Brother, can you spare $2500…?

When people think of “cyber-crime” most people think of hackers, viruses and other malware, etc.  In other words, they think in terms of attacks based on technology, and that can be defeated by technology such as antivirus software, firewalls, etc.

In reality, most cyber-criminals rely more on human nature than technology to achieve their goals.  This is called “social engineering”, and it is on what most online scams are based.  The criminals rely on greed, on the trusting nature of people, or on the compassion for others to either get your personal information, or in some cases, get you to give them your money willingly.

Continue reading

Are your kids sharing music with friends? It could cost you big bucks…

This is a little off the topic of security per se, but I though this was a good wake up call for parents of kids who might be sharing their CD collection online with their friends:

 A federal judge in Boston today formally signed off on a $675,000 fine that a jury assessed against Boston University doctoral student Joel Tenenbaum for illegally sharing 30 copyrighted songs. (“Update: Judge affirms $675k verdict in RIAA music piracy case”,, 12/8/09)

Continue reading

Protect your financial information: Use a Live CD for banking and shopping

Today’s topic may be a little technical for the average user, but I’ll try to make it easy for even non-technical users to follow.  If you read this article and are interested, but don’t understand something, feel free to post a comment and I’ll try to help.

So we have talked about a number of ways to protect your personal and financial information, mostly in the context of a Microsoft Windows environment.  But there is another way to make sure that you don’t have Trojans stealing your information when you are banking or doing online shopping – don’t use Windows!  No, I’m not suggesting that you go out and buy a Mac, or that you install another operating system.  I’m suggesting you use a Live CD when you do any financial transactions.

Continue reading

Windows 7 developing a reputation for security

Well, it is almost time for “patch Tuesday”.  On the 2nd Tuesday of every month, Microsoft releases updates and patches for its operating systems (OS) and applications. In particular, this is the day each month that MS patches the critical security flaws that have been discovered in the preceding months.  When previous OS versions have been released, such as XP and Vista, the first few months saw a flurry of critical updates as holes were discovered and patched.

Looking at the advance notification of what is to be released next Tuesday, there appears to be only one patch affecting Windows 7.  Actually, the patch is for Internet Explorer 8, but the vulnerability affects all version of the OS running IE8, including Windows 7. 

With the discovery last month of a flaw that could allow an attack that could cause the system to “blue screen”, this is only the 2nd critical update for Windows 7.  From a security standpoint, that is unprecedented for a Microsoft OS.  It appears that Microsoft gave more than lip service to the focus on delivering a more stable and secure platform this time.  And speaking for myself, I find Windows 7 much easier and more enjoyable to use than Vista ever was. 

So if you are considering buying a new PC for Christmas, and you are worried about Windows 7 being fairly new, my advice is – don’t worry.  From all evidence so far, it is much superior to Vista, and should provide you with a good computing experience. 

(Of course, you should always keep your system updated with the latest patches as they are released.)

Think before you click!

People are probably going to get tired of reading this, but it is one of the most important lessons you can learn to protect yourself online.  Whenever you receive an e-mail with a link or visit a new website, think carefully before clicking!  So many of the viruses and other malware being spread today only succeed because the cyber-crimimals are able to persuade users to click on a link that launches the attack.

Continue reading