IT Security: June 2007

Sunday 17 June 2007

Types of Spam Filters

Spam filters are designed to block unwanted messages generated
by unethical senders. Presently, there are different spam filter
programs in the market available for email users to purchase.
These programs are designed differently, which means that their
methods of detecting spam vary.

Businesses which require email messaging for information
dissemination would find it helpful to know the different
methods used by spam filters. This will in turn help them tailor
there message's content as well as their mailing procedures.
Thus, being aware of spam filter programs can help in the
optimization of any internet campaign.

The most common type of spam filter is the Content-Based Filter.
This type of filter as the name suggests, looks on symbols,
words or phrases in the subject line, headers and content of the
message which are suspicious. The filtering process is very
dependent to phrases and words chosen by the user as spam, this
means that spam messages with words or phrases not included in
the list of the user will make it to the inbox time and again
unless the user creates another filter to deal with those words
and phrases. The good side of this filter is, it can be
fashioned in anyway the user wishes to.

Another type of spam filter is the Bayesian Filter, unlike
content-based filter; Bayesian filter undergoes 'training' where
the filter learns the difference between a spam and a legitimate
email. During this 'training' messages are broken into tokens
and these tokens are then stored in databases (tokens of good
messages are separated from those of spam). This type of filter
requires minimal maintenance and can adapt easily to users'
usual message, just like if the user is a medical practitioner,
anything that relates to medical field will be considered as
good. The primary drawback of Bayesian filter is that optimum
filtering will not take place immediately, since the filter is
dependent on the messages on which it is trained.

In addition, there is a Blacklist-Whitelist filter where the
whitelist is composed of the 'good' email addresses and the
blacklist is composed of email addresses believed to send spam.
This kind of filter ensures that received emails are from
whitelisted senders only and any address aside from the
whitelisted ones will be blocked. With this, email users can
expect a zero false negative. The main disadvantage of this
filter is that, whenever a real-time blacklist (RBL) is used,
there is a tendency that the whole IP is considered as spam
sender, though only a part of it used to send spam.

Challenge-Response Filter on the other hand sends messages to
unknown senders asking them to do further action/step to justify
their intention of sending the email. These further actions can
be a request for the senders' website to ensure that the email
is legitimate. This type of filter is quite applicable to low
traffic email users.

Community filter is another type of spam filter. This filter has
a central server where users can send suspected spam; the server
itself then saves the 'fingerprint' of the message to the
database. When enough users flagged the message as spam, the
'fingerprints' of the message will be blocked in the future. But
before a spam is blocked, many users have already opened it.

If your business makes use of email in sending promotional or
newsletters, you should at least know if your email address is
in the real-time blacklists so that you can apply for
whitelisting. And at least know the basic symbols, words and
phrases to be avoided in sending emails. Try visiting href="http://www.emailreach.com">www.emailreach.com for
more information about spam filters.

About the author:
Registered Electronics Engineer

Author: Roderick
Article:

New eBay Phishing mail scares users into revealing information

What do you do when you receive an email from an online
financial company that you regularly deal with, informing you
about the completion of a transaction that you never did in the
first place? There's a good chance you might lose your senses
for a short while. That's exactly what people behind this new
Phishing scam targeting eBay customers are hoping for!

The advanced AntiVirus, AntiSpam and Content Security solution
provider MicroWorld Technologies says a new email in circulation
tries to pilfer confidential account information of eBay
customers by sending them a tricky phishing mail. Appearing as a
routine confirmation message from eBay, it tells the recipient
that she has sent $249.20 to an email address at aol.com.

Then it shows a Transaction ID and Subject to numb the
unsuspecting victim. To view the details of the transaction, she
is told to click on a link. It ends with a 'thank you for using
eBay' line, deliberately used to aggravate the user. Once she
clicks on the 'view details' link, a new page opens up where her
account information will be captured by online criminals behind
the scam.

"At the end of the day, a phisher's goal is to make you visit
the spoof website of any reputable organization, and they will
try every trick in the trade to achieve this end," observes
Sunil Kripalani, Vice President, Global Sales and Marketing,
MicroWorld Technologies. "With so much awareness being spread by
various agencies and considerable coverage in mainstream media,
one would tend to think that it's hard to fool people in this
fashion any more. But the facts tell you a different story."

According to Sunil, Phishing scams still manage to loot millions
out of people's bank and other accounts every year, while the
far reaching impact of loss of personal information like Social
Security Number, Date of Birth and Mother' Maiden Name goes
largely unnoticed by many.

"The most disturbing trend in Phishing in recent times is the
rise of Man-in the-Middle Attacks which enable an online
criminal to sit live between the spoof site and the original,
and manipulate the stolen data to his advantage in real time. It
means a few seconds after the criminal gets the data from the
Phishing site, he loots the victims account. With customizable
kits available in the online grey market, even a not-so tech
savvy guy can run such an attack,"

explains Sunil.

MicroWorld Technologies provides highly advanced protection for
their users from Phishing mails and other spam mails by
employing a multi-layered email filtering mechanism. Its eScan
and MailScan range of products are used by over a million
customers worldwide in safeguarding their computers. *Phishing:
Identity Theft using spoofed emails

MicroWorld

MicroWorld Technologies (www.mwti.net) is the developer of
highly advanced AntiVirus, Content Security and Firewall
software solutions eScan, MailScan, and eConceal. MicroWorld
Winsock Layer (MWL) is the revolutionary technology that powers
most of MicroWorld products enabling them to achieve several
certifications and awards by some of the most prestigious
testing bodies, notable among them being Virus Bulletin,
Checkmark, TUCOWS, Red Hat Ready and Novell Ready.

For more information, please visitwww.mwti.net

About the author:
Btv Raj is the Content Writer and Creative Visualizer of
MicroWorld Technologies.

