Electronic
Self Defense
The incredible speed of electronic communications allows individuals to compose and distribute files and messages to a wide population. This speed opens the door to a plethora of abuses. In a matter of seconds, misinformation and malicious software can be communicated to hundreds, thousands, or even millions of people. Malware (e.g., viruses, worms, Trojans, adware/spyware, rootkits) virus hoaxes, chain letters, phishing, and pharming are among the potential threats to all computer users.
 

Malware

"Malware" is a class of computer applications that seek to damage your computer or harvest information from your computer without your knowledge. Malware can be spread through contact with infected files – files shared on floppy disks or other removable media, infected files downloaded from the Internet or e-mail attachments – and can be transmitted via infected web pages.
  • Viruses attach themselves to an application (e.g., Word, Excel) and spread to other applications through the computer’s memory. Eventually infected applications can corrupt your data or cause your computer to cease functioning altogether.
  • Worms are self-replicating, standalone programs that consume system resources (i.e., memory, disk space) and seek to spread themselves as widely as possible. Most worms are e-mail borne and many steal information from local address books and files to facilitate their spread to other computers.
  • Trojans are programs that appear to be harmless. They don’t replicate, but they can be used a conduit for infecting your computer with viruses. Remember that screen saver with the adorable kittens and puppies that Aunt Trudy e-mailed to you last month? Unless you can trace it back to a trusted source, that application could be damaging your computer.
  • Adware/Spyware programs gather information about your web browsing activities or other computer activities without your permission. These applications may be automatically downloaded when you access a malicious web site or may be bundled with freeware/shareware. Peer-to-peer applications (e.g., ICQ and Napster) are often conduits for adware/spyware.
    • Rootkits hide themselves on computer system. They can be used to control your computer or extract data without your knowledge. They may block security software like antivirus programs and firewalls from working. They are virtually impossible to detect using current scanning tools. The most infamous known rootkit is one that is automatically installed on computers when Sony music CD's are played on the computer's CD/DVD drive. See the links below for web pages with removal tools and patches.

What can you do about malware? Prevention and caution are your best defenses.

  • Antivirus software is essential. Install an antivirus program and keep it current. You should also scan your hard drive periodically. The college’s antivirus contract permits students and employees to install the campus antivirus program on personally owned Windows-based computers while they have a relationship with the college. CDs may be signed out in the Library. [Note: If another antivirus program is already on your computer and you choose to install the college's software, UNINSTALL the other program first.]
  • Attachments should be handled with care. Even those from a trusted source may be infected. Create a "quarantine" folder on your computer. Save any attachments to this folder and use your antivirus software to scan the folder before opening any files. If you receive an unsolicited message with an attachment, delete it.
  • Shareware/Freeware programs should be avoided. While there are many worthwhile applications available at low or no cost, they carry a huge potential risk. If you feel you must use these types of applications, scan the files before installing them and scan your computer after installation.
  • Update your computer’s operating system on a regular basis. Many worms and Trojans exploit weaknesses in a computer’s operating system. Updates are available online at http://windowsupdate.microsoft.com for Windows-based computers. You can also access this site quickly via Internet Explorer – click on Tools, Windows Update. If you use a different operating system, contact the manufacturer for support.


Important Note: Microsoft never sends patches or update notices via e-mail. If you receive a message purporting to be from Microsoft with an update attachment or a link to an update website, you should delete it immediately.

 
  • Just say no. If a website insists on downloading software to your computer when you access it or before allowing you to access to the site, be wary. Unless this is a trusted website (e.g., Computer Associates, Microsoft), you may be downloading adware/spyware. Reputable sites will always ask permission and will describe the nature and purpose of the download. If in doubt, contact Computer & Telecommunication Services for assistance. 
  • Crumble those cookies and clear that cache. Many web sites ask you for information and then store it on your local hard drive in files called cookies. Malicious sites can use the same mechanism to retrieve information never intended for them. Temporary files stored on you local hard drive in an area called the "cache" also provide information about your Internet travels. You should periodically delete these files.

Netscape: Click on Edit, Preferences, Click on the "+" next to Advanced, Click on Cache, Click on Clear Memory Cache, Click on Clear Disk Cache

Internet Explorer: Click on Tools, Internet Options, Click on General, Under Temporary Internet Files, Click on Delete Files, Click on Delete Cookies, Click on OK

  • Scan for adware/spyware. The college is currently evaluating scanning software for the campus that will allow us to stop adware/spyware before it ever reaches your Stockton workstation, but there is trusted freeware available for use on personally owned computers. The freeware package that we have found to be the most effective is called Ad Aware and is available at http://www.lavasoftusa.com. Enhanced, and relatively low cost, versions of Ad Aware add real time protection, eliminating the need to scan. As with antivirus software, it must be kept up to date.
To detect potential rootkit infection, Microsoft and F-Secure are currently developing scanning tools. More information is available at http://research.microsoft.com/rootkit/ and http://www.f-secure.com/blacklight/
  • Firewalls block unauthorized access to your computer. The campus network is protected by a firewall whose configuration is tuned on a regular basis. As new threats arise, changes are made to protect the campus. For personal computers, we recommend Zone Alarm. A free version of this software for use on personally owned machines is available http://www.zonelabs.com. Enhanced, and relatively low cost, versions of Zone Alarm provide additional features including pop-up blocking.
[Top]

Virus Hoaxes

Virus hoaxes play on human emotions, manipulating underlying fears that many technology users share. We know and trust older "hard copy" methods of storing information because we have faith in what we can see. While physical data can be destroyed, this requires a physical action that can be observed. Electronic data, on the other hand, is only visible to us when mediated by some type of technology. This technology can fail and these failures may not be obvious until we attempt to retrieve our stored data. Many of us have felt the icy fingers of despair clutch at our hearts when messages like "Fatal Error" appear on our computer monitors. Hoaxsters know about these fears and exploit them.

