Posts Tagged ‘security’

You are a new college graduate and have just landed your first real job.  You’ll be moving to a large Metropolitan area and you’ll need to find a place to live in the new town.  Looking at the Apartment Finder booklets, the Sunday paper and Craig’s List you find there are thousands of apartments available, across a 100 square mile area!  You don’t know anyone there so you tell your colleagues at the new office you want to rent a two-bedroom apartment and ask their advice on location.  Here’s what they say:

Suzie says “Drive around and look for “apartment for rent” signs and find something within your budget.  Neighborhoods are all pretty much the same here.”

Jan says, “I live in River Estates and they have apartments for everyone’s budget.”

Bob says, “Any place is safe in the metro area if you just stay alert.  Pick a location like I did near the shopping mall.  It’s a longer drive but worth it”

How do you pick the right one?  Here’s a decision tool I’ve used many times when I changed jobs and moved ourselves or our family members:  Think Safety, Security, Proximity and Value, in that order.

  • Safety:  Avoid living in high crime areas even if it means you must drive further to work each day.  Go to  and check the crime statistics for the areas you are considering for apartments.
  • Security:  Only seriously consider apartment complexes (or apartments in houses) that are bright and well lit at night.  If you’ll have a car, look for off – street parking in a secure area.  (If without a car, look for easy, well-lit access to public transportation — wide, bright sidewalks for example)
  • Proximity:  If driving to work remember you’ll be doing that every workday so pick an area to live that has several routes available to and from work, preferably an interstate-sized highway and another major route.  This gives you options when an accident blocks a route.  And choose a location as close as possible to your work location (biking/walking distance would be ideal for many people).  If you are moving with another person[1], and they will be working at a different site, to be fair try to pick a living location that requires each of you to drive roughly the same time to and from your work.  And, of course, proximity to recreational areas, downtown restaurants and shopping areas will need to be factored into the decision.  Then drive these routes at rush hour and/or the times you’ll be commuting.  An open road at 3 PM can become a rolling parking lot at 5:30.
  • Value:  As the list of apartments being considered shrinks, you’ll think about value and amenities — What you’ll get for your money.  A list of pros and cons will help you make the decision:  number of bedrooms, baths, washer and dryer, fitness center, pool, proximity to work and other locations, monthly rent, length of lease, acceptance of pets, amenities fees, etc.

If several apartments are equally desirable, a tie breaker might be the direction (and the times) you’ll be driving to and from work.  If working 9-5 you’ll want to drive generally westward in the morning and eastward in the evening, so the rising/setting sun is always at your back and not in your squinting eyes!  All else being equal for nine-to-fivers, live east of where you’ll be working.  Traffic congestion is often aggravating enough without the added stress of a sun-glare-induced headache twice daily, not to mention the ever-present risk of traffic accidents due to poor visibility (ask Los Angeles – dwellers about this)!

Who knew there was a preferred process for picking your new place?!?

[1] Agreeing on priorities for each of the four factors—and then adding a weight (importance, twice as important, three times as important), before looking at the first apartment or neighborhood, can prevent debates and arguments.

As the Paradigm Shifts #V: Vulnerability

by Rosie Kuhn on September 21, 2011

You must have seen it coming: after all of these weeks …

From the moment we are born we are vulnerable to – well, to everything. Very quickly, and as best we can we begin to tap into strategies that keep us invulnerable to starvation for nourishment and nurturing. We begin to calculate –developing strategic ways to get what we need and perhaps what we want. Our parents can tell a cry that means a diaper needs changing from a cry that says I’m hungry. We learn very quickly how to take care of the situation and minimize vulnerability.

