using a legitimate program that identifies and removes spyware.

* Keep software up to date – Install software updates so that attackers can’t take advantage of known problems or vulnerabilities. Enable automatic updates if the option is available.

* Evaluate your security settings – By adjusting the security settings in your browser, you may limit your risk of certain attacks.

1- STUXNET

STUXNET has been the hottest topic for this year because it’s an unusual Worm. It is the first time in the history that malware bypassed cyberspace to go directly to the physical environment. The virus not only damages the code and data, but it also destroys the actual machinery.

Reversing STUXNET allowed security professionals to discover 4 zero-days in Microsoft Windows operating system, and as a result proved that even the industrial systems which are usually isolated, not only from public networks but also on internal enterprise, are not 100% safe.

The worm’s driver certificates were signed with JMicron Technology and Realtek digital certificates, which lets it bypass HIPS security measures, so if the malware is executed it will not be prevented by HIPS as the signature of the driver is from authorized firms.

The carnival of vulnerabilities that were exploited by this malware is the following:

1.     Microsoft Security Bulletin MS10-046 – Critical

This first bulletin was issued to fix a vulnerability that allows local users or remote attackers to execute arbitrary code via a crafted .LNK or .PIF shortcut file, which is not properly handled during icon display in Windows Explorer.

2.     Microsoft Security Bulletin MS10-061

This is a remote code execution vulnerability in Windows Print Spooler service that could allow a remote, unauthenticated attacker to execute arbitrary code on an affected Windows system. Files and printer sharing turned on are vulnerable to the attack.

3.     Microsoft Security Bulletin MS08-067

STUXNET is also capable of distributing itself over the network through shared folders. It scans network shares c$ and admin$ on the remote computers and installs a file (dropper) there with the name DEFRAG.TMP and schedules a task to be executed on the next day to exploit this vulnerability.

4.     Microsoft Security Bulletin MS10-073

This security bulletin solves three publicly disclosed privilege elevation (EoP) vulnerabilities in Windows kernel-mode drivers.

2- TDL4

TDL4 is the latest version of a rootkit originally known as TDSS or Tidserv, which first appeared back in 2008.  However, unlike its predecessors, TDL4 is able to bypass code signing protection in 64-bit versions of Windows Vista and 7.

By default these systems do not allow drivers that are not digitally signed to be loaded, but TDL4 manages to get around that by changing boot options before the operating system actually starts.

TDSS is one of the most complex and dangerous malicious programs categories in the world, and it continues to evolve.

3- Asprox

Asprox is a small botnet has been used for password stealing, spam, and phishing attacks. This botnet based attack is innovative, as it interfaces with Google’s search engine to locate vulnerable web pages.

When a weakness is found, Asprox injects an iFrame based redirectional link on the vulnerable website in order to spread Malware.

4- ZeuS 2.0

The ZEUS Botnet is still active in 2010. On July 14, 2010, security firm Trusteer filed a report which says that the credit cards of more than 15 unnamed US banks have been compromised. A recent outbreak is being called Kneber.

On 1 October 2010, the FBI announced it had discovered a major international cyber crime network which had used Zeus to hack into US computers and steal around $70m.

More than 90 suspected members of the ring were arrested in the US, and arrests were also made in UK and Ukraine.

5- Trojan Proxies

These Malware may turn a victim’s computer into a proxy server. This gives the attacker the opportunity to do everything from your computer, including the possibility of conducting credit card fraud and other illegal activities.

Usually a Trojan installs an email proxy that is used to send large amounts of unsolicited email, i.e. spam, over via an Internet connection. Recipients tracking the email back to its origin will discover the IP address of the infected system used for the proxy, thereby concealing the identity of the attacker.

It can also use the infected system to launch malicious attacks against other networks.

This is the list of 2010′s Top 5 most dangerous Malware. I would like to wish our readers, fans, followers and subscribers from around the globe a safe and a prosperous New Year may the year 2011 be full of joy and rewards.

Computer Clarity | Making Computers Clear For You

SAN FRANCISCO (AFP) – About 57,000 seemingly legitimate websites booby-trapped by hacker’s spring up on the Internet each week, computer security researchers at Panda Labs said.

