When you have a file that’s questionable, you just upload it to VirusTotal and let it analyze it using its many online antivirus search engines. These engines are familiar too: Kapersky, McAfee, Microsoft, ewido networks, Avast!, Panda Security and many others.

This is NOT meant to be a substitute for a real antivirus software package that you install on your computer. And they do point out that no one package — including their’s — offers a 100 percent guarantee. However, when you take the necessary steps to protect your computer from viruses by using different solutions, you increases your chances of avoiding an infection.

Zlob adware, a Trojan, is what you get when clicking on some fake links to videos on the popular web community. This particular variety causes pop-up windows that advertise antispyware that really aren’t spyware.

By the time you download and install it, it’s too late. And according to what I’ve read, you need YouTube’s help to remove it. But after a quick search I was able to locate these instructions for removing the malware should you become infected.

So take moment:

• to be sure you have antivirus software running on your computer
• to make sure it’s up to date with virus definitions
• and monitor your kids use of YouTube

YouTube does have useful and entertaining videos. But as I’ve stated here before, I highly recommend that parents need to get involved with all the online activities their children perform, particularly when videos are concerned.

[tags]malware,software,youtube,computer virus,trojan[/tags]

My decision to include this is to serve as another example of how we can become fooled with fancy words and the sense of urgency. But remember this: the more you know about your enemy, the less likely you are to become their victim.

In this particular instance, an attachment was included, but with an icon embedded in the body of the email. The phrase, “Word has encountered an error, please double click on the icon above to relaunch msword.exe” was included.

The purpose of this was to lower your defenses — your mental defenses, that is — because you’re more likely to think that some sort of “processing” has taken place on your computer, and if your computer knew to do something, then it must be all right, yes? Nope.

Here’s the message:

Dear business owner ,

It has come in our attention that your company is participating in an illegal scheme to avoid paying taxes can result in imprisonment and fines, as well as the repayment of taxes owed with penalties and interest.

Certain large and mid-size corporations are required to electronically file their Forms 1120 and 1120S. Other corporations may do so. We have attached to this email an e-file information for corporations that prepare and transmit their own electronic corporate income tax returns and those that use the services of third party tax professionals.

Our web site provides an overview of electronic filing and more detailed information for those corporations that prepare and transmit their own income tax returns. Corporations that rely upon third party tax professionals to prepare and transmit their tax returns should consult their tax professional.

The IRS has begun an investigation regarding this fact and we need your cooperation. Instructions on how to resolve this, as well as a INVESTIGATION FORM are attached to this email.

Please complete the form, sign it and send it to tax-avoidance@irs.gov within 48 hours. Thank you

George William

IRS TAX PAYMENT AGENT
FRAUD DEPARTMENT

Wow! It’s from the IRS. It sounds official, and gives you the sense that maybe somebody has been watching you.

Well, don’t fall for it. Have you ever received a legitimate email from the government. To the best of my knowledge, snail mail is the preferred method of communication for such warnings.

So, I said it before, but it bears repeating: if you question the legitimacy of a message, contact the entity being represented and DON’T use the contact information in the email as it could also be fake. And don’t click on any links. Instead, either run a search for the company to find their true web site or type in the URL to get there.

[tags]phish,scam,virus,computers[/tags]

The message read as follows:

From: Better Business Bureaus [mailto:operations@bbb.org]
Sent: Monday, June 04, 2007 7:07 PM
Subject: Complaint Case Number 918724369

Dear Mr./Mrs. [name removed]

You have received a complaint in regards to your business services. The complaint was filled by Mr. Robert Martinez on 6/2/2007

Complaint Case Number: 918724369
Complaint Made by Consumer Mr. Robert Martinez
Complaint Registered Against: [company removed]
Date: 6/2/2007
Instructions on how to resolve this complaint as well as a copy of the original complaint are attached to this email.

Disputes involving consumer products and/or services may be arbitrated. Unless they directly relate to the contract that is the basis of this dispute, the following claims will be considered for arbitration only if all parties agree in writing that the arbitrator may consider them:
- Claims based on product liability;
- Claims for personal injuries;
- Claims that have been resolved by a previous court action, arbitration, or written agreement between the parties.
The decision as to whether your dispute or any part of it can be arbitrated rests solely with the BBB.

