Triona's Tech Tips

The mainstream media is swooning over the recently discovered “Here You Have” virus, which spreads via malicious links in email messages. The virus, also called Imsolk, has infected some high-profile companies including Disney, Proctor & Gamble and Wells Fargo, according to reports.

It’s typical that the viruses that get the most attention are those that happen to infect big-name organizations. (Note that ABC News reports that ABC/Disney itself was infected by the virus.) In this case, the virus itself is not that scary. Sure, it’ll infect your computer, disable your security protections, spread through removable drives and network shares, and send itself to everyone in your contacts list. But a lot of viruses do that. And yes, it’ll overwhelm your network if you allow it to run rampant, which is what appears to have happened at some of these large companies. But, the thing about Here You Have is that it’s avoidable if you follow some simple precautions:

• Never click on email links.
• Run a good-quality security suite that includes antivirus and anti-spyware protections. The major security programs have already been updated with protections against Here You Have.

And, if you’re in a corporate setting:

• Filter spam at your network perimeter.
• Block unnecessary attachment types, like the .SCR file type used by Here You Have.

Want to know the viruses that scare me? The ones no one hears about because they are too sneaky. The ones that work silently, slipping into your computer without any interaction from you. The ones that can’t be removed with standard security tools. The ones that secretly record your keystrokes and quietly commandeer your computer. The ones that only infect a few computers at a time so as not to be detected.

That’s not to say you shouldn’t be wary of Here You Have, especially since it appears new variants of the virus are arising. But remember, the viruses that do the most damage don’t always make the headlines.

Facebook has introduced a FourSquare-like feature that allows you to share your immediate physical location with your friends. Unfortunately, it defaults into sharing this information whether you want it to or not.

This feature has sparked a new round of debates over Facebook privacy, with the ACLU of Northern California issuing a statement saying, “In the world of Facebook Places, ‘no’ is unfortunately not an option.”

Facebook Places allows you to share your location with the click of a button, which works particularly well with smart phones and other mobile devices. However, even if you don’t post a location yourself, a friend could still tag you with location information which would then be visible to others. Unless you intend to use Facebook Places, I encourage you to disable it. Facebook says they have made it easy to do so, but the process seems non-intuitive.

• First, go to Account, then Privacy Settings in the upper right hand corner. Click the “Customize Settings” link. Under “Things I Share,” change “Places I check in” to “Only me” and uncheck the Enable box for “Include me in ‘People Here Now’ after I check in.” Under “Things Others Share,” change “Friends can check me in to Places” to Disabled.

• Go to Account, Privacy Settings and click “Edit my settings” under “Applications and Web sites” at the bottom of the screen. Next to “Info accessible through your friends,” click “edit settings” and uncheck “Places I’ve Visited.”

I also suggest that you do not set your account permissions to Everyone, as it leaves your information wide open. In the computer security world we advise that security settings always default to maximum rather than minimum, a policy I wish Facebook would follow.

You’ll have to take your Facebook security into your own hands by routinely reviewing your Privacy Settings, because they may change as Facebook introduces new features or upgrades old ones. And remember, privacy on the Internet is a meaningless term. Expect that anything you post on Facebook or elsewhere can be revealed, and don’t say anything that you don’t want to be public knowledge.

Each year I give parents a roundup of the best parental control software on the market.

Parental control software offers automatic blocking of inappropriate sites as well as content and image filtering. You can schedule when the Internet is available to your kids, log instant messages, keep tabs on social networking sites like Facebook and MySpace, and monitor mobile communications. New to parental control software is the ability to protect from cyberbullying.

I continue to like SafeEyes, available for Windows and Mac. NetNanny and CyberPatrol have also been upgraded with new features. While Windows and Mac offer built-in parental controls, as do many security suites, they are no substitute for a dedicated program.

Hardware parental controls are physical devices that sit between your home network and the Internet. At this point there are none I recommend because they slow down your network and can easily be removed by wily kids. However, you can configure some home routers to perform certain parental control functions like content filtering.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

My technology column in this weekend’s Northwest Herald talks about how you can use Web feeds to organize information from Web sites and blogs. Web feeds (also called RSS feeds) allow you to organize content, much as you do with your email. For example, if you wanted to subscribe to the Web feed for this blog, you’d click on the orange RSS icon in the upper right corner of this blog, which will prompt you to bookmark the feed in your Web browser. A Web feed address looks similar to this.

http://www.guidryconsulting.com/techtips/feed/

Many email programs such as Outlook and Mozilla Thunderbird also have Web feed capabilities, although personally I prefer news software like FeedDemon for Windows or NetNewsWire for Mac. Or, you can use Google Reader which is web-based and works on both Windows and Mac.

