Skype Defender

There’s a new trojan going around that is disguised as a Skype plugin called Skype Defender. If you install it, it will take your username and password and send it to a hacker.

It seems it only affects Windows users, and you recognise it by looking at the login button on Skype (the real one has a red bordeR). This document from Skype shows exactly what it looks like. It gets installed by a program called 65404-SkypeDefenderSetup.exe.

Skype Defender Trojan

“Microsoft Security Update” Emails

There have been some bogus emails recently with a subject of “Microsoft Security Update“. It contains a whole lot of text encouraging you to click on a link to install a security update. If you look at the email carefully you might notice that it contains a link to a website not owned by Microsoft, and instead it will attempt to download and install a virus.

How are you supposed to know it’s false? For a start Microsoft probably doesn’t know who you are or what your email address is. If you’re a home user it’s very uncommon (and unnecessary) to register your address with them. And even if you did, email is not the method Microsoft uses to advise you on updates or to distribute the updates.

For business users, you have an IT department that takes care of all updates. You shouldn’t be trying to install security updates so treat any such email as bogus.

Bottom line: delete these emails. Any good spam or virus filter should catch most of them, and it’s best to be cautious.

Protecting A Home Computer – First Steps

This article covers the most basic proactive measures you can take to protect your computer. It’s been written with a single home computer in mind – small and large offices need completely different solutions and they’ll be covered in a future article.

So you have a computer and are aware of the dangers present on the internet. You’d like to feel safe with as little effort as possible, and you’re even prepared to buy some antivirus software. Where do you start?

Anti-virus software is one line of defence, but you can’t rely on this alone. Online crime has advanced so much in the past few years that viruses are probably the least of your concerns. Nevertheless you still need an antivirus solution.

Viruses are programs that install themselves onto your computer and do something unwanted. Some are worse than others (it could delete your files, let hackers log into your computer, and copy itself to other computers). Antivirus programs scan everything on your computer and match it against a list of known viruses – new computer viruses get created every day. So yesterday’s antivirus software won’t protect you against today’s threats (it’s a fast paced world). What you need is a way to update your antivirus software every day. This is usually called a subscription, meaning you pay an annual fee to get the latest updates every day.

Some home users have outdated antivirus software. It probably came bundled with the computer with a 3 month trial subscription, and it probably expired. Some people think it’s ok to copy antivirus programs from a friend (which is morally wrong and illegal) and without paying for the subscription it won’t protect you. Bottom line here: pay the annual subscription.

The next line of defence is protection from trojans. The simple explanation is that some programs you download (or sometimes buy) include a hidden bit that connects out to the internet and does something bad without your knowledge. There are two things you can do to prevent and control this very serious problem:

  1. Be aware of what you download. Only download programs you really need and preferably from sources you trust. Although this may sound vague it gets easier with experience.
  2. Run a personal firewall. Read below on how this can help.

A personal firewall is a program you install on your computer that stops unknown programs from connecting out to the internet. In other words, it becomes very difficult for a “bad program” to use the internet without your permission. Windows now includes a firewall program but it’s worthwhile paying for a better one.

You also need to learn to use it. In its most basic form a personal firewall with ask you for permission whenever it finds a new program (attempting to connect to the internet). If you blindly click Accept then you haven’t really achieved any better level of security. You should take a moment to read what the message says and consciously decide whether or not to allow it. Don’t fall into the habit of clicking Yes to everything. In most cases if you’re intentionally telling a program to use the internet then you would want to allow it. Again this becomes easier with experience.

Lastly, the other main line of defence for a home computer is to keep it patched. Windows is not perfect (and neither is Linux or MacOS) and the programmers generally find ways to improve security. They release a patch and it’s up to you to apply that patch to your computer. This is often automatic, and for beginners this is how you want it to work. Windows XP and Windows Vista will let you know if patches are not being applied manually (in which case you should do this at least weekly). Patches can be applied by opening Internet Explorer and selecting Windows Update from the Tools menu, then following the prompts.

In summary there are three facets to securing a home computer:

  1. Use antivirus software. It’s important that it receives updates at least daily
  2. Use a personal firewall. Learn to read the messages it gives you and use it properly.
  3. Keep your computer patched. This can often be automatic.

I think that’s enough for now. Each of the above three areas requires further articles, and there’s still an awful lot more to be learnt. I have deliberately avoided suggesting any products. This also warrants its own article and the market changes so fast that a recommendation would be out of date fairly quickly. Expect to pay about $100 per year per computer. This is reasonable considering that a computer typically costs over $1000 and your bank account could contain significantly more.