As calculating as we can be, there comes a moment when we are whacked upside the head with the proverbial  2×4, which knocks us senseless and into an even more shrewd way of being in order to avoid any further vulnerability. We continually build on this until we’ve well established, what Tracy Goss calls, our winning strategy. She calls it a winning strategy because it keeps you winning at getting what you want, when you want; until it doesn’t. At some point it becomes clear that this winning strategy limits what’s possible and though you remain invulnerable, which seems like a good thing, you are unable to access what’s necessary to have what you say you want. The only way to shift this process is to willingly risk being vulnerable – only in service to what you say you want.

Remember earlier when I talked about that moment when you decided to be invulnerable? In that instant what occurred that had you make that decision was too painful and too challenging for a little kid to handle. As a kid you had no one to tell you that you are going to be okay. In that moment you were all alone and alone you made that choice to protect yourself at all cost.

At some point in each lifetime we are required to meet again that moment when we have to be willing to risk what we couldn’t risk as a child. We have to trade invulnerability for what we say we want. Now, being an adult, we’ve had plenty of experiences where we calculatingly traded our invulnerability for vulnerability. Trying out for various sports, asking someone for a date, applying to colleges and jobs, asking for a raise; each of these were instances where you chose vulnerability in order to get what you wanted. This is a very good thing and indicates you know how to stretch and strengthen the muscles required to take the risk. What has us be able to risk some times and not others, in other words what has us be more vulnerable in some circumstances while not in others?

In the world of business the majority of us are walking around limited by our winning strategies, remaining invulnerable. This keeps us safe, secure and stable but also most of the time unfulfilled. I’ve begun working with a new client, Patricia, who has phenomenal skills in her line of business but is scared to death to risk losing the stability she’s created, even though she is terribly miserable in her work. She is not alone. Approximately four out of five individuals feel the same way as Patricia.

When Patricia thinks about quitting her job and changing careers she feels like a tiny incapable human being. In that moment she’s calling up the young child to be vulnerable. Think about it for just a moment. We approach this moment of risk as if we were that young innocent child, not the grown up that has risked many times before and come up successful.

The evidence is stacked up in your favor that you will survive taking risks. At the same time you hold on to that one instance in your life when all was lost (because you were only a little kid and didn’t have the wisdom of a grownup to deal with the fallout). You were lost and not yet found. Yes, not yet found.

When what’s at stake is more important to you then the safety of the prison you’ve built through the practice of invulnerability you are, in that moment, given the opportunity to find yourself. Lost or left behind, you can re-member and reclaim any and all aspects of the you, you left behind. It is an exquisite reunion, one you’ll never forget.

Patricia knows that hiding out within the walls that protect her will never replace the feeling of fulfillment she knows exists outside. In this moment, while you are reading this, she is calculating what’s at stake and if it’s worth the risk.

Our business, the work we bring to the world, I believe to be the most crucial aspect of self-expression. And, I also believe that self-expression, in whatever form that takes, is essential to thriving. To empower yourself and others to step out beyond the walls that only seemingly keep you safe, you create an opening in the current reality for a paradigm shift. You have no idea the positive repercussion that follows such an act. Even the slightest movement in the direction of what you want, which requires risk and faith, will reward you with a sense of accomplishment that is in itself a beautiful remuneration. Give it a try – what have you got to lose?

There is great value in investing in a thinking partner for yourself or for those you want to empower. According to statistics, hiring a coach is crucial to growing yourself and your business. Reading pieces like this is a start, yet without action nothing changes.

Enjoy the adventure!

The Constraints of No Boundaries

by Rosie Kuhn on August 24, 2011

It’s not uncommon for children to grow up not knowing their own beautiful thoughts and feelings and their essential needs and wants. You might be asking “How can that be?” Well, it’s one of the ravages of families and the individuals inside them. They are at war with themselves with no one to mediate a peace treaty.

In some ways we have no choice in the matter when it comes to which family we arrive into as infants. I don’t know a single soul who asked to be born into violence, depression, poverty and sickness. But here we are, thousands of years of cultivating intelligence within societies and cultures and we still have children arriving in families that just don’t know any better than to fight, implode, feel lack and aching.

