The “phishers” get more sophisticated all the time. PC World magazine has an article on targeted or “spear” phishing. This method concentrates on a relatively small and selected group, making it harder to recognize than the mass mailings aimed at huge groups like Ebay or PayPal users.
The spyware scene changes rapidly and it is wise to keep up with the software that can be used to guard against this Internet hazard. The latest edition of Windows Secrets Newsletter has a nice roundup of the latest software reviews in this important area.
I am often asked if there is a quick way to close down a computer without having to go through all the steps Start-Turn Off Computer-Turn Off. Windows XP comes with a special executable file for shutting down called shutdown.exe that allows you to make a shortcut for just that purpose. It can also be used to logoff a user or to restart the computer; the details are given at http://www.vlaurie.com/computers2/Articles/shortcuts2.htm. Here is how to make a shortcut to shut down. Right-click on an empty spot on the Desktop and choose “New-Shortcut” from the context menu. In the line “Type the location of the item” enter:%windir%\system32\shutdown.exe -s -t 0
Press “Next”, give the shortcut a name and choose “Finish”.
Fred Langa’s newletter has a reference to an article by security specialist Marcus J. Ranum called “Six Dumbest Ideas In Computer Security” . Although it is probably aimed at IT professionals, it is easy to understand and I think it’s well worth reading by the average PC user.
ZDNet has been carrying a series of discussions by George Ou and others on the relative safety of the two most popular browsers. Unfortunately, I find the discussion by Ou to be a poor way of looking at the security issue. His analysis has been partly answered by one of the Firefox authors Blake Ross in an interview. In response to Ross’ s comments, Ou has modified his original contention about the relative lack of safety in Firefox and now says the rather wishy-washy “The bottom line is that we have some mixed results where either browser camp can claim victory.” However, Ou continues with his numerology and ignores many of the complex issues involved. I still think that the question of which brower is safer should be addressed in the context of who is using it. (See this article).
I am constantly getting group email from people that I know. By group email, I mean a message sent to a bunch of different people at the same time. Sometimes these mailings have useful information and sometimes not. What really bothers me, however, is when the addresses of all the recipients are listed in the “To” line. I often do not know many of these people. That means that my address is being displayed on a bunch of computers belonging to strangers. The worst part, however, is that sooner or later one of these strangers picks up a worm or Trojan and my address starts going out on phony infected email. I see evidence of this all the time. An address does not have to be in the address book of an infected machine for a worm to find it. Worms will look at all your stored email and a lot of other places for addresses.
When you do group mailings, PLEASE use the blind carbon copy (bcc) method. Any reasonable email program has a bcc line for addresses. When blind carbons are used, recipients of group mailings do not see each other’s names or addresses.
There is lot of talk on the Internet about this question and personally I think a lot of it is misleading (I am being diplomatic). I have written an article that expresses some of the points that I think people are missing. As time permits, I will be adding other comments on this subject in this blog.
Many experts recommend that PC users not use the Administrator Account in Windows XP for daily use. Instead set up a limited account. By using a limited account you take out some insurance against an infection by a worm or Trojan. If you do get infected, the limited account cuts down the damage that can be done. The security columnist Roger Grimes states that “70 to 90 percent of all current malware threats would fail to work if the end-user executing them did not belong to the local administrators group”.
To set up a limited account go to Control Panel-User Accounts. When you set up an account, it is also a good idea to use a password to protect it.
In Windows XP, the default setting is for Windows Explorer to start with “My Documents” at the head. I am often asked how to get Windows Explorer to start where a user wants instead. Here is how to get Windows Explorer to start at the C: drive.
Right-click on an empty spot on the Desktop. In the context menu, choose “New- Shortcut”. In the space labeled “Type the location of the item”, enter:
explorer.exe /e,/root,c:
The syntax must be exact so watch the commas and spaces. Click “Next”, give the shortcut a name, and click “Finish”. Put the shortcut on the Quick Launch Bar or wherever it is convenient.
This more detailed article gives other Windows Explorer options.
I just don’t get it. I am constantly receiving spam email with all sorts of strange things in the subject line. Who opens this sort of thing? Even more mystifying to me is why anybody would not only open but actually reply to this kind of junk mail. Here’s a typical one I got today. It says it’s from “Ozzy Snellgrove” and the subject is “Re: Mgedications Pro 4 You”.
Somebody must buy pills from Ozzy and all his other pseudonyms or all this spam would stop. But why? If we would stop responding to this stuff, it would cut way down on the spam and make using email a lot more pleasant.
Opening mail from Ozzy may do no more harm than lighten your pocketbook but answering “phishing” mail can be very costly. Watch out for attempts to cash in on the hurricane disasters by phony charitable donation scams. Make your donations by using known, reputable methods.