Inside:

Get Up Close and Personal with the OIT Help Desk
See page 2

Learn to Write Professional E-mails for the Workplace
See page 3

Help Stop WAM Lab Vandalism
See page 4

 

Win an
Apple iPod!

For contest details, visit www.oit.umd.edu/ipod.

Hurry, the deadline to enter is December 10, 2004!

 

 

Invasion of the Bots

by Kevin T. Shivers

 

You walk back to your dorm room after a long day of classes. You go to your computer and fire up AOL Instant Messenger so you can tell your friends about your physics exam. Except AOL won’t connect. In fact, you can’t view Web sites or check your e-mail. Using your roommate’s computer, you check your e-mail and read a message from the OIT Security office informing you that a bot has infected your computer. Before getting into how this happened, let’s go over what a bot is.

 

What is a bot?
A bot (short for robot) is a program that allows someone to control your computer. In this case, the person is a hacker. Hackers use bots to:

• Send spam
• Store and share illegal copies of
movies, music, and video games
• Hack other computers
• Deny service attacks
• Record every keystroke you type (capturing your username, password, Testudo login, and online bank account information)

 

Unfortunately, anti-virus and anti-spyware software do a poor job of detecting and removing most bots because they are so easy to create, modify, and distribute. There are so many different bots that anti-virus software companies can’t keep up.

 

How do bots infect people’s computers?
Bots get into people’s computers through unpatched weaknesses. Bots can also get into your computer if you do not have a strong password on your computer’s administrator account. So far, no bots have infected Macintosh computers.

 

How do I prevent bots?
Change your computer’s password so it contains numbers, uppercase letters, and lowercase letters that do not form a word. To change your computer’s password, follow the directions at www.helpdesk.umd.edu/documents/4/4018. You should also prevent bots by taking the following steps to lock down and secure your computer:

• Download and install McAfee VirusScan 8.0 from www.helpdesk.umd.edu/virus/software.html.

• Use a personal firewall. Windows XP has a built-in firewall. You can download a free firewall at www.zonelabs.com for use on your personal computer.

• Turn on Automatic Updates for Windows to ensure that your computer always has the latest security patches: click “Start,” click “Control Panel,” click “System” (this is sometimes hidden under “Performance and Maintenance”), click the “Automatic Updates” tab, and click on the box next to “Keep my Computer up to Date.”

• If you have Windows XP, download and install Windows XP Service Pack 2, which has new security features that we highly recommend.

Don't Be Reeled In By Web Hoaxes

By now you’ve probably received multiple versions of an e-mail message greeting you with “Kindest Benefactor” or “Dear Friend.” The message invites you to enter into a “business transaction of mutual benefit.” All you need to do to gain millions of dollars is open a bank account, deposit around $10,000, and give your foreign correspondent access to the account. This is a type of hoax message called an “Advance Fee Fraud Scheme,” and you know it belongs in your junk mail folder or trash can. More recently, however, two newer types of messages that may catch you by surprise are probably reaching your inbox.

 

Phishing
Phishing is the practice of sending faked e-mails that direct people to spoofed Web sites where they are requested to give personal and financial information. The Web sites are near copies of well-known sites (Bank of America, Citibank, Discover Card, eBay, and PayPal have been targeted). The spoofed sites are commonly hosted in foreign countries; however, the hurried, unsuspecting customer may fall victim to the urgent and obligatory nature of the message.

 

Tips to “phight” being a phishing victim:

• Don’t reply to any e-mail or pop-up window requesting your username, password, Social
Security Number, or credit card numbers.

• Don’t click on links to reach a company. Type the URL into a browser window to go to a locked (https) site.

• If you question the authenticity of a site, check it with a tool offered at www.corestreet.com/spoofstick. The tool gives clear domain information for legitimate sites.

 

ShareYourExperiences.com and Word-of-Mouth.org
This e-mail scam preys on human curiosity. The message claims that someone made a posting to a Web site about you. Your visit to the site reveals no information but invites you to find out more by paying a fee to sign on as a member. More information is available at www.snopes.com.

 

Paul Heayn contributed to this report.

 

 

I’m already infected, how can I remove the bot?
The only way to be sure that you have removed the bot is to reformat your hard drive and reinstall Windows. Using anti-virus software is usually not enough to ensure that you have removed the bot. After you have reinstalled Windows, you need to follow the instructions above on how to lock down your computer so it doesn’t get reinfected with
another bot. If you have questions, call the OIT Help Desk at 301.405.1500.
Office of Information Technology

TechKnow is the Information Technology Newsletter for University of Maryland students, published by the Office of Information Technology. Letters to the editor and story suggestions are welcome. Please send correspondence to TechKnow@umd.edu.

© 2004 University of Maryland.