Wednesday, September 20, 2006

Is My Anti-virus Software Bogus?

By Coenraad De Beer

A golden rule in life is to stick with the proven and trusted. The same rule applies when choose security software for your computer. There are many well-known names in the industry that has been securing computers for years and have build up trust with consumers over the years. But in the ever-changing world of computers you have to stay ahead of competition and keep improving and enhancing your products. Unfortunately this has caused some companies to loose the focus they had and the quality of their software suffered because of this, they were constantly trying to tamper with a formula that has been working for millions of users. You can’t fix something that has not been broken.

New, intuitive and creative companies were needed to provide the same quality of no-nonsense security software we were used to. Luckily we have seen a few of them rise to the occasion but unfortunately this created an opportunity for unethical and criminal practices that has taken the world by storm. So-called security software companies have come to the foreground with “incredible” solutions to the security issues of your computer. They provide you with a demo of what their software can do and if it finds problems on your computer you can buy it at a ridiculously low price. This sounds more than marketing hype than anything else. You even get some companies that offer you the software you can test for “free” for a specified period (normally 14 to 30 days). But there is no such thing as a free lunch. You have to buy the software first and then you can return it for a full refund within this specified period if you are not completely satisfied with it. What part of free does these companies not understand. If you have to pay for something its not free anymore. This is unethical misleading marketing and people should not support companies like this. We live in a world of free trial versions and demos (the try before you buy policy) that expire after a specified number of days. If they can’t even develop a self-expiring demo, how can expect that their software will provide adequate security for your computer?

But even a free trial version can be a dangerous piece of software. Spyware (adware) is normally hard to get rid of and once you install them you have to go to great lengths to get them removed from your computer. Many of these companies develop trial versions (they are actually spyware programs) that block other security software from getting installed on your computer and make you believe that your computer is infected with malicious software and the only way of removing them is by buying the full version. And even after buying the software you still receive constant pop-up ads and annoying windows throwing all the other junk developed by these companies in your face. Other trial versions do report on low priority threats that are really on your computer but over inflate their security risk. A cookie is much less dangerous than an executable file.

So how exactly do you distinguish between the legitimate and illegal software on the Internet. This is no easy task, but there are a few things you can do to verify if the company has honest intentions with their software.

  1. If there is no trial version to download, look the other way. If you can’t try the software before you buy, don’t waste your time with it.

  2. If you get buttons and links telling you to download the software and once you click on them you are taken to an order form, get out of there. Legitimate companies make it clear when you are taken to a download page and when you will be taken to an order form. There is a huge difference between “Download Now!” and “Purchase Now!” the first one creates the impression of a free download, while people will only click on the latter if they are willing to buy. Unethical companies don’t want to miss out on the chance of a click and they put the visitors under the false impression that they can download the software for free.

  3. Contact details are very important. Large organisations have telephone numbers, a physical address, postal address and e-mail addresses on their contact page, not just an e-mail form with no other way of contacting the organisation. Be wary of companies with only a single contact form and no direct way of communication.

  4. Verify the statements they make. They normally claim that their software has been acknowledged as the best security software by some other well-known organisation. If the well-known organisation exists, verify it on their web site or contact them, if they do not exist, how can you trust the software of a company who lies to their customers? Legitimate acknowledgements are normally backed up by a logo of the company who did the acknowledgement with a link to their web site. If this is absent you can’t add any credibility to this statement.

  5. Do some research with your favourite search engine and visit forums asking for the opinion of other people about the software. But be very careful here, the people providing an opinion may be affiliates of the company and will not tell you the truth about the software. You have to get an honest opinion so ask for several opinions, don’t base your decision on one person’s opinion. If you can’t find anything about the software on the Internet, rather stay away from it.
There are many trustworthy, effective and well-known brands of security software available today, many of them are free for home users. It is good to see that there are companies providing free effective security software to the individual. This clearly shows that these companies are not just out there to make money but they are making a valuable contribution to the battle against malicious software and protecting the consumer against fraudulent and cheap imitations of security software. I’d rather stick with the proven and trusted.

About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, prevention of online fraud and educating users against malicious software.

Cyber Crime Made Easier Through Impersonality

By Coenraad De Beer

What makes you suspicious when someone from your bank comes to see you to update your personal details? The most obvious answer is the fact that the bank never does this. Why can’t they call you and ask you to come to the bank, why do they need to send someone in person to come and see you, in fact why do they need to update your details in the first place? This seems rather obvious to many people but once they get an e-mail asking for the very same thing, they seem to loose their reasoning ability. The main reason for this is the fact that the e-mail is impersonal and your normal instinctive reactions that kick into place when someone personally asks you for this information do not necessarily do their job when you are confronted in an impersonal way.

The impersonal nature of e-mail makes it an easy way of asking for things that would have been hard to ask when you were facing the person face to face. Unfortunately fraudsters discovered this and are using it to steal critical and personal information from people with a technique called phishing. They disguise their request for information with the logo, letterhead and e-mail address of a well-known and trusted company and create a false sense of security among the recipients of the e-mail and lure them into a trap. Anyone can create a web site that looks like a corporate site, so you can’t trust any site that looks like a corporate one. If you look more closer to the content of these sites (and e-mails) you soon discover certain inconsistencies, some are small and some are more obvious. But little things like spelling errors, bad grammar should start flashing warning lights right away.

