NYACC LectureBackground information and Links
When: Thursday November 13, 2003. At NYU, in the Main Building. 7:00PM. Room 520.
The list of topics:
Spyware are little programs surreptitiously placed on your computer either when you install new software or when you visit a web site. Spyware is silently active in the background, and it sends reports to an agency that collects data about where you roam the web or where you shop. There are free and effective programs that will block and delete Spyware.
Defensive Email Top
How email is sent (opens in new page)
A sample error message when the outgoing email server computer has a problem sending an email message:
** THIS IS A WARNING MESSAGE ONLY **
** YOU DO NOT NEED TO RESEND YOUR MESSAGE **
The original message was received at Wed, 19 Nov 2003 13:42:35 -0500 (EST)
from smtp99.mindspring.net [18.104.22.168]
----- The following addresses had transient non-fatal errors -----
----- Transcript of session follows -----
<firstname.lastname@example.org>... Deferred: Connection timed out with gateway1.att.net.
Warning: message still undelivered after 4 hours
Will keep trying until message is 3 days old
Reporting-MTA: dns; fallback02.mail4.earthlink.net
Arrival-Date: Wed, 19 Nov 2003 13:42:35 -0500 (EST)
Final-Recipient: RFC822; email@example.com
Action: delayed Status: 4.4.1
Last-Attempt-Date: Wed, 19 Nov 2003 18:01:08 -0500 (EST)
Will-Retry-Until: Sat, 22 Nov 2003 13:42:35 -0500 (EST)
Send secure email attachments with either iOpus Secure Email Attachments (SEA) or File Vault. Both are free.
Hoaxes. If you think an email message might be a hoax, check these web
Symantec Hoaxes McAfee Hoaxes HoaxBusters Vmyths Snopes urbanlegends.com
A sample hoax:
From: "PayPal.com" |
Subject: IMPORTANT tfnbilur
Dear PayPal member,
We regret to inform you that your account is about to be expired in next five business days. To avoid suspension of your account you have to reactivate it by providing us with your personal information.
To update your personal profile and continue using PayPal services you have to run the attached application to this email. Just run it and follow the instructions.
IMPORTANT! If you ignore this alert, your account will be suspended in next five business days and you will not be able to use PayPal anymore.
Thank you for using PayPal.
To turn off the preview pane in:
If Outlook is not showing you attachments try Ken Slovak's ATTOPT utility
Outlook Express 6 SP1 blocks you from seeing suspect files attached to email messages. To make it show you all attached files. Click Tools -> Options -> Security Tab and uncheck the box that says "Do not allow attachments to be saved or opened that could potentially be a virus". For more on this, including a list of the suspect file types, see: support.microsoft.com/default.aspx?scid=kb;[LN];291369 and support.microsoft.com/default.aspx?scid=kb;[LN];291387.
To read messages in Plain Text format:
Use Care When Reading Email with Attachments from CERTMossberg's Mailbox by Walter Mossberg in the Wall Street Journal November 13, 2003. A reader asks: Do you have a good recommendation for a spam blocker?. Part of the answer: "..the best I've found is Matador, by MailFrontier".
| You can download
free version of MailWasher
or buy MailWasher Pro. |
For a screen shot of MailWasher in action, click the picture at the right. It will open in a new window. If you are using IE6, expand the picture to regular size.
Suggested configuration options for MailWasher:
Detecting SPAM and fraud. To get a feel for both, see this list of messages you would prefer to delete (picture opens in new window). Another SPAM sample.
SpamBayes home page. (Alternate Link)
SpamBayes, a free, Open Source spam blocker, does a superb job Sept. 21, 2003 By Al FasoldtSpamBayes knows spam By Jon Udell May 16, 2003 InfoWorld magazine. A must read. Ella ($30 from openfieldsoftware.com) functions much the same. It learns from examples of mail you've already received and supports a category between spam and not spam.
