Peanuts to Profits With Thor Schrock
Peanuts to Profits With Thor Schrock

While it is certainly nothing new, yet another threat to your email security is floating around the internet.

This email made it through our formidable spam filters (as well as through Google’s filters) to find its way to my inbox.

Dear Customer,

This e-mail was send by schrockinnovations.com to notify you that we have temporanly prevented access to your account.

We have reasons to beleive that your account may have been accessed by someone else.

Please click on the following link (or copy & paste it into your web browser):

http://limpadoralimptec.com.br/instructions.exe

(C) schrockinnovations.com

As usual, the message is plagued with misspellings and the link (removed in my example) to the instructions.exe file would have attempted to infect my computer.

As a general rule, email system administrators do not send broadcast emails to users notifying them of an intrusion.

The Anti Phishing Working Group reported that in the third quarter of 2009, 48% of the computers scanned for malware were infected with downloaders, password stealers, or other forms of malware.

Their report also indicated a 5.5% increase in reports of first time phishing attempts, with an overall decrease in the number of victims.

This indicates that cyber criminals are working faster to get new phishing sites online, but those sites are being discovered and neutralized more quickly than ever.

The report continues on to indicate that the single greatest problem in the battle against phishing scams is a general lack of awareness among those in the public about how the scams work and how to avoid becoming a victim.

Microsoft is releasing six new updates today that will impact all Windows users in some way.

The updates, scheduled to be automatically downloaded and installed tonight on most Windows systems, patch severe security issues in Internet Explorer 7, Internet Explorer 8, and Microsoft Office. Because of the Internet Explorer 7 component, just about every Windows System made after 2001 will be impacted.

This set of updates will address a critical security flaw that could allow users to take control of your computer, so it is important you get these installed.

If your computer is having trouble installing updates for any reason, contact us in Lincoln or Omaha, or seek the assistance of a technician who can get them installed before your computer is infected.

When you buy the latest versions of Symantec’s Norton products, you are asked to establish a Norton Account.

This account retains the credit card information you used when you purchased your Norton (assuming you purchased or renewed online).

As a “convenience” to you, Symantec will automatically renew your Norton subscription when it is expiring using the credit card on file.

But what if you did not want to renew, choose to buy an updated off-the-shelf version, or even switched to another security software provide

When Did I Agree to Auto-Renew?

When you purchased or renewed your Norton software online there was a small text notification at the bottom of the shopping cart page with a checkbox that you were required to check to complkete your purchase.

As in most cases, the devil is in the details, so if you checked without reading, you agreed and that is why your card got dinged for the renewal.

How Do Opt-Opt of Norton Auto Renewal?

The easiest way to prevent an unwanted auto-renewal is to simply opt-out. Symantec has made this inconvenient enough that many people may not do it, but it is not hard to do.

To opt-out, visit www.mynortonaccount.com and log in using the email address you used in your original purchase session and the password you were required to establish when you purchased.

Once logged in, click on the renewal center link at the top of the page and cancel the auto-renewals on the desired products.

What is the Easiest Way to Cancel a Billed Auto-Renewal?

Unfortunately, canceling is a lot more difficult than the automated renewal process. Thankfully, it can be done with the right information.

Here’s what you will need:

• The first 6 digits of your credit card number used for the renewal (if you have multiple cards on your bank account, you MUST have the one you used to buy initially)
• The last 4 digits from the same card
• The name on the card
• The expiration date
• The email address associated with your Norton Account (your log-in name)
• Your order number (in the event you are trying to cancel an accidental purchase)

There are 3 ways to cancel your Norton Auto-Renewal after it has been billed to your bank account.

1. Call the toll-free number on your Bank statement – 1-877-294-5265
2. Use Symantec’s online chat to cancel
3. Fill out Symantec’s cancellation form

Call me a pessimist, but I don’t like to trust my refund to a fire and forget form.

I have tried the live chat option, but after a very long wait most of the associates did not know what they were doing and were unable to process my request.

After 5 hours of online chatting to get a $48.13 credit on my bank statement, I called the toll-free number.

The call made it to a live person in just a few minutes, and my refund was processed in 10 minutes.

Additionally, they removed the credit card information from my Norton Account all together so no other unintended renewals would happen in the future.

If you listen to my weekly radio show, have had your computer in to Schrock Innovations, or generally have not been living under a rock for the past ten years, you know that you need to have security software on your PC.

You probably know that you need anti-virus software and you might even know you need a firewall program.

However, Secunia.com reports that many security suites attempt to detect threats when they arrive at the PC rather than preventing those threats by closing the doors they come through.

Your Computer Can Catch H1N1 – Here’s How

Most security software works in a similar way to your immune system. Your immune system sees a new intruder, fights it and defeats it. It then creates a set of detections based on that infection’s signature. Your detections are supplemented by inoculations (definition updates) to teach your body how to fight intruders it has never seen before.

