What is Office Automation Systems (OASs)

Office automation systems (OAS) are configurations of networked computer hardware and software. A variety of office automation systems are now applied to business and communication functions that used to be performed manually or in multiple locations of a company, such as preparing written communications and strategic planning. 

In addition, functions that once required coordinating the expertise of outside specialists in typesetting, printing, or electronic recording can now be integrated into the everyday work of an organization, saving both time and money.

Types of functions integrated by office automation systems include :

(1) electronic publishing

(2) electronic communication

(3) electronic collaboration

(4) image processing

(5) office management. 

At the heart of these systems is often a local area network (LAN). The LAN allows users to transmit data, voice, mail, and images across the network to any destination, whether that destination is in the local office on the LAN, or in another country or continent, through a connecting network. An OAS makes office work more efficient and increases productivity.

Electronic Publishing

Electronic publishing systems include word processing and desktop publishing.

Word processing software, (e.g.Microsoft Word, Corel Word-Perfect) allows users to create, edit, revise, store, and print documents such as letters, memos, reports, and manuscripts. 

Desktop publishing software (e.g., Adobe Pagemaker, Corel VENTURA, Microsoft Publisher) enables users to integrate text, images, photographs, and graphics to produce high-quality printable output. Desktop publishing software is used on a microcomputer with a mouse, scanner, and printer to create professional-looking publications. These may be newsletters, brochures, magazines, or books.

Electronic Communication

Electronic communication systems include electronic mail (e-mail), voice mail, facsimile (fax), and desktop videoconferencing.

Electronic Collaboration

Electronic collaboration is made possible through electronic meeting and collaborative work systems and teleconferencing.

Electronic meeting and collaborative work systems allow teams of coworkers to use networks of microcomputers to share information, update schedules and plans, and cooperate on projects regardless of geographic distance. 

Special software called groupware is needed to allow two or more people to edit or otherwise work on the same files simultaneously.

Image Processing

Image processing systems include electronic document management, presentation graphics, and multimedia systems. Imaging systems convert text, drawings, and photographs into digital form that can be stored in a computer system. 

This digital form can be manipulated, stored, printed, or sent via a modem to another computer. Imaging systems may use scanners, digital cameras, video capture cards, or advanced graphic computers. Companies use imaging systems for a variety of documents such as insurance forms, medical records, dental records, and mortgage applications.

Office Management

Office management systems include electronic office accessories, electronic scheduling, and task management. These systems provide an electronic means of organizing people, projects, and data. Business dates, appointments, notes, and client contact information can be created, edited, stored, and retrieved. 

Additionally, automatic reminders about crucial dates and appointments can be programmed. Projects and tasks can be allocated, subdivided, and planned. All of these actions can either be done individually or for an entire group. Computerized systems that automate these office functions can dramatically increase productivity and improve communication within an organization.

Apa itu PERSIDANGAN VIDEO?

Sidang video juga dikenali sebagai "telepersidangan video atau telekonferens video dengan singkatan "VTC" merupakan satu set teknologi telekomunikasi interaktif yang membenarkan orang di dua atau lebih lokasi berinteraksi melalui penghantaran video dan audio dua-hala secara serentak. Ia direka untuk ditujukan kepada suatu persidangan dan bukan individu. Ini contoh antara persidangan video yang dilakukan di pejabat-pejabat pada masa kini bagi memudahkan mesyuarat luar kawasan. 

 

  

Sidang video menggunakan telekomunikasi audio dan video untuk menghubungkan orang di beberapa tempat untuk bermesyuarat. Selain penghantaran audio dan visual aktiviti mesyuarat, sidang video boleh digunakan untuk berkongsi dokumen, maklumat paparan komputer, dan papan putih.

Sistem telepersidangan video sepanjang 1990-an berkembang dengan pantas dari peralatan dan perisian proprietari mahal serta keperluan rangkaian yang tertentu, kepada teknologi piawai yang mudah didapati oleh masyarakat umum pada harga yang munasabah. Akhirnya, pada 1990-an, sidang video berasaskan IP (Internet Protocol) mula boleh digunakan, dan teknologi pemampatan video yang lebih cekap dibangunkan, membolehkan sidang video berasaskan komputer meja, atau komputer peribadi (PC). Kini, perisian tertentu atau plugin web, sestengahnya boleh didapati secara percuma, seperti Netmeeting, MSN Messenger, YM dan Skype menyediakan perkhidmatan murah bagi persidangan video walaupun dengan kualiti agak rendah kepada semua.

Ini adalah salah satu contoh video bagaimana persidangan video boleh memudahkan pelbagai urusan antara dua pihak yang menggunakannya.

