How To Check Whether You are Victim of RATS or not ?

In this post i am going to show you how to find out when you are infected with a RAT or Keylogger, without using any complex tools. Now i believe most of you might know that you need to have an internet connection to make a RAT or a Keylogger work, which would mean, if you are not connected to internet, you don't have to worry about being infected with RAT or Keylogger. Ok, so for those who have internet connection and think they are being infected with a Trojan, here is a little guide that can solve your problem.

1. Now every program has their own process which can be seen on task manager. So the first thing to do is to find out which process the Trojan is being attached to. If you see some unknown process search that on google. A good hacker will always makes sure he hides its process with a Windows based Process, for eg. svchost.exe or something like that.

2. If you cant find, then the next thing you can do is use cmd (to open cmd prompt, Click on Start--->Accessories-->Command prompt).

3. Once Command Prompt is opened, use this command: netstat -an |find /i "listening"

Note: The NETSTAT command will show you whatever ports are open or in use, but it is NOT a port scanning tool!

Now we wonder What this Command does? This command will show all the opening ports. Now check for any unknown port.

4. You can skip step 3 if you want, and can do this instead.

Open command prompt and type netstat -b

Now this command will show you the active connections with the process with their PID (Process Identifier) and also the packets.
Look out for SYN Packets and the Foreign address its been connecting with , check the process its been associated with, check the ports also. If you find that its connecting to some unknown ports, then you can say you have been backdoored.

5. Go to your task manager. On the top of it, click on View---> select Column---> Tick on PID (Process Identifier).
Match the suspicious Process with the Processes In task manager, check PID also.

Now most of the RATs resides on Start up. How to delete them from start up?

a) Go to regedit ---> HKLM\Software\Microsoft\Windows\Current version\Run

On the Right hand side, check for the process name which you find on step 4. if its not their. Check at
HKCU\Software\Microsoft\Windows\Current Version\Run
OR
Open Cmd prompt & type start msconfig. Go to Startup tab, you can check the startup process there

10 Tips to Avoid Getting Adware

10 Tips to Avoid Getting Adware

Adware, malware, spyware and viruses can bring your system to its knees. They are detrimental, lowering the performance of your computer. You might need to replace data. You might lose unique files. Keep the nasties away from your computer using these ten simple tips.
1. Use Firefox: Internet Explorer is the most popular browser on the market, controlling over 50% of the market share. The virus and adware creators specifically look for exploitable vulnerabilities within IE because they know that they will receive the best return on investment. Your switch to Firefox prevents some adware from infecting your machine.
2. Scan your PC once a week: Sometimes adware programmers take a sneaky approach. They will set up their programs to run quietly in the background to spy upon your activities. This once a week scan is necessary to remove any of those sneaky bugs.
3. Download from known sites: New sites for installing adware are popping up all the time. If you find something that you want to download, make sure that it is from a known site. A company like Amazon will not steer you wrong. If you are not sure whether you can trust a site, perform a quick search.
4. Install Adaware: Ad-Aware is the most popular free adware removal program on the market. It detects, quarantines and removes adware. It searches for other programs which may have been installed, highlighting them in an easy to use interface. This program does not have an anti-virus attached.
5. Do not click on unsolicited email: You are constantly receiving offers to increase this or improve that through unsolicited email. Your curiosity may be killing you, but don’t click on these emails. They accept your click as permission to install adware, spyware and malware on your PC.
6. Install Antivirus software: Installing two programs for virus and adware protection is a smart idea. It caters to the strengths of each program, increasing the overall strength of your antiadware and antiviral campaign. Some of the best antivirus software is free, providing real time protection. Programs to look at would be Avast Antivir and AVG.
7. Don’t install toolbars: Even some reputable sites install custom toolbars. They slow your system down and collect information about your surfing habits. While a toolbar might offer some perks, it may also diminish your experience by dragging your system to a halt. Toolbars from less reputable places install adware and sometimes infect your system outright.
8. Look at your task manager: If anything seems out of place with your computer, take a look at your task manager. This tells you about all of the programs and processes which are running on your computer. Examine the processes tab for anything which you don’t immediately recognize. Perform a web search for unfamiliar processes.
9. Do not click on popups: Clicking on a popup usually spells certain doom for your computer. It opens the door for the viruses and adware that want to infect your machine, telling these malicious applications to make themselves at home. Stay away from those constantly advertised screensavers and icons.
10. Trust your gut: If you don’t feel right about a site, don’t go there. If you are receiving warnings from the antivirus and antiadware programs which you’ve installed, don’t go there. If you don’t like the layout of a site, don’t go there. Trust your instincts about sites.
With proper vigilance, you can keep aggravating adware, spyware and malware from your machine. Trust your instincts. Install Ad-Aware and an antivirus program. Play it safe. The care you spend in preventing adware from infecting your machine can save money and time.