Author: btv raj
Article:

Who Else Wants Complete Protection From Computer Viruses?

With simply a computer and an Internet connection you can access
an infinite number of Web servers, Web pages, individuals from
across the globe and other digital entities from around the
world but it also endangers your PC and the confidential data it
contains about you.

Every day of the week virus, spyware, and adware creators come
up with new, ingenious ways to gain access to your PC. These
simple pointers will help keep the hackers at bay:

Stop and think before you click: Downloaded files that end with
.exe, .com, .bat, and .scr, (also files with .doc and .xls
extensions), can render your computer completely useless with a
single click. Many e-mail programs block access to any
attachments so take the extra time and think for a few seconds
before you decide to open it or not.

Use an anti-spam filter: Most viruses and spyware are installed
by various methods of Internet browser hijacking however, e-mail
is still a very common source. Use of a junk-mail filter will
significantly reduce the likelihood of running harmful scripts
contained within messages.

Keep your antivirus software up to date: Using antivirus
software that has expired past it's subscription period is
definitely not an option: Not only do you lack the crucial virus
database updates, but you expose your system to malware that
targets known flaws in antivirus software.

Prevention against WORMS and Viruses: Install antivirus
software, update regularly, and use it regularly. Never open
unsolicited e-mail attachments with the file extensions VBS,
SHS, or PIF.Disconnect your network or modem cable when you are
not using your computer.

Antivirus software is software that is installed on your
computer that protects you from viruses. Antivirus software
programs contain in the region of 40,000 - 100,000 "malicious
software definitions" that are updated on a daily or as needed
basis.

I highly recommend Grisoft AVG Anti-Virus (Free) for antivirus
protection.

If in doubt try online: You should only install and use one
single antivirus program at a time on your computer because
multiple antivirus programs will conflict with one another and
cause your computer to completely grind to a halt. If you have
any doubt about your antivirus program's effectiveness, you can
use a free online virus scanner, such as Panda Software's
ActiveScan) or Trend Micros HouseCall.

Download with care: Any program you download and run on your
computer system could potentially result in spyware or virus
infection. Download software only from reputable online sources
that guarantee that all software is free from malicious
software.

Use a two-way firewall: Windows XP and Vista each come with a
firewall that blocks unwanted or unexpected incoming traffic; it
is enabled by default in Windows XP Service Pack 2 and later.
However for the best protection possible, you will also want to
block unwanted outgoing connections made by spyware, viruses and
scripts on your PC that attempts to either connect to a remote
server or send out spam.

Windows Vista's firewall does have that fucntionality, but
configuring it is not entirely simple enough for the average
Windows user. Instead, you can get one of several free
bidirectional firewall programs, such as Zone Labs ZoneAlarm
Free, or Agnitums Outpost Firewall Free.

Make use of antispyware program: Anyone who uses a computer can
succumb to spyware infection. In fact, 9 out of 10
Internet-connected PCs are infected with some kind of virus.
Spyware can be any application that tracks your online or
offline PC activity, serves you adverts, redirects your pages
and bombards you with pop-ups. If you use the Internet, its
possible that some form of virus threats are already active at
work on your PC system.

Spyware can ocassionally go unnoticed however, it is more likely
that you will notice that it is present on your computer system
due to the obvious symptoms that your computer may experience.
It is EXTREMELY difficult to get rid of but not entirely
impossible.

Even if you suspect you have successfully removed an unwanted
program manually, a remaining dormant file can trigger a
complete reinstallation the next time you restart your computer.
And as a survival tactic, spyware programs often leave similar
traces elsewhere on your system so you can often never eliminate
it completely after only one attempt.

Spyware, adware, and some scripts / trojans slow down your
system, cause crashes, and track your online activity.
Antispyware utilities work much like antivirus software,
detecting and removing the unwanted software from your PC.

One free tactic you can employ is to upgrade from Windows XP: As
Microsoft service Pack 2 makes Windows XP much safer, although
the operating system still has many security flaws which can be
exploited, and it remains prime target for spyware creators.

If you still have a href="http://www.slowcomputerhelp.com">slow PC after trying
the software above and you think it may be due to spyware, you
can find more help and information on fixing your href="http://www.website.com">slow computer at href="http://www.slowcomputerhelp.com">Slow Computer Help.

About the author:
Steve Ross is a Microsoft certified computer technician and has
developed many solutions for beating Spyware, computer Viruses
and Adware. More information on his techniques can be found at
Slow Computer
Help.

Author: Steve Ross
Article:

Prevent and Get Rid of Spyware Now

The best way to get rid of spyware is not to get it in the first
place. To avoid getting spyware on your computer, beware of
certain kinds of sites. Peer to peer (P2P) is almost a guarantee
for getting spyware. You think you're downloading your favorite
band's new song, but you don't know what is attached to that.
Porn sites are loaded with spyware and adware; beware of what
you're viewing and what you're getting because of it.

Certain browsers are more susceptible to spyware than others.
Because internet explorer (IE) is the most used internet
browser, it is the most targeted for spyware. Vulnerabilities
and unpatched security holes can allow spyware to infiltrate
your system without your knowledge. Use Firefox instead as it is
more secure and has plug-ins designed to eliminate spyware
sneaking in.

Email is another way to leave your system open to spyware.
Double check who the sender is and never click on open
attachments. If it looks like spam, don't bother opening it. If
you open some spyware it might send it to your whole address
book so make sure to check your emails before opening them.

Beware of the free software you're downloading. A comment trick
spyware distributors use is linking it with free software. Never
download anything unless you need it and know the source is good
and well trusted. A lot of spyware programs are offered using
annoying pop-ups that end up in your face. Take the time to
download a pop-up blocker and rid yourself of both the annoyance
and the possible danger.