IS - CAD/CAM

IS

CAD/CAM SYSTEM

KNOWLEDGE WORK SYSTEM support knowledge workers, who create information. Many engineer use COMPUTER-AIDED DESIGN / COMPUTER-AIDED MANUFACTURING (CAD/CAM) system.

Advanced System 3000 Multimedia CAD/CAM for Windows

WHAT IS CAD/CAM

CAD/CAM software uses CAD drawing tools to describe geometries used by the CAM portion of the program to define a tool path that will direct the motion of a machine tool to machine the exact shape that was drawn.

10 ADVANTAGE OF CAD/CAM

Companies that can respond to these consumer demands will be more successful than others.

   1. Concurrent engineering (CE) 

       - Engineering and manufacturing process are enabled simultaneously from shared 3D CAD data.

   2. Higher quality 

       - Due to increased efficiency resulting from the ability to explore a greater number of design iterations during product development.

   3. Lower unit costs    

      - Due to reduced development and prototype expenses.

   4. Rapid prototyping (RP) 

      - 3D CAD models can be used to produce prototypes from Stereolithography and other RP technologies

.

   5. Personnel development 

       - 3D CAD technology provides a challenging environment for employees.

   6. Personnel advancement 

      - A variety of positions regarding the management and supervision of 3D CAD become available to advance employee careers.

   7. Identify and eliminate inefficiencies 

     - 3D CAD develops opportunities for the elimination of inherent inefficiencies in existing work flows and/or practices.

   8. Increased workload capacity  

       - Efficient use of 3D CAD allows the production of more work while maintaining current staff levels.

   9. Greater feedback and control of production operations 

       - 3D CAD enables NC tool paths to be generated, updated, and verified automatically with little human intervention.

  10. Improved overall communications 

       - 3D CAD enables a shift from the traditional paper based design and manufacturing system to a electronic paperless one.

LET ENJOY the video of Concept car CAD/CAM- CNC 5 axis machining....

 

video conferencing system

Cisco Telepresence 3000 conferencing room

Video conferencing system

One of Office Automation System is Video Conferencing System.

What is video conference?

Video conferencing facilitates face-to-face collaboration among companies located in different cities or countries, and within any organization with more than one location. There are thousands of video conferencing solutions for business, education, health care, and government.

Benefit of Video Conferencing

• ·         Helps Company to save time and money with customized video conferencing solutions.

• ·         Company work closely with their clients to deliver unique, highly reliable solutions that are easy for   anyone to use.

• ·         Company stand apart from their competitors because they have true production environment experience.

• ·         To improve communication among the customer while reducing business related travel, an achievement that is good for their bottom line, as well as the environment.

• ·         Decisions are made faster; bringing products or services to market quicker

you may like to know:

Telepresence Meeting System 

What are Decision Support System..???

A decision support system (DSS) is a computer program application tha analysis business data and present it so that users can make business decision more easily. It is an "informational application" (to distinguish it from an "operational application" that collect the data in the course of normal business operation)

Many people think of DSS as a special part of a business, most companies have actually integrated them into their day to day operating activities. For instance, many companies constantly download and analyze sales data, budget sheet, and forecast. They update their strategy once they analyze and evaluate the current result. DSS have a definite structure in business. In reality, however, the data and decisions that are based them are fluid and constantly changing.

DSS are used to collect data, analyze and shape the data that is collected, and make sound dicisions or construct strategies from analysis. Whether computer, databases or people are involved usually does not matter.

It is important to note that although computers and artificial intelligent are at work, it is ultimately up to humans to execute these strategies or formulate the data into a usable hypothesis.

This is how the DSS working...

Sistem Maklumat Organisasi...

Seperti yang kita tahu, sistem maklumat merupakan kumpulan manusia, prosedur, software, hardware dan data. Berdasarkan video di atas, kita tahu bahawa sistem maklumat ini banyak mempengaruhi kehidupan seharian dan dalam pelbagai bidang. Sistem maklumat memberi kesan terhadap perkembangan bidang teknologi, perubatan, pendidikan, perniagaan, dan pembangunan sesebuah negara. 

Dari sudut pengurusan dalam organisasi, sistem maklumat melibatkan banyak pihak dan mengikut tahap seseorang dalam organisasi tersebut. Sistem maklumat adalah penting bagi melicinkan pembangunan organisasi.Setiap organisasi mempunyai bahagian-bahagian tertentu yang bertanggungjawab terhadap keberkesanan organisasi contohnya bahagian pembangunan sumber manusia, bahagian pemasaran, bahagian kewangan, bahagian pembuatan dan sebagainya. 