How do Email Spam Filters Work

If you are the one who works with emails on a daily basis, you are most likely to be using a SPAM FILTER to ease the job of sifting through a large number of spam emails every day. Needless to say that spam filters do make our job a lot simpler by automatically filtering out the spam without which it is almost impossible to manually filter the junk emails that arrive in millions each day. However, it is often necessary to have a basic knowledge of how spam filters work and on what basis they flag an email as spam.






How Spam Filters Work?

There are different kinds of spam filters:



Header Spam Filters

Header spam filters work by examining the header information of a particular email message to check if it appears to have been forged. The header of every email contains information which tells the origin of the email. ie: The incoming email ID and usually the IP address (server address) of the sender. So spammers often forge the header to input a false sender ID and IP address so as to make it difficult to trace them. Thus if an email is supposed to have a forged header or if the same message is found to have been sent to multiple recipients, it is most likely considered as a spam by many filters. This method of spam filtering is often quite effective, however occasionally it may result in some of the requested newsletters from being misdirected into the spam folders.



Content Spam Filters

Content spam filter is one of the most effective and widely used filter to combat spam emails. They use a sophisticated algorithm with a set of pre-defined rules to determine whether a given email is a spam. They work by scanning the entire text/body of the email to search for specific words and patterns that make them resemble a typical spam message. Most content spam filters work based on the following criteria and check to see



1. If the message speaks a lot about money matter. Commonly suspected words include: lottery, discount, offer, bank account, money back guarantee etc.


2. If the message contains adult terms like: viagra, pills, bed, drugs, hot and so on.

3. If there is any sort of urgency. Most spam emails call for an urgency by using terms such as hurry, offer valid till etc.


4. If the message contains a single large image with little or no text then it is often considered as spam by many filters.


Each content spam filter may have it’s own set of additional rules using which it evaluates each incoming email. In most cases content and header spam filters are combined together to achieve higher level of accuracy.



Language Spam Filters

Language spam filter is designed to simply filter out any email that is not in the user’s native language. Since spammers come from all parts of the world with different languages, a language spam filter can help get rid of those annoying emails that come in the languages that you can’t read!



User Defined Spam Filters

User defined spam filters can be very handy, however they need a considerable amount of time investment in configuring and setting up a set the rules using which the filter works. For example, the user can configure to have all the emails from friends and company to reach the inbox, newsletters to reach a secondary inbox and all those remaining to the spam folder. Here the user must carefully examine the patterns of spam emails that he receives from time to time and needs to set up the rules accordingly. This filter when improperly configured can sometime lead to false positives or false negatives.



Other Types of Spam Filters

Popular webmail services like Gmail, Yahoo and Hotmail combine both header and content spam filtering techniques. In addition to this they also use their own algorithms to combat spam. For example services like Gmail uses “optical text recognition” to identify spammy text inside an image. Also users are provided with an option to “Report Spam” whenever a spam email accidentally reaches the inbox. With the user feedback, the filter learns and becomes more powerful in carrying out the filtering process.

