The Dark Side of the Internet

Spam
Malware

Viruses, et al.
Spyware / Adware

Phishing
Cracking
Network Service Attacks
Privacy

Spam - is unsolicited, bulk e-mail. There are several types:

Just plain text, or links to vendors
- Advertising, come-ons
  "Enhance your anatomy!"
  "Buy meds without prescription!"
  "Hot stock tips!"
- Scams, especially "advance fee fraud"
  Much like phone fraud, high-pressure sales.
  "Need your help transferring funds out of country!"
  "Earn money fast with our new plan - just send $___!"
- Chain letters and hoaxes
  "Beware of this new virus - warn your friends!"
  "Child sick with ___ is collecting ___ - send this on!"
- Porn
Misleading links
- Link text indicates one web site, actual link points elsewhere
- Phishing
- Link leads to malware
Toxic attachments
- Executable files that install malware
- Application files containing scripts
  MS Word "macros", other application macros

Phishing - scams to obtain personal info

No real bank or vendor asks you to "verify your information"
Tip-offs:

Misspelled words, poor grammar
Link text != link target

Phishing Examples

Privacy - Do you know where your info is?

Who has it?
- Financial institutions
- Merchants
- Schools
- Medical providers
- Credit bureaus
- Governments
Are they secure?
Identity theft

Credit cards
Social Security number
Personal info used to verify your identity
Birth date
Family names
Zip code???

Viruses, Trojans, Worms - Automated delivery of unwanted software.

Definitions - the lines are blurred...
- Viruses - get carried in on removable media, make copies of themselves on other disks
- Worms - send themselves over the network, e.g. via e-mail, vulnerable network services
- Trojans - hide in "useful" software, provide a backdoor for others to use your machine
How to get infected:
- Application scripts ("macros")
- Browser scripts
- Vulnerable network services
- Lax security settings
What malware might do
- Send spam - with your name on it
- Send itself to other computers
- Take part in denial-of-service attacks
- Place expensive phone calls - e.g. to 1(900)
- Visit web sites - e.g. to get paid for visits
- Send info about you to someone else
- Install itself all over your disks
- Damage your files
- Interfere with your computer use
- Use your computer
Safety measures

Install a virus checker - keep it up to date!!!
Make a "rescue disk" - have a CD you can boot from
Back up your files!
Write-lock diskettes that you're only going to read from
Use Mozilla in place of Internet Explorer
IE runs scripts, starts applications without being asked
Don't let your email program open attachments
Not even if you know the sender...
Save the file to disk & let your virus checker scan it
Change your file settings to show the extension
Executable attachments hide their type, e.g. xxx.txt.exe

Cracking - Gaining illicit access to computers.

Cracking != Hacking?
- Definitions:
  WikiPedia - hacker, cracker
  Jargon File - hack, hacker culture, hacker, cracker

How do they get in?
- Vulnerable network services
  Unnecessary services left turned on
  Port scan
- Trojans
  Installs an account on your machine
  Opens up a network service
- Password stealing, guessing
  Better to write your password down than pick something easy to guess!
  Beware the over-the-shoulder password snatch...
- OS or application bug exploitation
  This is what all those security patches are for...

Network and Service attacks

Network denial-of-service attacks
Attacks on the power grid

Adware and Spyware

Collects information about you, or your computer and network use, sends it to...?
- Web usage loggers
- Screen recorders
- Keystroke loggers
- Chat and email recorders
- Application use monitoring
May include "active" malware - see section on viruses, etc.

Non-info-gathering damage typically associated with spyware:

Home page replacement
Browser hijacking - sneaking in visits to other sites
Reinstalls itself if you try to get rid of it

Adware

Places ads in application windows, browser, desktop, popups...
Gathers info about your browsing, maybe about application use
Selects "targeted" ads based on that info
Triggers ad display based on your activity
Did you "invite" it in? The infamous "end user license agreement"
Surest sign of adware is the word "free"
(There are exceptions -- altruistic freeware, often open-source. E.g. Linux, Mozilla, and Apache (a widely-used Web server) are all open-source freeware.)

Spyware

Monitoring for other purposes besides ad targeting
Usually unknown to the user
Where it comes from:
- "Free" software
- File-sharing services
- Viruses or worms
- Unscrupulous adware

Employee monitoring

Uses commercial spyware tools

Reports email and web browsing

Overt, "benign" (??), information gathering tools

If they tell you about the info gathering (sort of...) is it ok?
Alexa, Alexa toolbar

Safety measures
- See virus safety measures
- Get a spyware removal program - keep it up to date
- Don't click on any buttons or links inside ads or popups!
  No, not even "Close window"
  No, not if it offers to remove spyware
  Use the window frame's close button
  Beware ads embedded in web pages or application windows
- Do a search for the name of the widget you're considering, along with the words "adware" and "spyware"
- "TANSTAAFL" - Robert Heinlein
  Beware "free" goodies - what's their motive? do you need it?
  Except...reputable free / open source software
Spyware Examples

Additional Resources - web sites with useful and/or interesting info

Spam

FTC spam info - forward deceptive spam here
UW C&C spam filter
SpamBuster / SpamAssassin - used by UW CSE

Scams

Crimes of Persuasion
US Secret Service "Advance Fee Fraud" info
Nigerian bank account scam (Google search)
The Art of Deception, Kevin D. Mitnick, William L. Simon, Steve Wozniak -- How we get tricked into becoming victims
Consumer Reports: Where to file an Internet fraud complaint
Fraudulent buyers and sellers on online shopping and auction sites
- List of common scams from FlipShark.com
- Guide to Avoiding Fraud by CarBuyingTips.com
- Article on buyer fraud by Entrepreneur.com
- Battling Fraud on eBay, part 1 & part 2, ecommerce-guide.com
- Fraudulent Escrow Site Database

Chain letters and hoaxes

Break the Chain
Chain letter links
EFF Chain letters archive
CIAC Hoaxbusters - send hoax examples here
Virus hoax info from Symantec, McAfee

Malware: Viruses, Worms, Trojans

UW C&C virus info, also here
Current warnings from Symantec, McAfee, US-CERT
Lists from Symantec, McAfee
Removal info from PC Hell
Check for vulnerable network services: try a port scan
Firewalls provide protection against network service attacks

Malware: Spyware and adware
- Info:
  From Top-ten Lists: getting infected, types of spyware
- Removal tools:
  Spybot - used at the UW
  Ad-Aware - used at the UW
  Ok to have both Spybot and Ad-Aware installed, but don't run together
  Microsoft AntiSpyware
- Reviews of these and other tools:
  Top-ten list
  PC Hell
Cracking

The Cuckoo's Egg, Clifford Stoll
The Art of Intrusion, Kevin D. Mitnick, William L. Simon
Readings on computer crime, MIT course - all points of view
Computer Intruders, Joe Flower - short essay

Privacy, phishing, identity theft

FTC:

You can get free copies of your credit reports
Currently available in West and Mid-west states.
See the Consumers Union link on credit reports below.
But beware this scam by the credit reporting companies!
Consumers Union:
Privacy Rights Clearinghouse
Anti-Phishing Working Group - report phishing here

Can we have safety and freedom?
- One way:
  Electronic Freedom Foundation
  Electronic Privacy Information Center
  ACLU warning on Real ID
- Or another:
  National Strategy to Secure Cyberspace