AOL AIM Users Beware

If you are a user of AOL's instant message product AOL, you will probably receive a message claiming that your account has been made inactive and that you need to download and launch the latest update for AIM. It is entirely possible that you will get one of these messages even if you don't have an AIM account (I did).

IGNORE and DELETE this message right away.

Here is the body of one of these messages (Any active links in the messages have been disabled):

Dear AIM user,

Your AIM account is flagged as inactive. Within the following 72 hours it’ll be deleted from the system.

If you plan to use this account in the future, you have to download and launch the latest update for the AIM. This update is critical.

In order to install the update use the following link. This link is generated exclusively for your account and is available within a certain period of time. As soon as this link is not available anymore you will get another letter.

Thank you,

AIM Service Team

This e-mail has been sent from an e-mail address that is not monitored. Please do not reply to this message. We are unable to respond to any replies.

A quick peek at the message source shows that clicking on the contained link to download will actually hook you with update.aol.com.hasdxzzw.im. The key part here is hasdxzzw.im - this is a domain supposedly registered through a registrar on the Isle of Man. Highly unlikely that they have anything to do with AOL or AIM.

For the record, the proper link to download valid AIM software is http://products.aim.com/windows.

Surf Safe!

IE Security Woes

That more security flaws have been found and exploited with Microsoft's Internet Explorer browser is hardly news. That these new flaws have played a major negative role in a potentially nasty diplomatic event is news.

To recap, Google has recently announced that they are considering pulling out of China "following a "sophisticated and targeted" cyber attack originating from the country" [read more]. Needless to say, this has generated more than a little concern within the Chinese and U.S governments as well as on the Internet. The fact is that hack attacks believed to originate from Chinese sources against industry and government sources is nothing new. What makes this attack newsworthy, besides the target, is the revelation that flaws in Microsoft's Internet Explorer was an integral factor in making the attacks possible.

"Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks," said Microsoft's director of security response Mike Reavey in the post. [read more]

What can you do to avoid becoming a victim of hackers exploiting Internet Explorer flaws? The simplest solution is not use IE. There are alternative browsers available. Most noteworthy of these is Firefox.

While antivirus and firewall products are great protective tools, it is important that you use relatively secure programs, as well. And never forget that the single most important security component is YOU.

Surf safe!

UPDATE January 17, 2010: The German government is now warning users of any version of Microsoft Internet Explorer internet to find an alternative browser [read more].

Cutting Into Spam

Does it seem as if you are receiving more and more spam every day? Is your inbox becoming clogged with messages promoting cheap drugs, sex videos, offshore pharmacies, Viagra, get rich schemes, body part enlargements, work at home scams guaranteed to make you wealthy in 2 weeks and so on and so forth?

There are some simple steps that anyone can take to cut into the flood of spam. Individually, each step helps but if layered together, your control over spam drastically increases.

1. If you have choices, deal with a service provider that provides some level of spam filtering. While hardly foolproof, this is a good start.

2. Do not use your primary personal email address when registering on web sites. Use a free email account from gmail, yahoo or hotmail. Best of all, if this free address becomes spam clogged, you can simply stop using it and create a new address.

3. Even if your ISP provides spam filtering, you can add a layer of protection by using personal spam filtering tools. Some of these tools function as a plugin for your favorite email client, others work as stand alone programs. There are many free and paid products available but be sure that you are are dealing with a reputable source such as CNET Download.com.

4. Do not reply to any spam messages including the 'unsubscribe' message that is usually found at the bottom of the message. All this does is confirm to the spammer that yours is a valid email address that is being read.


Spam is never going to go away. For every spammer that we shut down, another one crawls out from the sewers. But you do not have to be a victim, you can fight back.

2007 Flatcoat Retriever Society of America Specialty

2007 Flatcoat Retriever Society of America Specialty

Okay, it's still almost a year away but now is the time to start making your plans to attend the 2007 Flatcoated Retreiver Specialty. The 2007 Specialty will be held in Minnesota June 8 - 15, 2007.

You can find out more by visiting

2007 Specialty Website

Check the site often as updates will be posted as they become available.

A new internet threat is looming for 2/3/2006

It's generic name is "Blackworm" and if the folks at the Internet Storm Center are right - and they usually are - it is going to become a serious problem on February 3, 2006. While the actual number of people that will be affected is not as great as for some earlier threats, those that are affected are going to be seriously hurt.

"Blackworm" is set to activate on February 3, 2006 and when it does, it will begin deleting files on the hard drives of infected computers. It will also harvest email addresses and attempt to send itself to the addresses it finds. A very decent technical writeup can be found HERE.
The writeup includes the files types that will be targets, names of attachments and subject lines. You can also find links to Symantec's removal tool.

What can you do to protect yourself? Here are a few simple steps:

1. Do not open any attachments that you receive with your email.

2. Update your virus scan patterns at least daily.

3. Run a full scan of your personal computer right now to make sure
that you are not already infected.

4. Make sure that your ISP is providing frontend virus scanning. If not,
dump them and find one that will.

5. Don't Panic.

For the long haul, two additional steps will help significantly: disable ActiveX in Windows and do not send or accept html formatted email (use text only).

