April 2008 Newsletter
URGENT NOTICE: Read This Article Immediately
How Spoofers Grab Your Attention
by Tracy Baker

Ever been to a movie set? Stand in the middle of a Hollywood recreation of Main Street, U.S.A., and all those houses and storefronts look just as real as the ones back home. Change your perspective a bit, and you’ll see it’s just a big façade held up by a bunch of sticks. The Internet works much the same way, except that most people don’t ever bother to peek behind the curtains.

Criminals know this and use it to their advantage using a trick called spoofing, which is the Web equivalent of creating an Academy Award-worthy movie set. They steal graphics, text, and other components of real corporate emails and Web sites to create carbon copies that can fool even the most vigilant Web experts. Then they use a variety of means to get you to click links within emails or visit fake sites. Pure spoofing attacks download malicious software such as viruses to the computer once a link is clicked. A more common spoofing variant called phishing lures unsuspecting victims to legitimate-looking Web sites, where users part with sensitive personal information that the spoofer can misuse. Spoofing represents a huge threat to Internet users because it’s so easy to let your guard down when you think you’re dealing with a trusted company. Fortunately, there are ways to detect and avoid spoofing attempts.

Smoke & Mirrors

The most common way spoofers draw you to a phishing site or a page that loads malware onto your PC is by sending an email announcing that something dramatic is happening to one of your accounts that requires your immediate personal attention. Maybe the email claims there’s a big problem with your PayPal account or that there’s been some strange activity with your credit card, or even that you’ve won some sort of prize that can only be claimed in a short period of time. The specifics don’t really matter—spoofers just want to create a sense of urgency that will make you click the link embedded in an email or Web page.

Spoofing techniques are often used in the email so that the link looks like it’s going to lead to a legitimate Web site, but it’s actually pointing to a spoof site. Emails are also doctored to look like they come from a real company, and while there’s really not much an average user can do to determine whether an email is legitimate, there’s plenty a user can do to investigate the links the email contains.

Anatomy Of A URL

Pretend you receive an email claiming to come from Smart Computing, telling you about a special offer that can only be claimed by clicking a link in the email. The underlined or highlighted text for the link might say something like “Click here for special offer” or even “www.smartcomputing.com,” but what you see isn’t necessarily what the link really is. Place your mouse cursor over the link, and a tooltip pops up that shows you the exact URL that the browser will load when the link is clicked. This tooltip is your first line of defense when deciding whether a link in an email is legitimate.

URLs for Web pages all follow the form http://XXX.YYY.ZZZ or sometimes http://YYY.ZZZ. The first part, “http,” tells you that the protocol (or computer language) used to access the page is the Hypertext Transfer Protocol, which is used for nonsecure Web pages. XXX represents a subdomain, YYY is the registered domain name, and ZZZ is the top-level domain.

If the email link tells you it leads to a login page, or if you accidentally click the link and end up at a login page, look closely in the Address bar to see if the protocol is HTTP or HTTPS. Data flowing through an HTTP is not encrypted, while data flowing through HTTPS is. Most legitimate sites use HTTPS at the login page, so that any information you type there is transmitted securely. Spoofers will sometimes overlook this and create a fake login page that uses HTTP, which is a dead giveaway that you’re at a fake site.

Even if HTTPS is used at the login screen, the rest of the URL provides several clues that can expose an illegitimate site. The top-level domain will always be something like .com, .org, or .edu, so look to make sure that a link that said it was taking you to SmartComput

ing.com, for example, didn’t actually take you to SmartComputing.cat. Registered domain names must be registered separately for each top-level domain, so it’s possible that a legitimate company registered for common top-levels, such as .com and .net, while a thief registered the same name under a more obscure top-level domain.

If the top-level domain checks out (and it often does), look just to the left of it in the registered domain name portion of the URL. This is the name of the company or Web site—for example, smartcomputing, amazon, ebay, etc.—that the site uses to identify itself. If it reads differently, something fishy is probably going on.

The biggest clue to watch for is a legitimate-looking subdomain name placed next to an illegitimate-looking registered domain name. For example, “smartcomputing.spoof.com” is completely different than “spoof.smartcomputing.com.” The former would take you to the smartcomputing subdomain at a site called “spoof.com,” while the latter would take you to the spoof subdomain at a site called “smartcomputing.com.” Always look at the text immediately to the left of the top-level domain and pretend subdomains don’t even exist.