What to do when your Email Account is Hacked?

It can be a real nightmare if someone hacks and takes control of your email account as it may contain confidential information like bank logins, credit card details and other sensitive data. If you are one such Internet user whose email account has been compromised, then this post will surely help you out. In this post you will find the possible ways and procedures to get back your hacked email account.






For Gmail:



It can be a big disaster if your Gmail account has been compromised as it may be associated with several services like Blogger, Analytics, Adwords, Adsense, Orkut etc. Losing access to your Gmail account means losing access to all the services associated it with too. Here is a list of possible recovery actions that you can try.



Step -1: Try resetting your password since it is the easiest way to get your account back in action. In this process Google may ask you to answer the secret question or may send the password reset details to the secondary email address associated with your compromised account. You can reset you password from the following link



Gmail Password Reset Link


If you cannot find success from the Step-1 then proceed to Step-2.





Step-2: Many times the hacker will change the secret question and secondary email address right after the account is compromised. This is the reason for the Password Reset process to fail. If this is the case then you need to contact the Gmail support team by filling out the account recovery form. This form will ask you to fill out several questions like



1. Email addresses of up to five frequently emailed contacts

2. Names of any 4 Labels that you may have created in your account

3. List of other services associated with your compromised account

4. Your last successful login date

5. Account created date

6. Last password that you remember and many more…



You need to fill out this form as much accurately as possible. It is obvious to forget the dates of last login, account creation and similar terms. However you need to figure out the closest possible date/answers and fill out this form. This is your last chance! The more accurate the information filled out in the recovery form, the more the chances of getting your account back. You may reach the account recovery page form the following link



Account Recovery Form

For Yahoo and Hotmail:



Unfortunately for Yahoo/Hotmail there is no second option like filling out the form or contacting the support team. All you need to do is either answer the secret questions that you have setup or reset the password using the secondary email option.



To initiate the password reset process just click on the Forgot password link in your login page and proceed as per the screen instructions.





I hope this post will help you recover the lost account. I highly recommend that you also read my post on How to protect your email account from being hacked and Tips to find unauthorized activity on your Gmail account so that you always stay protected

Phishing Tools Available Online

Tools that can help people potentially defraud innocent surfers are available for free download on the internet, it has been claimed.




The do-it-yourself kits provide all the essential tools for launching phishing attacks – those that use spoofed emails and fraudulent websites to trick people into giving out personal financial data.



Phishing scams are on the up. Security company MessageLabs has intercepted an average of 250,000 phishing emails a month so far in 2004, compared to just 14 phishing-related emails back in August 2003.



According to anti-virus company Sophos, the DIY kits contain all the graphics, web code and text required to construct fake websites that look like legitimate online banking or shopping sites. They also include spamming software which would let you send out millions of phishing emails as bait for potential victims.



“Until now, phishing attacks have been largely the work of organised criminal gangs, however, the emergence of these ‘build your own phish’ kits mean that any old Tom, Dick or Harry can now mimic bona fide banking websites and convince customers to disclose sensitive information such as passwords, PIN numbers and account details,” said a spokesman for Sophos.



“There is plenty of profit to be made from phishing. By putting the necessary tools in the hands of amateurs, it’s likely that the number of attacks will continue to rise.”



Surfers that receive a suspicious email that claims to come from an online bank or e-commerce site should delete them and not click on any included links

How to Protect an Email Account from being Hacked

Today in this post I’ll teach you how to protect your email account from being hacked. Nowadays I get a lot of emails where most of the people say “My Email account is hacked please help…”. Now one question which arises in our mind is:”Is it so easy to hack an email account? OR Is it so difficult to protect an email account from being hacked?”. The single answer to these two questions is “Absolutely NOT!”. It is neither easy to hack an email nor difficult to protect an email account from bieng hacked.




If this is the case, then what is the reason for many people to loose their accounts?

