Archive for Technology

5 ways to stop spam

I don't like SPAM!

I don't like SPAM!

One of the questions I get asked fairly often is “Why am I getting so much junk email?” The answer is simple… money.
Well, it’s more complicated than that, but ultimately that’s what it comes down to.

Money? Yes, money.
Estimates say that in 2005 there were *only* 30 billion spam emails sent… in 2007 the number jumped to over 90 billion. (source: wikipedia) The amount tripled in just 2 years and it seems like we are getting even more unsolicited commercial email (UCE) in our mailboxes every year. Why? Because it’s almost free to send email and it works. People still respond to these messages. The bad guys make money from folks ordering prescription pharmaceuticals, viewing pornography, buying replica designer watches, downloading software, and even turning your computer into a spam email sender. The return on investment in huge because it is basically postage due advertising where the cost is paid by the recipient. And it only takes a tiny fraction of people buying this junk to keep the incentive for the spammers.

So what can you do about it?

1) Don’t respond – Take away the financial motivation for the businesses who send junk mail. Most of us don’t respond, but it’ll only stop if everybody stops buying from companies who use unsolicited email for their marketing. Don’t fall for the trick of “unsubscribe from these emails” either. Any response to junk mail just serves to verify your email is legitimate. A verified address is more valuable to spammers because they can now sell your email address to another spammer.

2) Turn off auto-preview – Many email clients automatically open up email as a  “benefit” to users. Actually, it benefits the junk mail senders, virus writers and malware creators more than it benefits users. Auto-preview does a few things that help keep spam alive. Auto-preview might download images from the web which is another method spammers use to “verify” your email address.  Auto-preview may allow security threats to automatically launch multimedia files, harmful executables, infected PDF’s, etc.

3) Keep your system updated. – Out-of-date security is worse than no security. Software vendors have made a concerted effort to regularly update their software to ward off new and emerging security threats. But if you don’t keep your software updated, then the bad guys can exploit known flaws and install malware on your machine. So how does keeping your computer secure stop spam? Malicious software known as “trojan horses” are designed to allow a hacker remote access to your computer so he can turn your computer into a spambot. An army of these bot machines are rented out to spammers at the rate of $700/hr allowing them to send email from multiple machines at alarming rates.

4) Use layered protection – As with all security, a layered approach works best. Most email providers will offer spam protection for their users. Then add another layer on your desktop to catch anything that might slip through the first layer. Typical desktop protection costs between $30-40/year. Below are a few of the top rated desktop solutions. McAfee and Norton also offer protection within their security suites.

MailFrontier
MailFrontier Desktop –
http://www.mailfrontier.com/products_matador.html

SonicWall
SonicWall Anti-spam Desktop
http://www.sonicwall.com/us/products/anti-spam-desktop.html

Cloudmark
Cloudmark Desktop
http://www.cloudmark.com/desktop/

5) Don’t give out your email address to just anyone – It may be too late for this last bit of advice. I urge people to treat an email address like a credit card: only give it out to folks with whom your are doing business or whom you inherently trust. If you receive more junk mail than legitimate mail it may be time for a new email address. There are lots of freely available web-based emails out there, Gmail, Yahoo, MSN, to name a few.  Sign up, send your friends and family the new email address, and start using that as your primary email.

gmail
GMail
http://mail.google.com/

yahoo
Yahoo –
http://mail.yahoo.com/

msn
MSN
http://www.msn.com/

If you have any questions or comments let me know. I’m here to help.

-Erik

Leave a Comment

How secure is your internet connection?

Gibson Research Corporation – GRC.com

Have you tested your shields lately?

The folks at GRC have created a web-based scanner that will tell you exactly how secure (or insecure) your connection to the internet is (or isn’t). Click on over and you’ll find ShieldsUP listed under Services at GRC.com

Here’s what they have to say about their scan…

This Internet Common Ports Probe attempts to establish standard TCP Internet connections with a collection of standard, well-known, and often vulnerable or troublesome Internet ports on YOUR computer. Since this is being done from our server, successful connections demonstrate which of your ports are “open” or visible and soliciting connections from passing Internet port scanners.

via GRC | ShieldsUP! — Common Ports Probe .

The ShieldsUP scan is one of the tools I use and recommend, (along with lots of other offerings from GRC.com more on those later). It takes a minute or so to run the port probe, but the satisfaction that your internet connection is secure is well worth the wait. And if your connection is insecure you will get detailed information on the open ports, what the risks are, and what you can do about it.

Head on over and run the scan. If you don’t get a “True Stealth” rating let me know and I’ll see if I can help. Here’s the results of my most recent scan…

Your system has achieved a perfect “TruStealth” rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to “counter-probe the prober”, thus revealing themselves. But your system wisely remained silent in every way. Very nice.

As you can see, the results are written in a clear and friendly style. Gibson Research Corporation is another one of the good guys out there helping to tame the wild and woolly internet for folks like you and me. Now go check your shields.

Leave a Comment

Are you protected?

Are you protected?

Tech Tip – Vulnerability ScanningSecunia.com

Most Windows users know about Windows Update and probably have it set to check automatically for critical updates to Windows. But what about the rest of your software?

That’s where Secunia comes in to play. I first learned about Secunia from one of the network security conferences I regularly attend and found them to be one of the good guys.

Here’s what they have to say about their software inspectors…

Scan, detect, and update vulnerable programs. The Secunia Software Inspectors are the first internal vulnerability scanners that focus solely on detection and assessment of missing security patches and end-of-life programs – the result is an unprecedented level of scan accuracy. Scanning for missing security patches and vulnerabilities have never been easier or more precise.The Software Inspectors are perfect supplements to Windows Update as they inform about missing patches for thousands of third party programs. Secunia offers three Software Inspectors, each with a specific user focus.

I personally use the free PSI (personal desktop) product on my home computers and run the online scanner as part of my diagnostics when servicing clients. Give it a try and see what you think.


http://secunia.com/vulnerability_scanning/

Comments (1)

How can I help?

Computer help

I often hear folks talking about problems they are having with their computers and the first thing I think is “How can I help?” Some people want advice, others want someone to just fix it, and still there are others who just decide to live with the problem. If you fit into either the first or second category, then you’ve come to the right place. I’m here to help.

Leave a Comment