Right now it looks as if the large majority of infected computers are located in India with a fair number right here in the good old USA. It is anticipated that it will spread even more prior to February 3, 2006.

The internet can be a downright unfriendly place to visit but if you take common sense steps such as always using antivirus protection, you can deflect much of the risk and make the most of your time on the net.

Created: January 27, 2006
Updated: January 27, 2006

(c)2006 Dogsoldier.com

Misleading Advertising Does Not Make The Internet Any Safer

Anyone who has spent time watching the flood of college and pro football games during the end of December and start of January has undoubtedly seen advertised from a certain mega-huge service provider warning folks about the dangers of high speed connections. I believe the tagline goes something like this: "after all, these things come at you much faster now". The ad goes on to talk about spam and virus scanning, blocking spyware and fighting popups. The entire time the viewer is led to believe that these problems increase radically with a high speed connection and that only the mega-huge service provider can protect them.

Repeat after me: B as in B, S as in S.

The speed of your connection has nothing to do with making you more vulnerable to these problems. Whether you are on a T1 or a 28.8 dialup, the delivery method is the same and none of the problems hit until they are actually downloaded to your machine.

If Joe decides to send you three (3) virus emails, a faster connection only means that you will download them quicker. Once they get to your machine, the connection no longer matters as your local software takes over.

Of more impact is the fact that you are usually talking a fulltime connection when you talk higher access speeds. This can expose your machine to hackers who search through the IP blocks known to be associated with broadband or DSL. But folks, this is not what the commercial is talking about.

So before anyone falls for this misleading advertising, you are not inherently at any more risk with a faster connection then you are with a slow dial-up line. The steps necessary to protect your local machine are exactly the same regardless of connection speed. For instance, virus scanners must be used and kept up to date.

To the folks that are lucky enough to have been raised with the modern technology, these probably does not seem like a big issue and you are right. But to those who are new to the internet or not very technically savvy, scare tactics can be effective.

The internet does not need any more scared users, we need users who have a basic understanding of what is going on and are able to surf and email with confidence and safety.

"Illegal Websites" Virus

The virus writers are certainly busy these days.

One of the latest of the mass-mailing worms is sober.x. This is a variation of the earlier sober.c worm that hit email inboxes during 2003.

sober.x usually claims to be from a 'Steve Allison' who supposedly works for a government agency such as FBI or CIA, and warns the reader that the agency has been tracking visitors to illegal websites. The message goes on to say that the recipient has been tracked visiting a number, usually 30, of these websites and demands that the recipient answer a list of questions. Needless to say, the message itself is pure, unmitigated BS. The aim is to get the recipient to open an attached ZIP file and allow the virus to install on their PC.

Once the little beast has made a nest for itself, sober.x may attempt to disable security and firewall programs, replicate itself by sending messages to contacts found in e-mail address books, block access to various security web sites, and open security holes that allow outsiders to gain unrestricted access personal information stored on the PC.

The FBI has issued a warning about sober.x:

"The FBI today warned the public to avoid falling victim to an on-going mass e-mail scheme wherein computer users received unsolicited e-mails purportedly sent by the FBI. These scam e-mails tell the recipients that their Internet use has been monitored by the FBI and that they have accessed illegal web sites. The e-mails then direct recipients to open an attachment and answer questions."

"The e-mail appears to be sent from the e-mail addresses of mail@fbi.gov and admin@fbi.gov. There may be other similarly styled addresses. The recipient is enticed to open the zip attachment which contains a w32/sober.jen@mm worm. The attachment does not open and its goal is to utilize the recipient's computer to garner information. Secondly, the virus allows the e-mail to be forwarded to all those listed in the recipient's address book."

There are a variety of Subject Lines that are used in the delivery package including:

* hi, ive a new mail address
* Mail delivery failed
* Paris Hilton & Nicole Richie
* Registration Confirmation
* smtp mail failed
* You visit illegal websites
* Your IP was logged
* Your Password

As is all too often the case, only PCs running any flavor of Microsoft's Windows can be infected. (One must wonder how much longer consumers will put up with Windows truly horrendous security track record. It also begs the question "why would anyone trust any Microsoft product to be secure?")

Most anti-virus products are either able to detect this beast now or will be able to very soon. As always folks, keep those definition files up to date and NEVER open an attachment unless you are positive about what it contains and where it came from!

Acouple of things to keep in mind. First, if you are like most folks connected to the internet you are using a dynamic IP address. This means each time you connect, you get a different IP address which makes it pretty darned tough to track anything that you do. Second, no government agency will ever send a message like this. If they really are concerned about your activities, you are much more likely to receive a personal visit.

Most of our clients are Windows users. Despite grave misgivings about the security of Windows, we do understand that many, if not most, folks, there really is no other viable option. All operating systems contain security concerns. But this should not deter people from using the internet. Simple precautions such as using anti-virus software and/or firewalls, will go a long way towards providing reasonable security. Dealing with service providers who include frontend anti-virus and anti-spam filtering is another good precaution.

But in the end folks, your online security is your responsibility. It is up to you to make sure that reasonable precautions are in place, that anti-virus products are up to date and that you are not opening any attachments.

Rich
Dogsoldier.com LLC