*sniff, sniff* What's that I smell, CrapWare?

Why write something original when someone else already did, that's what I always say. Machines are loaded for bear (that's a technical term) with all manner of junk we (mostly) invite onto our computers. And the question people always have for me is, 'how did I get that?' Often, they follow with 'Don't I have antivirus software installed?' To them I say, 'Leave me alone, I'm Googling Justin Bieber to figure out who/what he/that is!'

But after I calm down and they give me a twenty, I tell them, no matter what you do, you're pretty much hosed. The fact is, you probably did it to yourself, although that is nothing to be ashamed of. Some sites you just need to visit to get the pop-up, and they come up fast, so you may even accidentally click on a naughty bit. Or, you get duped into thinking it is really from your antivirus, or from Windows itself.

Well, Bob Sullivan posted a nice piece on his top 5 internet scams recently. If it is still up, check out his blog here.

If the link is broken, here are my two favorite parts:

Fake or "rogue" anti-virus software
We've all seen the pop-ups: "Your computer is infected! Get help now!"
If you've ever clicked through such an ad (really, a hijacking), you know that the price for freedom is $20 or $30 a month. At first, the ads were clunky and the threats idle. But now, many pop-ups are perfect replicas of windows you would see from Windows or an antivirus product. Some sites actually employ so-called ransomware, which disables your PC until you pay up or disinfect it with a strong antivirus product. That's why consumers forked over hundreds of millions of dollars to fake antivirus distributors in 2009, according to the Federal Trade Commission.

Your best bet? Make a plan now. This is the one scam that just about anyone can fall for. The best protection of all is to back up your important files, so the day your computer is hacked, your digital life won't be on the line. It's also important to have a fire extinguisher nearby. A second PC or laptop is often your best help when disaster strikes. Many viruses disable Internet access, so you'll need a second computer to research your infection and download disinfectant software. Have a flash drive nearby, too, so you can move the inoculation from one computer to the other.

Meanwhile, if you aren't paying for antivirus software, at least employ one of the popular free products like AVG or Windows Defender
Becoming a bot
You may not know it, but your computer might be a criminal. Botnets -- armies of hijacked home computers that send out spam or commit other crimes -- remain the biggest headache for security professionals. The various botnets ebb and flow in size, but at any given time, tens of millions of computers on the Web are under the influence of a criminal. No one thinks it's their PC, of course, but look at the odds. If one estimate claiming 100 million infections is accurate, then about one out of every 20 computers in the world is infected. In other words, someone in your extended family is aiding and abetting a spammer.

How can this be? Victims typically don’t notice the criminal activity. Cyberthieves can easily use your machine without leaving a trace or slowing down your PC performance. They do not deposit e-mails in your sent items folder. Instead of sending 1 million e-mails from your machine, they send one e-mail every hour from 1 million infected machines.

Any honest antivirus company will tell you that there is so much new malicious software created every day that the good guys simply can't keep up. The Web is jammed full of e-mails and Web sites that can turn your home computer into a bot. Your PC could very easily be safe today but at risk tomorrow. That's why it's so important to keep your computer's security tools up to date. But you shouldn't assume that this will keep you 100 percent safe. Avoid the Web's seedier side, and don't let the kids download illegal music or games, a main source of infections. And always keep on the lookout for strange programs, files or surprising hiccups from your machine.


Now, the thing to note in the second one is the part about antivirus companies not keeping up. It's true. And when you find one that is best, most likely in 6 months to a year, it won't be any more. And the bots are tricky. Qwest keeps shutting down a client of ours, and we have run full tests with Symantec Antivirus, MalwareBytes and ComboFix on every machine and find nothing. Sure, any geek can say 'whu-hay! that's crappy software and you should be using blahblahblah...' but that's not very helpful, now, is it? For this client, being a non-profit meant getting Symantec for like $50 for their whole server environment - too good to pass up. It is not realistic to say that what is likely the market leader is not good enough, even if it's true. I.T. guys can hardly keep up with what product work which week and how well, much less your average business owner.

So what is the take-away?

Get smart. You have to pay more attention to your computer if you want to avoid this stuff. Know what antivirus you have, so you are not fooled by the fakery. Buy your kids an xbox - it's cheaper than cleaning off your PC. Honestly, I would keep kids off your PC for anything but homework until they can afford to FIX the computer you are likely going to give them. Seriously. Teach them that responsibility early. Clicking on the link their idiot friend sent them will be less appealing if they think about having to fork over $150 or more to have a decent technician remove their crapware.

I have to get back to work now, but I thought Bob's blog post was too good not to reproduce without his consent.