The answer is very simple. They don’t know how to protect themselves from being hacked! In fact most of the people who loose their email accounts are not the victims of hacking but the victims of Trapping. They loose their passwords not because they are hacked by some expert hackers but they are fooled to such an extent that they themselves give away their password.



Are you confused? If so continue reading and you’ll come to know…



Now I’ll mention some of the most commonly used online scams which fool people and make them loose their passwords. I’ll also mention how to protect your email account from these scams.



1. WEBSITE SPOOFING



Website spoofing is the act of creating a website, with the intention of misleading the readers. The website will be created by a different person or organisation (Other than the original)especially for the purposes of cheating. Normally, the website will adopt the design of the target website and sometimes has a similar URL.



For example a Spoofed Website of Yahoo.com appears exactly same as Yahoo Website. So most of the people believe that it is the original site and loose their passwords. The main intention of spoofed websites is to fool users and take away their passwords. For this,the spoofed sites offer fake login pages. These fake login pages resemble the original login pages of sites like Yahoo,Gmail,Orkut etc. Since it resemble’s the original login page people beleive that it is true and give away their username and passwords by trying to login to their accounts.



Solution:



■Never try to login/access your email account from the sites other than the original site.

■Always type the URL of the site in the address bar to get into the site.Never click on the hyperlink to enter the site.

2. BY USING KEYLOGGERS



The other commonly used method to steal password is by using a Keylogger. A Keylogger is nothing but a spyware. The detailed description of keylogger and it’s usage is discussed in the post Hacking an email account. If you read this post you’ll come to know that it is too easy to steal the password using a keylogger program. If you just access your email account from a computer installed with keylogger, you definitely loose your password. This is because the keylogger records each and every keystroke that you type.



Solution:



Protecting yourselves from a keylogger scam is very easy.Just install a good anti-spyware program and update it regularly. This keeps your PC secure from a keylogger. Also there is a program called Anti-keylogger which is specially designed to detect and remove keyloggers. You can use this program to detect some stealth keyloggers which remain undetected by many anti-spyware programs.

3. ACCESSING YOUR EMAIL ACCOUNT FROM CYBER CAFES



Do you access your email from cyber cafes? Then definitely you are under the risk of loosing your password.In fact many people loose their email account in cyber cafes. For the owner of the cyber cafe it’s just a cakewalk to steal your password. For this he just need’s to install a keylogger on his computers. So when you login to your email account from this PC, you give away your password to the cafe owner. Also there are many Remote Administration Tools (RATs) which can be used to monitor your browsing activities in real time.



This doesn’t mean that you should never use cyber cafes for browsing the internet. I know, not all the cyber cafe owners will be so wicked but it is recommended not to use cafes for accessing confidential information. If it comes to the matter of security never trust anyone, not even your friend. I always use my own PC to login to my accounts to ensure safety.



So with this I conclude my post and assume that I have helped my readers to protect their email accounts from being hacked. Please pass your comments…

Tips to Improve Email Privacy

Many websites ask for your email address when you shop online, download a free software etc. But do you know that this has a chance of affecting your email privacy through Spam emails?




Though most websites don’t use spamming as an email marketing strategy, there are a few that use junk emails that don’t care about anti-Spam laws. Here are some tips to maintain your email privacy from such threats.

Before submitting your email address you need to check the reputation of the company. Reputed websites would normally follow the right email practices to ensure your email privacy. Such companies will never want to loose their hard earned reputation by getting blammed for spamming.



See whether the websites provides email privacy statements. You need to go through these statement in detail, and know about the kind of emails that will be sent to you, how often etc. Based on this you can decide on whether you need such emails. You don’t want to give your email address to some fraud company that is thinking about handing over your email address to hundreds of other websites.



Finally, check whether the website really respects your privacy. Often you will find some text like “I agree to receive email” that comes with a check box. You can agree to receive emails by checking the check box. If the check box is already checked, it is just a good indication that the website doesn’t respect your privacy. So watch out!