Once you have spyware, your computer will be much slower.
Spyware uses hard drive space to run on so a slow computer is
often a sign that you have spyware. If you're having lots of
annoying pop-ups (more than usual), you may have a problem with
spyware. If strange new sites come up in your favorites or your
default settings are changed, that is a clear warning. If you
have any of these symptoms or several of them, you should
definitely be wary of a spyware problem.

Get spyware software from a trusted site and scan your computer
every couple weeks. Some programs work by blocking the spyware
from installing on your computer. Others work by scanning your
computer every day, week, or month and erasing the spyware
already installed. Whichever method you choose, still use
precautions while surfing the net to avoid spyware altogether.

About the author:
For more information visit href="http://lose-weight-review.blogspot.com/">Weight Loss and
Fitness and href="http://alphadawg.bezoogle.com/pp/weight-loss/">Better
Health and Fitness.

Author: Ashley Bigham

Article:

How to Avoid Phishing Scams

Phishing scams can sabotage a user's personal information and
lead to multiple problems in safeguarding confidential
information. Phishing scams are on the rise as more people turn
to the internet for online banking, shopping, and other
financial transactions that are connected to their personal bank
accounts. As a result, hackers and criminals are taking steps to
catch these consumers as they enter information. A common
phishing tactic is to pose as a legitimate company and lure
visitors to a website; the user is asked to enter their login
information but do not realize they are sending this information
to a third party instead.

A phishing attack can have dangerous consequences, but there
are many ways to avoid title="Delete Spyware" target="_blank">phishing scams.
Phishers generally request immediate action, adding a sense of
urgency to each and every message. Knowing how to identify these
messages will help reduce or eliminate your risk as a phishing
target. The first step in avoiding phishing scams is to double
check the source of any e-mails. If you need to call the company
or financial institution to verify the source, then take the
steps to do so. It's important that you never share account
information over the internet, unless you are 100% sure the site
is secure and it is for a legitimate purpose. It's a good idea
to check your bank accounts on a regular basis, and learn about
any fraudulent behavior.

Many phishing attacks take place through bulk e-mail requests,
and these may or may not end up in your spam folder. Although
many large financial institutions send out bulk e-mails, it's
important to white list as many of these companies as possible.
This can help you sort through the legitimate correspondence and
any fraudulent ones, reducing your risk overall. Always be sure
never to fill out and send back personal information within an
e-mail, unless it has been verified or requested by a real
person. These are ideal ways for phishers to find victims,
especially when you are asked to enter personal financial
information.

It's important to be vigilant about e-mail links. This is the
primary tactic used by many phishing scams to redirect you to
another page. A link out of any e-mail may take you to an
insecure site or network, and it's likely that these sites are
also monitored or being recorded. If you are not well-protected
with the appropriate security software, you are increasing your
risk even further by visiting these potentially threatening
sites. Make sure you are using secure website software to
monitor web browser activity as often as possible.

Another strategy to prevent phishing scams is to make sure your
browser and computer are up to date, and that you have
downloaded any necessary security patches. You can avoid
phishing attacks simply by keeping your computer and performance
in good order. Reporting phishing attacks as often as possible
will also help reduce your risk of attack; when you detect
fraudulent behavior, be sure to contact the authentic site's
administration to report the incident or incidents.

About the author:
For more information pertaing to phishing, spyware, viruses
etc... Please visit http://www.deletespyware.ws

Author: Joshua
Article:

2007 - Top Ten Antivirus Software Programs Reviewed

Protecting your computer from a virus is getting more difficult.
Antivirus software is essential to a computer's ability to fend
off viruses and other malicious programs. These products are
designed to protect against the ability of a virus to enter a
computer through email, web browsers, file servers and desktops.

The programs reviewed below are the best from around the world.
In the United States we are familiar primarily with the Norton
and McAfee Antivirus programs, but there are many good programs
out there that merit serious consideration.

Top 10 Recommended Antivirus Software Programs

Below are my ten top antivirus software programs for 2007.

For a much more detailed comparison chart on these products you
can refer to
HREF=http://www.zunio.com/comparisons/antivirus_review.html>http:
//www.zunio.com/comparisons/antivirus_review.html

1) Editor's Choice: BitDefender Softwin, which owns BitDefender,
has been around since 1990, and boasts an international team of
technical experts who strive to continually improve software and
respond to new threats. 2) Kaspersky Founded in 1997 by Eugene
Kaspersky, the Moscow-based company has had great success
leading the industry in anti-virus protection

3) Norton Anti-Virus Owned by global security giant Symantec,
Norton Antivirus is by far the most popular and widely used
security system in the United States. Norton offers a small
range of products for the home user, small business owner and
large corporation with 1000+ users.

4) McAfee McAfee is another big name in Internet security and a
large competitor for Norton Antivirus, although their prices are
virtually the same.

5) F-Secure Based in Helsinki, Finland, F-Secure has been in the
computer protection business since 1988. The company offers
protection for the family computer, to home office users all the
way up to corporations with large numbers of telecommuters
spread all over the map.

6) Shield Anti-Virus 2007 PCSecurityShield offers protection
against viruses, hackers and privacy threats to help keep you
and your family surfing safely.

7) Protector Plus Proland Software offers virus protection with
its Protector Plus package, compatible with Windows Vista, XP,
Me, 2000 and Netware. Protector Proland is proud of its team of
experienced engineers, who have been working on anti-virus
software and computer protection programs since 1989.

8) DefendGate Canada-based DefendGate offers everything from
protection against viruses and identity theft to office
productivity suites and desktop accelerators.

9) PC DoorGuard This program is PC DoorGuard is designed for
those looking to protect their email from spam, viruses, Trojans
and worms.

