Business Security Information

Keyloggers monitor computer activity by capturing the keystrokes of the computer user.  The captured information is then sent to some individual(s) who should not have access to this information.  This should be a concern to all computer users who log into and access email accounts, online accounts, bank accounts, and other such information that should not be shared with others.  With a keylogger, someone else can capture this information and use it to gain access to any account or system that has been logged into.  Also, depending on the keylogger capabilities, all the information the user views can  be captured and sent to these individuals.  Keyloggers allow others to bypass security measures you have in place, and that is never a good thing.

GFI has two e-mail security services—MailEdge and MailProtection.  We were given a choice between the two when we registered for a free trial.  We chose GFI MailProtection.  Once we had logged into our account and configured a domain, we were then given, under the Domain Management tab in the Services settings, an option to change from Full (MailProtection) or Edge (MailEdge) protection.  Depending on which one was chosen, additional options were available to configure prior to saving the setting.  The only real difference we noted between GFI MailProtection and GFI MailEdge is that GFI MailProtection also provided virus protection where GFI MailEdge did not.  Both products are marketed to small and medium sized-businesses.

Despite its complicated pronunciation, the word obfuscate merely means is to change, alter, modify, or obscure.  In business, you probably use this more than you think.  On the web, businesses often use URL shortening services which take a long URL (website address) and make it a short one.  These shorter URL’s are then used in an e-mail or instant message, on a blog, or on social media sites such as Facebook.  Twitter is probably one of the most popular places URL shortening (obfuscated URL’s) services are used since you are limited on the number of characters you can put in each tweet.  I have also seen it used in e-books and other informational products that are downloaded off the web.  URL shortening services hide the original and often long URL.

Well, we have had a good Thanksgiving meal, and most everyone has headed off to bed so it is now time for me to get down to writing this article.  Yesterday I received an e-mail from a friend stating she was out of the country visiting a friend that was ill.  Her friend was in need of surgery, and they were trying to recruit a surgeon from Israel and were in need of $2800 to pay for this necessary surgery.  First, I was suspicious that this was a fraudulent e-mail because I had just seen the person and knew that she had no plans of heading out of the country.  Secondly, the e-mail requested $2800 dollars which is a very small amount for a surgery, especially since the e-mail had an urgency about it leading the reader to believe that it may be a matter of life and death.  The return e-mail was also suspicious because the return address was a generic Yahoo e-mail address.

Malware is a term you hear a lot in the security field, and I am not always sure if everyone understands what the term means.  Malware is basically a generic term used to describe a variety of bad software that is meant to damage, annoy, or infiltrate a computer or network without the user’s consent or knowledge.  Malware includes software such as viruses, worms, trojans, spyware, rootkits, adware, crimeware and any other type of malicious software.

It is usually not the purpose of this blog to write about every type of virus or malware that is discovered–there are  plenty of websites out there that do a good job of that.  Sometimes, however, I do like to make note of malware that I feel can affect your business in a broad way.  I wrote about the conflicker worm back in May of this year for similar reasons.  Some of the security measures that I mention in both articles will help protect your business from a variety of malware, not just the ones noted in these two articles.

Kaspersky Lab, an anti-virus/malware company, recently published a “Stop Cybercrime Guide” which I have read, and I think is an excellent overview of many of the computer security threats a business, home office or individual users may face.  Information covered in this short, 10-page document includes:

• Types of malicious programs and how to protect yourself against them.  Some of these protections you may have heard of before, such as installing security software, updating your software, backing up your data, and not using the administrator account except when needed, which I discussed in a previous article.

Scams abound in today’s society, but the scams of today are not that different from those of the past. The only difference is the method of delivery and the number of people that can be reached at one time.  Today’s technology now allows large numbers of people to be reached all at once through “phishing,” one of the most popular scams.  Phishing is a form of e-mail fraud in which the scam artist tries to obtain personal and financial information from someone.  It generates millions of dollars even when only a low percentage of people respond to the phishing e-mails.