Even an authentic-looking URL within an email or displayed in the browser’s Address bar should be viewed with suspicion. Spoofers have been known to use PayPa1 (with a number one on the end) instead of PayPal, for example. A misspelling such as this may stand out on a printed page; but in an Address bar, it is difficult to distinguish from the real deal. In fact, according to a joint Harvard and Berkeley study titled “Why Phishing Works,” 90.9% of participants—all trained to spot fakes—fell for a site called “www.bankofthevvest.com” (with two V’s in the middle), thinking it was the real bankofthewest.com Web site.

Let Your Fingers Do The Walking

If you receive an email that appears to be from a legitimate business where you have an account, don’t click any links it contains. Instead, manually navigate to the business’ Web address using its standard URL and then access your account from there to see if the issue referenced in the email exists. Better yet, call the company using the number printed in the phone book or on a recent statement and talk to a representative. If there isn’t a problem with your account, the institution you’re calling can start investigating the possible spoofing attempt.

Watch Your Browser

There are some tools built into Internet Explorer 7 that can help you determine whether a site is legitimate. If the Address bar turns green, the site’s security certificate checks out, and it is verified by the browser as a legitimate secure site. If the bar turns red, there’s a very good chance you’re looking at a spoof site. Also, keep an eye out for a padlock icon, which should lock when HTTPS is displayed in the Address bar. If a site claims to be secure but the padlock isn’t locked, call the company.

Update, Update, Update

Many of the most insidious spoofing tricks rely on weaknesses in Web browsers to immediately install malware on the PC as soon as a link is clicked. Most of these weaknesses are fixed once they are detected, but your browser will only benefit from the update if you download and apply patches on a regular basis using Windows Update (update.microsoft.com). For maximum protection, automate this process. In Vista, click Start, click Control Panel, double-click Windows Update, and then click Change Settings to access these options. In Windows XP, right-click My Computer, click Properties, and select the Automatic Updates tab to configure the feature.

Spoofers sometimes attack your ISP (Internet service provider) to redirect you to a spoof site even when you click a legitimate link or enter a legitimate address in the browser bar, foiling all of your efforts to avoid a spoofing attack. If this happens, contact the institution in question immediately and then pray for technology that makes spoofing impossible in the future. 

Reprinted with permission from PC Today. Visit http://www.smartcomputing.com/groups to learn what Smart Computing can do for you and your user group!

Smart Computing Tips & Fun Facts

Another Man's Treasure: Almost everyone has at least an old cell phone or two lying around the house. Donating these older gadgets will both declutter your home and help someone out. Many organizations, including women's shelters, provide reprogrammed phones to people in high-risk situations. Secure The Call (www.securethecall.com) is a nationwide organization that collects phones and programs them for 911-only purposes. If your old phone is totally kaput, recycle it. Best Buy, for example, has collection bins for cell phones, inkjet cartridges, and rechargeable batteries in the front of each of its stores.

Camera Modes: Use the Beach/Snow mode on your digital camera when you're in a situation with a lot of glare: the sun reflecting off snow, sand, water, or even shiny metal, for instance. Ordinarily, the camera's light meter would react to this glare by sensing more light than is actually there, thus underexposing the shot. Beach/Snow mode counteracts that tendency. The trouble is, though, these are often the trickiest conditions to shoot under, so the camera may still be fooled. Examine your shot, and if it still looks dim, try another with your exposure compensation set to +1.

Wireless Router Issue: If your wireless router drops the connection to your home computers, there are some things you can do to try to solve the problem. Your wireless router assigns an IP (Internet protocol) address to each of the computers on your network. If your computer drops its wireless connection and doesn't produce any error messages, you can probably reinstate the connection by reassigning an IP address via router. Routers generally use DHCP (Dynamic Host Configuration Protocol) to automatically assign IP addresses, so you'll want to release the router's DHCP assignments and then force it to assign new IP addresses.

To force a DHCP release, enter your router's firmware menu and look for a DHCP Release feature. Your router's manual or the firmware's support documentation will help you find the feature. Many routers feature DHCP Release and DHCP Renew buttons that let you quickly complete this task. 

Reprinted with permission from PC Today. Visit http://www.smartcomputing.com/groups to learn what Smart Computing can do for you and your user group!

Help Wanted

CRUG strives to offer the best in computer education. To do this we need dedicated volunteers.

We always are interested in members who can devote some of their time to their computer organization.
VOLUNTEER today
for a job with CRUG

Your participation is IMPERATIVE

Volunteer Positions available:

Board of Director Assistants
Instructors
Class Registration
Refreshment Committee

Presidents Report
by Dean Christianson
president@crug.com

No report at this time.