The online traps are often made to look like versions of legitimate bank, auction, or shopping websites, according to the team at Spain-based Panda Security.

“The problem is that when you visit a website through email or search engines, it can be difficult for users to know whether it is genuine or not,” said Panda Labs technical director Luis Corrons.

“Although search engines are making an effort to mitigate the situation by changing indexing algorithms, they have so far been unable to offset the avalanche of new websites being created by hackers every day.”

Cyber crooks try to pass their rigged websites off as legitimate, putting links in emails or posts at social networks and getting them listed in query results at search engines.

Bogus websites are typically designed to slip viruses onto visitor’s computers and trick people into typing in valuable information such as account names or passwords.

Online auction house eBay and money transfer service Western Union were top choices for hackers, each being subjects of fake websites in more than 20 percent of the cases found by a Panda Labs study that spanned three months.

The Panda Labs list of the top 10 companies impersonated included Visa, Amazon.com, PayPal, HSBC, and the US Internal Revenue Service.

Nearly two-thirds of the trick websites had to do with banks, according to Panda Labs.

“Given the proliferation of this technique, we advise consumers to visit banking sites or online stores by typing in the address in the browser directly rather than using search engines or links in an email,” Corrons said.

Original article
Computer Clarity

Google has analyzed 240 million web pages over a 13 month period and discovered that fake anti-virus programs account for 15 per cent of malicious software, according to a report by the BBC.

The study expresses surprise that people fall victim to these attacks and even hand over credit card details. The problem is scareware doesn’t always come in one easy to recognize form.

Most users should have an up-to-date anti-virus suite on their computers, and so logically they should realize that they don’t need any more protection, but something obviously gets in the way of the users thought process when confronted with the dreaded dialogue box.

They don’t know the risk – the user may be from a vulnerable group and easily exploited or they may be completely in the dark about computer security.

Apathy -  the user may be at the end of a long day and just want to get on with what they logged on to do – clicking on anything to make the annoying box disappear.

Panic – scareware targets people in the safety and comfort of their own homes. By throwing out alarming warning messages, offering to perform free system scans and bringing back even more alarming results.

Design – most programs aren’t designed to make saying ‘no’ easy. There may be no visible way to close the dialogue box down without clicking on an option.

Sometimes the only choice is to close the browser window down completely or use task manager to kill the process, which makes it more difficult to avoid for those who just want to be left alone.

The tendency is to click first and think later which results in the installation of malware.  So if something pops up on the screen that you’re not expecting to be there – don’t click it.

Computer Clarity

Quick Facts

Spyware is software installed on your computer without your consent to monitor or control your computer use. Clues that spyware is on a computer may include a barrage of pop-ups, a browser that takes you to sites you don’t want, unexpected toolbars or icons on your computer screen, keys that don’t work, random error messages, and sluggish performance when opening programs or saving files. In some cases, there may be no symptoms at all.

To lower your risk of spyware infections:

• Update your operating system and Web browser software, and set your browser security high enough to detect unauthorized downloads.
• Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
• Download free software only from sites you know and trust. Enticing free software downloads frequently bundle other software, including spyware.
• Don’t click on links inside pop-ups.
• Don’t click on links in spam or pop-ups that claim to offer anti-spyware software; you may unintentionally be installing spyware.

Just when you thought you were Web savvy, one more privacy, security, and functionality issue crops up — spyware. Installed on your computer without your consent, spyware software monitors or controls your computer use. It may be used to send you pop-up ads, redirect your computer to websites, monitor your internet surfing, or record your keystrokes, which, in turn, could lead to identity theft.

Many experienced Web users have learned how to recognize spyware, avoid it, and delete it. All computer users should take preventive steps to avoid spyware.

The clues that spyware is on a computer include:

• Barrage of pop-ups
• Hijacked browser — that is, a browser that takes you to sites other than those you type into the address box
• A sudden or repeated change in your computer’s internet home page
• New and unexpected toolbars
• New and unexpected icons on the system tray at the bottom of your computer screen or on your desktop
• Keys that don’t work (for example, the “Tab” key that might not work when you try to move to the next field in a Web form)
• Random error messages
• Sluggish or downright slow performance when opening programs or saving files

The good news is that consumers can take steps to lower their risk of spyware infections.