10) CA Antivirus On its website, CA Antivirus says it provides
software to 98 percent of Fortune 500 companies and boasts that
it was the first antivirus software to be awarded certification
with Microsoft Vista in 2007.

Virus Prevention - Steps to take

A computer user should remain diligent and follow a few simple
steps to protect against the threat of a virus:

1. Evaluate your current computer security system. With the
threat of a new generation of viruses able to attack in a
multitude of ways, the approach of having just one antivirus
software version has become outdated.

2. Only install antivirus software created by a well-known,
reputable company. Because new viruses erupt daily, it is
important that you regularly update your antivirus software 3.
Make it a habit to always scan all new programs or files no
matter from where they originate.

4. Exercise caution when opening binary, Word, or Excel
documents of unknown sources especially if they were received
during an online chat or as an attachment to an email.

5. Perform regular backups in case your system is corrupted. It
may be the only way to recover your data if infected.

About the author:
Sue Dingerson writes computer software reviews for consumers.

For a more detailed review click on href="http://www.zunio.com/comparisons/antivirus_review_article.h
tml">Zunio.com 2007 Antivirus Software Review

Ten Secrets For a Killer Website

With millions of competing websites, designing a website, let
along a successful website with a high ranking, can be quite
daunting. The following "Ten Secrets for a Killer Website" will
help give you an edge on your competition:

1. Custom vs. Templated - A Custom website is a website that is
totally designed and formatted with original material. A
Templated website is constructed from a list of premade designs
and formats that you pick from. Which is the best route to go?
If you are interested in attracting customers to your site and
converting them to a paying customer, then a custom website is
the only way to go. A Templated website does not receive a high
search engine ranking in Google or Yahoo. Search engines do not
like sites that are duplicates of other sites, so they give them
a far less ranking. What is the use of a website if people can't
find you? A Custom site gives you a uniqueness that fits your
business and message. A templated website restricts you in
choice of colors, images, and layouts. Custom is the best way to
go.

2. Fonts, Content, and Placement - Do not use font sizes that
are too small. You should use 10 point or larger. Smaller font
sizes are too difficult to see and read. Never run more than 52
characters across the screen, so as to not lose the reader. That
is why news print is in narrow columns. It is easier to read.
Pick a font style that is widely used on the Internet and
personal computers. If you are using too fancy of a font, the
text becomes difficult to read. Some safe fonts to use are Times
New Roman and Arial. These are fonts that are available on most
all computers. If you use a font that is not supported by a
user's computer, they will not see the text in the font you
chose. They will see it in the font that is set to default on
their computer. It is very important to use only common fonts.
Make sure that the content (text) of your site is useful
information; information that your customer can use. Place your
most important content towards the upper left-hand corner of
your site. Research has shown that your visitor will start in
the left hand corner of a website and move across the page to
the right and then down. Use bolding and larger font size to
draw attention to a phrase or word. Do not use underlining, as
it has come to communicate that the underlined text is a
hyperlink. All of your text should be flush left and not
centered. It is more difficult to read if it is centered. Use
good headlines and subtitles to draw attention to an area.

3. Advertising (PPC) - Once you have a website, how are people
going to know about it? It is interesting that some people have
this idea that once they have a website up and running that
customers will flock to it. "Well," they say, "I now have a
website and people will do a search and find me there and come
to my site." Don't be fooled! How many other competitors do you
have selling your same product on the Internet? Let's say that
you sell printed business cards. So if you do a Google search on
the keyword phrase "Business cards printed," you'll find that
there are 20,700,000 listings for that search. That means that
there are over 20 million other sites competing for that
searcher's attention. How in the world can you compete with
that? Well, if you notice on the first few pages you'll see
"sponsored links". Some are in the top left section, and some
are down the right side of the page. These are your competitors
that are paying to advertise in top positions on Google. Does it
work? Absolutely, or you wouldn't be seeing so many every time
you do a search. These ads are called "paid per click" (PPC)
ads. This means that every time someone clicks on their ad,
Google charges them. Some ads can be as cheap as 10 cents per
click, and some can be as expensive as $20 a click. It is the
advertisers that determine the cost based on what they are
willing to bid for a position. The stiffer the competition, the
higher the bid price. You can learn more about PPCs by going to
http://adwords.google.com.

4. Keyword Frequency - It is important to use your main
keywords or phrases (words and phrases that people search on) in
the body of your text, as close to the top of the page as
possible. Search engines look at the website text, from top left
to right, to determine the relevancy of the site for ranking it
for the keyword searched for. Becareful to not load up on a lot
of duplicate words that don't make sense. Search engines don't
like that and will score you lower for trying to put too many of
the same word in your text.

5. Relevant Links - One of the aspects of getting a higher
ranking with Google and Yahoo is linking your website with
quality, reputable sites. The search engines are looking for
websites (hopefully yours) that provide the information that a
searcher is looking for. This is one of the areas the search
engines evaluate. Is your website linked from other relevant and
quality websites? For example, if your website is a hotel
reservation site, some good links to acquire would be car
rentals, restaurants, airport transfer services, art galleries,
etc. These should be links that are useful to the traveler. You
should consider links that are not necessarily competitors, but
supportive services to your business.

6. Flash Movement - Flash-based components add movement, sound,
and interactivity that usually cannot be achieved with a
standard static html website. Flash enhances the experience for
your visitor. It grabs their attention and helps make a rich
presentation to drive your message. With custom Flash you have
almost limitless design options. It allows you to provide a
variety of graphics, tutorials, film clips, and introductions,
has the state-of-the-art technology and professional look about
it. It creates an interactive environment. Generally, you will
not have this with a templated site.

