ALSO LOOK OUT FOR PHISHING! By ARUN MARBALLI
In my column last month, I had mentioned the burgeoning population of botnet- connected computers that are predominantly used for generating spam e-mail. According to data from Barracuda Networks, a security vendor located in Mountain View, Calif., there has been a 67 percent increase in overall spam volume and a 500 percent increase in image-based spam since August 2006. Further proof of this is found in the story that appeared in the latest e-Week Magazine about a sophisticated botnet under the control of a Russian hacker organization involved in the recent surge of e-mail spam pushing penny stocks and other products of dubious distinction. The sophistication of this organization can be judged from the findings of Internet security researchers and law enforcement authorities that have estimated the botnet consists of more than 70,000 peer-to-peer connected computers spread out across 166 countries with over half of them located in the U.S. These 70,000-plus units are segmented into different botnet server ports based on the mutation version of the SpamThru Trojan virus that infects and connects these machines together; and then further partitioned into sub-groups of no more than 512 bots (almost analogous to terrorist cells). It appears that the controllers of this botnet keep detailed statistics of all the computers in their network, including the version and update status of the operating system. The e-mail address lists appear to have been harvested from the computers linked to the botnet as well as from breaking into various databases connected with small investment and financial news Web sites. What raises this botnet a notch above the rest is that the SpamThru Trojan they use to enlist new computers into their network actually uses a pirated copy of antivirus software to identify, isolate and eliminate other competing viruses and spyware. Our best bet for protecting ourselves from such scourge is to ensure that all of our layers of protection are in place and up-to-date.
The other trend that has been consuming the attention of Internet security folks has been the constantly evolving world of phishing. The latest scam making the rounds these days is the Social Security e-mail scam. According to CNNMoney.com: �If you receive an e-mail announcing the cost-of-living increases scheduled for 2007 Social Security benefits and purporting to be from the Social Security Administration, don�t answer it and don�t click on any links in the e-mail.� Recipients of this e-mail are asked to update their personal information or risk having their Social Security �account� suspended indefinitely � a dire warning indeed and one that is bound to evoke an impulsive response. This is consistent with all phishing attempts. As I have said before, the best way to deal with these kind of e-mails is to pick up the phone and contact the institution/organization that is supposed to have sent you the e-mail and verify its authenticity and please � do not use a phone number on the suspect e-mail!
In one of my earlier columns, I had identified the firewall as software for monitoring and filtering in-bound and out-bound communication traffic between a computer and the Internet. I had indicated that the firewall was an essential layer of protection, which shielded our computer from unsolicited communication. Firewalls come in two flavors � as part of the operating system (Windows) or as a third party product. In the ongoing saga of good guys versus bad guys, the Windows-based firewall has become the latest casualty. It appears that hackers have published programming code that will disable the firewall included with certain Windows XP computers running the Windows Internet Connection Service (ICS). Although this exploit is unlikely to affect most of us (since by default ICS is not running), and it has no effect on third-party firewalls, I believe we should all be wary of this possibility and utilize third-party firewalls as one of our layers of protection.
Last month, I had recommended against automatically upgrading to the Internet Explorer 7 (IE7) browser that was released at the end of October. The IE 7 browser brings into play numerous security features that are supposed to make our cyber-experiences safer. Features included in this new browser include � Tabbed Browsing (which in essence will allow us to actively view multiple Web sites simultaneously), increased screen real-estate by eliminating the menu bar and replacing it with a tool bar that provides a drop-down menu list when activated, a more accessible and enhanced Favorites Center for saving Web site addresses and bookmarks, a slick RSS feed management environment for subscribing to and receiving information updates and an easier-to-use search feature with the ability to choose our search provider. However, perhaps the most important improvement, according to Microsoft, is in the area of security. Microsoft has eliminated the Medium and Low Security Settings and will literally nag the user if any security settings are set below the recommended level. Many of the controls that were active in IE 6 by default are now disabled so the user would have to �opt in� to use them. Many of these now inactive controls have hitherto provided the security loopholes through which viruses and spyware have sneaked onto our computers. IE 7 now provides an Antiphishing tool that will stop people from viewing a Web site that is known to be a phishing Web site. Finally, on the plus side, IE 7 enables better printing and provides a cleaner more intuitive interface. On the negative side, IE 7 does not offer much in the way of customization; it runs only on Windows XP Service Pack 2 and will have problems with Web sites that rely on Microsoft ActiveX controls and scripting. In the ultimate analysis, although IE 7 appears to provide a significant upgrade over IE 6, I would hold off on upgrading the browser for another month or so (perhaps through the end of the year) to allow any kinks to iron themselves out. But early next year, it should definitely be an upgrade to be considered.
Arun Marballi has worked in the Information Technology arena for more than 20 years with extensive experience in software development, process design and network/workstation management. For comments, questions, tips or suggestions, e-mail [email protected].
|
Contact Information
Anything that appears in Khaas Baat cannot be reproduced, whether wholly or in part, without permission. Opinions expressed by Khaas Baat contributors are their own and do not reflect the publisher's opinion.
The Editor: [email protected] Advertising: [email protected] Webmaster: [email protected] Send mail to [email protected] with questions or comments about this web site. Copyright � 2004 Khaas Baat.
Khaas Baat reserves the right to edit and/or reject any advertising. Khaas Baat is not responsible for errors in advertising or for the validity of any claims made by its advertisers. Khaas Baat is published by Khaas Baat Communications.
|