The types of viruses have run into several thousands already. This number continues to grow as anti-virus software tries to catch up with the latest developed malware with updates in their virus definitions. Infection has become as rapid as the introduction of a new virus because most of these are transmitted through the use of the internet. The web may be your favorite source of any information but it has also become the medium for computer viral contagion. If you do not install a protective measure on your PC, it can surely be infected anytime that you download a file, open an email, or even browse a site.

Of course, you should not allow your PC to be that vulnerable. Otherwise, you will certainly suffer the consequences. You can lose files or you can have your software applications run erratically. The worse that can happen is to have your operating system crashing. If you do not want that to happen, you should install virus protection software on your computer. However, you should not just put any protective software. One may promise you guaranteed protection only to frustrate you in the end after you find out that it cannot prevent some viruses from affecting your system.

If you desire total protection, software that can detect any virus, Trojan, or any other malware type is not enough. Sometimes a malware removal tool is needed. You need to put out an exterior defense. Your system should be able to prevent a virus from coming into your system before it is detected. Because you use the internet often, you will need to have antivirus firewall software. This does not just detect once the virus is in your system. This totally prevents any harmful program from entering your PC while connected to the internet. Therefore, it fortifies whatever internal protection you have already.

Sadly, the fact remains that any development in anti-virus protection is always a bit late than the introduction of a new malware. This is one reason that you must frequently check if your anti-virus software is updated. Failure to do so will increase your PC’s chances of being infected. In fact, some unscrupulous geek may be planning to create a virus that can break through a firewall. Therefore, there is practically not total guarantee. However, having no anti-virus firewall protection can be much worse. You will certainly feel that your PC is safer with some fortified protection on.

Identity thieves employ a variety of methods to gain access to your personal information. They may get information from businesses or other institutions by stealing it; by bribing an employee who has access to records; hacking into records; or conning information out of employees. Once identity thieves have your personal information, they may use it to commit a fraud or theft in your name.

How can you tell if you have become a victim of identity theft?  Some signs include unexplained charges or withdrawals from your financial accounts; bills or other mail stop arriving (the thief may have submitted a change of address); a credit application is denied for no apparent reason, or debt collectors begin calling about merchandise or services you didn’t buy.

Your computer can be a goldmine of personal information to an identity thief. To protect yourself and your computer against identity theft consider:

• Updating virus protection software frequently.  Consider setting your virus protection software to update automatically. The Windows XP operating system also can be set to check for patches automatically and download them to your computer.
• Not opening files sent to you by strangers, clicking on hyperlinks, or downloading programs from people or companies you don’t know.
• Using a firewall program, especially if you use a high speed Internet connection like cable or DSL that leaves your computer connected to the Internet 24 hours a day.
• Providing your personal or financial information through an organization’s secured website only.  While not fool proof, a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for secure), may provide additional security.
• Not storing your financial information on your laptop, unless absolutely necessary.
• Deleting all the personal information stored on a computer before disposing of it.  A wipe” utility program to overwrite the entire hard drive is recommended.

As with any crime, you can not completely control whether you will become a victim, but you can take steps to minimize your risk by remaining diligent and by minimizing outside access to your personal information.

There are many more programs out there that will help, but these programs are good and a good place to start as any. They have the added benefit of both being free with source code available.

Will encryption stop people from accessing my information?

Encryption simply makes it harder for people to gain access to important information, like passwords or sensitive information in a file. The first thing you should know about encryption is that the algorithm that is used to encrypt can be simple or more complex and that affects how securely what you have encrypted is protected.  Encryption systems have been broken when the method of encryption is understood by hackers and is easy to break. 

Why bother to encrypt my email?

It should be noted that email is far less secure than paper mail for two very good reasons:  first, electronic data can be accessed easily over an Internet and secondly, electronic data is really simple to copy. There is a very good chance that someone has snooped around in your email despite your best intentions to stop it.

How do I go about encrypting my email?

There are many programs out there that can help you encrypt your email.  A very popular one is PGP (Pretty Good Privacy) or its Gnu offshoot GPG.  

PGP (http://www.pgpi.org/) self-describes itself this way: This "is a program that gives your electronic mail something that it otherwise doesn’t have: Privacy. It does this by encrypting your mail so that nobody but the intended person can read it. When encrypted, the message looks like a meaningless jumble of random characters. PGP has proven itself quite capable of resisting even the most sophisticated forms of analysis aimed at reading the encrypted text."

Why bother to encrypt my files?

The answer to this boils down to what you store on your computer.  If you have financial data with important information like social security numbers, email addresses, account numbers and passwords, then you open yourself up to losing very valuable information.  Most corporate Internet security employees will attest to the widespread theft of very valuable information. As long as you are connected to the Internet you are vulnerable.