7. Call to Action - Imagine walking into a retail store where
no one helps you, there are no "50% off" signs anywhere and
basically nothing there to motivate you to buy their product.
That is what happens when you put up a website with no "call to
actions" on it. A call to action is a reason for your visitor to
sign up or purchase your product or service. Call to actions are
very important in content and placement. A typical visitor to
your site is only there for a few seconds, so you need a "hook"
and a "call to action" to keep them there and motivated to buy.
It is important that you satisfy what they came looking for. If
they came looking for a nice picture for their office, you must
give them a reason to purchase your beautiful print and to
purchase it today. Remember they may have been shopping several
other sites before they landed on yours. Give them a special
deal if they purchase today. Do a two for one. Give them a free
article or eBook for signing up.

8. Contact Information - Make it easy for your visitor to
contact you. Your phone number and email information should be
prominent on each of your pages. You also need to give them a
reason to contact you. Ask yourself this question, "Why should
they call or email me?" Give them a reason. Take a look at the
websites you visit. What motivates you to fill out their form
with your information? There are a lot of sites that don't ask
for the visitor's information. What is the purpose of a website
anyway? Basically, it is to sell something or to provide useful
information. How are you going to sell something if you don't
have a way of communicating directly with your customer? These
are important questions to ask as you design your website.

9. Auto Responders - An Auto Responder is an email program that
captures your customers contact information from a form on your
website and automatically sends periodic emails from you. These
are emails that you have previously drafted and tell the Auto
Responder Program how often to send them. You can send out
emails to new contacts, your customer list or a list that you
purchase from a list copy. Statistically, these are your best
leads for converting sales. An Auto Responder gives you an easy
way to stay in contact with them. It is important that the
information you send them has value and substance to it.
Generally, people won't mind receiving an email from you if it
is something they can learn or use. For more information on auto
responders go to these sites: www.aweber.com;
www.activecampaign.com.

10. Images and Graphics - Graphics and Images are extremely
powerful in leading the eye through your landing page. They
should not just be there to make a site look pretty, but to push
actions and indicate eye pathways. An appropriately placed image
can draw attention to a headline or title. You should consider
making your images a clickable link because visitors tend to
click on them. You could show a larger pop up image or more
information about the offer or product. The type of image needs
to have purpose with your page. Don't just throw any image on
the page. It needs to fit in with your theme. Images of nice
looking people looking directly at you seem to attract more
attention and give the visitor a warmer feeling than objects. If
you are selling a product, make sure you have a very clear and
quality type image of the product. Customers want to see what it
is they are buying. It is also important to keep your image file
size small. The larger the file size, the longer it takes to
load the image to the site. Remember, the average visitor is
only there for a few seconds. If your site is loading slowly,
they will move on. Also, when you are saving your image to a
file, try to save it as close to the same size as you will be
displaying on you site. Trying to take a large sized image and
squeezing it into a small sized image on your site creates a
picsolated (grainy looking) picture.

Brad Stone is CEO of Heritage Web Solutions, a USA Based
Company, specializing in Designing and Hosting Affordable
Websites for Small and Medium Size Businesses. With a staff of
over 160 employees, Heritage Web Solutions has grown to a
multi-million-dollar company in just 4 years, achieving a Top 1%
National Ranking as reported by WebHosting.Info. For more
information, call 866-754-1474, or visit
www.heritagewebdesign.com.

About the author:
Brad Stone is CEO of Heritage Web Solutions, a USA Based
Company, specializing in Designing and Hosting Affordable
Websites for Small and Medium Size Businesses. With a staff of
over 160 employees, Heritage Web Solutions has grown to a
multi-million-dollar company in just 4 years, achieving a Top 1%
National Ranking as reported by WebHosting.Info.

For more information, call 866-754-1474, or visit
http://www.heritagewebdesign.com

Article:

To Spam or Not To Spam: Is That A Viable Question?


To Spam or Spamming is the abuse of electronic messaging systems
to send unsolicited bulk messages, which are generally
undesired. The most widely recognized form of spam is Email
Spam: otherwise referred to as Unsolicited Bulk Email or Junk
email. Email Spam is both unsolicited by the recipient and sent
in substantially identical form to many recipients
simultaneously or over a period of time. Spam or Junk email can
be either commercial mail such as an advertisement or
noncommercial such as a chain letter or a joke.

The origin of the term "spam" is rather interesting as it
actually came into being long before email reached it's current
popular form. As you know, spam is a form of canned meat sold by
Hormel. The term "email spam" actually originated from a Monty
Python sketch. During the 25th show of Monty Python's Flying
Circus, a three and a half minute sketch was played. The scene
was set in a restaurant referred to as the Green Midget Cafe in
Bromley and centered around a disagreement between a waitress
and a customer. Almost every menu item had spam as one of the
main ingredients. The customer did not want anything with spam
in it: thus, an argument ensued that repeated the word spam some
132 times.

The menu is shown below so you will appreciate the humor aimed
at Hormel's now famous spam.

Egg and bacon Egg, sausage and bacon Egg and spam Egg, bacon and
spam Egg, bacon, sausage and spam Spam, bacon, sausage and spam
Spam, egg, spam, spam, bacon and spam Spam, spam, spam, egg, and
spam Spam, spam, spam, spam, spam, spam, baked beans, spam,
spam, spam and spam Lobster thermidor aux crevettes with a
Mornay sauce garnished with truffle paté, brandy and with a
fried egg on top and spam Spam, sausage, spam, spam, spam,
bacon, spam, tomato and spam (this is only in the radio
version's menu, but the TV version features the Hungarian trying
to order it)

The phenomenon, some years later, of marketers drowning out
discourse by flooding Usenet newsgroups and individuals' email
with junk email advertising messages was named spamming,
recounting the repetitive and unwanted presence of Spam in the
sketch.

