LISTSERV 16.0 - MDOSPREY Archives

Message:	[	Previous Next	]
By Topic:	[	Previous Next	]
Subject:	Re: Response to folks commenting on virus/malware
From:	Katrina Knight
Reply-To:	Katrina Knight
Date:	Tue, 6 Dec 2011 12:53:58 -0500
At 09:41 AM 12/06/2011  wrote:
>What most people don't understand is these folks didn't have 
>their systems compromised, that's not how these hackers work. 
>They are hacked through the email provider's systems at the 
>company level.

It happens, but it is not common for the e-mail service 
provider's computers to be compromised that way. There are 
several common methods used by the people who do this kind of 
thing. One is to infect computers with a keylogger that looks 
for user-id and password combinations. Some key-loggers run in 
the background without the computer showing any symptoms that 
the average user would notice. One of the password stealing 
key-loggers that I was seeing fairly often a few months ago also 
diverted the user's browser to a site with ads one time 
following each google or yahoo search. People noticed this when 
it happened but didn't recognize it as a sign of infection, 
thinking that they'd just clicked on a bad search result. A 
second common method is to trick the user into giving the 
user-id and password through what is called "phishing". That is, 
the bad guy sends a message proporting to be from the service 
provider saying the user has to fill out a form or log into a 
website to prevent some dire thing from happening. The user, not 
wanting that dire thing to happen, doesn't pay close attention 
to where the information is going and does what is requested, 
handing all sorts of personal information to the bad guy.  Using 
better passwords doesn't help with those types of attacks. Being 
careful what you click on or who you give information to does 
help as does making sure you have up-to-date security software 
installed. The third common method of breaking into mail 
accounts is what is called a "dictionary attack". The hacker 
repeatedly tries to log in, using a list of possible words that 
might be used as passwords. (Generally he uses a program to do 
this which is much faster than doing it manually.) That's where 
having a good secure password is most helpful. In all three 
cases, once the bad guy has an e-mail address and password for a 
user, he may try using that same password to gain access to 
additional, and more profitable for him, sites. That's why it 
isn't a good idea to use the same password too much.

I'm a computer consultant who works with individuals and small 
businesses to fix their computer problems. I get calls from 
people whose accounts have been hacked fairly often. Some of 
them remember giving their passwords or other information out in 
response to something suspicious. Most of the others turn out to 
have an assortment of malicious software on their computer. Even 
the best anti-virus program misses some things. Hundreds or 
new  or altered attacks are released every day and it takes some 
amount of time for security software to be updated to know about 
them. A lot of what is out there works by tricking the user into 
telling the computer to do something. Protecting you from things 
you choose to do is somewhat harder than protecting you from 
things that attack from outside with no user involvement. 
Security is a balancing act where the goal is to find a 
reasonable point between restricting what can be done to the 
point of making the computer difficult to use and allowing too 
many openings for attacks.

It is also worth noting that not all messages really come from 
the accounts they list in their from: header. If person A's 
computer has both person B and mailing list C in its address 
book then gets infected with something, it can end up sending 
mail claiming to be from person B to mailing list C. This isn't 
as common as it was a few years ago but it does still happen.

To add a little bit of on-topic content to this, I've spent the 
past two weekends in Maryland. I can't say I saw any unusual 
birds but I did see a gorgeous adult Red-shouldered Hawk land in 
a tree along the side of the highway at one point.

--
Katrina Knight

Reading, PA, USA

############################

To unsubscribe from the MDOSPREY list:
write to: mailto:[log in to unmask]
or click the following link:
http://home.ease.lsoft.com/scripts/wa.exe?SUBED1=MDOSPREY&A=1