The Best Things in Life Are Free
And if you ask for my help … it’s free too  --  and worth every cent of it   
by John Reed

My choice for Program of the Year !!! Remote Viewer and Remote Control !
TeamViewer
http://www.teamviewer.com/

Have you ever called someone for help, and had the person ask “What are you looking at?” Then it turns out that they are running a different program so no matter what you say they can’t relate to what’s happening on your computer.

I have tried the Microsoft Remote Access option that is built into Microsoft Live Messenger with mixed results. It worked fine with some people using different Internet Service Providers ( ISP’s) but I was never able to make a connection to anyone else who was using Verizon, as I was. And that included most of the Club 64 members in this area.

When I called Verizon to see what the problem might be, they said that was a technical question, and I’d have to sign up for their technical support for $10/month. So I asked if I paid the $10/month whether they could give me an answer to the question. They said that they couldn’t answer that because it was a technical question.

And then …

TeamViewer to the rescue!! (And, yes, it’s free for non-commercial use.)

If I sound enthusiastic, I am. Let me tell you how I use it (it’s got many more features than I’ve used) and why I think it’s the greatest thing since sex. Well, maybe not real sex but the greatest thing since sliced bread, anyway.

I have installed the full version of TeamViewer3 on my pc and if someone calls me for assistance, I have them download the QuickStart version to their desktop. They don’t even have to install it. They just double-click it and tell me what their ID and 4-digit password is. I put the ID and password into my TeamViewer window and within seconds I’m looking at their desktop with all it’s icons and windows and whatever they are seeing. (Yes, real seconds. The kind you get from a clock. Not the “I’ll be with you in a second.” seconds that can take forever.) 

Then …

  • We can work together and I can see where they are moving the cursor and exactly what they are doing. I can see what problems they are having and can even give lessons if necessary.
  • If they are doing something new, they get to move the mouse and do the clicking and typing and I can just kick back and offer suggestions. They get to do the actual work and practice learning what is going on while both of us are comfortable because they are sitting squarely and comfortably in front of their own pc and I’m sitting in front of mine. (Or maybe I’m kicking back, lounging in my chair, and drinking a glass or wine – but they don’t know that ‘cause they can’t see me.) Much better than if we are sitting side by side at the same pc and straining to share the same keyboard.
  • If they want me to do something, I can move their cursor, click, and operate their pc remotely.
  • It works while running Skype or Microsoft Messenger with a voice connection, so we can chat on line at the same time we’re running the programs. For local calls, I just use a telephone for communication.

It’s so simple, so very simple, that we don’t even need a child to show us how to do it.

Now here is a summary of some TeamViewer features I’ve found interesting.

  • It works with Vista, XP and earlier Windows operating systems, and all information transfers are encrypted.
  • Some slowdown of operation will be noticed, because the picture has to be transmitted between computers. It generally cuts down the picture quality and removes the desktop wallpaper to improve speed, although this is adjustable.
  • If you don’t have a voice connection, you can get the password over the phone or via email, and type comments back and forth in the ‘chat’ mode of TeamViewer.
  • Every time the requestor runs the TeamViewer QuickStart program it generates a new 4-digit password so their computer cannot be accessed without their permission each time.
  • You can install the full version (only about 1.1 Meg) and set a password so that you can access your own computer remotely. And it can even be installed so you can remotely reboot your computer.
  • If both parties have the full version, you can swap screens.
  • Some friends and I are sitting behind routers and firewalls and have had no trouble connecting without any kind of tech adjustments or port configuration.

Crystal Wind Communications, Inc.

Computer Services

“If we can't fix it, we don't charge for it!”

Committed to excellent work for a fair price

  • Repairs, upgrades and custom computers
  • System maintenance and virus/worm/trojan removal
  • Networks and wireless networks
  • On-site service available
    Home and business ( Citrus Co. only )

Crystal Wind Computer Services  http://www.techsr.us  service@techsr.us

Crystal Wind Communications, Inc.

Internet Services
Serving Citrus County since 1995
100% locally owned and operated!

