Break the Chain

We get them all the time, especially from relatives, those annoying Chain E-mails. Sometimes it might be a prayer, cute animated kittens, or even a warning about the next government conspiracy.

Truth be told, they are nothing more but a tool for spammers and hackers. Now before you say anything, I know your Aunt Margie is not a hacker. She is however, unknowingly aiding spammers and hackers by forwarding the e-mail to "At Least 8 People". How is this aiding the malicious users of the internet? By the use of e-mail headers.

Headers are located in every e-mail and a hacker or spammer just needs to simply view them to gain knowledge of every e-mail address that the chain e-mail was sent to. Hackers can then "Spoof" the e-mail address. By "Spoofing" I mean send out e-mails with malicious code, and make it look like it came from one of the e-mail addresses listed in the header. If the Hacker wanted to be even more malicious, he can look at the headers and send each e-mail address a virus payload using one of the many ever changing tricks in the Hackers toolkit.

Lets say you get a chain e-mail with a sparkly image of an angel wishing you good fortune and telling you that Jesus loves you. Jesus may in fact love you, but the hacker that created this image really doesn't care a thing about you. The animated image is known as a Gif or .gif file. The file itself may, and in some cases does, posses code to exploit your e-mail account or deliver a virus payload.

Spammers on the other hand can use the headers and basic info found in the "FWD" section of the e-mail to flood you Inbox with ads and garbage.

This is why the chain needs to be broken, for the safety of your Aunt Margie, Grandma, Mom, or whoever else is sending you chain e-mails.

If you really want to do some good, send this article to at least 8 people who constantly send you Chain E-mails, educate them, and help Break the Chain.

Virus Threats on the rise!

With this being the first Shade Tree IT post, I figured I might want to make things hit home. We all hear about viruses and not to many people realize how bad the threats have become lately, or how malicious the threats are as well.
Viruses have been delivered many ways, mostly through e-mail and high-jacked websites. Now hackers have moved to bigger targets such as Facebook Apps and Myspace embed codes.
If you are a Facebook user, you see requests like "Jim has bought you a drink, would you like to return the favor?" When you get this in your inbox it is an app, you act like you are at a bar buying drinks for your friends. There are many apps out there like "Relatives" and "Pirate Vs. Ninja's" different games and little things that make Facebook more personal. What you don't realize is some of these apps you install can high jack your Facebook account or install a virus. Next thing you know your PC is part of a Botnet, or you are sending "Buy your Viagra here" messages on Facebook. Facebook Apps are questionable. If you get one in your inbox Google the app and see if anyone has had any issues with it before installing it. You'll hear me say this a lot and take it to heart, GOOGLE IS YOUR FRIEND!
Myspace embed codes are no different. You may want the cute little sprite spreading pixie dust all over your Myspace page if you are a girl. That's really not a good idea. You really need to watch what you are doing with your Social Networking profile. If you install an app or embed code and it starts spreading pornogrpahic spam, it can damage your reputation in the long run.
With high-jacked websites comes another threat. If you go to a high-jacked site, the site might inject a virus straight to your computer. This can be done by you clicking on a pic, a link, or anything on the site. Sometimes you don't have to click anything. If something is questionable or a site wants you to install something, go straight to the vendor. You might see "This site requires you to install the latest version of Flash to view it". That's fine, but go to Flash.com to install the latest version. Just don't click on something on the site itself. The same can be said for Quicktime or Real Player. Always go straight to the source. If you have downloaded the latest version from the software vendor and are still getting that message, I highly recommend not to click on the link.
Other ways viruses are spreading are through fake alerts. Most of the time if you are getting messages like "Your Computer may be infected! Click here to run MS Anti-Virus 360!" and getting animations on your desktop of something scanning your computer for viruses, DON"T CLICK IT! Ms Anti-Virus 360 IS a virus! It has other variants and names, XP Anti Virus 2008, here is a screen shot: It looks legit enough right? Well to the untrained eye it might. If you have virus protection the so-called not found sections would actually be highlighted in green. This type of misleading pop-up has brought many a unsuspecting user to their knees. Problem is, if you see this pop-up, guess what, you are more than likely already infected. But there is hope.
You may be working on something important, fine, stop what you are doing and save your work. An infection needs to be treated immediatly before the virus buries itself deeper in the registry. I have found free tool called MalwareBytes, that works wonders. It is a free download, and free to use.
There are also a ton of good free tools to use against viruses. Most can be found at Download.cnet.com. I highly recommend this site as it is powered by Cnet, a well respected company in the Technology field. All downloads are Malware free. There you can find both free and paid software, all of which are pretty decent. Hey who doesn't like free right?
So please remember, be carefull what you click on, watch the sites you are going to, and treat a threat immediatly.