:: Computer Kung Fu - Essential Training for the Computer Age

Computer Kung Fu For Beginners

- White Belt Edition

by Dave Thompson

Dave Thompson's How 2 Columns

HOW 2...Spot celebrity viruses - Originally Published: 05 Aug 2008

Scammers are using ever-smarter ways to get to internet users' money, writes Dave Thompson.

This week, I'm taking a closer look at some of the scams currently doing the rounds. Years ago, viruses were merely annoyances that would, on occasion, trash your data, although the majority were unexciting because they didn't do much except try to propagate themselves. The people who wrote viruses were not necessarily the people who released them into the wild. Virus authors are usually misunderstood geniuses who just want to code something that exploits flaws in Windows and gives them "kung-fu" status among the black-hat fraternity. The people actually releasing them are, more often than not, nobodies who got hold of the code and deliberately spread it in order to cause mayhem. Like everything, times have changed - now everything is about money. We aren't talking about small change either. There is literally billions to be made from scamming web users, new and old alike, out of their hard-earned cash.

During the past 12 months or so we have seen a shift in the way viruses are written and released. While there are still thousands of "old style" viruses constantly flying around the web, looking for a vulnerable machine or owner to exploit, most people are hip enough to avoid them. Today, viruses want to get in and download other applications through the "back-door". Soon your desktop picture has changed to a virus warning and you get messages that some "threats" have been detected, and you should scan them with software downloaded from convenient links provided in the error message, though often the software is already installed. It looks very professional and genuine. Some of these fake programs look more genuine than legitimate software. The warning dialogues look genuine, too, and match Windows' graphics perfectly. There are many variations, but they all follow the same premise - the virus gets in and infects your machine and you are prompted to download software to fix it. You scan your machine and the software reports many infections but you must pay X dollars before anything will be fixed. Regardless of whether you pay or not, the software will keep downloading newer versions of itself, until it bogs your machine down or it won't start at all. You may find that you can no longer access the Task Manager, Control Panel, or Display Properties and your anti-virus software has stopped working or is throwing up errors. This is the virus protecting itself by preventing you from using Windows-based tools to get rid of it.

The main way this scam is spread is by infected email attachments and infected applications downloaded from illegal "warez" sites (warez is copyrighted works traded in violation of copyright law). It's easy enough to reverse- engineer the set-up files for some popular application, like Adobe Photoshop, insert the virus into it and re-release it to the web. Because the virus is fragmented in the file, scanning with your AV software won't reveal anything, but as soon as you double-click on it though, the virus is assembled and activated and infects Windows system files. Removal is usually difficult and best left to professionals lest more damage to your system be done. Other scams are never far away, usually modern variations on older cons that many of us already know, like pyramid schemes, Nigerian mail swindles, fake lotteries, bank phishing cons and Russian bride stings. The latter has caught many Kiwi blokes and I reckon most are not reported due to their embarrassing nature. This is where either via a dating agency or by answering a phishing type email, a lonely older (usually) man will be "worked" by Russian or Eastern European girls who say all the right things and end up asking for money so they can escape their homeland and live happily ever after with their new beloved in New Zealand. Of course, once the money - usually in the thousands - is sent, that's the last our lonely hearts hear from the girls, who are probably working a dozen or more men at a time. While most scams play on our greed and gullibility, this scam is particularly nasty because it destroys something many of us don't have a lot of - hope.

The bottom line is that if something sounds too good to be true, it usually is. An email asking you for the use of your bank account to transfer millions of some Nigerian prince's dollars, or congratulating you on winning Euro 50 million in a lottery you never bought a ticket for, or a beautiful woman asking you to send her $5000 for air fares, should ring warning bells. The basic rule is; never send money to someone you don't know, never give out any of your passwords and don't be reckless with your credit card numbers. With millions of new users signing up to the internet every day, it seems the scammers have an endless supply of victims. Please don't be one of them; before doing anything, check out an anti-scam site like www.snopes.com and do some research - it may save you thousands.