Update your operating system and Web browser software. Your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that spyware could exploit. Set your operating system and security software to update automatically to be sure you have the latest protections.

Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly. You can download this software from ISPs or software companies or buy it in retail stores. Look for anti-virus and anti-spyware software that removes or quarantines viruses and that updates automatically on a daily basis.

Don’t install any software without knowing exactly what it is. Take the time to read the end-user license agreement (EULA) before downloading any software. If the EULA is hard to find — or difficult to understand — think twice about installing the software.

Minimize “drive-by” downloads. Make sure your browser security setting is high enough to detect unauthorized downloads, for example, at least the “Medium” setting for Internet Explorer.

Don’t click on any links within pop-ups. If you do, you may install spyware on your computer. Instead, close pop-up windows by clicking on the “X” icon in the title bar.

Don’t click on links in spam or pop-ups that claim to offer anti-spyware software. Some software offered in spam or pop-ups actually installs spyware. In fact, ads that claim to have scanned your computer and detected malware are a tactic scammers have used to spread malware, so resist the urge to respond to or click on those messages.

Install a personal firewall to stop uninvited users from accessing your computer. A firewall blocks unauthorized access to your computer and will alert you if spyware already on your computer is sending information out.

Back up your data. Whether it’s text files or photos that are important to you, back up any data that you’d want to keep in case of a computer crash. Do these as regularly as you update your security software.

If you think your computer might have spyware on it, immediately stop shopping, banking, or doing any other online activity that involves user names, passwords, or other sensitive information. Confirm that your security software is active and current and run it to scan your computer for viruses and spyware, deleting anything the program identifies as a problem.

Computer Clarity

By Daily Mail Reporter
Last updated at 2:11 PM on 11th August 2010

• Trojan is still at large and may strike again, experts warn
• Bank affected has still not been named

Thousands of British online banking customers have fallen victim to a sophisticated attack by cyber criminals who have stolen thousands of pounds from their accounts.

About 3,000 online banking customers have been victims of a computer virus attack that empties their accounts while showing them fake statements so the scam goes undetected.

Experts have described the attack using a ‘Trojan’ virus as the most sophisticated and dangerous malware program ever created.

The cyber criminals stole an estimated £675,000 between July 5 and August 4 and the attack is still progressing, experts warn.

Out of action: The new Trojan virus can empty bank accounts without their owners knowing about the theft as it shows them fake statements

The latest virus is a variant of the Zeus Trojan banking virus which first emerged three years ago and is called Zeus v3. 

M86 Security said: ‘We’ve never seen such a sophisticated and dangerous threat. Always check your balance and have a good idea of what it is.’

The scam was discovered after M86 gained access to the command-and-control server in Eastern Europe running the thefts.

How to protect yourself from Trojans when banking online

• Make sure your anti-virus software is up to date.
• Keep firewalls set to the highest level.
• Never open an e-mail attachment from someone you don’t know.
• Never double-click on an e-mail attachment that ends in .exe. It is an ‘executable’ file and can do what it likes in your system.
• If you think your machine has already been infected, contact your bank immediately. If the bank thinks you are a genuine victim of fraud it will reimburse you.

It collects data such as passwords and even transfers money out of accounts automatically, but only after checking if there is at least £800 available.

Bradley Anstis, M86 vice-president of technology strategy, said: ‘This is an extremely sophisticated version of the virus and it cannot be detected by traditional security software.’

The company said it was the most-sophisticated and dangerous virus yet seen and advised online banking users to check their balances regularly and have a good idea of what it should be. 

British high street banks do not believe they have become victims of the cyber criminals.

A spokesman for HSBC said: ‘There are millions of viruses and other malicious software.

We urge people to take basic measure to protect themselves from virus attacks.

Any customer who is a victim of fraud will be reimbursed by HSBC.’

However, M86 said it believed one high street bank was breached and failed to act quickly after warnings last month.

More than 100,000 PCs in Britain have been infected with other forms of the Trojan virus.

McAfee Inc, the security software maker, said production of software code known as malware, which can harm computers and steal user passwords, reached a new high in the first six months of 2010.

