Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Here is something out IT guy at work sent us all a few months ago. Deborah Gebhard Solana GSD, Mich http://www.bonanza.com/booths/ChHaley From: joe ashton Sent: Wednesday, July 06, 2011 9:07 AM Subject: Malware Myths A few of you have been hit by some nasty malware recently. Here is a blurb about how this occurs. I do not agree with the fellows assessment of free antivirus scanners, however, as I have been safe from malware and use nothing but free utilities and I do regularly investigate malicious sites. IT Security & Network Security News & Reviews: 11 Internet Security Myths That Delude Computer Users By Fahmida Y. Rashid <http://www.eweek.com/cp/bio/Fahmida-Y.-Rashid/> on 2011-06-28 Many surveys have highlighted the fact that end users are not security-conscious and do not think about the implications of their online activities, making them vulnerable to attack by cyber-criminals. A recent survey of nearly 16,000 users in 11 countries by G Data Software uncovered a startling fact: Users are thinking about security, but what they know is light years out-of-date or completely wrong. "The majority of Internet users, regardless of age, sex or nationality, are aware that there are threats on the Internet," G Data's researchers wrote in the report. However, a lot of what they think they know may have been true in the nineties and in the first decade of the new millennium but has not been true for the past several years, the researchers said. As a result, end users are relying on "very out-of-date facts" to protect themselves, the researchers noted. Only a small percentage understands the nature of current online threats or how to effectively protect them from computer malware, the report found. "A high level of awareness here can surely do no harm," they wrote. Below, eWEEK identified the top 11 myths about online security and paired them with up-to-date facts pulled from the "How do users assess threats on the Internet?" report. Myth 1: I Will Know When I Am Infected (93 Percent) Almost all Internet users around the world are convinced they will know when their computer is compromised, when in actuality, modern malware is stealthy and hard to detect. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths01 .jpg Myth 2: Free Security Software Is as Good as Paid (83 Percent) Most users feel there are no specific differences between paid security software and free antivirus applications, not realizing they don't get Web filtering, anti-spam or behavior-based analysis with the free tools. //From Joe: I do not agree with this one. McAfee and Symantec are the two biggest paid protectors and they both really suck. Avast free antivirus has all the elements of protection that they claim do not exist, including URL validation. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths02 .jpg Myth 3: Malware Comes From Email Attachments (54 Percent) A little over half of users still believe that email attachments are the primary distribution mechanism for malware. While it's still a problem, the biggest problems nowadays are emails with links to malicious Websites. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths03 .jpg Myth 4: Just Going to a Website Can't Infect You (48 Percent) Almost half of Internet users believe it is necessary to actually do something on a rogue Website to be infected, when many attacks can trigger drive-by downloads just by loading the page. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths04 .jpg Myth 5: Malware Comes From Illegal File Sharing Sites (48 Percent) While a large volume of malware is distributed by torrent sites and other peer-to-peer networks, they aren't the the only sites that contain malware. The majority of malware comes from normal-looking Websites. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths05 .jpg Myth 6: General Audience Sites Are Safer Than Adult Content (37 Percent) Users tend to think that adult content sites are rife with cyber-criminal activity even though they are usually better designed and much more secure than hobby and leisure sites. The industry tends to protect their customers better. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths06 .jpg Myth 7: Firewalls Stop Drive-by Downloads (26 percent) While firewalls are important for security, it can't detect a drive-by download because it's concealed among normal Web traffic. A firewall also can't detect malware trying to phone home. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths07 .jpg Myth 8: Stay Safe by Not Visiting Risky Sites (13 Percent) Users often blame the victim for getting infected by going to "risky" sites. Cyber-criminals don't limit their attacks to certain sites, but compromise whatever yields the most victims, even highly trusted sites. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths08 .jpg Myth 9: Don't Open Files (22 Percent) Many users think you have to open an infected file to be compromised. That's true in most cases, but attackers can also exploit existing security holes to remotely execute a file without the user's intervention. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths09 .jpg Myth 10: Infected USB Sticks Are Most Prevalent (13 Percent) While it was true at one point, now that autorun is not the default setting on most modern systems, this is no longer the most common method of infection. Websites are. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths10 .jpg Myth 11: Consumers Are Safe (8 Percent) Thankfully not many users believe this myth. While criminals are interested in corporate networks, all users are fair game and consumer computers contain credit card numbers and make great zombies. http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths11 .jpg Joe Ashton IT Dept Mgr Discount Paper Products 800-752-7655 x133 46750 Humboldt Dr Novi, MI 48377 http://www.discountpaper.org ============================================================================ POST is Copyrighted 2011. All material remains the property of the original author and of GSD Communication, Inc. NO REPRODUCTIONS or FORWARDS of any kind are permitted without prior permission of the original author AND of the Showgsd-l Management. ALL RIGHTS RESERVED. Each Author is responsible for the content of his/her post. This group and its administrators are not responsible for the comments or opinions expressed in any post. ALL PERSONS ARE ON NOTICE THAT THE FORWARDING, REPRODUCTION OR USE IN ANY MANNER OF ANY MATERIAL WHICH APPEARS ON SHOWGSD-L WITHOUT THE EXPRESS PERMISSION OF ALL PARTIES TO THE POST AND THE LIST MANAGEMENT IS EXPRESSLY FORBIDDEN, AND IS A VIOLATION OF LAW. VIOLATORS OF THIS PROHIBITION WILL BE PROSECUTED. For assistance, please contact the List Management at admin@xxxxxxxxxxx VISIT OUR WEBSITE - http://showgsd.org SUBSCRIPTION:http://showgsd.org/mail.html NATIONAL BLOG - http://gsdnational.blogspot.com/ ============================================================================