Michael Jackson Spam / Malware Attacks

It didn't take long for the spammers, scammers, and scumware makers to try to take advantage of Michael Jackson's sad passing.

SophosLabs brings news that,

"Just after about 8 hours of his demise, SophosLabs witnessed the first wave of spam messages employing the sad news in the subject line and body part to harvest victims’ email addresses."

A Computerworld.com article, which also mentions the SophosLabs blog, quotes Sophos security researcher Graham Cluely as saying,

"I wouldn't be surprised to see hackers claiming that they have top-secret footage from the hospital, perhaps [allegedly] taken by the ambulance people, that then asks you to install a video codec"

Then once you click on the supposed codec update link you're instantly infected with a virus / trojan. Blech.

Sad as it is to see criminals capitalizing on such events, we're not surprised. There's no depth too low for virus writers to stoop when it comes to trying to infect and take over your computer.

If you're unsure when the last time your A/V software was updated, you might want to take a look and see; if you're not yet running antivirus / Internet security software, there's no time like the present. I guarantee the people responsible for attacks like these aren't going to be easing up anytime soon--if ever.


Morro: Microsoft's Free Antivirus Software

There's been a bit of a discussion lately about Microsoft's upcoming antivirus software, dubbed "Morro" and currently in beta.

Given the time we've spent in and on Internet security-related software and other matters, I'd like to add another voice on the subject. Some things to consider about Morro:

  Facts about Morro   Considerations
1. "Morro will work by routing all of a users Internet traffic to a Microsoft datacenter, where the Morro application will process the traffic and identify and block malware in real-time, by examining all of the rerouted traffic." Do you really want all of your Internet surfing going through Microsoft's servers?

  1. Aside from antivirus detection, how else will they be using this information to profile you?
  2. What happens when, as invariably will happen, Microsoft's servers go down or are overwhelmed?
  3. What about if your connection to them is somehow blocked or otherwise interrupted?
2. How will Microsoft use the data other than for virus detection? Even if Microsoft claims to be "anonymizing" data (which I haven't heard any mention of), as AOL claimed it was doing when it released search data, this is of great concern here.

AOL couldn't anonymize it all and released tons of sensitive information including people's social security numbers and credit card numbers.

Does anyone expect anything different from Microsoft in this regard?

Truly, this seems like a privacy nightmare. And then some.
3. "How it will remain free is beyond me.

The only viable way Microsoft makes money out of these things is by providing advertisements to their programs and applications.

This is not only why Windows Live and other Microsoft products are free, but you’ll find it’s why the Internet as a whole is pretty much free."
Source: ibid

I'm with Zack on this, and I'll throw in one more thing: what happens when it's time for support?

My own personal experience of calling Microsoft for help--even when I paid their absurd $195.00/call for their so-called "enterprise support"--was, to be purely honest: useless in upwards of 75% of the cases.

In one instance, I called in noting precise URLs to the MS technician revealing that they had a hotfix that would solve my problem, and only after climbing through hoops for nearly an hour did the tech email the patch to me.

In another instance, I called looking for support with a licensing issue, and after, literally, over two dozens calls and transfers, they acknowledged the problem as theirs and solved it.

I'm sure others have had different experiences with Microsoft's support, but the real question here is, "What kind of support do people expect on a free product?"

Given that the best antivirus software out there for 2012 can be had for under $20 and that you get full-fledged U.S. based telephone tech support for your $20, it seems a truly small price to pay for such high-quality, fully supported software.
4. "A replacement for Live OneCare which failed to gain much traction, Morro will, in effect, compete with similar antivirus products from security vendors such as Symantec, McAfee and Trend Micro." Microsoft's initial foray into A/V software was called, "Live OneCare," and it was met almost universally with silence.

After failing to get any noteworthy market adoption, it's now being replaced with Morro.

Given Microsoft's history of abandoning products, not just in antivirus, but also with music / media with the Microsoft PlaysForSure* files, this begs the question: what else might the unsuspecting consumer be in store for by using the Microsoft A/V product?

[* Microsoft rolled out PlaysForSure in 2004, only to just two years later in 2006, ironically fail to allow music licensed with the Microsoft PlaysForSure to work on their own Zune player.]

We'll no doubt have more news and commentary on Microsoft's Morro Antivirus as more details become available.


Antivirus Companies Fined for Autorenewing Subscriptions

It should come as no surprise that we're big believers in antivirus software and in keeping antivirus software updated; however, as any customer we've gone to bat for with the various vendors will testify, we're also consumer advocates.

Today, we got news that Symantec (makers of Norton Antivirus) and McAfee (makers of McAfee VirusScan Plus), two companies for which we have tremendous respect, have both reached a settlement with New York's Attorney General, Andrew M Cuomo, in a case about autorenewing antivirus subscriptions without the explicit consent of their respective customers.

Here are the details from the article about the antivirus renewal settlement on PCPro.co.uk:

"The investigators found that, 'information about automatic renewal charges was not clearly disclosed, but was instead hidden at the bottom of long web pages or in the fine print of license agreements.'

"The companies have now agreed to provide electronic notification both before and after the renewal of subscriptions.

"Customers will also be allowed to apply for refunds for up to 60 days after being charged."

Autorenewals themselves aren't necessarily a bad thing; in fact they can be quite beneficial to the consumer in that they obviate the need for a consumer to remember to renew antivirus subscriptions, thus keeping their computers safer.

