Archive for the ‘Exploits’ Category:
Conficker Virus Begins To Attack PCs
I was reading about the Conficker virus on Shawn’s Technology Blog. He says that a report from Reuters says the Conficker virus — which was supposed to activate on April 1st — has slowly started activating on computers by installing spyware and turning them into spam servers.
Conficker is also known as Downadup and Kido, and it also installs a second virus called Waledac.
Reuters mentions how the computer worm began spreading late last year, and how it was designed to respond to commands from a remote server. This army of slave computers infected with the worm controlled by a remote server is called a botnet.
Furthermore, Vincent Weafer, a vice president with Symantec Security Response, makers of Norton Antivirus, has reported that recently the unknown controllers of this remote server have begun using a small percentage of the computers they control to upload ‘malware’ and ’spyware’. One such piece of malware is the Waledac virus which installs itself on the infected computer, and then uses the computer to send out spam email messages promoting a fake anti-spyware program.
Meanwhile, Shawn’s technology Blog is very wisely recommending that computer owners keep your Windows software up to date by visiting the Windows Update web site. He also recommends you install anti-spyware software such as PC Tools Spyware Doctor. I strongly agree with his recommendations, and have done so frequently in this blog. I also recommend you install an antivirus program such as Alwil’s free Avast! antivirus program. Yes, you read that correctly, Avast antivirus is free. I have been using it on all my computers for several years now.
There is a free version of Spyware Doctor available from Google which does a good job of removing spyware, but for real time protection against spyware you should purchase Spyware Doctor. If you don’t have an antivirus program, you might also consider downloading Spyware Doctor with AntiVirus
.
Have a question about spyware or viruses? Then why not post a Comment or Question with the link below.
Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with Skylarking’s email form.
Subscribe to the comments for this postWoops! 11,000 free pizzas from Domino’s
Here’s a little news story I caught during my lunch break. Too bad today’s Friday, and not Monday.
It seems that, back in December, D0mino’s was considering an online coupon offer for ordering pizzas through their web site. The idea was that you’d be able to enter the coupon code — “Bailout” — at checkout, and get yourself a free medium pizza if you drove over to your local Domino’s to pick it up.
Nice deal for the consumer, but here’s the problem for Domino’s.
It seems they were only considering the “Bailout” coupon campaign, AND decided NOT to go ahead with the campaign, BUT someone at Domino’s had programmed the coupon code into the system already, and forgot to, or didn’t, remove it. So the code was in the system, BUT there was no ad campaign anywhere promoting the coupon code.
So Domino’s Pizza had an unapproved coupon code lurking in their system. A coupon code that should have been removed from the system because the campaign had never been approved. Free pizzas were just waiting in the computer.
Then just a few days ago someone in the Cincinnati area, we don’t know who, was on the Domino’s Pizza web site buying a pizza and they just decided to try entering “Bailout” in the coupon code space. Probably as a goof. It was just a random thing. They had no knowledge of the code, supposedly, they just thought they’d try entering the word “Bailout” in the coupon code box on the web site and see if anything happened.
And something happened. They found out they could get a free medium pizza, if they went to their local Domino’s Pizza to pick it up.
Then this person, or someone they knew, started telling people, probably friends, about this coupon code, how to use it, and what they’d get for it; and the word spread like wildfire.
One franchise owner, John Glass, who owns 14 Domino’s Pizza stores in the Cincinnati area, says that by late Monday evening his stores had given away 600 free pizzas. That’s a lot of dough. (Domino’s says they will reimburse Mr. Glass for his losses).
Overall, the report has it that around 11,000 free pizzas were given away before the coupon code was deactivated on Tuesday morning.
You can read the original news report I found at MSNBC, and you can also read one web page that was promoting the secret code at Rick Broida’s “the cheapskate” column over at CNET.com.
Got a story to share? Have a question? Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with Skylarking’s email form.
Truth About Email Petitions
I received the following question just last night:
I received an email telling me that email petitions and chain letters use tracking software and cookies to collect email addresses from anyone who receives that email message. I was also told that email petitions aren’t acceptable by congress like a signed petition would be. Are both these items true?
Well, the first is false, and the second is true.
Tracking Emails and Tracking Software
The only way an email can be tracked is from one sender to the first recipient. If I send an email message to a friend, it is possible for me to be notified when they open the message. If my friend forwards the message to someone else, there is no way for me to tell that has happened; nor is there any way for me to receive the email address of that second recipient, or any recipient after that. So, no, there are no tracking programs of this sort.
BUT, Remember the concept “Six Degrees of Separation”? Erase email addresses before forwarding a message
The idea of “Six Degrees of Separation” says that everyone is 6 steps away from any other person on the planet. Which in my way of thinking means that we are all six steps or less away from a spammer. The problem here being that when people forward an email message they usually leave any previous email addresses in the message, too, plus most people add new addresses of their own when they forward the message. The best practice here is after you click FORWARD and before you click SEND make sure you erase/delete any email addresses that appear within the email message. That is, just before you click SEND, read through the message and erase any email addresses you find in the message. If you don’t, you never know who in the chain knows or is a spammer.
BCC: Blind Carbon Copy Hiding Email Addresses
When you are sending an email message to multiple recipients, use the BCC or Blind Carbon Copy feature to address your message. That is, use BCC instead of TO. An, if your email software says, “At least one recipient is required in the TO field”, then put your email address in the TO field, and everyone else in the BCC field. The BCC field hides the email addresses from the recipients. When the sender uses the BCC field to address an email message, the recipients of that message will see “undisclosed recipients” in the TO field or elsewhere in the message. If you can’t find the BCC feature in your email software, contact your email service provider and have them tell you how to access it. Or you can contact Skylarking and I will help you find the feature.
Email Petitions Don’t Work
That much is true. A genuine petition requires signatures and street addresses. Anyone can type a list of names and email addresses into a petition, but there is no way for the recipient to prove or disprove that those people participated in or knew about the petition. It is best that each individual person email or contact their representative directly, and not as part of some long list of names in an email message. Additionally, you wouldn’t want to include your street address in such a petition, since you never know if that message might eventually end up in the hands of a spammer or an identity thief. After all, most acts of identity theft are performed by the victims friends, co-workers, and family members.
Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.
