'Users just don't learn'
Got your own spyware horror story?
Two months ago, I was tasked with inspecting a computer that was running unreasonably slow. At first glance, it was obvious that the problem was malicious code. I installed AVG Anti-Virus and scanned. To my horror, AVG found more than 200 infections in a matter of minutes, and Ad-Aware refused to install. The Windows firewall was in ruins, completely disabled. On top of this, a 2.6GHz processor couldn't get a basic program like Notepad to open in less than a minute.
I put up with it long enough to scan the whole computer and clean the viruses. The system performed quite a bit better as a result. But little did I know, the case was not closed.
A month or so later, I got a call from the same person, whose son was trying to run a game called Maple Story. Since it wouldn't run, it was once again my task to fix this machine. I went to the house (figuring, Maple Story might just be having network problems that I couldn't fix from my home), only to find that the computer was worse off than it was before.
This madness lead to a system reinstall, the only logical course of action for a Windows machine. However, this particular incident made me realize the biggest reason malicious software authors do damage: users just don't learn.
This same family called me three times in three months for the same crime: malicious software. They weren't told anything by the first tech about how to keep their system clean. However, I told them. Specifically:
1. Keep adware, spyware, and virus scanners up-to-date.
2. Never ever, ever, use Google to find free software downloads. It's got only a few diamonds in the rough. The rough is what kills you. Instead, I pointed them to CNET Download.com, Freshmeat.com, and Sourceforge.net as safe alternatives.
3. If you must go to Google to find what you need, use good judgment. Don't download just anything, and scan anything you download for viruses before you install it.
Now, despite what I thought to be a clear explanation, I find, a month later, that their computer is exactly where it was before. People just don't learn.
Reply from the Download.com editors:
Users' computing habits are undoubtedly part of what makes or breaks their system security, and that's something we often address in this column (see last week's Spyware Horror Story, Gone in 30 Minutes, as an example). It's one of those things, like balanced nutrition and good dental hygiene, that just can't be reinforced too often.
It's interesting you brought up Google as an example of a search tool to avoid. You're right that Google has become such a dominant portal that some users may forget it simply indexes Web listings according to relevance, and that includes pages rigged with mean-spirited code.
Many of these shifty Web sites have gained higher relevancy ratings through the very tags and content buzzwords that legitimate sites use, taking advantage of Google's ranking system to hook more victims. To combat the unknown risks, security vendors offer tools that attempt to identify hazardous site listings for Google and Yahoo search engines--another favorite topic of Spyware Horror Stories--like free and professional versions of LinkScanner and McAfee Site Advisor.
As security experts note, creating and distributing malware can be incredibly lucrative, and underground malware lords and ladies continually craft destructive, invasive, criminal software--despite the consequences if caught. CNET's security expert Robert Vamosi thoroughly discusses the economics of botnets in a recent two-part series.
Most recent horror stories
| 7/25/07 | Gone in 30 minutes |
| 7/18/07 | Character assassin |
| 7/11/07 | Spim doctor |
| 7/5/07 | Un-operating system |
| 6/27/07 | Hating lovepostcards.net |
Award-winning detection combined with ease of use makes Spyware Doctor the only choice for antispyware.