How do I go about encrypting my files?

AxCrypt File Encryption Software  (http://axcrypt.sourceforge.net/) Self-described as "Free Personal Privacy and Security for Windows 98/ME/NT/2K/XP with AES-128 File Encryption, Compression and transparent Decrypt and Open in the original application."

Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business.  The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.

It is not at easy as you think to spot an email phishing for information.  At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail.  The clickable link even appears to take you to the company’s website, when in fact, it is a fake website built to replicate the legitimate site.

Many of these people are professional criminals.  They have spent a lot of time in creating emails that look authentic.  Users need to review all emails requesting personal information carefully.  When reviewing your email remember that the "From Field" can be easily changed by the sender.  While it may look like it is coming from a .com you do business with, looks can be deceiving.  Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible.  They will even copy logos or images from the official site to use in their emails.  Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.
A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer.  The actual website address to which you are being directed will show up for you to view.  It is a very quick and easy way to check if you are being directed to a legitimate site.

Finally, follow the golden rule.  Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser.  At least then you can be confident that you are, in fact, being directed to the true and legitimate website.

Keyloggers can be either software or hardware based.  Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable.  Hardware-based keyloggers are more complex and harder to detect.  For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.

As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a user’s privacy for months, or even years, without being noticed.   During that time frame, a keylogger can collect a lot of information about the user it is monitoring.  A keylogger can potential obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more.  All this collected information can be used to steal user’s personal documents, money, or even their identity. 

A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:

• Undetectable in the process list and invisible in operation
• A kernel keylogger driver that captures keystrokes even when the user is logged off
• A remote deployment wizard
• The ability to create text snapshots of active applications
• The ability to capture http post data (including log-ins/passwords)
• The ability to timestamp record workstation usage
• HTML and text log file export
• Automatic e-mail log file delivery

All keyloggers are not used for illegal purposes.  A variety of other uses have surfaced.  Keyloggers have been used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web.  Additionally, in December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.

The Trojan can be tricky. Who hasn’t been online and had an advertisement pop up claiming to be able to rid your computer of some nasty virus?  Or, even more frightening, you receive an email that claims to be alerting you to a new virus that can threaten your computer. The sender promises to quickly eradicate, or protect, your computer from viruses if you simply download their “free”, attached software into your computer. You may be skeptical but the software looks legitimate and the company sounds reputable.  You proceed to take them up on their offer and download the software.  In doing so, you have just potentially exposed yourself to a massive headache and your computer to a laundry list of ailments. 

When a Trojan is activated, numerous things can happen.  Some Trojans are more annoying than malicious.  Some of the less annoying Trojans may choose to change your desktop settings or add silly desktop icons.  The more serious Trojans can erase or overwrite data on your computer, corrupt files, spread other malware such as viruses, spy on the user of a computer and secretly report data like browsing habits to other people, log keystrokes to steal information such as passwords and credit card numbers, phish for bank account details (which can be used for criminal activities), and even install a backdoor into your computer system so that they can come and go as they please.

To increase your odds of not encountering a Trojan, follow these guidelines. 

1. Remain diligent
   Trojans can infect your computer through rogue websites, instant messaging, and emails with attachments.  Do not download anything into your computer unless you are 100 percent sure of its sender or source.
2. Ensure that your operating system is always up-to-date.  If you are running a Microsoft Windows operating system, this is essential.
3. Install reliable anti-virus software.  It is also important that you download any updates frequently to catch all new Trojan Horses, viruses, and worms.  Be sure that the anti-virus program that you choose can also scan e-mails and files downloaded through the internet.
4. Consider installing a firewall.  A firewall is a system that prevents unauthorized use and access to your computer.  A firewall is not going to eliminate your computer virus problems, but when used in conjunction with regular operating system updates and reliable anti-virus software, it can provide additional security and protection for your computer.

Nothing can guarantee the security of your computer 100 percent. However, you can continue to improve your computer’s security and decrease the possibility of infection by consistently following these guidelines.

"The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts"(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/)

There is a sub-category of intrusion detection systems called network intrusion detection systems (NIDS).  These systems monitors packets on the network wire and looks for suspicious activity. Network intrusion detection systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.

Who is breaking into your system?

One common misconception of software hackers is that it is usually people outside your network who break into your systems and cause mayhem.  The reality, especially for corporate workers, is that insiders can and usually do cause the majority of security breaches. Insiders often impersonate people with more privileges then themselves to gain access to sensitive information.

How do intruders break into your system?