So, I’m going out on a limb here and assume that many who are reading this know what I’m talking about. All of us are refugees of families to one degree or another. All of us struggle with who we are as individuals in relation to the world around us. All of us are persons in exile, either from family and friends, and quite often from ourselves.

When, as children it comes to surviving, the majority of us choose to choose survival and belonging rather than choosing to be a lone wolf. Somewhere, somehow our little choice-maker whispers in our ears “don’t think that”; “don’t feel that”; “we don’t need that”; and soon, we forgot that we could want!

Knowing what You Want

“Just tell me what I’m supposed to want.” My client Andrea shares. “I don’t know how to know what I want. I think I want a relationship but when I get close to someone I get scared and want out! I don’t know – I just don’t know what I want.”

Andrea is a successful Lawyer in New York City. She’s very competent in every aspect of her life, except when it comes to personal relationships. How can that be?

Growing up in a family that looks as normal as any family in her community, Andrea’s grandmother would shame her when she came home with A’s. “What are you, some kind of a smarty-pants?” When Andrea came home with B’s, her grandmother would say “What are you, some kind of an idiot?” Whatever Andrea did she was made to feel guilty or shame for doing what she did and being who she was. Neither her mom nor her dad sheltered her emotionally from the barrage of insults. They each contributed in their own ways to Andrea’s dilemma of not knowing her own thoughts and feelings, wants or needs.

Andrea, like so many of us, gave up her self-respect and dignity for the sake of shelter and food, knowing that someday there would be freedom from all of this.


Enmeshment is the word used in Marriage and Family Therapy for the process of losing one’s self in support of family culture and for survival. Though I believe that early on, we do know that this doesn’t feel good, after awhile we forget and try to find hope and peace amongst the fragments of life that we’ve come to consider “normal.”

Enmeshment occurs not only in families, but in religions, corporations, and our educational institutions – anywhere and everywhere we are not allowed to know what we want or need, or what we think or feel. It occurs anywhere and everywhere we have to choose to silence our own thinking, our creativity, our sense of integrity and personal accountability. Is there any place that is safe?

This is really important, because it’s not like we can point our fingers at Daddy or Mommy or Grandma, for that matter. Each of us somehow plays a role in wanting people to want what we want, how we want it and when we want it. Any of us in a position of authority has the power to decide how we want others to respond to us. How we be with our authority and how we use our authority is the question at hand. None of us gets immunity for acts of unkindness that in the end burdens others with our unresolved anger, sorrow and fears.

In my studies, at first I was appalled with the concept of enmeshment. It meant that most families were just big balls of emotions, which no one could know about or talk about. But through my experience as a therapist it began to make perfect sense. Now as a transformational coach a great deal of my work is about empowering clients, like Andrea, to realize their own wants and desires and their own thoughts and feelings. What they are finding is that there is freedom that comes with making choices – choices that are in right-relationship with their own truths, not necessarily in alignment with the emotional needs of potential partners, co-workers, friends and most importantly those individuals who have authority over us. Like Andrea, they are learning to create boundaries based on what’s true for them. This can get really squirrelly for a lot of us who can see that maybe we want two opposing things at the same time. And, we want the sense of emotional clarity that comes when we’ve made the “right choice.” Looking to others to tell us if we’ve chosen correctly keeps up using childhood ways that really don’t work in a grown up world. Really – they don’t work!

For Andrea, she wants partnership, romance, security, connection and belonging. She also wants safety, freedom, independence and respect that who she is, is all she needs to be. At 49 years of age, she’s afraid she’ll never get it. My experience tells me that the more clear she becomes with who she is; the more clear she can speak up to those she’d made into authority figures (we do this a lot with our bosses, our partners, even with our children) the more freedom she will experience to create a relationship that includes all the good things that come from being able to speak her truth. We actually create better relationships with people when we can know our thoughts and feelings, know our needs and wants and speak authentically from this place of knowing. Isn’t this what we are all wanting?

