VIRUS/SPYWARE BASICSBotnets, Malware, Trojans oh my…….

History of Viruses1971 – Creeper – First computer virus1988 – The Morris Worm – First computer worm2000- ILOVEYOU – First Email virus2001 – Nimda – First Combo virus – worm, virus and Trojan2003 – Slammer – Computer worm that infected 75,000 computer in 10 minutes

AND THEN

History of VirusesBlaster – not a very dangerous worm, due to a programming error. But it received a lot of media attention. Exploited a hole in Windows XP. “billy gates why do you make this possible? Stop making money and fix your software!!”

Welchia - Welchia remains one of the most unusual worms in history, as it was designed to help instead of hurt. A response to the Blaster worm, Welchia infected computers, cleared out the Blaster infestation, and then deleted itself.

What is a virus/spyware?

A program or piece of code that is loaded onto your computer without yourknowledge and runs against your wishes.

How do I get a virus/spyware?

• Downloading files from the internet• File attachments/links on emails• Infected files from a disc, flash drive etc

Downloading files

Unfortunately, you won’t see something as easy to avoid as this.

Drive by Downloads& malware

SEO Poisioning

SEO poisoning is one of the growing attacks on the websites. Nowadays, this attack is increasing on popular websites. These attacks are based on the implementation of vulnerabilities in computer securities. When you do a search on the internet, pay attention to the URL of the results. Some will look normal…some like the 2 circled in this picture won’t. In this example, the movie Avatar was searched for. The first result looks like a site for the movie. The 2nd two are not well-known sites, the descriptions don’t make sense…which is suspicious looking, so there’s a possibility they’re bad sites.

This is very common in the world of Spyware. You’ll get a popup saying you’re infected with viruses and spyware, and the software in the popup will offer to clean the infection. If a program that you have NOT installed pops up, telling you that you have an infection…it is ITSELF spyware. Don’t click on it. Instead run an Anti-virus scan and an Anti-Spyware scan.

File Attachments/LinksFrom: OliviaWorm@ci.mooresville.nc.us [mailto:OliviaWorm@ci.mooresville.nc.us] Sent: Sunday, November 04, 2012 10:19 PMTo: pvancenorthland@ci.mooresville.nc.usSubject: Welcome to PayPal - Choose your way to pay

Pay attention to Spam emails. First and foremost, do not open attachments from people you do not know. Similarly, do not click URL links from people you do not know. Scam, aka Phishing emails really try to trick you, saying you owe money, or your accounts have been hacked, or an order you placed is in. Whatever you do, do not click the link in these emails. IF it says you owe money, or have been hacked, or ordered something, call the company in the email. More than likely they will not know what you are talking about because they had nothing to do with that email.

Also, pay attention to the email address they are sending to or from. If the IRS emails you at work, for example, do they even know your work email? If not, that’s spam. Or, did the email it came from have a “ci.mooresville.nc.us” address? In the above example, OliviaWorm@ci.mooresville.nc.us...is not our typical address. We always use initial + last name…so that is a fake address. Therefore, it is spam. The links on these emails are infected or will take you to Phishing sites.

Phishing is the fraudulent practice of sending e-mails purporting to be from legitimate companies in order to induce individuals to reveal personal information .

Likewise, beware emails from people you DO know that ONLY have links. No subject line, nothing else in the email? More than likely, your friend or family member has gotten a virus and that virus sent the email to you. If you click that link, you too will have that virus!

Infected FilesThis is a tough one – If someone comes to you with a CD/DVD or USB drive and asksyou to open a file for them (whether they want it for a presentation or for you to print it or for any other reason…should you open it for them?

Our customer service teaches us to be as helpful as we can,but how do we know if it’s ok?

Potentially, their file could have a virus on it. As soon as you open it for them, your computer will contract that virus.

One Happy Corrupt FamilySEO Poisoning, Malware, Spyware, Spam, Homepage Redirects, Phishing and Viruses all usually have one think in common.

The Hackers Black Market

A 'bot' is a type of malware which allows an attacker to gain complete control overthe affected computer. Computers that are infected with a 'bot' are generallyreferred to as 'zombies'. There are literally tens of thousands of computers on the Internet which are infected with some type of 'bot' and don't even realize it.

These zombies can be used to send spam email or information can be stolen from them.

This image shows a few bots with an estimated number of infected computers aka zombies per bot.

Am I infected?• Your computer behaves strangely• You see unexpected messages or images• Programs start unexpectedly• Friends tell you they received a strange email from you & you didn’t send it• Odd posts on your Facebook wall• Your computer “freezes” frequently, or programs start running slowly• You get lots of system error messages• The operating system will not load when you start your computer• You notice hard disk access ( the LEDs flashing ) when you are not aware of

any programs running• Your web browser behaves erratically, e.g. you can’t close a browser

window

How can I be safe?• Run Windows Updates regularly to fix any known exploits in your operating system.• Don’t open suspicious attachments and links in emails.• Practice Safe Browsing, ie avoid SEO Poisoning, phishing sites and don’t browse to obviously

“bad” sites such as many online gaming sites, pornography, etc.• Download Software from reliable sources, avoid pirated software, music, movies, etc.• Don’t click on popups! Especially ones that say you’re infected. Instead, run a scan with your

anti-virus and anti-spyware software.• Read before you accept prompts, because sometimes OTHER software you do not want gets

bundled in with software you do want. Usually you can uncheck the installs for the unwanted software.

• Keep your Anti-virus and Anti-Spyware Definitions up-to-date• Symantec, AVG, Norton, etc for viruses…• Malwarebytes for Spyware

OMG I GOT A VIRUS!!!Step 1 – AT WORK – either send in a helpdesk ticket or have a co-worker send one in on your behalf.

Step 1 at HOME– Attempt to do Windows Updates. Thwarting a pesky virus could be as simple as running updates on Windows or OS X. While updating your OS won'tnecessarily clear the infection out, it may plug up any security holes that allow thevirus to spread and wreak havoc on your PC.

Step 2 at HOME – Update and run a scan using your Anti-Virus/Anti-Spyware Software.

Step 3 at HOME– Refer to your computer manufacturer and boot into safe mode and run Anti-Virus/Spyware Software. Running virus/spyware scans in safe mode is often more successful in fully getting rid of difficult virus and spyware infections.

VIRUS BASICSNetbots, Malware, Trojans oh my…….