Now imagine that a new intruder comes along and smacks your immune system. Imagine this infection is H1N1. Your body has never seen it before. Your body will probably beat the infection, but there is a chance it could get through and cause all kinds of problems, even death.

To help reduce the risk of being exposed to the virus you are told to prevent infection by reducing the number of infection opportunities – wash your hands, cover your cough, etc..

When is the last time you reduced the risk of being infected by washing your computer’s digital hands with some serious anti-exploit soap?

So Why Don’t We Do That With Our Computers?

We are all told to get our Microsoft Updates and update our security software. While these sound practices help reduce some infection opportunities, Secunia.com reported recently that 28% of the applications on your computer are probably insecure.

That means that common programs that most of us use every day like Flash, Java, Skype, iTunes, and more may be out of date. Software programs are constantly under attack by an ever more sophisticated culture of digital thugs seeking to use your computer for their purposes.

Recently these thugs are finding it easier to attack your insecure programs to gain access rather than your more heavily fortified Windows Operating System.

If you keep all of your applications patched with their most recent security updates, you are in effect reducing the possibility that any viruses or malware infections will find a way into your computer – you are in effect washing your computer’s hands with some really good anti-bacterial soap.

Think You Are Up To Date? Scan and See

I own and run a computer repair company. I read all of the boring stuff online about trends, infections, updates and the like. I would consider my computer to have one of the cleanest sets of hands around.

I decided to run a free scan from Secunia.com to see how many of my computer’s programs are not up to date with the most recent security patches. I was stunned:

Run the scan yourself and see how your computer does!

Alpha Antivirus is the latest fake-alert virus that is afflicting computer users on the Internet.

This variant popped up in late September, but is gaining traction as injected websites begin drifting to the top of search engine results.

How Do You Get Infected?

These fake alert infections typically come into your computer through internet web searches on search engines like Google, Yahoo, and Bing.

The makers of these fake-alert infections create thousands of websites with valuable content on subjects they can easily rank in the top 10 results of popular web searches.

After these sites climb to an appropriate level, click-jacking code is inserted that will infect unprotected computers as soon as they visit the page – without warning.

Typically the only symptom of impending infection is a pop-up that warns you that your computer is infected (when it is in fact not).

How Do Keep My Computer Safe?

The best way to keep your computer safe is to have good virus protection software installed on your computer.

While technicians disagree to a degree on which program is the best to use, my opinion (based on HUNDREDS of infected PCs that Schrock Innovations has repaired) is that free antivirus like AVG is a problem waiting to happen.

I recommend Symantec’s Norton 360 software. It offers some of the best protection on the market while also featuring the most user-friendly interface.

Those who are have had bad experiences with Norton in th past because it slowed dow their computers should note that the newer versions are MUCH lighter than the older versions (although any antivirus software will slow down your computer).

Working in the Service Center at Shcrock Innovations we have at least one person every day on our bench who is infected with a program that attempts to steal their financial information simply by asking for it.

An affiliate network called the Partnetka is working hard in Russia to bring malware to your beloved Mac at a bounty of $.43 per infection.

Affiliate networks are nothing new on the web – in fact they are much more common than you might imagine. The basic concept is that webmasters run websites that people go to. They use their websites to promote products and services and gt a piece of the action when people buy.

It turns out that according to ZDnet that this network was offering a $.43 payment for every Mac that could be infected and handed over.

Most Mac infections come in the form of DNS changing Trojans that are downloaded in relation to porn videos.

Affiliate networks are pay-for-performance deals. This means that someone out there somewhere intends to make more than $.43 on every Mac they can infect. The days of the Mac being an invincible platform are clearly numbered.

There is a new piece of exploit code circulating on the web that takes advantage of the SMB v2 service in Windows Vista to remotely access your computer.

At this time there is no patch to fix the problem (although the problem was repaired in the final release of Windows 7). Bevause thuis is a new exploit, it is also likely that any attackers using this code could also bypass your security software.

To TEMPORARILY fix this problem, there is a utility you can download to turn of the SMB v2 service. This may impact your home networking situation depending on your configuration, however it will not impact most users at all.

In the absence of a patch, here’s what you can do:

* Click Here To Disable SMBv2

To revert the workaround, and re-enable SMBv2, you can:

* Click Here To Re-Enable SMBv2

Microsoft is reporting today that the “Tear-drop attack” sample code that was claimed to successfully crash Windows 7 remotely can’t touch Microsoft’s upcoming golden child.

It seems that the person who was testing the code tested it on a release candidate version of Windows 7. The release candidate was impacted by the security problem, however Microsoft responded in their bulletin that the final release of Windows 7 (pressed to DVDs in July) is not impacted by the flaw.

This is the first specific example of a security threat impacting Windows Vista that was preemptively blocked by Windows 7.

I am sure there will be other exposed threats that will impact Windows 7, but this victory comes just in time for Vista’s October 22nd release and will add ammunition to Microsoft’s claim that Windows 7 is the most advanced operating system on the planet (a claim that Apple is making in their music on hold right now about Snow Leopard.