The simplest and easiest way to break in is to let someone have physical access to a system.  Despite the best of efforts, it is often impossible to stop someone once they have physical access to a machine. Also, if someone has an account on a system already, at a low permission level, another way to break in is to use tricks of the trade to be granted higher-level privileges through holes in your system. Finally, there are many ways to gain access to systems even if one is working remotely. Remote intrusion techniques have become harder and more complex to fight.

How does one stop intrusions?

There are several Freeware/shareware Intrusion Detection Systems as well as commercial intrusion detection systems.

Open Source Intrusion Detection Systems

Below are a few of the open source intrusion detection systems:

AIDE (http://sourceforge.net/projects/aide) Self-described as "AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more.  There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire."

File System Saint  (http://sourceforge.net/projects/fss) – Self-described as, "File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use."

Snort  (www.snort.org) Self-described as "Snort® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry."

The most important advice we can give anyone who believes he or she has a computer with malware on it is this: Don’t panic. Also, don’t assume that you need to wipe your computer clean and start from scratch. Often you can remove malware without having to erase everything else. You may lose some data in the process, but you probably won’t lose everything.

First you need to determine if your computer has a virus at all. You might suspect your computer of having a virus if it seems to be sluggish. If your Web browser suddenly looks different or automatically goes to a site you don’t recognize, that’s a good indication that you’ve got some malware. If your computer is unstable and crashes fairly often, you may have a problem. And if you try to access files but receive a message saying they’re corrupted, that’s another sign.

If you do think your computer has a virus, you need to run antivirus software to weed it out. Some viruses disable antivirus software — they’re clever that way. If you don’t have any antivirus software, now’s a good time to purchase or download an application. A few malware variants will try to block you from downloading antivirus software. If that’s the case, you may need to download the software on another computer and transfer it to disk or a flash drive.

Detecting and Removing a Computer Virus

If one antivirus program is good, two is better, right? Wrong. Antivirus software tends to use up a large percentage of your computer’s processing power. Running more than one antivirus program will slow your computer to a crawl and possibly cause it to crash. And not all antivirus programs are compatible with one another, which can make your computer even more unstable.

Antivirus software is practically a requirement for anyone using the Windows operating system. While it’s true you can avoid computer viruses if you practice safe habits, the truth is that the people who write computer viruses are always looking for new ways to infect machines. There are several different antivirus programs on the market — some are free and some you have to purchase. Keep in mind that free versions often lack some of the nicer features you’ll find in commercial products.

Let’s start with the assumption that you’re able to run antivirus software — we’ll look into what to do if this isn’t the case a little later. Assuming your antivirus software is up to date, it should detect malware on your machine. Most antivirus programs have an alert page that will list each and every virus or other piece of malware it finds. You should write down the names of each malware application your software discovers.

Many antivirus programs will attempt to remove or isolate malware for you. You may have to select an option and confirm that you want the antivirus software to tackle the malware. For most users, this is the best option — it can be tricky removing malware on your own.

If the antivirus software says it has removed the malware successfully, you should shut down your computer, reboot and run the antivirus software again. This time, if the software comes back with a clean sweep, you’re good to go. If the antivirus software finds different malware, you may need to repeat the previous steps. If it finds the same malware as before, you might have to try something else.

• Always make backups of important information and store in a safe place separate from your computer.
• Update and patch your operating system, web browser and software frequently.  If you have a Windows operating system, start by going to www.windowsupdate.microsoft.com and running the update wizard.  This program will help you find the latest patches for your Windows computer.  Also go to www.officeupdate.microsoft.com to locate possible patches for your Office programs.
• Install a firewall.  Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet.  Consideration should be given to the benefits and differences between hardware and software based firewall programs.
• Review your browser and email settings for optimum security.  Why should you do this?  Active-X and JavaScript are often used by hackers to plant malicious programs into your computers.  While cookies are relatively harmless in terms of security concerns, they do still track your movements on the Internet to build a profile of you.  At a minimum set your security setting for the “internet zone” to High, and your “trusted sites zone” to Medium Low.
• Install antivirus software and set for automatic updates so that you receive the most current versions.
• Do not open unknown email attachments.  It is simply not enough that you may recognize the address from which it originates because many viruses can spread from a familiar address.   
• Do not run programs from unknown origins.  Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes.  They may contain a Trojans horse waiting to infect a computer.
• Disable hidden filename extensions.  By default, the Windows operating system is set to “hide file extensions for known file types”.  Disable this option so that file extensions display in Windows.  Some file extensions will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that do not belong.  
• Turn off your computer and disconnect from the network when not using the computer.  A hacker can not attack your computer when you are disconnected from the network or the computer is off.
• Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program.  Obviously, you need to take this step before you experience a hostile breach of your system. 