When you access your news software you’ll see which Web feeds have updated content, and when you click on a feed you’ll see the name, date and excerpt of recent articles, as if each one were an email message. You can mark articles as read or flag them to read later. Here’s what it looks like in FeedDemon.

Web feeds are most often used to advertise blog content. So if you run a blog, be sure to include a link to the feed so people can subscribe. Most common blog platforms like Blogger and WordPress automatically set up a feed when you create your blog.

People sometimes ask me what is the point of Web feeds, and why would anyone want to use them? Feeds make following Web sites and blogs as easy as checking your email. It’s also a great timesaver. Instead of visiting each site directly, you can consolidate them in one place and see at a glance the articles you want to read. Web feeds have become the option of choice for people who want to keep up with current events, which is why they’re offered by most magazines and newspapers.

If you get an email from Facebook saying there is a message for you, do NOT click on the link. Visit Facebook’s site directly instead to respond to any and all messages.

Like the Facebook update scam I dissected for you a few months ago, this latest scam tries to trick you into clicking a potentially malicious link by mimicking a legitimate Facebook message. Take a look at this screenshot and compare it to the Facebook update scam. You’ll see similarities, including the use of Facebook formatting and logo as well as a legitimate-looking link. However, the link actually redirects you to a malicious site. The site on this particular message has already been blocked as being harmful; it probably belongs to some innocent victim whose web site was hacked to deliver viruses or harvest passwords a la the Twitter DM worm. But there are plenty of other phony sites out there that may not have been blocked.

In my case I was alerted to the scam because I’d never heard of the people from whom the messages were purportedly sent, but that’s not a foolproof way to tell if a message is fake or not. Facebook accounts can be hacked, and false messages sent. This grants the fake messages an undeserved level of trust because they come from someone you know–and that’s the point. Cybercriminals know people are unlikely to click on unsolicited links and far more likely to click on something sent by someone they know. The best way, as I said, is to distrust all email links no matter who they’re from. You are far safer visiting the Facebook site directly and checking your messages from there.

We’ve talked before about Facebook privacy, or lack thereof. Facebook is facing such public scrutiny over privacy, it’s hard to keep up with the number of changes they’ve made. They’ve expounded upon their improvements to news media and set up a page dedicated to privacy. But given the popularity of social networking sites and the multitude of ways they can be exploited to trick unwary users, I expect privacy will remain an issue for some time to come.

Many people believe the illusion of privacy offered by social networking sites. They think they are conversing in a private setting, when in reality that information can easily end up on search engines and other public places. Google and other search engines routinely index data from Facebook and other social networking sites, and data can slip through even if your privacy settings are set to maximum.

Security also remains a concern for Facebook users. Clickjacking–tricking users into clicking links–has become so prevalent on Facebook it’s earned its own term: “likejacking.” A recent worm using link-bait such as “The Prom Dress That Got This Girl Suspended From School” has infected hundreds of thousands of Facebook users. Clicking the link marks it as “like” to your Facebook friends, giving it unwarranted credibility and helping to spread the worm. Worms like this may also attempt to gain control of your Facebook page or use malicious code to introduce viruses into your computer. Other scams use recent events like the World Cup to entice you into clicking links that purportedly go to video clips. You are then prompted to download software to view the videos, but the downloads are viruses. All those links that claim you will get X number of goodies for Farmville or other games are mostly scams. Criminals may even try to “friend” you from phony accounts so they can target you for burglaries and other crimes.

In other words, social networking sites are about as secure as sieves. What’s a Facebook user to do? My advice is to remember that anything you say on the Internet is public, regardless of your privacy settings. Don’t post information about your children, your vacation plans, or other information than could be used against you. Be wary when clicking on links, and make sure you have a good security suite that is continually updated. And, as always, stay tuned to Tech Tips for the latest computer news.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Social media sites like LinkedIn, Facebook and Twitter are widely used, but they can also take a big chunk out of your day. How can you manage your social media time?

1) Schedule when you’re going to use social media sites, then stick to it. If you limit your time to, say, a half hour every morning or an hour twice a week, you’ll get more out of your time online plus save room for the other things you need to do.

2) Integrate your efforts by using tools that let you send a single post to multiple places. For example, you might use LinkedIn’s Twitter feature to automatically post your LinkedIn status to your Twitter account.