McAfee said total malware production continued to soar and 10 million new pieces of malicious code were catalogued.

What is a Trojan?

• A Trojan is a type of computer virus that infects your PC
• It is called a Trojan because it will disguise itself as a useful application but when installed can take control of a user’s computer
• It can let a hacker take control of your computer or simply wipe the hard drive
• It can also be used to install key logging software which will let the hacker know what you are typing and give him access  to your passwords
• Trojans are now the most popular form of computer virus or ‘malware’

It also warned users of Apple’s Mac computers, considered relatively safe from virus attacks, that they may also be subjected to malware attacks in the future.

‘For a variety of reasons, malware has rarely been a problem for Mac users. But those days might end soon,’ a spokesman said.

‘Our latest threat report depicts that malware has been on a steady incline in the first half of 2010,’ Mike Gallagher, chief technology officer of Global Threat Intelligence for McAfee, said in the report that was obtained by Reuters.

Last year £59.7million was lost to online banking fraud, according to Financial Fraud Action UK.

Another £440million was lost to credit card fraud.

And the problem is said to be on the rise, with criminals attacking banks’ customers rather than the banks themselves as they are seen as softer targets.

A Financial Fraud Action UK spokeswoman said: ‘The idea that criminals are targeting people by using malicious software or Trojans is nothing new.

Bank systems are hard to attack so they have to go through the easier link in the chain, which is the customers.

They’re hoping customers aren’t taking security precautions. We’ve been seeing this for the last few years and we’re constantly urging people to protect their computers to try to mitigate the risk of becoming a victim.’

Victims of online banking fraud are generally refunded the money.

Computer Clarity

Because of its popularity, the internet has become an ideal target for advertising. As a result, spyware, or adware, has become increasingly prevalent. When troubleshooting problems with your computer, you may discover that the source of the problem is spyware software that has been installed on your machine without your knowledge.

What is spyware?

Despite its name, the term “spyware” doesn’t refer to something used by undercover operatives, but rather by the advertising industry. In fact, spyware is also known as “adware.” It refers to a category of software that, when installed on your computer, may send you pop-up ads, redirect your browser to certain web sites, or monitor the web sites that you visit. Some extreme, invasive versions of spyware may track exactly what keys you type. Attackers may also use spyware for malicious purposes.

Because of the extra processing, spyware may cause your computer to become slow or sluggish. There are also privacy implications:

• What information is being gathered?

• Who is receiving it?

• How is it being used?

How do you know if there is spyware on your computer?

The following symptoms may indicate that spyware is installed on your computer:

• you are subjected to endless pop-up windows

• you are redirected to web sites other than the one you typed into your browser

• new, unexpected toolbars appear in your web browser

• new, unexpected icons appear in the task tray at the bottom of your screen

• your browser’s home page suddenly changed

• the search engine your browser opens when you click “search” has been changed

• certain keys fail to work in your browser (e.g., the tab key doesn’t work when you are moving to the next field within a form)

• random Windows error messages begin to appear

• your computer suddenly seems very slow when opening programs or processing tasks (saving files, etc.)

How can you prevent spyware from installing on your computer?

To avoid unintentionally installing it yourself, follow these good security practices:

• Don’t click on links within pop-up windows – Because pop-up windows are often a product of spyware, clicking on the window may install spyware software on your computer. To close the pop-up window, click on the “X” icon in the title bar instead of a “close” link within the window.

• Choose “no” when asked unexpected questions – Be wary of unexpected dialog boxes asking whether you want to run a particular program or perform another type of task. Always select “no” or “cancel,” or close the dialog box by clicking the “X” icon in the title bar.

• Be wary of free downloadable software – There are many sites that offer customized toolbars or other features that appeal to users. Don’t download programs from sites you don’t trust, and realize that you may be exposing your computer to spyware by downloading some of these programs.

• Don’t follow email links claiming to offer anti-spyware software – Like email viruses, the links may serve the opposite purpose and actually install the spyware it claims to be eliminating.