It’s a fascinating juxtaposition that boundaries, made by free choice, create freedom. Who would have ever guessed?

Chaos and Complexity #12: Terrorism

by Gary Monti on November 30, 2010

Meeting General Colin Powell (ret.) and speaking on building bonds among team members at a project management conference were two opportunities I was fortunate to have earlier this month. His keynote speech on change and the need to be humble when dealing with power (and the loss of it) was a perfect lead in for my talk on trust building. It also got me thinking about another topic I follow – Terrorism.

The Benefits of Giving Recognition

General Powell never mentioned politics or terrorism. He talked about working with people and stressed the need to connect with those who provide support. He gave several reasons:

  1. Whatever gets accomplished will be done through these team members;
  2. The team members are the ones putting themselves on the line and taking the heat;
  3. As a human being it feels better treating people with respect;
  4. When treated with respect the odds go up the team will help avoid mistakes and identify and recover from those that are made;
  5. Performance improves in the presence of trust.

His words were strikingly appropriate and apply to a project manager as much as any leader.

Humility and Home Life

Another topic about which he spoke was how his shift from public life to private had its own challenges. He spoke of going from having a 767 at his disposal and always having the path in front of him cleared to finding himself retired and sitting at the kitchen with his wife asking him, “You don’t plan on staying home do you?” The crowd roared with laughter. The situation was very real, though. His terrain was dancing.

Those connections built over the years and based on respect helped him move on to another phase of life and a new direction. Treating people well along the way paid off. There is a quote that is very fitting.

Only I can take my journey, but I can’t do it alone.”

In complex and chaotic situations this is especially true. The situation is fueled by trust.


A mash-up of ideas occurred while thinking about Powell, connection, kitchen tables, and respect which pushed to the forefront another concept that fit the principles: dealing with terrorism. As examples for chaos and complexity go, the situation surrounding terrorism is one of the best.

Terrorism thumbs its nose at best-practice, top-down approaches. And terrorists are good at it. They create large force multipliers extending beyond the battlefield. They are always looking for tipping points. Look at the dust-up that has been occurring with enhanced pat downs and invasive scanners. Not only are millions, if not billions, of dollars being spent, society gets thrown off balance. All this because of someone who had explosives in his underpants! Terrorists’ goals are to create chaos and, hopefully (from their perspective) random behavior leading to anarchy. The stir caused by their tiny, planned efforts would make any commander proud.

And how is this dealt with? Where does success occur? Simply being the big dog does not make that much difference in situations such as this. Success is measured at the small, detail level. People holding together and sticking to what works one passenger at a time. What a challenge! Yes, commanders are needed but, yes, their job is to get the right equipment in the right person’s hands at the right time. This brings us back to complexity where the team’s bond and ability to perform is what makes all the difference.

So terrorists work to make things chaotic (if not random) and committed security team members work to build the bonds needed to trap the terrorist and keep things safe. That is complex behavior.

Security teams strive to move to best practice but the enemy adapts and changes their plans in an attempt to re-introduce chaos. At times the best that can be done is reduce the chaos to complexity. This means trade-offs are inevitable.

While going through the new scanners to go outside the United States on business this past weekend I thought about Powell and his wife sitting at the kitchen table like any other couple and also about how the devil is in the details when it comes to complexity and chaos and catching terrorists. The terrain just keeps on dancing.

When Securing Your Data and Network, Just Look Inside

by Robert Driscoll on January 28, 2010

Securing your company or organizations network and/or data is more critical today than ever.  Unfortunately, too often we take it for granted and don’t even realize that our environment could be easily compromised.  The worst thing that any person in the IT department can do is ignore the potential risks to their environments.  When it comes to security, the three easiest remedies one could do is:

  • Monitor your security logs regularly
  • Constantly update and patch your software
  • Train your staff and regularly remind them of the threats to your network and data

Instead of writing about security threats in a general manner, I’m going to focus on one area and how to possibly help mitigate it:  insider attacks.

