only search Wiseman.La

The World NEXT ends 


I've been sending versions of this email out for years and years (I had to update it when the term "phishing" came along), so I thought I'd put it up here as well.


Don't let the bad guys get you: How to Prevent Email Worms, Viruses, and Trojans


We have the best anti-spam and Anti-virus software. We have great firewalls, encrypted VPNs, secure servers... but it's not enough to save us from every "Day 0 Attack"*. An email worm*/virus*/trojan* can go worldwide in just minutes or even seconds, but it can take hours for antivirus vendors to analyze, create, and upload signature updates. It takes a bit longer for us to download and deploy them to our servers and PCs. Happily, there are some easy things we can all do to help limit that window of vulnerability and help keep the bad guys out of our systems.


#1: Understand
- Knowing what an attachment really is and what it can do is the first step. Any executable* file attached to an email has the potential to be infected, and to infect your PC in turn. This covers a wide range of file types - basically it means any file that can be attached to an email.


#1b: Understand
- Know what kind of emails to expect from what senders. For example - UPS, LinkedIn, Amazon.com, and the Better Business Bureau do not send unsolicited emails with ZIP files attached (or any attachments for that matter). If you receive an email from an entity with an attachment you were not expecting - be very suspicious of it.


#2: Purpose
- We shouldn't open ANY attachment unless they were specifically requested or expected. Email viruses/worms are sent to email addresses found on infected users' PCs, so just knowing the sender does not protect you - they may be infected. Actually, the most likely person to send you an infected email is someone you know, and they most likely won't even know they are infected and that emails are going out in their name. To make things more complicated, viri & worms today falsify (spoof) the FROM email address, so the message may not even be from it appears to be from. If if you have any question or doubt, see #3.


#3: Is it REQUIRED?
- Probably the simplest, but most ignored idea: You don't need to click that greeting card link or open that "kardashian_pics.zip" at work. So, DON'T.


#4: Get Secure
- Most viri/worms are written to take advantage of problems with in Microsoft Outlook and Outlook Express. Since we use Lotus Notes, we are somewhat protected in that area. However, take the time daily to make sure your antivirus client is up-to-date. Symantec issues new signatures pretty much daily, so check your antivirus and make sure it shows a date from the last few days.


#5: Patch your PC
- Microsoft releases updates frequently and we push them out to our PCs. However, in order to not interfere with your work, we allow you to choose when to install them. When you are notified of new updates, please take the time to install them on the day you're notified of new one



______________

* Wikipeida says:


Day 0 Attack
: A zero-day (or zero-hour or day zero) attack or threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others or undisclosed to the software developer. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software developer knows about the vulnerability.

The term derives from the age of the exploit. When a developer becomes aware of a security hole, there is a race to close it before attackers discover it or the vulnerability becomes public. A "zero day" attack occurs on or before the first or "zeroth" day of developer awareness, meaning the developer has not had any opportunity to distribute a security fix to users of the software. (
http://en.wikipedia.org/wiki/Zero-day_attack)

Worm
: A computer worm is a self-replicating malware computer program. It uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer. (
http://en.wikipedia.org/wiki/Computer_worm)

Phishing
: The act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by e-mail spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. (
http://en.wikipedia.org/wiki/Phishing)

Computer Virus
: A computer virus is a computer program that can copy itself[1] and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. (http://en.wikipedia.org/wiki/Computer_virus)


Trojan Horse
: A Trojan horse, or Trojan, is malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user's computer system. "It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems", as Cisco describes. The term is derived from the Trojan Horse story in Greek mythology. (
http://en.wikipedia.org/wiki/Trojan_horse_virus)

Executable
: In computing, an executable file causes a computer "to perform indicated tasks according to encoded instructions,"as opposed to a data file that must be parsed by a program to be meaningful. These instructions are traditionally machine code instructions for a physical CPU. However, in a more general sense, a file containing instructions (such as bytecode) for a software interpreter may also be considered executable; even a scripting language source file may therefore be considered executable in this sense. (
http://en.wikipedia.org/wiki/Executable)

Comments (6)
Craig Wiseman November 28th, 2012 09:28:43 AM