Another Threat

We have all seen or read enough warnings not to click on emails from unknown senders to minimize the opportunities for infections to hit our computers. Old news and the bad guys have gone a step further:
"Search results may deliver tainted links"

"Internet search results have surpassed e-mail as the main way cybercriminals attempt to victimize Internet users.

That's the upshot of an analysis of Web traffic from more than 75 million users on home and corporate networks conducted by Blue Coat Security Lab.

Researchers found criminals are poisoning the search results consumers receive when searching on Google, Bing, Yahoo and other search services — and at a rate four times more frequently than they are sending tainted links through e-mail.

The end game in each case is to get you to fall for scams or to infect and take control of your PC. "Searching is at least as dangerous as going into your e-mail in-box and clicking on things," says Chris Larsen, Blue Coat's chief malware expert....

http://www.usatoday.com/tech/news/story/2012-06-17/poisoned-search-results/55654796/1

CheenaGringo wrote:We have all seen or read enough warnings not to click on emails from unknown senders to minimize the opportunities for infections to hit our computers. Old news and the bad guys have gone a step further:
"Search results may deliver tainted links"

"Internet search results have surpassed e-mail as the main way cybercriminals attempt to victimize Internet users.

That's the upshot of an analysis of Web traffic from more than 75 million users on home and corporate networks conducted by Blue Coat Security Lab.

Researchers found criminals are poisoning the search results consumers receive when searching on Google, Bing, Yahoo and other search services — and at a rate four times more frequently than they are sending tainted links through e-mail.

The end game in each case is to get you to fall for scams or to infect and take control of your PC. "Searching is at least as dangerous as going into your e-mail in-box and clicking on things," says Chris Larsen, Blue Coat's chief malware expert....

http://www.usatoday.com/tech/news/story/2012-06-17/poisoned-search-results/55654796/1

So the moral of the story is don't go on the Internet with administrator rights. In other words if the bad guys get hold of your computer they
PROBABLY can't do much if you don't have much power. Most of us run with no passwords and with administrator. So create and use the
guest account and don't give it much power (permissions to do stuff) than if they get you they probably can't do much. Save your admin account
stuff until you need it but you probably don't cause with win 7 it will ask for the admin password to update drivers for example while logged on
the guest account. If you want to keep your admin capabilities make sure everything is current and run spybot or other such software in addition
to your virus checker and good luck. Just understand these things get everybody eventually even experts like me. I got hit with a trojan in
Seattle while building my new machine. Nothing I could do but rebuild from scratch and I had virus checker, scanned everything, real time trojan
finder, and I ran spybot and still got hit. It would not allow me to load ANY virus checker. Three hours down the drain and I am suppose to know
what I am doing. LOL

Z

P.S. Do banking on the same computer you use for the Internet and you always use admin? Well you might be allowing a key stroke recorder
trojan that will record your account and password information for your Bank Account. Got your attention now. It really is time to take this
stuff seriously. My Mom even has a seperate non networked computer for banking. She moves info to the internet using pocket drives and
such. Each time she brings info in she checks it before loading it onto the financial machine. Perfect Paranoia is Perfect Awareness.

Zed:

Thanks for your words of wisdom. Since I am the only person using this computer, I never really thought about the difference in using as admin versus guest. Guess it is time to do some security setups and see the error of my ways!

OK this is a dumb question. How do you "use" your windows computer as admin?

If you log into a user account that has administrative priveleges you are using your windows computer as admin.

Axixic wrote:If you log into a user account that has administrative privileges you are using your windows computer as admin.

Wow Axixic, beauty AND brains!

Merry

This tool works pretty well:

Remove Admin

It will remove admin rights when launching your browser and denies access to sensitive Windows areas. In other words, you can log-in to your computer with admin rights, but these rights are removed just for the browsing sessions.

Zedinmexico wrote:

P.S. Do banking on the same computer you use for the Internet and you always use admin? Well you might be allowing a key stroke recorder
trojan that will record your account and password information for your Bank Account. Got your attention now. It really is time to take this
stuff seriously. My Mom even has a seperate non networked computer for banking. She moves info to the internet using pocket drives and
such. Each time she brings info in she checks it before loading it onto the financial machine. Perfect Paranoia is Perfect Awareness.

Another way to protect your information is to use a browser that uses a virtual environment to execute it's code. A good free one can be found here: Panda Safe Browser The nice thing is it runs on a virtual Linux machine which is much less susceptible to malware, and it is isolated from the Windows operating system. On the downside, the browser window is smaller than usual, but I find this to be an acceptable trade-off for the security provided.

For those using IE, you may wish to read the following article:
http://www.msnbc.msn.com/id/47875298/ns/technology_and_science-security/#.T-Cs5WUYlaE

CheenaGringo wrote:For those using IE, you may wish to read the following article:
http://www.msnbc.msn.com/id/47875298/ns/technology_and_science-security/#.T-Cs5WUYlaE

Just run Microsoft Update and everything will be fine. You can also have it update automatically. These kind
of bugs are in all browsers not just IE.

Z