A study conducted in 2008 by the Verizon Business Risk Team noted that of the 500 intrusions they investigated over a four year period, 18% of them occurred internally by employees.  Of that 18%, over half of the breaches were done by employees in the IT department.  While most breaches occur in larger companies where it can be harder to track employees, they can and will occur in smaller companies as well. 

There are pros and cons to the number of people who have access to your company’s critical data and network.  The pros to a larger group of people having access to your critical data and networks is continuity in the event someone should leave or something happens to someone.  The obvious con is that you have too many people who have access to your critical components.  The pros to having a smaller group of people who have access to this environment is that you minimize the risk for an impact.  The flip side is that if you minimize it so much that you entrust everything to one person with no one able to back them up, it’s just a matter of time before disaster strikes.  Take for instance when the City of San Francisco was unable to access their WAN because of a rogue network administrator who blocked entry to anyone.  The network administrator was the only one who fully understood the network and therefore they were the gatekeeper.

So how do we minimize or eliminate these risks?

  • Have more than one administrator – but not too many.  Always have a continuity plan in place.  Not only for your data and your infrastructure, but also for those who have access to it.
  • Have a stringent hiring process.  If it’s critical environments that the person will be in charge of protecting, do the appropriate background checks (criminal, credit, etc…) before hiring them.
  • Constantly review and update your security policies as well as providing periodic training to your employees to remind them and keep them aware of the policies that are in place.

When guarding your organizations critical data and/or network, never put your guard down and never put too much trust in to just one person.  There must always be checks and balances.  What commonality exists in all security breaches?  Most of them could have been avoided through reasonable controls.

Taking Corporate Crime To A New Level

by Robert Driscoll on October 22, 2009

imagesSeveral of my past posts have been about cybercrime and protecting your data and I figured I might give it a break for a little while, but I couldn’t ignore some recent articles that I read about organized criminal events that targeted very successful companies, Hermitage Capital Management in particular, who was bilked of nearly $230 million in Russia.  While the parties involved used computers and the internet to enact part of their crime, they primarily used brute force.  What makes this story of interest are those who were involved: the Russian police, high-level government officials and judges just to name a few.  To make this event even more interesting, according to Russian officials, Hermitage and its CEO and founder, William Browder, may be guilty of a $16.9 million tax evasion as well.  Sounds like the making of a John Grisham novel, but unfortunately, it’s real.

While this event occurred over four years ago, this story of corporate fraud is so surreal that Browder issued a message of warning via a Youtube video recently to investors, companies who are currently doing business in Russia or entertaining it, to be careful.  You can watch the full footage at:

It’s obvious that money can and will change people or make them do things that they normally wouldn’t do, but in places like Russia, they’ve managed to take it to a new level.  Dmitri Alperovitch, a McAfee Internet threat researcher, stated that while Russia’s long history with organized crime has paved the way for highly organized criminal groups that have exploited the use of botnets, spamming and phishing (to name a few), he said it perfectly about organized crime in Russia, “At the end of the day, it’s about the money.”  While I’m sure the truth in this story lies somewhere in the middle, either way, this event has managed to take corporate crime to a new level.

Cyber Criminals Now Targeting Small Businesses

by Robert Driscoll on October 1, 2009

phishing-identity-theftIt seems like every other day in the news and various media forums we are told of cyber criminal organizations that have hacked in to various company databases and have stolen their customers’ information.  There are several well documented cases such as the recent capture of Albert Gonzalez who was indicted, along with two Russian nationals, for supposedly stealing over 130 million credit and debit card numbers.  The previous largest known breach occurred in 2005 and 2006 when over 45 million card numbers were stolen from TJX, the parent company of TJ Maxx and Marshalls among others.  But what about small businesses?