Tips to Find Unauthorized Activity on Your Email Account

Do you suspect that your email account is under attack? Do you want to maintain total security of your email account and make it 100% hack proof? Well, Some times our email account might have got hacked and we may not be aware of that. We may believe that our email account is safe, but in reality our private and confidential information may be falling into the hands of a third person.


Here are some signs of unauthorized activity on an email account.


1. Your new emails are marked as Read even if you’ve not read them.

2. Your emails are moved to Trash or even permanently deleted without your notice.

3. Your emails are being forwarded to a third party email address (check your settings->forwarding).

4. Your secondary email address is changed.



If you come across any of the above activities on your email account, then it is a clear indication that your email account is hacked.


Additional Security Features in Gmail to ensure the Safety of your Account



Gmail provides an additional security feature to protect your email account through the means of IP address logging. That is, Gmail records your IP address every time you login to your Gmail account. So, if a third party gets access to your account then even his/her IP is also recorded. To see a list of recorded IP address, scroll down to the bottom of your Gmail account and you’ll see something like this.

You can see from the above figure that Gmail shows the IP address of last login (last account activity). You can click on Details to see the IP address of your last 5 activities. If you find that the IP listed in the logs doesn’t belong to you, then you can suspect unauthorized activity.



Steps to be carried out to stop unauthorized activity on your email account



If you feel/suspect that your account is hacked then you must immediately take the actions mentioned below



1. Change your Password

2. Change your security question.

2. Remove any third party email address (if any) to which your account is set to forward emails.

3. Make sure that you can access the email account of your secondary email address.

4. Also change you secondary email password and security question.



This ensures that your account is safe from future attacks. But I strongly recommend that you read the following post to protect your email account from being hacked.



How to Protect Your Email Account from being Hacked



Please pass your comments and express your opinions.

How to Protect an Email Account from SPAM

Most of us get SPAM every day. Some of us get more and some little. Even a newly created email account will begin to receive spam just after a few days of it’s creation. Many times we wonder where these spam come from and why? But this question remains unanswered within ourselves. So in this post I will try my best to give every possible information about the spam and will also tell you about how to combat spam.




What is SPAM?



Spam is the abuse of electronic messaging systems (including most broadcast media, digital delivery systems) to send unsolicited bulk messages indiscriminately. Most widely recognized form of spam is email spam.



Where do these SPAM come from?



These spam come only from spammers and never from a legitimate user or a company. These spammers send a single email to hundreds (some times thousands or millions) of email addresses at a time. They either send it manually or use spambots to automate the process of spamming.



Why do spammers SPAM?



The main goal of spammers is to send the spam (unsolicited bulk messages) to as many people as possible in order to make profit. For example, John builds a small website to sell an ebook which gives information about weight loss. In order to make sales he needs publicity for his website. Instead of spending money on advertising, John decides to create an email which contains information about his site along with it’s link and send this email to say 100 email addresses in his contact list. If 1 person out of hundred buy this book john gets $10. What if he sends this email to 1000s of email addresses. He gets $100. Imagine, if he sends this email to 1 Million email addresses he gets $100000.



Now I hope you understood the idea behind spamming. So in order to make money, spammers send their advertising emails to as many people as possible without respecting the recipient’s privacy.



From where do SPAMmers get my email address?



On the Internet there exists many sites who collect the email IDs of people and sell them to spammers in bulk. Most often, people sign up for monthly newsletters and take up surveys. This is the time where these scam sites get their email addresses. Also many spammers collect email addresses by using spambots. These spambots collect email addresses from the Internet in order to build mailing lists. Such spambots are web crawlers that can gather email addresses from Web sites, newsgroups, forums, special-interest group (SIG) postings, and chat-room conversations.



