A few days ago, a large number of websites were infected with code that directed users to other sites whereby they were warned that their computers had been compromised.
Warnings comprise dire pronouncements about resident viruses, tracking cookies, malicious code that turns your PC into a further disseminator of ill and mayhem, and so on. On immediate hand is a rescue: Download our software and clean your PC before irreparable harm transpires. Frequently the software comes with a price, and payment is made by the unsuspecting user.
Sometimes the downloaded “cure” (whether purporting to be anti-virus, anti-spam, removal toolkit, etc.) is an empty program that runs a bogus progress of virus scan and removal. Too, it almost certainly is a program that turns your PC into a further propagation unit of harm. It may also collect your keystrokes – stealing passwords, credit card numbers, personal details, security answers… and report them back to the originating entity.
Do not download and install anything from the web that you do not recognize. Things such as Windows updates (from MicroSoft) and updates from legitimate programs (such as Norton, McAfee, etc.) should be recognizable to you, based on what you run in your local environment; be that a network at work, or a PC or Mac at home. Don’t take chances – know what you have, use, need and trust.
Of course, professional environments, workplaces, are going to have their security pretty well covered (we hope). But what of home users? Well, there are some legitimate, and fairly good, free anti-virus/security softwares available on the web. But why not spring for something a bit more robust, with regularized updates, and a reputation to maintain in the marketplace? That’s what I recommend. I don’t want to endorse specific software solutions (unless someone wants to pay me), but if you’re uncertain where you stand on security, here’s at least a near-term plan to get you started:
Visit a “big-box” retailer and go to the computer department. Have a look at what they offer; read the boxes. Read some reviews in the leading PC/Mac magazines. You can always go online and buy at the online site, or pick up your preference at the retailer.
As to these latest threats: When prompted with unknown and unfamiliar “tools” and so-called solutions: Decline. Take note of the name of the activity and Google it. Chances are high that there will be several news articles describing what you just experienced, and exposing it for what it is: A bogus solicitation for providing you protection, while directing harm your way.
In the workplace, ensure that IT pushes out regular e-mail warnings about both general and specific scams and fakes; also have them include it in quarterly refresher training. For particularly dangerous circumstances, it may be wise to call an ad-hoc meeting of managers, minimally, for their update with immediate subsequent appraisals to staff.
As importantly, if you have young users in your home, ensure that kids know what to look for and avoid. Survey their machines from time-to-time for risks and protection.
Stay safe out there…
NP: Since I Fell for You – Lee Morgan, jazz24.org