  • Professional Technical Support
    No automated telephone system
    Unlimited friendly, expert support
    Phone and e-mail tech support for all accounts
  • Free filtering protection against e-mail virus and spam!
  • Hi-speed browsing option available – free!
  • Domain registration services ( including the .us domain )
  • Domain hosting services

Crystal Wind Communications, Inc.
1631 W. Gulf to Lake Hwy, Lecanto, FL
8AM – 7PM Mon. – Fri., 10AM – 4PM Sat.
http://www.xtalwind.net   accounts@xtalwind.net
352-746-9696

Microsoft Office Excel 2007 Review
by Lynn Page

The past two months I have been reviewing Microsoft Office 2007. This month I continue my review with PowerPoint 2007. I had planned to review Excel but had the opportunity to work with PowerPoint 2007 for the CITA Expo and the February general meeting presentation. So I decided to review PowerPoint first.

PowerPoint 2007, like Word 2007, uses the new user interface. This includes the Ribbon, Tool Tips, Quick Access Toolbar, Microsoft Office Button and Quick Preview that I discussed in the previous month's reviews.

PowerPoint also uses the SmartArt, WordArt, and charting features available through Office 2007. With SmartArt and charts you add professional quality graphical diagrams to your presentation. SmartArt visually represents information and ideas, while a chart represents numeric data. Both have styles for selecting 3D effects, shadows, colors and surfaces. WordArt is text made into a graphic.

As with Word 2007, PowerPoint 2007 can save a presentation in the new XML format, a format compatible with previous versions or as PDF. You can also save as a standalone PowerPoint show to be viewed with Microsoft's viewer software. Publish options not only include packaging the presentation to CD but creating handouts in Word. I like this feature as I generally create notes for my presentation and this gives great flexibility in printing.

Corel User Group Program
Discount for CRUG members

CRUG is registered with the Corel User Group Program. This provides our members a 40% discount on all full and upgrade software.

Visit www.corel.com to see the wide range of software.
For the discount code contact me at newsletter@crug.com .

O'Reilly User Group Program
Discount for CRUG members

CRUG is registered with the O’Reilly User Group Program. This provides our members a 30% discount on books from O'Reilly and their publishing partners, No Starch, Paraglyph, Pragmatic Bookshelf, SitePoint, and Syngress books.

Visit www.oreilly.com for a look at what they offer.
For the discount code contact me at newsletter@crug.com .
Don't forget to pay your dues if your membership expires this month.

Spamihilator Program Update
by John Reed

I reviewed the Spamihilator program last month and gave it a rave review. So now it’s time for an update. I’ve installed it on six pc’s so far with the following results:

  • Three people (one of them is myself) love it. I actually look forward to getting spam now so I can check my Spamihilator trash can to see if a good piece of mail has slipped in. Then I dump everything else with one mouse click … never to see it again.
  • I had trouble installing it on my brother’s pc (in Florida) because we had a port conflict with an existing program he was running. Unbeknownst to us, he was running an Earthlink anti-spam program, and the two anti-spam programs were trying to talk at the same time. He decided to leave the Earthlink program running mostly because I couldn’t figure out how to turn it off.
  • I installed Spamihilator on a pc running Windows ME and it had a port conflict with the Zone Alarm firewall that resulted in an inability to send e-mail. That sucked. It might be repairable by adjusting the ports, but I just didn’t want to spend the time to figure it out. (It did do a great job of checking the email that had backed up and we dumped over 300 pieces of spam. But when we found that they couldn’t write to anyone because the email account no longer worked, we took it off.) 
  • One person just didn’t want to spend the time looking over the incoming stuff and identifying the ‘good’ mail, a one-time job for each ‘good’ person. She just lets it all fall into her inbox and sorts it out manually every time it comes in.

I still think it’s a great program and recommend it.

A note from the editor – the referenced brother is our CRUG member Joe Reed. My thanks to both John and Joe for these interesting articles for our newsletter.

A Note from the Editor
by Lynn Page

Save Your Old Inkjet Cartridges and Cell Phones for CRUG

We have signed up with a inkjet cartridge recycler. This has the benefit of saving cartridges from going to the landfill and also generating funds for CRUG. So please save your old cartridges and bring them to any meeting. We will collect the cartridges and cell phones. When we fill the box that was provided we return it and receive a check. If possible place the cartridges in the bag or container that your new ones came in. That way the contacts will not be damaged.

Newsletter Info

Each new newsletter will be available on the web site for a minimum of one month. After that time they will be available in abbreviated form in pdf format by request from the editor. So please read and print or copy any information you want from the newsletters in a timely fashion.

Don't forget that I would appreciate articles for the newsletter. Write something up and send it to me for inclusion in a futre newsletter.

Meeting Minutes

General meeting minutes are available online for review prior to the next meeting. They are available here or through the Minutes link on the home page.