First, let me say that I had Norton 360 installed on my laptop. I downloaded and installed the latest version in August, but sometime in the last month or so, it abruptly stopped working. I didn’t notice the lack of protection, however, until my laptop started performing oddly. Start-ups took longer and longer (and frequently froze up), and websites took longer to load. But the final straw was last week, when I tried to run Google searches. Each time I got a page of results from a given search, my attempts to visit the resulting links were redirected to full-page ads for a variety of offers and services. It was maddening. I could type URLs into the browser and go directly to them, but my efforts to click on Google results ended up with ads for “free ipods” and “Victoria’s Secret gift cards.” I was frustrated.

Worse, I didn’t know where the offensive programs had come from. I never click on questionable links, in email or otherwise. I almost never download software; the last time I’d downloaded any was a year ago, and it was from a reputable source. Also, no one else uses my computer, so it was impossible that another user had downloaded something questionable without my knowledge. I wondered if a virus piggybacked onto an email I’d received from someone I trusted, and it bothered me that I couldn’t know for sure. But whatever the source, I was now stuck with a problem. And my attempts to run Norton 360 led to my discovery that, somehow, it had stopped running. What should I do now? Was it even safe for me to send email to anyone? Had the virus made its way onto my jump drive when I’d backed up my photo files? Was my identity safe, or had someone accessed my personal information from my comptuer? I needed to make things right with my laptop, and fast.

I went to the Norton websiteand purchased Norton AntiVirus 2009 for immediate download. I figured, this should take care of my problem! But the problem didn’t want me to take care of it. My attempts to download the software failed because of a “communications error.” I followed all of the troubleshooting advice on the site to no avail. Finally, I found a phone number to call, and after a few minutes, I was on the line with a customer service rep. I felt vaguely bad for the guy… I reported both the problems with Norton 360 and the problem with downloading Norton AntiVirus 2009, and he wasn’t sure which problem to deal with. Finally, we decided to go for the Antivirus, which he told me can’t coexist on the same computer as 360 anyway. Figures.

He walked me through wiping my laptop of all Norton products and attempting another download. Again, it failed. He set up a connection between us and tried to help me download it from his end. Still no dice. Finally, he had to download the program to HIS computer and send it to mine via the connection. I was on hold the entire time the program creeped across the miles, all 56 Mb of it. On the upside, the rep was very nice and clearly stymied by my computer’s efforts to thwart him; I felt like apologizing for the laptop’s bad behavior. Every time he asked me to restart the machine, it took me several tries to get past the freeze-ups and delays.

Eventually, the program was on my desktop, and the rep installed it remotely. He started the scan running, and now that I’d spent an hour on the phone with the guy, we disconnected with some satisfaction. He DID say that he would try to get me a refund for the Norton 360 that had failed me, since I didn’t want to pay for something that hadn’t worked. I have yet to see the refund, but since he gave me a confirmation number for the transaction, I have high hopes that I can track it down, if necessary.

The Norton AntiVirus 2009 scan turned up the culprit: a Trojan virus was crawling through my computer. Norton zapped that bug with no trouble, and I settled back to enjoy a blissful, virus-free computer experience. But then, suddenly, Internet Explorer windows started to randomly pop open, each one a full-screen ad for everything from Proactiv to, surprisingly, Norton itself. Internet Explorer didn’t even have to be open for the ads to appear, blocking everything on the screen. They were easily closed, but they kept coming back. But Norton didn’t see a problem. I did another update, restarted the computer, and did another scan, but nothing turned up. The windows kept popping open.

I searched for answers on Google (now that my Google search was working again), and I saw that other people had had this problem, and that Norton hadn’t recognized it. The fix, many said, was long and arduous, including downloading more security software, starting up in safe mode, and jumping through a variety of flaming hoops. I was beaten down at the thought. I considered the ads to be more annoying than threatening, and I gave some thought to just letting them continue to appear. But then, I talked to my boyfriend, who suggested another solution: Lavasoft’s Ad-Aware product. He said that the free download found far more hidden problems on his own computer than Norton had, so I decided to give it a try.

The Ad-Aware site was deliberately confusing, unfortunately. The company wants to sell the upgraded service, so while the basic Ad-Aware product is free, the means of getting to the free download are distracting and aimed at driving the sale. I accidentally clicked on the wrong button not once but twice, on two separate pages, in my efforts to reach the free download. I got frustrated, as you might imagine. My boyfriend had the misfortune of being on the phone with me at the time, so he got to hear my annoyance firsthand. But in the end, I got the download right, and I started an Ad-Aware scan.