There are several types of spam in use by spammers all over the
world. Not one single country or location can claim fame to
control the wide use of spam. According to Sophos, a security
software developer, the major sources of spam from April to June
of 2006 were the United States (accounting for 23.3% of messages
sent), while China accounted for 20.0% and 7.5% from South
Korea. By continent, Asia leads the pack at 40% followed by
Europe at 27% and then comes the USA at 26%.

And according to information compiled by Spam-Filter-Review.com,
email spam can be broken down by category. Products leads the
way with 25%, then Financial scams at 20%, Adult-19%, Scams in
General-9%,Health-7%, Internet-7%, Leisure-6%, Spiritual-4% and
all other amounted to 3%. My personal experience is that I
receive on average of 5-6 Financial scams daily and sometimes
more. Fortunately for me my ISP spam filters eliminate the
majority of the hundreds of spam emails daily before they reach
my Outlook in-box.

Spam violates the AUP (Acceptable Use Policy) of almost every
ISP (Internet Service Provider). If you are considering a bulk
email campaign, be aware that you are putting yourself in
jeopardy of loosing you ISP account as most will enforce their
AUP. And all it takes in most cases is just one complaint from a
disgruntled spam recipient.

The quantity of spam is staggering. Sometimes it depends on who
you are but Bill Gates receives 4 million emails a year and most
all of them are spam. And then the guy who owns acme.com
receives over one million spam emails per day. In the year 2005,
30 billion spam emails were sent every day, 2006 it grew to 55
billion, 2006 it jumped again to 85 billion pre day and in
February of 2007 it is shown to continue it's growth to more
then 90 billion spam emails per day. It is speculated that over
90% of all emails sent are spam emails!

Although spam laws are being passed in most major countries, it
is obvious that another deterrent needs to be developed.
Countries taking affirmative legal action by passing anti-spam
laws include:

-The Untied States-CAN_SPAM Act of 2003 -Australia-The Spam Act
of 2003 -The European Union-Directive-Article 13- The member
countries are Austria, Belgium, Bulgaria, Cyprus, Czech
Republic, Denmark, Estonia, Finland, France, Germany, Greece,
Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta,
Netherlands, Poland, Portugal, Romania, Slovakia, Spain, Sweden,
and the United Kingdom.

Even though there is a concerted effort throughout the world to
curb spamming, legislative efforts have been for the most part
ineffective and counter productive. As an example the CAN-SPAM
Act of 2003 requires that each email have a way for the
recipient to opt-out of the senders list. Most believe that if
you opt-out to a spam email, you are doing nothing more then
confirming to the spammers that they have reached a working
email address. In 2002, the Center for Democracy and Technology
found that 16% of websites tested with opt-out requests
continued to spam.

To Spam or Not to Spam: well, you be the judge for yourself. The
biggest concern I think one should have is loosing their ISP
accounts. I have heard of spammers just going form one to
another or having multiple ISP accounts to insure that they will
maintain up time.

Hope you didn't find this too long but the more research I did
for this article, the more practical information I found to
include for your reading pleasure.

About the author:
Jimmy Oakley-Author-2007- Jimmy is an Internet Marketer that
discount markets the Premier Email Marketing and Internet
Marketing Courses online. The courses he markets are continuosly
updated and never outdated. Learn the right ways of marketing on
the Internet by visiting
http://www.makeyourlivingonlinetraining.com now and learn
Internet Marketing techniques found nowhere else.

Botnets: The Story of How My PC Became a Zombie!

Botnets: The Story of How My PC Became a Zombie!

Several weeks ago, I received a call from my ISP's Security
Department. The lady, who was a little short on etiquette,
launched into this short story about having to suspend my
account due to the fact that someone had hijacked my email login
and password. Well, I was at that time not on the Internet but
was at my desk so I cranked up the old PC and hit connect on my
DSL icon. Well, that's as far as I got: there was no way I was
going to connect using my ISP's icon.

Oh no, "Don't tell me I have been relegated once again to using
a dial up account," I said to myself. My DSL is slow enough as
it is and I have the fastest available broadband connection
there is so I can't imagine how slow dial up is going to be?

The Security Agent told me that all was not lost. But there were
certain things that I had to do in order to "plug the hole" that
the hacker had crawled through. The first thing I had to do was
to make sure that my firewall was activated and working
properly. And if I did not have a firewall, I was going to have
to find a suitable one and upload and install it to my system.
In my case, I already have a firewall in place: however, I did
go into preferences and set the filters to high, which makes
them quite a bit more sensitive and makes my PCless vulnerable
to a hackers breaking through the protection that is in place.

Although I had only recently changed my password for access to
this account, I also had to do so again. Actually, once Security
reactivated my account, they had already switched passwords for
me so all I had to do is go in and change it to something I
wanted.

As a next step, if I did not have a current and up to date virus
protection program, I would have to buy and install one of those
too. This crook of a hacker could have cost me a couple of
hundred dollars in hard cold cash just in software costs alone,
not to mention the damage he was doing by controlling my PC
email and using my bandwidth. Fortunately, I also had a current
anti-virus software program running so I did not have to buy
one. (A Lot of good it did me, huh? I guess everything has its
weaknesses.)

The primary reason my ISP chose my account to shut down was due
to the fact that my account had all of a sudden received several
thousand complaints. The assumption is that the hackers used a
botnet of zombies to compromise my email account in order to
send out a large quantity of spam emails, many of which filed
complaints with my ISP. I didn't know about this sort of thing
before but found that it is quite normal for hackers to gain
access to a remote computers email account, then set up fake
email addresses and then they hit the send button and plaster
the Internet with their viruses, worms or Trojan horses. In my
case, there about 15 bogus email addresses on my account. They
must have sent out hundreds of thousands of spam emails from my
email address before my ISP was tipped off.