As an additional good security practice, especially if you are concerned that you might have spyware on your machine and want to minimize the impact, consider taking the following action:

• Adjust your browser preferences to limit pop-up windows and cookies –

Pop-up windows are often generated by some kind of scripting or active content. Adjusting the settings within your browser to reduce or prevent scripting or active content may reduce the number of pop-up windows that appear. Some browsers offer a specific option to block or limit pop-up windows. Certain types of cookies are sometimes considered spyware because they reveal what web pages you have visited. You can adjust your privacy settings to only allow cookies for the web site you are visiting.

How do you remove spyware?

• Run a full scan on your computer with your anti-virus software – Some anti-virus software will find and remove spyware, but it may not find the spyware when it is monitoring your computer in real time. Set your anti-virus software to prompt you to run a full scan periodically.

• Run a legitimate product specifically designed to remove spyware – Many vendors offer products that will scan your computer for spyware and remove any spyware software. Popular products include Lavasoft’s Ad-Aware, Microsoft’s Window Defender, Webroot’s SpySweeper, and Spybot Search and Destroy.

• Make sure that your anti-virus and anti-spyware software are compatible – Take a phased approach to installing the software to ensure that you don’t unintentionally introduce.

Computer Clarity

When the Conficker computer “worm” was unleashed on the world in November 2008, cyber-security experts didn’t know what to make of it. It infiltrated millions of computers around the globe. It constantly checks in with its unknown creators. It uses an encryption code so sophisticated that only a very few people could have deployed it. For the first time ever, the cyber-security elites of the world have joined forces in a high-tech game of cops and robbers, trying to find Conficker’s creators and defeat them. The cops are failing. And now the worm lies there, waiting …

http://www.theatlantic.com/magazine/archive/2010/05/the-enemy-within/8098/.

Computer Clarity

Unfortunately, many users are victims of viruses, worms, or Trojan horses. If your computer gets infected with malicious code, there are steps you can take to recover.

How do you know your computer is infected?

Unfortunately, there is no particular way to identify that your computer has been infected with malicious code. Some infections may completely destroy files and shut down your computer, while others may only subtly affect your computer’s normal operations. Be aware of any unusual or unexpected behaviors. If you are running anti-virus software, it may alert you that it has found malicious code on your computer. The anti-virus software may be able to clean the malicious code automatically, but if it can’t, you will need to take additional steps.

What can you do if you are infected?

1. Minimize the damage – If you are at work and have access to an IT department, contact them immediately. The sooner they can investigate and clean your computer, the less damage to your computer and other computers on the network. If you are on your home computer or a laptop, disconnect your computer from the internet. By removing the internet connection, you prevent an attacker or virus from being able to access your computer and perform tasks such as locating personal data, manipulating or deleting files, or using your computer to attack other computers.

2. Remove the malicious code – If you have anti-virus software installed on your computer, update the virus definitions (if possible), and perform a manual scan of your entire system. If you do not have anti-virus software, you can purchase it at a local computer store. If the software can’t locate and remove the infection, you may need to reinstall your operating system, usually with a system restore disk that is often supplied with a new computer. Note that reinstalling or restoring the operating system typically erases all of your files and any additional software that you have installed on your computer. After reinstalling the operating system and any other software, install all of the appropriate patches to fix known vulnerabilities.

How can you reduce the risk of another infection?

Dealing with the presence of malicious code on your computer can be a frustrating experience that can cost you time, money, and data. The following recommendations will build your defense against future infections:

• Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses. However, attackers are continually writing new viruses, so it is important to keep your anti-virus software current.

• Change your passwords – Your original passwords may have been compromised during the infection, so you should change them. This includes passwords for web sites that may have been cached in your browser. Make the passwords difficult for attackers to guess.

• Keep software up to date – Install software patches so that attackers can’t take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.

• Install or enable a firewall – Firewalls may be able to prevent some types of infection by blocking malicious traffic before it can enter your computer. Some operating systems actually include a firewall, but you need to make sure it is enabled.

• Use anti-spyware tools – Spyware is a common source of viruses, but you can minimize the number of infections by using a legitimate program that identifies and removes spyware.

• Follow good security practices – Take appropriate precautions when using email and web browsers so that you reduce the risk that your actions will trigger an infection.

As a precaution, maintain backups of your files on CDs or DVDs so that you have saved copies if you do get infected again.

Computer Clarity