NACHA, the Electronics Payments association, is a non-profit organization that oversees the Automated Clearing House (ACH) Network that over 15,000 financial institutions use to originate and receive payments.  In early September, NACHA issued a statement to all of its members alerting them of the increase in cyber attacks targeting small banks and businesses.  According to a recent article in The Washington Post, the confidential notice that was sent out to the NACHA members identified criminal cyber groups in Eastern Europe as being the ones primarily responsible for stealing millions of dollars from corporate bank accounts and then sending the money via wire transfer to overseas accounts.

Why are small businesses being targeted?  The security policies at these types of companies tend to not be as sophisticated and therefore easier to gain access in to their infrastructure.  Also, while many financial institutions have created several security measures and alerts to prevent credit and debit card fraud, the same cannot be said for ACH transactions.  Nick Holland, a senior analyst at Aite Group which focuses on the financial services industry, states that, “While an unusually large credit card transaction might trigger a fraud alert, a crook could initiate a similar ACH transaction without anyone batting an eyelid in many cases.”

How are small businesses being targeted?  As was reported in The Washington Post article, the scammers infiltrate companies in a similar fashion:  they send a targeted email with a virus-laden attachment or link to the company’s controller or treasurer.  When the link or attachment is opened, the malware starts to gain access to the company’s financial data.  The majority of the illegal wire transfers are under $10,000, therefore not attracting the attention of federal agencies.  Some though, have been devastating to some banks, such as Dwelling House Savings and Loan which was forced out of business as cyber criminals siphoned over $3 million over a period of 6-12 months in 2008 through illegal ACH transactions.  The FBI now says it is looking in to this kind of criminal activity.

To reduce the risk of data breaches or theft, companies must constantly update their security policies and make sure they are being enforced.  The application of multiple security layers is required to reduce your company’s exposure in today’s digital world.   While companies must defend themselves against attacks, they have to constantly juggle between protecting their company’s sensitive data and creating a flexible and responsive infrastructure to allow companies (and their employees) to effectively work in today’s ever changing and complex marketplace.  If your business performs ACH transactions, it’s time to consider an effective transaction monitoring solution before it’s too late.

Be socially responsible with your Social Identity

by Guy Ralfe on September 2, 2009


The social media call today is to get online and participate. Over the last year a day hasn’t gone by without someone mentioning a new contact through a social network site or some new statistic about the presence and reach of social media networks, but more often of late we are hearing more news of misfortune surrounding social media.

This is not unexpected as this is a common characteristic of social groups. It has gone on for centuries and is to some degree the cause of wars and organized crime – where there’s a large group that appears to have something relative to another it produces an opportunity to exploit. In social media this has manifested itself in Identity Theft and Brand Damage (topic of next post)

Identity theft seems to be rampant today and rather intimidating. An article in the Daily Mail quotes a large UK insurance company Legal & General as warning that insurance premiums may rise if household members utilize social media sites.

This is on the back of the claim that criminals are preying within these network sites for opportunities such as burglaries, personal account details and identity theft. What appears to be an innocent use of your ability to broadcast everything from your thoughts through twitter, photos on Flickr and everything about yourself on facebook, MySpace, LinkedIn or such sites, can potentially provide key information to criminals to utilize against you.

What this means is that we have to be conscious about how we configure our accounts on these sites and responsible with what information is shared through which channels.

Here is some edited advice published by Robert Siciliano on bloggernews

  • Before you post anything online, think about what a criminal could do with that data.
  • Don’t post specific details about yourself such as address, date of birth, kids’ names, pets’ names, phone numbers, or any account numbers or financial information of any kind. This information can often be used to retrieve passwords and help get fraudulent access to personal accounts.
  • Do not tell the world you are going on vacation! This is an open invitation to any would be burglar. Remember posting pictures of your vacation while on vacation is much the same as writing that you are on holiday.
  • If you’re a “partier” and like to imbibe, informing the world that you just smoked a joint is not only one of the worst things you could do for your career, it also makes all your friends guilty by association.
  • Before posting pictures or videos, consider what a criminal or potential employer might see. Could they be used against you in any way?
  • If you let your kids use social media, you must monitor every aspect of their Internet activities. Pick up McAfee’s Family Protection software and take control of your childrens’ Internet use.
  • Take advantage of privacy settings and lock down your profile, so that only those who you approve can view everything.
  • Get a credit freeze. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
  • Invest in identity theft protection and prevention services such as Intelius. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk.