Setiap bahagian ini mempunyai sistem maklumatnya yang tersendiri dan memerlukan maklumat daripada bahagian lain. Sebagai contohnya, bahagian kewangan memerlukan maklumat berkaitan kos daripada bahagian pembuatan bagi memudahkannya membuat pengiraan untung rugi, dan bahagian pemasaran memerlukan maklumat daripada bahagian pembuatan bagi mengetahui jenis barang yang ingin dipasarkan. Ini menunjukkan wujudnya satu sistem di dalam organisasi yang membolehkan maklumat dikongsi oleh semua bahagian yang terlibat.

Selain itu, maklumat juga disebarkan mengikut tahap dan pangkat di dalam organisasi. Pihak atasan akan memberikan arahan kepada orang bawahannya yang merupakan pihak atasan kepada penyelia. Penyelia pula akan memberikan arahan kepada orang bawahannya. Proses ini akan berterusan sehinggalah aarahan itu mencapai matlamat yang dikehendaki. 

Maklumat beredar di dalam organisasi disebabkan keperluan setiap individu dan bahagian pentadbiran dalam organisasi tersebut. Maklumat yang beredar itu akan terus beredar sehinggalah organisasi mencapai matlamat yang dingini.

world of communication...

I've found this interesting video about the evolution of communication. Now, let the video do the talking...

Jenayah Komputer..??

Jenayah komputer satu masalah etika yang semakin berleluasa. Pernahkah kita terfikir tentang jenayah komputer? Tahukah anda bahawa setiap individu melakukan jenayah komputer samada jenayah besar mahupun jenayah kecil. Jenayah komputer ini adalah seperti merosakkan peralatan komputer, mencuri maklumat daripada komputer, mengubah maklumat dalam komputer bagi tujuan tertentu seperti menjatuhkan orang lain.

Tapi, oleh sebab pengenalan sistem internet yang membolehkan penyalinan dan pengubahan maklumat dapat dilakukan secara maya, jenayah ini sukar dikesan oleh pihak berkuasa. Perkembangan jenayah komputer secara maya ini tidak dapat dibuktikan secara fizikal dan penjenayah terlepas dari hukuman dengan mudah.

terdapat banyak jenis jenayah komputer yang berlaku sekarang, antaranya ialah:

Phishing iaitu menyamar sebagai laman web sah. Penjenayah akan memujuk mangsa mengklik pautan melalui emel dan mendapatkan maklumat peribadi mangsa. Phishing selalunya dilakukan melalui pesanan ringkas dan email. Tapi sekarang ada juga yang mula menggunakan panggilan telefon bagi menarik mangsa.

Cetak rompak ataupun pencabulan hak cipta. Jenayah ini dilakukan dengan menggunakan hak cipta tanpa keizinan. Ianya melanggar hak eksklusif pemilik hak cipta asli contohnya hak untuk mengeluarkan karya yang dihasilkan dan mempunyai hak cipta. Kegiatan memuat turun daripada internet juga merupakan jenayah cetak rompak.

Virus komputer yang disebarkan oleh orang-orang yang tidak bertanggungjawab. Virus-virus ini merbahaya dan boleh menyebabkan kerosakan yang teruk terhadap sesuatu sistem pengkomputeran. Virus-virus ini dicipta sebagai bukti projek penyelidikan, usikan, dan memusnahkan serta menyerang produk syarikat tertentu, menyebarkan maklumat politik dan memperoleh keuntungan daripada pencurian identiti, spyware dan sebagainya.

Kuda Troy. Mesti ramai di antara kita yang tidak mengetahui tentang kuda troy ini. Dalam bidang pengkomputeran, kuda troy merupakan 1 sistem yg mengandungi helah yang kononnya berfaedah atau menarik. Tapi sebenarnya ia mengandungi arahan yang diletak oleh pencipta untuk menceroboh keselamatan sistem komputer apabila sistem kuda troy digunakan.

Ini adalah di antara jenayah komputer yang dilakukan. Antara jenayah lainnya ialah spaming, perisikan komputer, pencerobohan dan sebagainya. Jenayah komputer ini sukar dikenalpasti dan ini menyebabkan penjenayah melakukan jenayah ini dengan suka hati dan semakin berkembang terutamanya jenayah yang melibatkan alam maya.

Bagi mengawal masalah jenayah komputer ini, Akta jenayah komputer 1997 telah dilaksanakan di malaysia pada tahun 1997. Akta ini digunakan terhadap sesiapa sahaja tanpa mengira kewarganegaraan individu itu. Kesalahan di bawah akta ini boleh berlaku di mana sahaja tidak kira samada di dalam atau di luar Malaysia asalkan ia melibatkan komputer yang berada di Malaysia.

Jangan Biarkan Diri Anda Terlibat Dengan 

Jenayah Komputer..!!