The scan turned up another bug, one that Norton had missed. It completed the fix for me at my request, and since then, the computer has run more smoothly, more quickly, and completely without pop-up ads and unwanted Internet Explorer windows. For the moment, I feel like my laptop is back to normal, and I’m breathing a little easier. At last.

So what have we learned from this little adventure? First (and always), make sure you have good antivirus software installed. Norton is just fine, and obviously their customer service is available if you need it (don’t hesitate to call them if you do). Second, never click on questionable links or open or run files from unknown senders, EVER (and make sure that any other users on your computer don’t download anything without your knowledge). Third, if your computer starts acting strangely, look into it. Don’t assume that it will “correct itself,” because it will only get worse. And fourth, don’t give up if you get frustrated or have a hard time fixing the problem on your own. That’s what the experts are for. If you do everything right and it still doesn’t work, find a phone number for the company and make the call to get some help. In the meantime, do your own research into your problem so you can be informed, even if it just means Googling something like “unwanted Internet Explorer pop-up virus.” You don’t have to be a computer genius to educate yourself about spyware, adware, malware, viruses, worms and other nasties that trouble us.

I was lucky in that the software that got onto my laptop didn’t seem to be after my private information or out to destroy my machine. It was annoying for me in that I had always tried to follow my own advice with online security, and I still ended up having to deal with it. But in the end, I learned a lot, and now, there’s not a pop-up ad in sight.

By now, you’ve probably figured out where this is going: that pop-up is a scam, something known as “scareware.”

Those who DO click “OK” on the serious-looking window out of fear that their PC is actually in danger usually start a download of malware onto their hard drives. The program pretends to run a scan, telling the user that there are lots of “critical problems” with their computer that must be fixed. Of course, those mysterious problems do get fixed if the customer agrees to buy the full version of the repair software for roughly $40. The entire thing is an elaborate scam, one that is both illegal and incessant; one IP address appears to have received the pop-up at least 200 times in a single day.

It’s a “blatant rip off of consumers,” Washington State Attorney General Rob McKenna said, as reported on CNET news. He said that users were “duped into downloading a fake scan and then duped into paying for software they don’t need.”

These pop-ups have been around long enough for most of us to encounter one at least once, but now there is some news on the scareware front. Microsoft and the Attorney General’s office in Washington state filed or amended lawsuits last month against companies including Alpha Red, Branch Software, SMP Soft and Registry Update, all of which allegedly use the fake security warnings to scare users into spending money on a fix. In some of the cases, the defendants are listed as “John Doe” because the owners of the companies aren’t known. In the case of Alpha Red and Branch Software, James Reed McCreary is the owner named in the lawsuits. His Texas-based company sells a scam product called Registry Cleaner XP for $40. The lawsuits charge McCreary and the other companies with misrepresentation, harassment, and high pressure sales. The state of Washington seeks an injunction and undisclosed civil penalties from McCreary.

The lawsuits were made possible because of Washington’s Computer Spyware Act, which makes it illegal to create scary messages that appear to come from elsewhere (in this case, Windows) in order to terrify people into a software purchase. The Computer Spyware Act was put into place in 2005, and in that year, Microsoft and Washington state successfully sued Secure Computer (makers of Spyware Cleaner) for $1 million when they charged the company with using scareware pop-ups. The law was recently updated to include outlawing the sort of deception that McCreary and others allegedly conducted. The state has filed seven cases under the law since 2005, while Microsoft has filed 17 spyware-related legal actions in that time.

In the current case, consumers who have experienced the scareware ads can file their own lawsuits if they wish. Since many people have a healthy fear of a security breach on their computer, the messages work particularly well when the scammers play on that fear, suggesting that personal privacy and security are at stake. The defendants, if convicted in the current lawsuit, face fines of up to $2,000 per violation, plus restitution and attorney fees. We’ll keep you posted on the results and any future lawsuits brought against the companies.

So what should you do if the “Warning!” pop-up appears on your screen? Don’t click the red X in the upper right hand corner of the window, for one thing, says Christopher Null of Yahoo! Tech Blogs. While it appears to be the same sort of button that makes the standard Windows box go away, remember that this isn’t a true Windows box. Clicking the red X might start the download of the malware. Instead, go to the task bar at the bottom of the screen and right-click on the pop-up’s bar to close it. Other than that, you can close and restart your Internet browser to make the pop-up go away.

Just don’t click “OK”… It’s anything BUT okay.