Remember that it is not only criminals that are potentially scouting you out! Today it does not take a lot of effort to perform searches on individuals. Posting something that may be illegal or unsavory can just as easily be picked up by a prospective future employer, client or worse used against you in court!

Social media is built on trusting relationships. It is this trust that is manipulated to exploit your situation and information. As aptly demonstrated in Himanshu Jhamb’s article Social Media: A Dangerous Opportunity, this does not need to be intimidating and there are many things we can do to protect ourselves. We just need to be aware how these tools can be utilized and act responsibly to protect ourselves from criminals or others carrying hidden agendas.

Don’t be intimidated, enjoy your social media experience!

My Computer Got Infected By The Swine Flu. What?

by Robert Driscoll on August 6, 2009

SpamIn April and May of this year, while the CDC and other federal agencies were working hard to prevent the spread of a swine flu outbreak, another outbreak was occurring that did not catch the headlines: Swine Flu Spam.

With Swine Flu at the forefront of everyone’s mind, spammers got busy. When the possible Swine Flu outbreak was being reported in April of this year by the media, Cisco stated that Swine Flu related spam accounted for 4 percent of the worldwide total at its peak. Symantec reported on their blog one scam that spammers unleashed where they had a viral PDF document of Swine Influenza FAQs. When users clicked on the PDF document, it unleashed a malicious InfoStealer code onto the victim’s computer.

Well just when we thought our computers were safe from getting infected by the Swine Flu, Sophos Labs reported on July 22nd on their blog that with the Swine Flu pandemic ongoing, spammers are continuing to play off of peoples fear. This time they sent an email titled, “Novel H1N1 Flu Situations Update,” which had an attached Word document that when opened had the following image in it:


This image is identical to the one found on the CDC website. Unbeknownst to the users who clicked on the Word document, a Trojan was unleashed on their computer that not only stole all of their passwords (encrypted ones as well), but it also tracked all of their key strokes. All of this information was sent back to a malicious website where most likely the stolen information would be sold in one of several underground markets. Spam continues to be a major problem not only for individuals but corporations as well. Symantec reported that as of April of this year, “unsolicited email made up 90.4% of messages on corporate networks.” While companies have become “smarter” in not allowing certain attachments to pass through to their networks, spammers have started attaching URLs in their messages enticing people to click on them which then redirects them to a website that carries the malware. This type of spam generally tends to not get stopped by firewall or anti-virus or anti-spam software.

So how do you defend yourself against malicious emails?  To lower your risk of malware infections, you need to:

  • Download software only from sites you know and trust.
  • Set your browser security high enough to detect unauthorized downloads.
  • Use anti-virus and anti-spyware software, as well as a firewall, and set them to update automatically.
  • Don’t click on links inside pop-up windows.
  • Don’t click on links in spam that claim to offer anti-spyware software; you may unintentionally be installing spyware.

Clues that malware may be on your computer include:

  • A sudden increase in pop-up ads.
  • A sudden or repeated change in your computers Internet home page.
  • New and unexpected toolbars or icons on the system tray at the bottom of your computer screen.
  • Slowed computer performance.
  • Random error messages.

While it is important for both individuals and corporations to have the necessary security measures in place to protect them from these spam messages by incorporating firewalls, antivirus software, email filters, etc…, the best way to reduce these threats is to simply educate yourself, and if you work for a corporation, educate your peers to not open or click on anything that looks suspicious. Sound stupid? Well, so does your computer getting the Swine Flu.