People should realise that real organisations never ask for critical and important information though e-mail, nor the telephone or any other means of communication. You have to supply these details in person to an official of the company at one of their offices. E-mail is very insecure and can be intercepted in many different ways. And by the way, why would banks want to confirm your credit card information or pin numbers, they have it on record and they were the ones who issued you the credit card number, why would they want to confirm or update it, what is there to update when it comes to a credit card number, pin or password?

It seems like people have a different set of rules for reasoning in the real world and on the Internet. People are more suspicious on street than on the Internet. One of the main reasons for this may be a lack of knowledge of how things on the Internet work. Everyone knows you can’t trust a hawker on the sidewalk but many people trust almost any web site because they can’t see what’s going on behind the scenes. For all you know a bum can run a corporate looking web site from an Internet cafe. It is general knowledge that you can’t trust the hawker on street, but several decades ago people did not know it. Once it becomes general knowledge how fraudulent web sites look and how they operate, you will see a decline in phishing scams of this nature. Unfortunately, fraudsters always find a new way of tricking people and the educational process of identifying scams and fraud will start all over again.

About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, prevention of online fraud and educating users against malicious software.

Firefox 1.5 vs. Internet Explorer 7 - It Is A Matter Of Trust

By Coenraad De Beer

Firefox has been around for a much shorter time than Internet Explorer and still it is much more secure and reliable. Microsoft has released the newest version of their web browser, Internet Explorer 7 Release Candidate 1. Already you can see complaints everywhere about bugs and problems experienced by people who upgraded to the newest version. Internet Explorer 7 boasts an array of new features, but almost all of them have been around in Mozilla Firefox for quite some time.

I guess the one feature Microsoft is bragging with the most is the new tabbed browsing interface. This is nothing new to Firefox users and I would rather trust a browser that has been using this feature for a couple of years because it had enough time to straighten out all the bugs and problems associated with it. Internet Explorer 7 is new to the world of tabbed browsing and one wonders how many problems will one experience with this feature before Microsoft gets it right. I’m not saying that there are any problems with its tabbed browsing feature, but if they could not even get the basics right in the past one does not have much trust when they come up with a brand new feature.

Later versions of Internet Explorer 6 introduced a built-in pop-up blocker. Users of Mozilla Firefox has been enjoying pop-up blocking long before Microsoft decided to add it to their browser. With its pop-up blocking feature and enhanced security, Firefox has been much less vulnerable to virus and spyware attacks than Internet Explorer. Firefox may not be 100% secure but security issues gets fixed in a much more timely fashion than the ones in Internet Explorer. The main reason for this effective attention to bug fixes is the fact that Firefox is Open Source software. Many people argue that it poses a great security threat having your source code available to the public, because it is easier to discover and exploit vulnerabilities when you have access to the code. This may be true, but the fact that the source code is available to anyone, creates a bigger pool of software developers contributing to the development and enhancement of the software, which results in faster and more effective releases for bug fixes and security issues. You are left at the mercy of Microsoft to get the problems in Internet Explorer fixed and all of us know how slow their response sometimes are when it comes to resolving security issues.

Another feature of Internet Explorer 7 is the new anti-phishing scanner. It scans the pages you visit for the possibility of phishing scams. This is a welcomed feature for any browser because there has been an increase in phishing scams over the ears and action has to be taken against them. Now, many people may take the opportunity and throw some stones at Firefox saying that it does not have a built-in phishing scam scanner, but Internet Explorer does. I’m sorry to burst your bubble, but you can add the same feature to Firefox with the Google Toolbar extension. The newest version of Google Toolbar has a feature called Google Safe Browsing that stops the user from visiting a possible phishing site. The fact that you can enhance Firefox with extensions makes it a very versatile browser.

Web developers are jumping for joy with the introduction of the Developer Toolbar in Internet Explorer 7. The toolbar includes tools that assist web developers in troubleshooting and manipulating web pages. Again you can add the same (if not better) functionality to Firefox with the Web Developer Toolbar Extension. This extension for Firefox is packed with so many features that you will ask yourself: “What can this toolbar not do?” There is also better CSS (Cascading Style Sheet) support in the newest edition of Internet Explorer compared to previous versions, but any web developer knows that Firefox has always handled CSS much better than Internet Explorer.

RSS (Really Simple Syndication) feeds are starting to become a web standard and providing support for it is becoming inevitable. Firefox caters for RSS feeds through its Live Bookmarks and the Google Toolbar also supplies its own way of subscribing to RSS feeds through Google Fusion. Windows Vista will be geared towards RSS feeds and that is why Microsoft decided to incorporate support for RSS feeds in Internet Explorer. So once again, Firefox has been supporting this feature long before Microsoft decided to add support for it in their browser.

It took 7 versions of Internet Explorer to get it up to similar standards as Mozilla Firefox that is only at version 1.5 at the moment. Users upgrading from Internet Explorer 6 to version 7 will be introduced to new features, some may be confusing for people not used to things like tabbed browsing and RSS feeds. So if you are willing to learn new ways of browsing the Web, why not switch to Mozilla Firefox, the trustworthy browser that has been doing things right from the beginning.

About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, prevention of online fraud and educating users against malicious software.

For fast, safe and secure browsing, download Mozilla Firefox with Google Toolbar.