Unknown to me, my computer had been enlisted into a botnet (a
collection of robots or bots which run autonomously). The term
botnet generally refers to a collection of compromised computers
running programs. These botnets are run in the background so the
average computer user is not aware of their presence until
notified by their ISP Security people like I was. Each computer
that is compromised is referred to as a zombie computer. Zombie
computers are machines that have been compromised by a super
cracker, a computer virus, or a Trojan horse. A botnet (network)
is made of a multitude of zombie computers, often times hundreds
of zombie computers.

Zombies are used extensively to send email spam: in 2006 an
astounding estimated 80%-85% of email spam was delivered by
botnets through their zombie computer networks. When a spammer
uses a zombie computer to send spam email, it allows them to
avoid detection and also reduces their bandwidth costs as they
are using your email account to send these nefarious spam
emails. So there is also theft of services involved with botnets
hackers.

If you are notified that your system has been compromised there
are ways to rid yourself of the zombie designation. The very
first thing, as mentioned, is to ensure that you have an
anti-virus program running and that your anti-virus software is
current and up to date. You must make sure that you have set
your software up to update automatically in order for it to be
able to catch the most recent viruses that may infect your PC.
Then you need to run your virus protection program and clean out
any virus that is found. If you do not have an anti-virus
program or if you have a hard time spending the $50.00 or more
most software companies will charge you, then may I recommend
that you go to AVG dot com and download their free anti-virus
software. It is reputed to be every bit as good as the paid
kind. Actually, I recommended to my daughter recently that she
install AVG and she is delighted with it.

Another critical step to take is to ensure that you also have a
firewall set up to protect your PC from hacker attacks. The
firewalls main function is to isolate one network (compartment)
from another in your PC but still allow traffic to flow but to
make a long story short, it detects an attempt by a hacker to
access and control your system and blocks same from doing so. If
you need a firewall but have a hard time digesting the cost of
the more popular brands, then may I suggest that you go to
zonealarm.com and download their free firewall software. You may
also wish to check out the Comodo free firewall software which
can be found by going to personalfirewall.comodo.com.

In order to learn more about these topics, you wish to run a
keyword search for botnets, zombie computers, spammers or spam
email or any other appropriate term you can think of. Thanks for
reading!

About the author:
Jimmy Oakley-Author-2007- Jimmy Oakley is an Internet Marketer
that markets many of the most sought after Advance Email
Marketing and Internet Marketing Courses online: the courses he
markets are continuosly updated and never outdated. Learn the
right ways of marketing on the Internet at the most acceptable
prices you will find! Visit his Grand Slam Special Event now!
Jimmy invites you to visit
http://www.theinternetbizwizards.com/spg1.ht

Author: Jimmy Oakley

Article:

Saturday 16 June 2007

10 Scams to Screen from Your Email

10 Scams to Screen from Your Email

1. The “Nigerian” Email Scam
2. Phishing
3. Work-at-Home Scams
4. Weight Loss Claims
5. Foreign Lotteries
6. Cure-All Products
7. Check Overpayment Scams
8. Pay-in-Advance Credit Offers
9. Debt Relief
10. Investment Schemes

source: http://onguardonline.gov/spam.html

Wednesday 13 June 2007

SPAM vs HAM

What do you think when someone talk about SPAM and HAM ?

For me, I know SPAM is unwanted or junk e-mail, HAM is good e-mail. For Non-IT , SPAM and HAM is just food . Let see this.

Tuesday 12 June 2007

What's Spyware?

Software that sends information about your Web surfing habits to its Web site. Often quickly installed in your computer in combination with a free download you selected from the Web, spyware transmits information in the background as you move around the Web. Also known as "parasite software," "scumware," "junkware" and "thiefware," spyware is occasionally installed just by visiting a Web site

What's signal your computer is infected spyware. ?

1. see pop-up advertisements all the time.
2. settings have changed and I can't change them back to the way they were
3. web browser contains additional components that I don't remember downloading.
4. computer seems sluggish.

How to prevent your computer from spyware ?
1. Enable a firewall
2. Update your software
3. Tune your Internet Explorer secuiry settings, Microsoft recommends that you set the security settings for the Internet zone to Medium or higher.
4. Download and install antispyware protection
5. Surf and download more safely

Saturday 9 June 2007

Postfix and Spamassassin:

Postfix is a widely used mail transport agent (MTA) used on many popular Unix/Linux systems. Nowadays, networks are overwhelmed by SPAM mail, fortunately, there is a way to filter them with software such as spamassassin.

1. Getting Started

If your SMTP server running with postfix. There is a couple of package we need to install: spamassassin and its client spamc

$sudo apt-get install spamassassin spamc

spamassassin package includes a daemon which can be called by user programs such as procmail... but can also be integrated into a Mail Transport Agent such as postfix.

2. Using spamassassin as a standalone daemon

In this part of the tutorial, we are going to make spamassassin run as its own user (default on debian sarge is root), configure some settings and make postfix use spamassassin as an after-queue content filter, which means that the content is going to be filters through spamassassin after postfix has dealt with the delivery.