The key thing here is that the consumer is well-aware of the renewals rather than being hit with them after the fact and only finding out about them on their credit card statements.

If you're uncertain what the terms of your antivirus software subscription renewal are, it's a good idea to find out when it is, and if you're due soon, remember to take a look at other antivirus options before yours expires.

After all, because the malware writers are getting smarter every day, the antivirus software has to get smarter, too, so a lot happens from year to the next with antivirus software.


Antivirus Testing for Windows 7

We've gotten a few requests in Ye Olde Mailbag recently asking if we're planning Windows 7 antivirus reviews anytime soon.

That depends on what you consider "soon," frankly. ;-)

With the fairly recent public release of Windows 7 beta (for free, no less!), clearly the initial reviews of the OS are good, and it's clear even though it's officially labeled a "beta" product, it's very, very good.

The general consensus is that's it's everything Vista should have been.

Given the loud backlash against Microsoft for Vista, I'm glad Windows 7 is starting with such good reviews.

Do You Need Antivirus with Windows 7

With Vista's release, Jim Allchin, Microsoft's former President was quoted at betanews.com as saying,

"My son, seven years old, runs Windows Vista, and, honestly, he doesn't have an antivirus system on his machine.

"His machine is locked down with parental controls, he can't download things unless it's to the places that I've said that he could do, and I'm feeling totally confident about that.

"That is quite a statement. I couldn't say that in Windows XP SP2."

That really is quite a statement; however, he also pointed out,

"Please don't misunderstand me: This is an escalating situation.

The hackers are getting smarter, there's more at stake, and so there's just no way for us to say that some perfection has been achieved.

But I can say, knowing what I know now, I feel very confident."

Given that, as company president, it was his job to be tout the features and benefits of his company's products, I'm not surprised by the first statement, per se; however, I do think it was cavalier of him to be dismissive of antivirus software.

Here we are now, a couple of years into Vista, and clearly Vista machines are indeed being infected with viruses, worms, trojans, spyware, and all sorts of other malware (albeit perhaps in different ways that different versions of Windows) so it's pretty clear these things are still a threat to this OS as they are to other OSes.

And, viruses will continue to be a threat to Windows 7, too, no matter how well locked-down a given computer may be.

So What About Windows 7 Antivirus Reviews?!

Ah, yes, back to the original point: when are we going to get antivirus reviews up for Windows 7?

We've got some other things cooking right now with tons of new pages that help our users do a head-to-head antivirus comparison of the different A/V software we've reviewed, but once that's done, Windows 7 antivirus reviews look like they're next on the horizon for us.

The initial expectation is that A/V software that runs well on Vista should also run equally well (and perhaps better) on Windows 7.

If you're technically inclined and are interested, here's where to download Windows 7.


Sluggish System? Your Antivirus Software is Probably to Blame

While many consumers are starting to realize the importance of antivirus software, many are unaware of the significant differences in performance from one antivirus program to another.

Why is this so important?

Realizing that many consumers just go with whatever is pre-installed on their system when they get it or with whatever their ISP installs/recommends, it seemed important to question the rationale behind that.

Often, the security application that has been installed is chosen for one reason: money.

Understanding the relationship between the PC manufacturers and ISPs and the antivirus vendors is an easy one: the AV makers often pay to have their software installed (if not, they often let the manufacturers install it for free.) Huh?

The reason is, the A/V makers realize that many, if not most, consumers will renew their antivirus subscription when it expires, thus while they may have to "pay" for their antivirus software when they get their computer, they do buy the renewal subscription.

And, once they're in there, they have a revenue stream from you.

Sluggish System?

So, you're cruising around with your PC for a while--maybe even a year or more, when it just doesn't feel as fast as it once did.

All those files and pictures and videos you've created and viewed over the many moons you've had your computer are stored somewhere, often they live in your Temporary Internet Files directory.

Over time, as these files accumulate in the various places of your hard drive, your antivirus software has to work harder and harder to keep up.

What happens next is where it gets ugly.

You get fed up with it slowing things down and disable it, "just to get some stuff done."

The problem is the software stays off for a while--sometimes for a long while, maybe even forever.

Now that antivirus subscription you just renewed is totally, completely, utterly useless.

Real Antivirus Solutions

What this boils down to is that choosing your antivirus software, and not just taking the easy route, is critical.

This is part of the reason we rate VIPRE antivirus so highly: it's highly efficient and uses very few CPU, RAM, and system resources to keep your computer safe and virus-free.

We're not the only ones saying this, either. I just came across a VIPRE review from August 2008 on ZDNet's Hardware 2.0 blog by the much-respected Adrian Kingsley-Hughes.

The lowdown:
"Security software can have a shocking effect on performance, and can take a new system and make it feel like one that’s a few years old.

I’m pleased to see that Sunbelt Software’s claim that VIPRE doesn’t hog system resources and doesn’t slow down a PC isn’t just marketing hyperbole but is actually true."

(N.B. emphasis mine)

Adrian's images, originally located here ZDNet (archived now at our site), really tell the story about VIPRE well. (Visit ZDNet for complete details.)

In his review, he compares system performance with:
Take a look at the below images and judge for yourself...

Original source: http://i.zdnet.com/blogs/av_shootout_system01.png

Original source: http://i.zdnet.com/blogs/av_shootout_system02.png

Original source: http://i.zdnet.com/blogs/av_shootout_system03.png

It's good to see we're not alone in leading antivirus review sites singing VIPRE's praises, they're well-deserved.