3) Avoid chat, games and other timewasters. Tempting as they are, they cheat you out of productive time. Games in particular can also be venues for viruses. If you must play games, look for those that let you choose when to play, like card games, as opposed to those that penalize you for not using them regularly, like Farmville. And avoid groups that claim you’ll get X number of game goodies if you join–again, most of those are laden with viruses.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Computer infections go by many names: viruses, Trojan horses, malware. But there is a particular class of infections that is not only malicious but nearly invisible in nature.

Keyloggers are virus-like programs that capture everything you type on your computer. Because they sit between your applications and the software than drives your keyboard, they are difficult to detect and harder to remove. They are often invited by viruses that have already infected your computer. There are even hardware keyloggers that can be secretly installed between the keyboard cable and your computer.

Keyloggers are seen in conjunction with rootkits, software designed to capture control of your computer. Anti-rootkit tools can help keep keyloggers at bay. Although these tools are not yet part of standard security suites, in the future I anticipate we’ll see more commercial protections against keyloggers and rootkits.

In the meantime, how do you protect yourself? The usual recommendations apply: run a strong security program, avoid clicking on links, and make sure all of your software is up to date. It’s far easier to avoid keyloggers and rootkits than it is to remove them.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Don’t miss my upcoming seminars on social networking:

Marketing Your Business Through Blogs And Facebook (Beginner)
GLMV Chamber Of Commerce Munch & Learn
Wednesday, June 16, 2010, 12:00pm-1:00pm
GLMV Chamber Office, 1123 S. Milwaukee Ave, Libertyville, Illinois

See below for the advanced session of this class at the GLMV Chamber Best Practices B2B EXPO & Conference on June 23rd.

Discover how to market your business online by leveraging the power of blogs and Facebook. Learn how to set up your Facebook profile or fan page, how to create and maintain a business blog, and how to integrate the two to offer a comprehensive online presence. Computers are not required but you may bring a laptop for hands-on instruction. To register, contact the GLMV Chamber at (847) 680-0750.

Marketing Your Business Through Blogs And Facebook (Advanced)
GLMV Chamber Best Practices B2B EXPO & Conference
Wednesday, June 23, 2010, 2:15pm-3:00pm
Doubletree Hotel, 510 East IL Route 83, Mundelein, Illinois

This is a more advanced session and followup to the previous Munch & Learn seminar on June 16th.

Discover how to market your business online by leveraging the power of blogs and Facebook. Learn how to set up your Facebook profile or fan page, how to create and maintain a business blog, and how to integrate the two to offer a comprehensive online presence. Computers are not required but you may bring a laptop for hands-on instruction. To register, contact the GLMV Chamber at (847) 680-0750.

Basic Social Networking
Crystal Lake Chamber Of Commerce Business Builder Breakfast
Friday, July 16, 2010, 8:30am-10:00am
Crystal Lake Chamber, 427 W. Virginia St, Crystal Lake, Illinois

See below for the advanced session of this class.

Have you been asked to get LinkedIn? Can you make contacts through Facebook? Should you Twitter your business? Learn how to use social networking to market your business. We’ll talk about which sites are right for you, how to establish your profile and how to integrate social networking into your marketing strategy. To register, contact the Crystal Lake Chamber at (815) 459-1300.

Advanced Social Networking
Crystal Lake Chamber Of Commerce Business Builder Breakfast
Friday, August 6, 2010, 8:30am-10:00am
Crystal Lake Chamber, 427 W. Virginia St, Crystal Lake, Illinois

See above for the beginner session of this class.

Now that you understand the basics of social networking, let’s delve deeper into how this new technology can help your business. We’ll talk about the advanced features of social networking and how you can use integration tools to save time. To register, contact the Crystal Lake Chamber at (815) 459-1300.

If you’ve ever run into a computer emergency (and who hasn’t?) here are my top five fixes.

1. Reboot
   Yes, you’ve heard it before, but it bears repeating: Rebooting your computer should be your very first troubleshooting step.
2. Try a different program
   This helps to isolate the problem. For example, if you can’t print, is the problem only with your word processor or are you also unable to print from the Web? If you can’t get on the Internet, are both Web and email not working?
3. Scan for viruses
   Virus-writers don’t exactly quality-check their handiwork. Viruses or malware will often cause your computer to slow down or behave in strange ways.
4. Check the Frequently Asked Questions
   Almost every software and hardware vendor has a support area on their web site where you can check for the solutions to common problems.
5. Reboot your network
   For Internet problems, try turning off your cable or DSL router, then your hardware firewall if you have one, and finally your computer. Turn them all back on in the same order waiting about twenty seconds between each one.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.