2.1. Setting up spamassassin

Installed spamassassin from debian repository, on default settings, spamassassin runs as root user and is not started. To fixed the problem, to create a specific user and group for spamassassin. As root user, run the following commands:

#groupadd -g 5001 spamd
#useradd -u 5001 -g spamd -s /sbin/nologin -d /var/lib/spamassassin spamd
#mkdir /var/lib/spamassassin
#chown spamd:spamd /var/lib/spamassassin

Change some settings in /etc/default/spamassassin and make sure you get the following values:

ENABLED=1 SAHOME="/var/lib/spamassassin/"

OPTIONS="--create-prefs --max-children 5 --username spamd --helper-home-dir ${SAHOME} -s ${SAHOME}spamd.log"

PIDFILE="${SAHOME}spamd.pid

When run spamd daemon as user spamd and make it use its own home dir (/var/lib/spamassassin/) and is going to output its logs in /var/lib/spamassassin/spamd.log

2.2. Configuring spamassassin

Setspamassassin some rules. The default settings are quite fine, but you might tweak them up a bit. So let's edit /etc/spamassassin/local.cf and make it looks like that:

use_bayes 1
use_bayes_rules 1
# Enable Bayes auto-learning
bayes_auto_learn 1
# Enable or disable network checks
skip_rbl_checks 0
use_razor2 0
use_dcc 0
use_pyzor 0

Here, we set spamassassin' spamd default settings to rewrite email subject to [***** SPAM _SCORE_ *****], where _SCORE_ is the score attributed to the email by spamassassin after running different tests, only if the actual score is greater or equal to 2.0. So email with a score lower than 2 won't be modified.

To be able to use the _SCORE_ in the rewrite_header directive, we need to set report_safe to 0.

In the next section, we tell spamassassin to use bayes classifier and to improve itself by auto-learning from the messages it will analyse.

In the last section, we disable collaborative network such as pyzor, razor2 and dcc. Those collaborative network keep an up-to-date catalogue of know mail checksum to be recognized as spam. Those might be interresting to use, but I'm not going to use them here as I found it took long enough to spamassassin to deal with spams only using it rules.

Start spamd with this command:

#/etc/init.d/spamassassin start

We are almost done, we still need to configure postfix in such a way that it will pass all mails delivered to local mailboxes to spamassassin.

3. Make Postfix call Spamassassin

Now, we need to tell postfix to use spamassassin. In our case, spamassassin will be invoked only once postfix has finished with the email.

To tell postfix to use spamassassin, we are going to edit /etc/postfix/master.cf and change the line:

smtp inet n - - - - smtpd

to:

smtp inet n - - - - smtpd -o content_filter=spamassassin

and then, at the end of master.cf, let's add:

spamassassin unix - n n - - pipe user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}

and here we go, our spam filter is setted up, we need to reload postfix settings and everything should be ready.

#/etc/init.d/postfix reload

Anti-Spam for Outlook Express (Episode #2)

SPAMfighter Standard if you are looking for a Outlook/Express tool to remove spam from your inbox, look no further. SPAMfighter is the tool you are looking for. Simple, reliable and efficient.
A lot of anti-spam products rely on filters and other rule based technologies, but spammers work every day to stay out of these filters. What works one day doesn't work the next. SPAMfighter Standard is an Outlook utility software that filters spam and phisning attempts.

SPAMfighter works completely different. SPAMfighter is using the power of a very large community of people that instantly report if they receive a spam mail. When several people have reported the same spam mail, it's automatically filtered for the rest of the community.

The key features of "SPAMfighter Standard":

SPAMfighter Standard is 100% free for private use· Award winning spam blocking technology· Protects against "phishing", identity theft, and other email fraud· Used by more than one million happy users around the World· Protects all the email accounts on your PC

Unique language filtering tool that empowers you to stop emails written in specific languages· Unique picture filter that can recognize spam which is sent as a picture· Automatic "real mail" protection - means no lost business mails!· Blacklist domains and emails

Spam Abuse Reporting with one click· Automatic Whitelist management· Privacy Guaranteed - we don't see any of your email· Does not filter based on simple phrases or "trigger" words. Allows any content

Language support: English, German, Spanish, Chinese, French, Italian, Greek, Dutch, Swedish, Norwegian, Suomi, Russian, Bulgarian, Portuguese, Japanse and Danish

System Requirements:

Email client: Microsoft Outlook, Outlook Express and Windows Mail

Memory: 64 MB minimum

Disk Space: 10 MB

Limitations:

SPAMfighter Standard is 100% free for private use.

Anti-Spam for Outlook Express

If you face spam while using MicroSoft Outlook, Outlook Express or Eudora.

you may try Spampal for filtering spam .

System Required:

A machine running Windows 95, 98, ME, NT, 2000, 2003 or XP.
A POP3 or IMAP4 mailbox.
A standard email program such as Outlook, Outlook Express or Eudora

How does SpamPal work?

SpamPal sits between your Outlook express and your mailbox, checking your email as you retrieve it. Any email messages that SpamPal detect to be spam will be "tagged" with a special header; you simply configure your email client to filter anything with this header into a separate folder and your spam won't be mixed up with the rest of your email anymore!

Q: how does SpamPal know what is spam and what isn't?
A: It uses what are called DNSBL lists. Patterned after the famous MAPS RBL, these are lists of parts of the Internet that in one way or another facilitate spam.

Any email you get from a machine on one of these lists has an increased probability of being spam. Some ISPs already block all email from machines on some of these DNSBL lists, but many do not.

How to protect your e-mail address from spammer.

• Only share your primary e-mail address with people you know. Avoid listing your e-mail address in large Internet directories and job-posting Web sites. Don't even post it on your own Web site
• Set up an e-mail address dedicated solely to Web transactions. Consider using a free e-mail service to help keep your primary e-mail address private. When you get too much spam there, simply drop it for a new one.

• Create an e-mail name that's tough to crack. Try a combination of letters, numbers, and other characters eg. 2g0al@example.com (substituting zero for the letter "O"). Research shows that people with such names get less junk e-mail.

• Disguise your e-mail address when you post it to a newsgroup, chat room, blog, or other public Web page-for example, BeeGood At GoodDomain DoT com. This way, a person can interpret your e-mail address, but the automated programs that spammers use often cannot.

• Watch out for pre-checked boxes. When you buy things online, companies sometimes pre-select check boxes by which you indicate that it's fine to sell or give your e-mail address to responsible parties. Clear the check box if you don't want to be contacted.

IT Security