Paul Graham has been leading the effort on Bayesian algorithm antispam
solutions. He has published two articles on the subject: A
Plan for Spam and Better
The Outlook Express 6 status bar indicates if it is in online or offline mode.
To switch, just double click on this section of the status bar.
Phishing with Citibank and PayPal from Woody's Windows Watch newsletter, September 8, 2003. Also read Avoiding Swen about a virus sent as an email message from Microsoft. September 19, 2003.
Some Internet service providers scan incoming email for viruses including AOL, Microsoft Network, Comcast, Covad and RoadRunner. Other ISPs are preparing to offer this service including Cox Communications, EarthLink and BellSouth. See Preventive Medicine For E-Mail in The Washington Post August 28, 2003 and a related story Looking out for users from the Baltimore Sun August 14, 2003.
Amazon lawsuits target e-mail 'spoof' tactics By Jon Swartz, USA TODAY. Don't trust the From address of any email message.
Blocked outlook express attachments Not being able to open blocked outlook express attachments is a common support issue for users of Outlook Express. From updatexp.com.
Messenger Service Spam - End It Now from updatexp.com.
Microsoft Knowledge Base Article - 330904 Messenger Service Window That Contains an Internet Advertisement Appears from Microsoft."Phishing" Is Foul on the Net About fraudulent email messages. Business Week magazine October 21, 2003
Outsmart Scammers Don't let phishers reel you in with counterfeit e-mail and sites. PCWorld.com October 20, 2003
Another eBay scam fishes for bank details ZDNet Australia October 6, 2003
When crooks go a-phishing, don't bite ZDNet. September 29, 2003
Worm Wears A Patch For Disguise The Washington Post September 21, 2003
How to Tell If a Microsoft Security-Related Message Is Genuine from Microsoft September 19, 2003
About web bugs in HTML email messages. The Internet Tourbus. Patrick Crispen. May 1, 2003.
Using Virus Protection Features in Outlook Express 6 from Microsoft
Email filtering in Outlook Express 6 BlackViper.com. Last Update November 9, 2003
var lt = "a message"; //link text
var var1 = "mail";
var var2 = "to:";
var leftpart = "%20groucho"; //your userid preceded by a space
var dn = "marxbrothers"; //domain name
var hlq = ".com"; //high level qualifier
document.write("Send me <a h" + "ref=" + var1 + var2 + leftpart + "@" + dn + hlq + ">" + lt + "</a>")
Heart of Darkness, on a Desktop About programs running on people's computers that they did not know were there. Spyware, Adware and viruses. The New York Times By Katie Hafner September 4, 2003Escape the Spyware Nightmare How to get rid of Spyware and Adware. PC Magazine July 23, 2003
Pestscan offers free online Spyware detection. So too does Doxdesk (alternate link at Aumha.org). Pestscan was disappointing the one time I tried it. It downloaded multiple ActiveX controls all of which were signed incorrectly. It found one "pest" but the link for more information failed.
Ad-aware v6 from Lavasoft is a free Spyware detection program
Spybot - Search & Destroy by PepiMK Software is also a free Spyware detection program
Background Information Top
Security Begins at Home Stephen Manes in the September 15, 2003 issue of Forbes magazine. An excellent article.
Where Do We Go from Here? by Dan Gillmor August 31, 2003. About the sorry state of computing: viruses, spam, ISPs, Microsoft and more.Protect Your PC! by Ed Bott. September 1, 2003.
Cybersecurity and You: Five Tips Every Consumer Should Know from The Washington Post May 16, 2003
I maintain a links page from my Defensive Computing class (over 120K) with links to articles on many subjects, including those discussed tonite.
Tightening The Security Screws In Windows By Larry Seltzer August 21, 2003
The Microsoft web site has two portal pages on security. One seems to be for home users, the other, from Technet, is for techies.
Protect your PC from Microsoft:
For End Users www.microsoft.com/protect
For IT Professionals www.microsoft.com/technet/security/tips/pcprotec.asp
|Back to Home Page||Last Updated: November 19, 2003|