November, 2008:

Sending malicious emails is one of the most common techniques used in hacking email accounts or in infecting computer systems. Unless you are careful, you might be the next victim of uncontrollable spammers or fraudulent phishers. Here are some tips to protect your emails from possible threats.

* Scan email attachments

Many viruses infect computer systems by disguising themselves as ordinary email attachments. Confirming that the sender of the email is a friend or a relative is not enough guarantee that the email attachment it contains is not malicious or infectious. Case in point: the ILOVEYOU virus attachment that automatically forwards itself to everybody on your address list (without your consent, of course). Therefore, you need to develop a habit of scanning all email attachments before you open them.

* Use BCC fields

The blind carbon copy or blind courtesy copy (BCC) fields on the compose message page of your email provider are usually left ignored. Many people, after all, prefer entering addresses on the TO: and CC: fields. The truth is, it is safer to enter addresses on the BCC fields than on the CC fields. When you enter addresses on the BCC fields, none of the recipients will know that the email is not sent to him or her exclusively. Hence, it will be more difficult for spammers to harvest the email addresses of  your contacts.

* Enable spam filters

Speaking of spam emails, another effective way of protecting your emails from possible threats is to enable the spam filters installed in your email client. The function of spam filters is simple: to get rid of obvious spam emails that are sent to your address. Spammers have differing objectives when it comes to sending spam emails: some market products, and some actually steal information. Yes, sending spam emails is one of the techniques used in phishing: the identity-stealing email threat that poses itself as a legitimate notification from a reputable enterprise.

A new computer threat has been circulating all over the Internet: the Antivirus 2009. Posed as a “legitimate” antivirus software, the Antivirus 2009 is a rogue anti-spyware program that installs a Trojan into the computer system.

Introducing Antivirus 2009

The Antivirus 2009 introduces itself by using Trojans that are disguised as video codecs. These Trojans, which are usually found in warez and porn sites, floods the computer with fake system notifications and pop-ups to inform the user that his or her computer system is infected with viruses. This disinformation is used as a strategy to trick the user into downloading the “licensed version” Antivirus 2009: the alleged “latest antivirus and spyware program” found on the Internet.

Downloading Antivirus 2009

There are two ways to install the Antivirus 2009 into your system. In the first one, the user will be tricked into clicking any of the pop-ups that appear on the screen. Upon clicking, he or she will be redirected to a website that sells the malware. This website, aside from being fraudulent, is also malicious. Besides uploading Antivirus 2009, it may also install other malwares into your computer system. The fraudulent and malicious website to which the user will be redirected can be any of the following:

* http://www.antivirus-premium-scan.com
* http://www.webscannertools.com
* http://www.googlescanners-360.com
* http://www.livesecurityinfo.com
* http://www.antivirusonlivescan.com
* http://www.bestantivirusscan.com
* http://www.antivirus-best.com
* http://www.internetquarantinesite.com
* http://www.premiumlivescan.com
* http://www.secureclick1.com

In the second method of downloading the Antivirus 2009, a fake WINDOWS notification appears on the screen to inform the user that his or her computer is infected. To “remedy” the infection, he or she needs to choose between two buttons: a YES button and a No button. Regardless of which button the user clicks, the free Antivirus 2009 download will start.

The threats to email security, believe it or not, have come as far as identity theft. In fact, one type of email security threat was especially conceptualized and developed to trick unsuspecting email recipients into revealing their private information to fraudulent individuals. This type of email security threat, which also doubles as identity theft, is called phishing.

How this email security threat works

The phishers, claiming to be representatives of reputable enterprises, send emails to unsuspecting users to request for personal information. The users then click on the link contained in the email and they are directed to a forged website where they are supposed to enter their private information such as user names, social security numbers, passwords, and credit and bank account details. Phishing becomes an email security threat when the phishers use the recently acquired information to illegally access the unsuspecting users’ private accounts. Phishers sometimes even go as far as stealing money from the users’ bank accounts.

Why this email security threat succeeds

Many users are easily scammed by this email security threat because every detail seems very legitimate. The websites where the links are directed to, for instance, are forged into perfection: the logos look authentic, the signatures appear to be authorized, and the information seems realistic. Even the URLs used in the forged websites are neatly altered. To make the URLs legitimate-looking, phishers alter the address bar by manipulating JavaScript commands. They either override the address bar with an image of a legitimate URL or replace the address bar with a new one.

Email security is very important. Having poor email security, in fact, increases your chances of being victimized by hackers who illegally intercept emails and access accounts. Here are two important email security tips to help maintain the privacy of your online messages.

Encrypt outgoing emails

Emails, whether they contain funny jokes or intimate secrets, have to remain personal. Like the notes you pass while in class, an email is only meant to be read by the recipient and not by a stranger who wants a piece of gossip. To protect your personal emails from the possible interception of a hacker, you should consider encrypting your emails. Email encryption is a form of email security that allows you to convert your private messages into cyphertext, therefore making them unreadable to hackers. Unless they are successfully decoded by a skilled hacker, your encrypted emails will safely reach the recipient.

Ignore chain letters

Another useful email security tip that you have to remember is to ignore chain letters. These inbox dwellers are the types of forwarded emails that supposedly “threaten negative outcomes” if you do not pass them on to ten or more people within a specified number of days. Although they appear to be simple pranks that always get the best of the superstitious lot, chain letters are also considered threats to email security. When you forward chain letters, for instance, your email address will be exposed to a larger number of people. Your email address, after all, will appear on all chain letters that are forwarded further by your recipients. Exposing your email address to people you do not know personally increases your vulnerability to email account hacking.