Common Internet Threats

Internet security, for you, means taking steps to prevent unauthorised access and/or damage to your computer systems which are connected to the internet or from installing unregistered software.

Hotkey has provided you in this newsletter, information on the most common internet security threats and issues. We strongly recommend that you read this information as the best defence is understanding the threat!

What is Spam?

Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers rather than by the sender.

Why am I receiving emails not addressed to me?

One of the most common ways of sending SPAM is to put one or more legitimate looking names (or email addresses known to have replied in the past) in the "TO:" field, followed by numerous addresses in the "BCC:" field which you are unable to see. This process makes the email appear more legitimate and quite often all the addresses are from within a single domain name (eg. hotkey.net.au).

This explains why the SPAM email that you received often will appear to be addressed to someone with a name or username similar to yourself, ie, your email address is in the BCC field where you cannot see it, so the email appears to be addressed to anyone else but you.

How is my email address known to spammers?

The more common ways for spammers to find your address are:

  • You may have used your address on a website for registration or to leave a comment.
  • You may have posted to a newsgroup or bulletin board, used your email address with a chat room or instant messenger application.
  • Your email address is, or very close to, a common name or word.
    eg john@hotkey.net.au
  • Your email has been randomly attacked. Spammers often utilise random generators to compile a list of possible targets.
  • An email you have sent to friends has been on forwarded by them to their friends and so forth.
  • A virus has infested your computer, or the computer of someone you know.

How do I stop spam?

As SPAM often is sent from overseas sites, we are unable to control it's content and/or availability. To further reduce SPAM we suggest you follow these steps:

  • NEVER reply to SPAM, as a reply will often lead to more SPAM being sent as the sender now knows that your account is in fact a "live" address. This often also extends to unsubscribe methods employed by spammers, so be wary of any lists you can't remember subscribing to that ask you to reply and unsubscribe.

  • Setup filtering rules within your email client to automatically move and/or delete email sent to you with undesirable content. This will remove the nuisance of deciding what to do with them later. For more info please visit this page.

  • Once you have identified the source of the SPAM (only use the header information to do this) you may wish to report it to the originating ISP. For further information on this, please refer to the various websites dedicated to the reporting of abuse, such as Abuse or SPAMCop.

  • You can also visit the ACMA's (Australian Communications & Media Authority) Spam and e- Security Information Webpage as well as report both Australian and Overseas SPAM there.

  • Be mindful as to the information you provide to web sites, especially those asking for your email address. Most legitimate web sites offer a Privacy Policy which explains how they use/share the information you provide to them. If you are providing your email address in a public forum (eg. newsgroups, bulletin boards, unknown web sites) you may wish to make your e-mail address invalid
    (eg. username@NOhotkeySPAM.net.au) - this will allow legitimate users to simply remove the NO and SPAM from the address prior and stop any unwanted e-mail from being automatically sent.

  • Signing up to newsletters, membership websites; be sure to read the fine print when ticking a check box when you are registering your email address. There can be little innocent statements like "Yes, I want to be contacted by 3rd parties concerning products I might be interested in." In most cases that check box can already be ticked and your email address will be given to a spammer.

  • You can also represent your email address if it needs to be on a website as 'username at hotkey dot net dot au', instead of the standard form, or even place a graphic image of your email address instead of the written form. Be aware that there are many image programs employed by spammers that can still decipher your email address if it is in an image format, so it is still a good idea to obscure your email address as above.

  • Using your real/primary email address anywhere on the web can put it at risk of being picked up by a spammer. There are a number of free email services you can sign up to, to use as an email across the web. Some popular free email services: GMAIL, Yahoo, Hotmail.

What is Phishing (pronounced "fishing")?

In computing, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.

How do I avoid becoming a victim?

Hotkey staff members will never ask you for your username or password via e-mail. If you ever receive an e-mail asking for these things then it is most likely fraudulent. These e-mails may have links in them which take you to a site that asks you to reset your password by typing it in. This is another practice that Hotkey does not follow.

If you ever have any doubt about any suspicious looking e-mails please call Hotkey support

What do I do if I have become a victim?

You should immediately phone Hotkey Support (1300 HOTKEY) and ask to change your password. This will make sure that unauthorised people cannot use your details for anything.

What is a Virus

Viruses are computer programs with the sole purpose of destroying data on your computer. The virus may only destroy unimportant files, or it may decide to erase all of your document files. A virus can cause an infected computer to do funny things on certain dates, as well as issue serious commands such as erasing your Registry file, thus disabling the operation and booting up of computers.

Viruses are spread through executable files we either get from friends, download off the net, or install through a floppy disk. A virus will often come disguised under the cloak of a Trojan, which is the carrier for the virus.

How serious is a virus?

Viruses are the most common form of computer infection. They range from being inconvenient (ie slowing down your computer response time) to very harmful (where a format of the computer would be the only way to remove it).

What is a Worm?

Worms operate differently. They work in a way such that they keep replicating themselves over and over in your system.

Worms generally come through our email client, but people can also get infected if they accept a Trojan File which has as the payload a worm. If you receive a worm program through your email, and then execute it, this program sends the worm file out to every email address listed in your email address book. If you work in a major corporation, this could means hundreds of people, and so the multiplying continues.

What is a Trojan?

When you think of Trojans, you would normally think of the Wooden Horse, that had soldiers hidden in it, and attached Troy by surprise. Computer Trojans are based on the same idea; what can appear as a useful program or a harmless site can be hiding a small Trojan program that once it has infected your computer, it opens a backdoor that will allow and intruder to remotely gain access to your computer.

Trojan Example

A simple example of a Trojan horse would be a program named "waterfalls.scr" where its author claims it is a free waterfall screensaver. When run, it instead unloads hidden programs, commands, scripts, or any number of commands with or without the user's knowledge or consent.

Some Examples of Trojan Horse damages:

  • Erasing or overwriting data on a computer
  • Logging keystrokes to steal information such as passwords and credit card numbers
  • Corrupting computer files in a subtle way
  • Upload and download files (could cost you lots in excess data charges if you are not on a price-capped plan)
  • Spying on the user of a computer and covertly reporting data like browsing habits to other people

Methods of deletion

Since Trojan horses have a variety of forms, there is no single method to delete them. The simplest responses involve clearing the temporary internet files on a computer, or finding the file and deleting it manually (safe mode is recommended). Normally, anti-virus software is able to detect and remove the Trojan automatically. If the antivirus cannot find it, booting the computer from alternate media (CD) may allow an antivirus program to find a Trojan and delete it. Updated anti-spy ware programs are also very efficient against this threat.

What do I do if I have become a victim?

Disconnect your computer from the internet immediately, to prevent further spreading of the virus and contact a technician to have it removed properly.

Tips and Tricks

Email attachments

You generally can't send someone more than a couple of full-size digital photos as an e-mail attachment; those files are too big, and they'll bounce back to you.
Instead, use a photo orginizing program that can automatically scale down photos in the process of e-mailing them.

Conversion Tool

Google is also a units-of-measurement and currency converter. Try yourself by typing "teaspoons in 1.3 gallons" or "euros in 17 dollars" Click Search to see the answer.