Where does it come from?
Typically, Spyware originates in three ways.  The first and most common way is when the user installs it.  In this scenario, Spyware is embedded, attached, or bundled with a freeware or shareware program without the user’s knowledge.  The user downloads the program to their computer.  Once downloaded, the Spyware program goes to work collecting data for the Spyware author’s personal use or to sell to a third-party.  Beware of many P2P file-sharing programs.  They are notorious for downloads that posses Spyware programs.

The user of a downloadable program should pay extra attention to the accompanying licensing agreement.  Often the software publisher will warn the user that a Spyware program will be installed along with the requested program.  Unfortunately, we do not always take the time to read the fine print.  Some agreements may provide special “opt-out” boxes that the user can click to stop the Spyware from being included in the download.  Be sure to review the document before signing off on the download.

Another way that Spyware can access your computer is by tricking you into manipulating the security features designed to prevent any unwanted installations.  The Internet Explorer Web browser was designed not to allow websites to start any unwanted downloads.  That is why the user has to initiate a download by clicking on a link.  These links can prove deceptive.  For example, a pop-up modeled after a standard Windows dialog box, may appear on your screen.  The message may ask you if you would like to optimize your internet access.  It provides yes or no answer buttons, but, no matter which button you push, a download containing the Spyware program will commence. Newer versions of Internet Explorer are now making this Spyware pathway a little more difficult.

Finally, some Spyware applications infect a system by attacking security holes in the Web browser or other software.  When the user navigates a webpage controlled by a Spyware author, the page contains code designed to attack the browser, and force the installation of the Spyware program.

What can Spyware programs do?

Spyware programs can accomplish a multitude of malicious tasks.  Some of their deeds are simply annoying for the user; others can become downright aggressive in nature.

Spyware can:

1. Monitor your keystrokes for reporting purposes.
2. Scan files located on your hard drive.
3. Snoop through applications on our desktop.
4. Install other Spyware programs into your computer.
5. Read your cookies.
6. Steal credit card numbers, passwords, and other personal information.
7. Change the default settings on your home page web browser.
8. Mutate into a second generation of Spyware thus making it more difficult to eradicate.
9. Cause your computer to run slower.
10. Deliver annoying pop up advertisements.
11. Add advertising links to web pages for which the author does not get paid.  Instead, payment is directed to the Spyware programmer that changed the original affiliate’s settings.
12. Provide the user with no uninstall option and places itself in unexpected or hidden places within your computer making it difficult to remove.

Spyware Examples
Here are a few examples of commonly seen Spyware programs.  Please note that while researchers will often give names to Spyware programs, they may not match the names the Spyware-writers use. 

CoolWebSearch, a group of programs, that install through “holes” found in Internet Explorer. These programs direct traffic to advertisements on Web sites including coolwebsearch.com. This Spyware nuisance displays pop-up ads, rewrites search engine results, and alters the computer host file to direct the Domain Name System (DNS) to lookup preselected sites. 
Internet Optimizer (a/k/a DyFuCa), likes to redirect Internet Explorer error pages to advertisements. When the user follows the broken link or enters an erroneous URL, a page of advertisements pop up.
180 Solutions reports extensive information to advertisers about the Web sites which you visit.  It also alters HTTP requests for affiliate advertisements linked from a Web site.  Therefore the 180 Solutions Company makes an unearned profit off of the click through advertisements they’ve altered.
HuntBar (a/k/a WinTools) or Adware.Websearch, is distributed by Traffic Syndicate and is installed by ActiveX drive-by downloading at affiliate websites or by advertisements displayed by other Spyware programs.  It’s a prime example of how Spyware can install more Spyware.   These programs will add toolbars to Internet Explorer, track Web browsing behavior, and display advertisements.

How can I prevent Spyware?
There are a couple things you can do to prevent Spyware from infecting your computer system.  First, invest in a reliable commercial anti-Spyware program.  There are several currently on the market  such as Symantec, and McAfee. Anti-Spyware programs can combat Spyware by providing real-time protection, scanning, and removal of any found Spyware software.   As with most programs, update your anti virus software frequently. 

As discussed, the Internet Explorer (IE) is often a contributor to the Spyware problem because Spyware programs like to attach themselves to its functionality.  Spyware enjoys penetrating the IE’s weaknesses.  Because of this, many users have switched to non-IE browsers.  However, if you prefer to stick with Internet Explorer, be sure to update the security patches regularly, and only download programs from reputable sources.  This will help reduce your chances of a Spyware infiltration.
. 
And, when all else fails?
Finally, if your computer has been infected with a large number of Spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.