Spammers also use the trick of creating Hoax Emails for gathering a huge list of email IDs. For example, a spammer sends a hoax email which says “Forward this Message to Help Severely Burned Child”. This email claims that 11 cents will be donated to the child’s family every time the message is sent to others. Most of the people believe this and start forwarding this hoax email to all of the IDs in their contact list. In this way the email spreads rapidly and eventually when it reaches the creator (spammer), the spammer gets a huge list of valid email addresses in the email header. When you get these kind of hoax emails, you can see for yourself in the email header which contains a huge list of email addresses of all those people to whom the email is being forwarded to. This is one of the effective methods used by spammers to gather email addresses.



Is SPAMming legal?



Spamming is completely illegal. Yet it is really difficult to stop spammers from spamming since they keep moving from one hosting company to another after getting banned. This makes it practically impossible to catch spammers and prosecute them.



How to protect my email account from getting SPAMmed?



The following methods can be used to combat email spam.



1. Use spam filters for your email account. If you’re using email services like Gmail, Yahoo, Hotmail etc. then spam filters are used by defaut. Each spam filter has it’s algorithm to detect spam emails and will automatically move them to SPAM folder. This keeps your inbox free from spam. However some spam emails become successful to make their way into the inbox by successfully bypassing the filters.



2. Do not post your email address in public forums, user comments and chat-rooms. Give your email address only to trustworthy websites while signing up for newsletters.



3. While taking up online surveys and filling up feedback forms, it is better not to give your personal email address. Instead singup for a dummy email account and use this for surveys and feedback forms.



4. While posting your contact email address on your website use this format: emailaddress [at] yoursite.com instead of emailaddress@yoursite.com. This protects your email address from being indexed by spambots.



5. Do not respond to hoax messages. When you receive a hoax email, avoid forwarding it to your friends. Examples of hoax messages can be found at http://www.hoax-slayer.com/. If you really want to forward it to your friends, make sure that you use “Bcc” (blind carbon copy) option to send the email. This will hide all the email IDs to which the mail is forwarded to.



I hope this helps. Pass your suggestions and feedback via comments

How to Block Unwanted Emails

Do you want to block emails from your ex wife/husband? Do you want to block those annoying offers and newsletters that reach your inbox? Well here is a way to block all those unwanted and annoying emails that you do not want to see or read! With this trick you can block individual email address or the whole domain from which you do not want the emails to come from. Here are the step-by-step instructions to do this.




For Gmail



1. Login to your account
2. At the top-right corner, click on Settings
3. Under Settings, click on Filters
4. You’ll now see an option “Create a new filter“, click on it
5. Now in the From field enter the email address from which you do not want to receive the emails


For ex. you may enter john@gmail .com in the From field to block all incoming emails from this address. However if you want to block the whole domain then use the following syntax: *@xyz.com. Now all the incoming emails from the domain xyz.com will be blocked.


6. click on Next Step, select the action you’d like to take on the blocked emails. You may select the option Delete it so that the blocked email is moved to trash. To unblock the email, all you need to do is just delete the filter that you’ve created.


For Yahoo

1. Login to your account
2. At the top-right corner, click on Options
3. A drop down menu appears, now click on More options
4. In the left panel select the option Filters and click on create or edit filters
5. Now click on Add
6. in the next screen, give a name to your filter and in the From header field enter the email address that you want to block.


Fox ex. john@gmail.com or if you want to block an entire domain then just enter @xyz.com. Dont enter mailto:mailto:*@xyz.com. Select the option Move the message to: Trash and click on Save Changes.


For Hotmail
1. Login to your account
2. At the top-right corner, click on Options
3. A drop down menu appears, now click on More options
4. Click on Safe and blocked senders link under Junk e-mail
5. Now click on Blocked senders
6. Type in the email address that you want to block under blocked e-mail address or domain field.


For ex. Enter mailto:mailto:john@yahoo.com to block the individual email address or just enter xyz.com to block the entire domain.



That’s it. You no longer receive those annoying emails in your inbox. Keep your inbox clean and tidy. I hope this post helps. pass your comments!