Sources for this article: Yahoo! News, Yahoo! Tech News, Yahoo! Tech Blogs, CNET news, Scareware, Seattle Post Intelligencer

According to security company MX Logic Inc., the spam attack traffic peaked on Thursday, with 11 million messages per hour. Even as the numbers have gone down slightly since then, it’s still in the millions of messages per hour. Security pros say that more than 1,000 hacked sites are hosting the fake Flash update, and they also say that hackers have gotten so cocky that they don’t bother trying to hide the sites they’ve hacked. The latest news is still worse: the spam has mutated since the news of the message first broke, claiming to be a CNN “MY Personal Alert” instead of a top 10 list and linking to several malware sites and filenames instead of just one. Some users even say that they’ve received the spam with subject lines that actually reference real articles on CNN, adding to the legitimacy of the message. The links in the email always lead somewhere that insists on a Flash upgrade, though.

Meanwhile, Adobe Systems Inc., source of the real Flash Player, warned people not to click on anything that didn’t come from Adobe directly. They pointed out that ALL software updates should originate with the company and not with a third-party site, so any questionable links should be avoided. If you want to be sure you’re downloading a real, non-malware update, go to the company’s website directly and look for upgrades to download from there. This may seem like too little, too late in terms of security warnings, but it’s one of those things that seems like a no-brainer to IT people but needs to be said (and said more than once) to the average email user.  

The lesson is the same as we’ve talked about here before, regarding email, phishing and other spam attacks: Don’t click on a suspicious link or URL that you get in your email. Put your mouse over a link to see where it really goes before you click it. Have a healthy dose of skepticism when something you didn’t expect arrives in your inbox. And if all else fails, contact the company that the message claims to come from, just to be sure. Don’t just blindly click whatever you’re sent, or you’ll learn some hard lessons (and get some pretty major headaches in the process).

Sources for this article: IT World, ComputerWorld, Techspot, MX Logic

Part of the appeal of this conference (and its follow-up, the hacker conference DEFCON) is that the people who make a living protecting computers from malicious assault can indulge their less-than-heroic urges. In an effort to point out potential weaknesses in the current software and systems in use, the pros unveil their own codes and tricks that circumvent security and leave sensitive data vulnerable to attack.  Of course, the focus is on improved security to foil these attacks, but the real fun is in playing the bad guy (the “black hat”). This is why Black Hat declares itself positioned at the “intersection of network security and hacker ingenuity.”

Despite the creative efforts of security experts, one truth that routinely emerges from these conferences is that, no matter how good the mousetrap, someone will build a better mouse. This year’s Black Hat briefings indicate that the flaws and problems with our current systems are growing almost faster than security professionals can adapt to fix them. For example, web-based software (software that runs in a browser) has inherent weaknesses that are difficult to anticipate and correct, especially at the speed at which applications are being developed. 

Meanwhile, identity theft cases worth billions of dollars continue to come to light, usually with little response from those in the business. When the news broke during the conference that 11 people had been indicted for stealing 41 million credit and debit card numbers from a variety of retail systems (making it the largest hacking and identity theft case in history), the general consensus was not one of shock. Gathered professionals agreed that such crime will continue to persist, largely because it has been so successful and profitable for hackers. As one cyber crime expert for the Department of Defense told an AP reporter, “These guys were just persistent and lucky. And they got caught.” 

The reality is enough to make the average web merchant a little bit paranoid. Are our Internet security measures nothing more than Swiss cheese bricks just waiting for a clever hacker to slip through? Not necessarily. And the other important factor to keep in mind is that, as the need for security increases, the need to preserve privacy must also be considered. The Electronic Frontier Foundation (EFF) chose the Black Hat conference as the place to announce their new Coders’ Rights Project, which is an initiative designed to protect programmers and developers from legal threats that could interfere with their research. Above-board programmers shouldn’t have to worry that their latest, greatest development will lead to a lawsuit down the road; such a worry would have a serious chilling effect on technological advancement.

In the end, a persistent plea at Black Hat was one of collaboration. Working together, some claim, is the best way to thwart the hackers and protect our information. Rod Beckstrom, Director of the National Cyber Security Center in the U.S. Department of Homeland Security, gave a keynote address at Black Hat that walked participants back through history and drew parallels between historic events and the current situation with Internet security. While some of his analogies were elaborate, his message was simple: together, the developers and security professionals are more powerful than on their own. Whether that message will resonate remains to be seen. In the meantime, the best thing the average user or web merchant can do is be cognizant of what COULD happen, and vigilant in watching out for it.

Above all, resist the urge to turn to the “other side”… There may be lots of money to be had in stealing identities, but as Black Hat attendees prove, the efforts to reinforce the mousetrap are tireless and, in many cases, effective. There may never be complete and total security, but hackers don’t stand much of a chance when the guys working against them wear the black hat themselves on occasion.  

Sources for this article: NetworkWorld, Black Hat, PC World, Yahoo! News, InformationWeek