Just a heads up that there is a new wave of viruses spreading to web sites and through html email (that’s any email that has any pictures, graphics, special fonts). Many times the virus is spread through a website that’s been infected unbeknownst to the web site owner.
To best protect yourself and prevent the spread of malicious viruses, you should utilize the following four tactics:

• Install virus protection and keep it up to date. My favorite anti-virus programs are from Trend Microand Computer Associates. For more information on some of their products, check out this review.
• Use an internet browser with a pop-up blocker (don’t forget to enable it!) or install a third-party pop-up blocker.  I personally use the Google Toolbar on top of the built in Internet Explorer pop-up blocker (version 6 and up).
• Use Anti-Spyware programs like Ad-Aware and PestPatrol.
• Make sure you download the latest patches and security updates from Microsoft if you’re using the Windows platform.

Everyone, and I mean everyone should have anti-virus software installed if they use a computer that is networked in any way, shape, or form. (If you’re reading this you are on the largest network alone- the Internet!) If you don’t, you are not only putting yourself and your data at risk, but pretty much are putting the rest of us at risk as well (especially those you have the most contact with via email or other online communication).

Even if its been a long time since you installed it or updated it -perhaps you bought a computer in 2001 with Windows 2000 (or worse, you may still have Windows 98) on it and you had a ‘trial’ version of some anti-virus software that you’ve never upgraded or updated- you should probably consider one of the new generation anti-virus programs.

My current favorites are from Trend Micro and Computer Associates.

Trend Micro has a place on my recommended list because when some of the other big companies seemed to be just sitting on their laurels, Trend Micro was making great advancements and incorporating new technologies into their products. Plus I have a soft-spot for a company that gives you free tools and good prices. Trend Micro was the first anti-virus to offer a free online scan- with Housecall. Although scanning online will not protect you from viruses, it will let you find and destroy them if you’re already infected. Plus its nice to have a ’second opinion’ for peace of mind if you do have some sort of outbreak with another anti-virus product.
Anyway, your best bet is to install their PC-cillin Internet Security which gives you all-in-one antivirus, antispam, firewall for your PC and PDA. They are also offering $25 Competitive Upgrade Rebates until the end of 2006, if you need that nudge to upgrade that five year old version of McAfee you are fooling yourself into thinking is protecting you.

The second company I prefer is Computer Associates. They also have Internet Security Software that is effective, easy to use, and affordably priced. They also acquired Pest Patrol and have started incorporating anti-spyware into their products as well as offering FREE Scans. I currently run EZ Armor myself with PestPatrol on the side.

Yet another company is using deceptive practices to try to scam website owners out of their hard-earned money.

A letter comes in the mail with your domain name at the top. The letter says something like “Website Listing Service” at the top right. The first paragraph on the letter is “How to make a Payment”.

Basically, these companies are taking advantage busy business (and website) owners that can’t always keep track of every detail or have simply delegated the task of paying the bills to someone else. These companies (ILSCORP/ LISTINGCORP) are trying to trick you into thinking you OWE them for services previously ordered, when in fact the “payment” is to purchase their worthless service. In fact, on the back of the letter, it legally is required to say “THIS IS NOT A BILL. THIS IS A SOLICITATION”.

Always watch out for any charges or ‘renewal notices’ associated with your domain name, especially if they are by phone, fax, or postal mail. Almost ALL registrars and hosting companies use email for their official correspondences.

I’ve been seeing an increasing trend in a phishing technique used to trick you into giving your eBay login account information.

The email comes disguised as a “Question from eBay Member”. eBay allows bidders and sellers to communicate somewhat anonymously by offering this tool for legitimate use. The spoofers are creating a lookalike email to the ones created using the legitimate mail. Often they say something like “I’m still waiting the package to arrive What happened? Please mail me ASAP or I will report you to ebay.” or simply “What happened with that item?. Please respond I’m desperate!”

Basically, they are just trying to get you to use the “Respond Now” button in their email which takes you to what looks like an ebay login page but is a forgery of ebay on the senders own server (in a country like Taiwan). Instead of logging you into ebay, they are just collecting your ebay user account and password if you type them in on this forged page.

The phishers send this to any email address they have in their spam database, they are not necessarily the address someone has used for ebay (that makes it easy to spot). They may send it to people who never use eBay. The point is, if they spread a wide enough net, they will get it sent to someone who DOES sell on eBay and who would WANT to respond to someone who is threatening to report them as a ‘bad seller’.

Always check the true domain name of any links or buttons in an email message (if you hold your cursor over a link in Outlook, it will often pop up the URL destination.) Or better yet– create and use your own bookmarks for online services you use– whether its eBay, Paypal, your credit card company, etc. Then if you receive a message that appears to be from a company you have dealings with, just don’t use the link in the email. Go out to your browser and use your OWN bookmark to access the login page, etc. Any notices or messages that were legitimately sent to you by the company should be available within your account.

Ok, now they are getting ballsy. “Domain Registry Support”, the same name used by a company that uses deceptive faxes that imply that your domain is “expiring” unless you respond immediately (usually they put that day’s date on it), is now Calling people via telephone. The number came through my caller ID as +001819 which I hesitated to even answer. They act at first as if they just want to “confirm” your registry details (posing this question was as far as they got with me). From other reports on the web, after ‘confirming’ the information (which is made publicly available according to ICANN requirements, so anyone can get it), they try to trick you into giving your credit card information or registering for more domain names with them (at inflated prices, of course).
Please be wary of ANY phone calls, faxes, or postal mail regarding your domains and hosting. Generally, legitamite contact from your registrar or hosting company comes via email only. Never give your credit card information to ANYONE who has initiated a call TO you– whether they say they are a charity, a business, or otherwise. If you really think it is a legitamite company calling, they can mail you the information needed to donate or pay, or you can initiate a call to them using information you obtain through a bill or official record you have on file (not a number they give you on the phone).