Your PC. Prepared for Anything.
Posts tagged features
In-Session Phishing – Keep Your Guard Up!
Jan 15th
By now, most people know about phishing emails. You know, those messages made to look like they are from banks and other financial institutions, sent out in the hope that someone will click on the phony link and enter their username and password?
A recent threat to watch out for is called “in session phishing.” The research firm Trusteer recently published an advisory which warns against an exploit that could be used to trick you into giving away the user name and password for your web-based financial site.
How In Session Phishing Works
First, the financial website must be compromised. A hacker needs to upload their malicious code to the site’s server. Unfortunately, with the number of unpatched web servers, there is a real possibility that a website can be hacked.
The second part of the attack takes place as a customer accesses their financial institution’s site, logging on normally to a secure session. So far, so good. The problem happens when the computer user, still logged into that website, opens another tab, perhaps to visit another website. At that point, a JavaScript function, used by the most popular browsers to determine if the user is logged in, is called from the hacked website. If the browser responds “yes,” the browser displays a phony, but convincing “Your session for ABC Bank has timed out. Please enter your user name and password to continue” message. If the user enters their information, their user name and password can be stolen–bad news, indeed!
How Can I Protect Myself?
Besides the basics of keeping your computer patched with the latest updates, and keeping your antivirus software up-to-date, protect yourself by simply knowing whether you are still logged in to your financial website (or finish your business, then log out). This is the electronic equivalent of knowing whether someone is standing behind you at an ATM machine, watching you enter your PIN.
Stay vigilant so that you can stay ahead of the bad folks who hope to trick you out of your identity. Your online financial accounts may depend on it.
Photo: Vince Alongi
Sandboxie – Laugh (Cautiously) at the Next Browser Vulnerability
Dec 25th
What’s a Windows user to do? Between the most recent zero-day exploit to affect Internet Explorer and Mozilla Firefox recently named as the most vulnerable application on the Windows platform, even with all Windows updates installed, virus protection and the current version of your browser, you can still end up with a nasty malware infection.
That’s exactly what inspired developer Ronen Tzur several years ago. He wrote an application called Sandboxie which protects your computer by using the “sandbox” concept. Basically, More >
What Every Computer User Must do Now – Round up your data
Oct 19th
Corporations have disaster recovery plans, and so should you. If you want to minimize your own computers’ downtime due to hard drive failure, operating system corruption (i.e. the “Blue Screen of Death”), and the like, there are a number of solutions that you can use that can help you get back up and running quickly. More >
Gmail: Prevent those “Oh no!” moments with Mail Goggles
Oct 9th
We’ve all been there. You’ve hastily dashed off an email, then hit the “Send” button, only to feel the pangs of regret. You wrote something that you really didn’t want to say. But it’s too late–the damage is done. If only you could have a second chance to stop that email from going out… Well, you can!
If you’re a Microsoft Outlook user, you can set up a rule to defer sending your messages for a specified number of minutes. Whichever accounts you’ve configured Outlook to use can take advantage this feature.
If you enjoy using the access-anywhere convenience of Gmail’s web interface, you can enjoy a similar feature that will make you think twice (actually 5 times) before you can send an email.
Mail Goggles is a new experimental feature released by Google labs. Enable it after you log into your Gmail account by clicking on Settings > Labs, then scroll down till you see Mail Goggles listed)
Mail Goggles
Once you’ve enabled Mail Goggles, it is active by default on Fridays and Saturdays, from 10 PM to 4 AM. (You can adjust these settings at Settings > General.) During the times that it’s active, when attempting to send an email, you’ll be presented with 5 math problems that you must answer before the message can be sent.
If you’re a Gmail user looking for a way to help you consider if you really want to send that email (especially during certain time periods), consider enabling Mail Goggles.
Photo: Cooperis
LunarSoft’s Anti-Malware Toolkit: One-Click Download of Many Utilities
Oct 6th
If your family and friends turn to you for help, especially when their computer’s been infected, Lunarsoft can help you.
Their Anti-Malware Toolkit will download the latest versions of a suite of applications, definitions and utilities. Armed with this arsenal, you can be out the door and on your way to helping your friend in just a few moments.
You can find useful how-to information, such as which order to install and run these anti-malware applications, at the Lunarsoft PC Cleanup wiki.
A tiny download (394 KB for installer, a mere 60 KB for the zipped version), the Anti-Malware Toolkit can be a useful tool to have on hand before you answer your next distress call.
Photo: Holeymoon
Before Your Laptop Is Stolen, Check out Adeona
Sep 10th
It’s a situation no laptop owner looks forward to–their laptop gets stolen. With a little planning (and hopefully, the thief’s unwitting assistance), the free service Adeona can help track down your laptop.
Currently, Adeona may be used on laptop/desktop/server type computers, but the developers are researching how to make this available for mobile devices, like iPhones. The Adeona client is available for Windows XP/Vista, Mac OS X and Linux.
Private, Reliable and Open-Source
Adeona is an open-source utility that uses a client which you install on your computer. From that point on, your information is kept private through the use of encryption techniques described in the developers’ 2008 paper. Location updates are transmitted about every 30 minutes to the community-run OpenDHT site. This information is retained for one week. More >