tag:blogger.com,1999:blog-37523952503803215632011-07-07T22:16:04.899-07:00Tips, tricks and other useful(less) information for the home and business pc user.Del Ticehttp://www.blogger.com/profile/16885752423389935892noreply@blogger.comBlogger21100tag:blogger.com,1999:blog-3752395250380321563.post-22226737118395821092009-06-25T22:48:00.002-07:002009-06-25T22:54:01.045-07:00Be very wary! P2P users that try to download a pirate copy of "Harry Potter and the half-blood prince" may get more than they bargin for. What is happening is that when users are asked to install a stream viewer, they are actually installing malware.<div><br /></div><div>This is yet another reason not to pirate movies on the internet. You never know exactly what you are going to get.</div><div><br /></div><div>If you think that you have been infected because of this, contact us for assistance.</div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3752395250380321563-2222673711839582109?l=compu-clean.blogspot.com' alt='' /></div>Del Ticehttp://www.blogger.com/profile/16885752423389935892noreply@blogger.com0tag:blogger.com,1999:blog-3752395250380321563.post-83703555790283912162009-06-24T15:19:00.000-07:002009-06-24T17:24:16.501-07:00The other day I received an email in my inbox that, on the surface, looked like it was from Microsoft. Even though Google Apps is extremely proficient at redirecting these to my spam box, it does miss the occasional. As a 20 year veteran in the IT field, I never assume that an email is legitimate without checking several things out. You can also do these things to help prevent the unintentional infection of your computer.<br /><br />The first thing that I do is to check any links in the email that I am requested to click. For example, the image below is from a recent email claiming to be a critical update for MS Outlook and Outlook Express. In this example, I right click the link and then choose <span style="font-weight: bold; font-style: italic;">Copy link address</span>.<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2.bp.blogspot.com/_gXVrOk0_aG8/SkK6sYIQZCI/AAAAAAAAAAc/cb-eXTXuBmU/s1600-h/email_links_check.jpg"><img style="margin: 0pt 0pt 10px 10px; float: right; cursor: pointer; width: 287px; height: 320px;" src="http://2.bp.blogspot.com/_gXVrOk0_aG8/SkK6sYIQZCI/AAAAAAAAAAc/cb-eXTXuBmU/s320/email_links_check.jpg" alt="" id="BLOGGER_PHOTO_ID_5351044578823660578" border="0" /></a><br />I use Google Apps for my domains email, however, the process should be similar no matter what service you use. Next I open a notepad window and paste the address there for inspection. Typically, there will be something other than the correct address for the originator of the email. In this example, the link reads<br /><blockquote>http://update.microsoft.com.iXXXXXX.com</blockquote>NOTE: I have X'd most of the portion of the address that is not the originator as well as the rest of the link as it is irrelevant to this example.<br /><br />Had this been a valid email for an update from Microsoft, rest assured that <span style="font-weight: bold;">update.microsoft.com</span> would have been the domain without the extra <span style="font-weight: bold;">.iXXXXXX.com</span> after it.<br /><br />The other thing I do is to check the emails "header information". I will explain how to do this in Google Apps/Gmail. While in the message, click the down arrow next to Reply in the upper right of the message and select Show original. This will open a new window that will show the text in the example below (plus more that I've omitted from this example). If you are using Outlook 2003, see this <a href="http://www.msexchange.org/articles/Outlook-Internet-Headers.html">article</a> on how to view the header information.<br /><br /><div style="text-align: left;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://3.bp.blogspot.com/_gXVrOk0_aG8/SkLAGxgz10I/AAAAAAAAAA0/ixv6y3XQIz4/s1600-h/email_header_check.jpg"><img style="margin: 0pt 10px 10px 0pt; float: left; cursor: pointer; width: 320px; height: 176px;" src="http://3.bp.blogspot.com/_gXVrOk0_aG8/SkLAGxgz10I/AAAAAAAAAA0/ixv6y3XQIz4/s320/email_header_check.jpg" alt="" id="BLOGGER_PHOTO_ID_5351050529872271170" border="0" /></a> <span style="color: rgb(51, 51, 255);"><br /><br />The information you would be most concerned with is the Return-Path field (highlighted in the image). As you can see in the example, the Return-Path is definitely NOT from Microsoft. This is a sure sign that the message is not from who it claims.</span><br /></div><br /><br /><br />One final item that made me suspicious about our example email was that it referenced Outlook Express. Microsoft currently does not offer OE for download and I believe that it is out of its life cycle.<br /><br />For the record, I did NOT click on this link and I would recommend you follow suit. Maybe, I will setup a test pc and do it just to see the consequences.<br /><br />Thanks for reading this. I welcome any comments (pro and con) as well as suggestions for articles.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/3752395250380321563-8370355579028391216?l=compu-clean.blogspot.com' alt='' /></div>Del Ticehttp://www.blogger.com/profile/16885752423389935892noreply@blogger.com1