How can we avoid falling victim to these electronic prevarications? Forewarned is forearmed. Look for the signs.

Virus hoaxes have similar characteristics that are easily identifiable:

Virus hoaxes will warn readers of extreme destructiveness. The "virus" allegedly has the power to destroy the contents of your local machine. Some even claim that electrical damage will result. True viruses can harm files, however, they must attach themselves to computer programs that are related to specific operating systems or applications. Although attachment files could include damaging code, your computer cannot be infected by simply reading a plain text electronic mail message.

Every field has its own specialized language that can be used to intimidate the uninitiated. The author of a virus hoax will freely use computer jargon in an attempt to lend authenticity to his message. In most cases, the jargon used in hoax messages is misused or even contrived.

Hoax authors will invoke the names of known and trusted authorities such as news services, government agencies, research universities, and large technology manufacturers. The anxiety level of the unsuspecting reader is heightened when s/he reads phony quotes attributed to respected sources that emphasize the danger of the purported "virus". Legitimate computer files may be identified as sources of infection thus prompting users to delete these files and create problems with their computer.

After doing his best to frighten you, the hoaxster’s final step is an appeal to your noble side. Hoax authors urge you to forward their warning to everyone you know. Using the speed and power of electronic mail, the hoax spreads like wildfire, clogging e-mail inboxes around the world.

What can you do about virus hoaxes?

  • Don’t forward the messages along to the campus community. If you receive a virus warning, report it to Computer and Telecommunication Services. We will check out the message and report to the campus community.
[Top]

Chain Letters

The chain letter, another electronic scam, originated in our "hard copy" postal system and has moved into the virtual world. Chain letters share many of the same characteristics as virus hoaxes. The major difference is that chain letter hoaxes generally promise monetary gain. What many perpetrators do not realize is that electronic chain letters, just like their "hard copy" cousins, are illegal. It is a federal offense to propagate such messages under Title 18, Sections 1302 and 1953 of the United States Code. Penalties include fines and imprisonment of up to two years.

Electronic communications containing unsolicited advertisements for property, goods, or, services and transmitted via telephone lines are also illegal. Messages communicated between Internet sites do travel over telephone lines and have been held subject to the provisions of Title 47, Section 227 of the U. S. Code. Congress has also introduced new legislation specifically addressing unsolicited commercial e-mail advertisements. See the links below for more information.

If you receive a chain letter or unsolicited advertisement, the smartest thing to do is delete it. If someone is persistently sending you unsolicited messages, contact Computer & Telecommun-ication Services and we will advise you on dealing with the problem.

[Top]

Phishing

Phishing is a variation of unsolicited e-mail that involves tricking the recipient into believing that the message originated from a trusted source such as a bank, credit card company, insurance company, or retail store. These messages have the appearance of legitimacy, but ask the recipient to provide private information such as account numbers, usernames, and passwords. If you receive a message requesting personal authentication data, do not respond. Legitimate companies will not request this information via e-mail. If you have any doubts, contact the company through other means (telephone, fax, U.S. Mail).

Other methods of protecting yourself from phishings scams include:


If you fall victim to a phishing scam, file a complaint with the Federal Trade Commission at http://www.consumer.gov/idtheft/

You can report phishing scams online at The Antiphishing Working Group or MillerSmiles.

[Top]

Pharming

Pharming involves redirecting a user's browser session from a legitimate web page to a bogus web page. This redirection can happen in two ways -- local computer infection and DNS poisening.

The typical method is via a computer infection, usually delivered via a phishing message. The infection re-writes specific network files on the computer that cause the browser to go to an incorrect address. At the bogus address, the user is presented with a web page that looks very similar to authenticate web page. To complicate the situation, the infection may randomly send the browser to the legitimate site making detection by the end user extremely difficult.

The second method, called DNS poisoning, happens at a higher level. DNS, or Domain Name Services, is used to translate web page addresses into numeric addresses that Internet communications gear and servers can understand. Keeping DNS in good health is the responsibility or your Internet Service Provider. If DNS is poisoned, your browser can be re-directed to bogus web sites even when the correct address is given.

To combat pharming infections, install a firewal, keep your antivirus and anti-spyware software up to date, keep your operating system up to date, and be sure to read all web pages carefully. A bogus site will not behave in the same manner as a legitimate site. If you have any doubts, contact the company through other means (telephone, fax, U.S. Mail).

[Top]

 

Useful Links

For more information, visit the following web sites:

Anti-Adware/Spyware

Anti-Phishing

Anti-Virus

Fraud Reporting

Hoaxes

Pharming

Rootkits

Security Guidelines

[Top]

 

Instructional Technology Resources
    Welcome | Computer & Telecommunication Services Home | Stockton Home