The BBB offers its members a binding arbitration service for disputes involving marketplace transactions. Arbitration is a convenient, civilized way to settle disputes quickly and fairly, without the costs associated with other legal options.

© 2003 Council of Better Business Bureaus, Inc. All Rights Reserved.

So what are some of the clues?

To begin with, I’m not registered with the BBB. Maybe I don’t have to be, but it’s certainly out of left field that this message comes to me.

Now about that document. It presented itself as a PDF, but in actuality it was an executable — a file that runs on a computer like an application. All one has to do is open it up to release its payload and who knows what will happen after that: loss of data, spyware installed, computer rendered useless, etc.

And did you notice that “Mr./Mrs.” part? Don’t you think they’d know who they’re dealing with if the message were legitimate?

And the overall “official-ness” of the message may cause one to think that somehow there must be a connection, thus making it more likely to open the document attached.

If you receive something like this and feel there’s some validity to it, then give your local BBB a call to verify the case number. And just as important, be sure you have a antivirus software package installed and up-to-date with virus information.

[tags]scams,phish,virus,computers[/tags]

Scandoo is just such a service that reduces your risk of viewing offensive material as well as identify sites that may be known to spread spyware or other malicious software on your computer without your knowledge. It does this in three different flavors: a search engine that you visit just like you would Google; a toolbar that works in Firefox and Internet Explorer; and as a plugin for Firefox.

When you perform a search using one of these methods, Scandoo scrubs the results with its filters and presents you with links, only these have icons attached to them. These icons are are ratings based on what it know or thinks to be questionable or safe material.

For example, a checkmark indicates the content behind the link meets your security preferences. A question mark indicates that it’s not sure if those preferences are being met. And an ‘X’ indicates that it doesn’t meet them. To find out more you can roll your mouse over these icons to be greeted with a small pop-up that shows you the site definition used to rate that link. It also provides a link to redefine should you feel the need to override its decision.

While this does raise a few eyebrows, antivirus experts believe this to be a low-level threat as it requires users to intentionally accept a file. I find this odd for them to point out because that’s how much of the Windows viruses are delivered. A user gets something in their email or a link is given to them in an instant messaging window, and boom — they’re infected. Although, I do admit that we are seeing viruses become more sophisticated, so this human component is becoming less and less of a need.

By and large the Windows platform is a hacker’s operating system of choice to try and infect. That’s because of two reasons: the widespread use of the platform, and it’s an easier target. The Mac OS, on the other hand, and according to my sources, is not so easy to crack. Be that as it may, this recent discovery is evidence that people are trying to crack it.

The bottom line is: get an antivirus program and keep it updated with the latest virus definitions.

Well, history is repeating itself, but apparently on a much larger scale as this latest concoction affects a wider variety of Windows operating systems, like back to 1990. And it doesn’t even have to happened on a Web site. It could be while you’re viewing in an instant message or an e-mail. Microsoft is aware of the threat, but has yet to provide a patch to protect its users.

Until a patch is made available, do two things: stay tuned here to learn when they do, and be sure to update your virus definitions files.

Recently, another virus was making the rounds in the instant messaging world. This one, called “IM.GiftCom.All”, was a worm that would seek out the contact information found in your IM application and send them a little “present”. Your friends would receive a link to visit a Web site, thus infecting them. And the process would continue.

The moral of the story: during this time of year it’s common to receive such seasonal greetings. Just be sure you take a little extra precaution before downloading a file that has been sent or an invitation to visit a Web site. One of my friends sent me an e-mail earlier this month. It didn’t have the same “feel” as other messages from her, so I e-mailed her back asking if she sent the message just to be sure. Turns out, she did send it, but it just goes to show you that even the most innocent attempts of sending something can be deceiving.

The message catches your attention because it says it has logged your IP on 30 illegal Web sites. Then it asks you to answer the questions in the attachment.

The “from:” address is enough to make you think it’s the real deal: mail@fbi.gov, post@fbi.gov or admin@fbi.gov.

Don’t open; just delete it.