A new and very dangerous Internet attack was reported this week in Brazil. This is something you need to know about, so I have dispensed with the usual Q&A format this week.
It's that important!
This new danger is a phishing attack. Phishing is computer slang for attacks in which criminals pretend to be a bank or other institution. They try to trick you into giving up your password and user name.
Most people have learned not to fall for this. But this new attack could fool the most careful people. Here's how it works:
The criminals send you an e-mail (spam). When you open the e-mail, a small program called a script runs.
-->Note that you only need to open the e-mail; there is no attachment.
The scripting program goes to your HOSTS file, located deep in your computer.
The actual path in Windows XP is:
C:\Windows\System32\Drivers\Etc\HOSTS
It enters your bank's Web address--for instance, www.YourBank.com--in the HOSTS file.
It also enters an Internet Protocol (IP) number for the criminals' address.
The next time you need to surf to your bank, you attempt to go towww.YourBank.com. When you enter that address, or any other address, the browser first goes to the HOSTS file to find the IP number. If it isn't there (it normally would not be), it goes to a special computer on the Internet to find the IP number.
However, the criminals have put your bank's address in the HOSTS file, along with their IP number. So you are automatically sent to that IP number, which is the criminals' computer. It looks like the bank's Web site, so you enter your user name and password. That gives the criminals the information they need to enter your account and steal your money.
How can you protect yourself? Some anti-virus programs guard against this kind of thing; others do not. To be safe, you must disable your computer's scripting ability. To do that:
--In Windows XP, click Start>>My Computer. Click Tools>> Folder Options. Select the File Types tab. Click File Types, then scroll to and click VBScript Script File. Click Advanced. In the Actions box, click Open. Click Remove.
If you need to restore scripting, click New. Put Open in the Action box. In the next box, click Browse. Find wscript.exe in
C:\Windows\System32. Double-click it.
--In Windows ME and 2000, the procedure is similar. If you need to restore scripting in Windows ME, the wscript.exe file is in C:\Windows.
--In Windows 98, you must disable Windows Scripting Host. Click Start>>Settings>>Control Panel. Double-click Add/Remove Programs. Select the Windows Setup tab. Double-click Accessories. Click the box next to Windows Scripting Host to deselect it. Click OK>>Apply>>OK.
This attack is not yet a threat in the United States. But it is only a matter of time. Do not fail to protect yourself. And forward this newsletter to your family and friends.
Hope this helps! And thank you for listening to the show. Be sure to tell 10 friends. It doesn't matter where they live, by the way.
Kim :)
----------------- From www.komando.com --------------------
Hey Chickiepoo (Ellie), Thank You So Much for this Post!
I am bookmarking this post for future use, as I followed your instructions and remove that open port. I will bookmark this post for restoration purposes in the future, this is really great! Maybe, we should start referring to you as our: "Computer !" We already have a Momzone , ( katey-Marie!) We could always use more (s) like yourselves!
A new and very dangerous Internet attack
.
Ah well---
!" We already have a Momzone 
.gif "groovy")
Linear Mode