Sumber : Wikepedia 

internet troubleshooting

 internet troubleshooting

I believe that every single of internet user have problem when they are trying to access internet. Some question that you ask when having Troubleshooting no Internet access or unable to access few websites are :

1.  Why is HTTP access to a particular site slow or failing? 
2. The WAN (Ethernet) Connection to the Internet (ISP) Seems Intermittent or Drops Completely Connection?
3. Network connectivity may fail when you try to use Windows Vista
4. Some Computers Behind the SonicWALL Cannot Connect to the Internet
5. Unable to access certain websites, either slow or completely failing

How you want to solve it. Lot of problem comes out .But, nothing you can do to overcome these problems. 

Tips of internet troubleshooting

Here I want to share tips when you are unable to access certain websites, either slow or completely failing.

1. Check MTU settings on the WAN interface(s).  An incorrect MTU is the most common cause of web   browsing issues.

2. Determine if Content Filter Service (CFS )is blocking the site in question due to policy.  Make sure that CFS is not being used. Ensure that the Security Services log category is configured for logging on the Log > Categories configuration screen . You must modify the categories or create a domain exclusion to allow the traffic.

3. Determine if CFS is blocking due to lack of host header in the first HTTP packet.  CFS checks the hostname listed in the HTTP Host header to determine the category of the site in question.  You must toggle the "Enforce Host Tag Search for CFS" setting on the diag.html page of the management GUI.  It is recommended that you contact SonicWALL Technical Support for assistance with this operation 

4. Check whether Enable HTTP Byte-Range requests with Gateway AV  the SonicWALL GAV by default  suppresses the use of HTTP Byte-Range requests to prevent the sectional retrieval and reassembly of the potentially malicious content. This is done by terminating the connection and thus preventing the user from receiving the malicious payload. By enabling this option you will override this setting.

Don’t forget to try this tip when you are unable to access the certain websites.

Privasi..

PRIVASI

Pernahkah kita terfikir tentang privasi bila kita masuk ke laman internet, buka akaun Facebook, menghantar emel, macam-macam lagilah yang berkaitan dengan internet. Walaupun kita cuba nak sembunyikan identiti kita, tapi setiap komputer ada IP address. IP address ni boleh kenalpasti aktiviti yang kita buat di dalam internet. Jadi jangan buat jenayah siber, sebab semua jenayah siber tu boleh dikesan dengan mudah menggunakan IP address yang ada di komputer kita.

Tahu tak, masa kita layari internet, semua aktiviti WEB tu di awasi dan disimpan dalam hard disk komputer kita. Ada banyak cara maklumat tu tersimpan tanpa pengetahuan kita. Contohnya, bila kita masuk ke alam laman web, browser akan buat satu fail, History file. Dalam history file ni di masukkan lokasi laman yang dilayari oleh sistem komputer kita. History file ni boleh dilihat melalui browser.

Cookies ( bukan biskut ) menyimpan maklumat  daripada laman web yang kita masuk ke dalam hard disk.Tapi yang ni maklumat kecik sahaja, contohnya laman apa yang kita masuk, apa yang kita buat dalam laman tu, dan maklumat yang kita masukkan dalam laman web. Tapi cookies ni bahaya juga sebab banyak maklumat kecik yang tersimpan tanpa pengetahuan kita. Ada 2 jenis cookies, Traditional cookies dan Adware cookies.

Yang ni cerita tentang Spyware. Spyware menyimpan dan melaporkan aktivit yang kita lakukan di dalam internet tanpa pengetahuan kita. Ada 3 jenis spyware : Adware cookies, web bugs dan computer monitoring software.

Adware cookies 

merekod aktiviti daripada laman yang berbeza. Bila maklumat dah masuk dalam hard disk komputer, ianya boleh di "accesed" drp pelbagai laman web yang kita masuk. 

Web Bugs

Imej kecil ataupun kod HTML yang tersembunyi dalam mesej emel. Bila kita buka emel yang ada web bug, maklumat dihantar semula kepada sumber bug.  Biasanya web bug ni digunakan oleh organisasi untuk mengetahui samada emel kita aktif atau tak.

Computer monitoring software

Merupakan spyware yang sangat bahaya. Program ini merekod setiap aktiviti yang dilakukan oleh sistem komputer, contohnya no kad kredit, mesej, akaun bank dan macam-macam lagi maklumat peribadi.  Maklumat ini di masukkan dalam Hard drive komputer tanpa pengetahuan sesiapa pun.

Video di bawah menunjukkan cara kita nak lindungi privasi dengan membersihkan komputer kita. selamat mencuba...

SECURITY

What is Computer Security..?

Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. The term computer system security means the collective processes and mechanisms by which sensitive and valuable information and services are protected from publication, tampering or collapse by unauthorized activities or untrustworthy individuals and unplanned events respectively. The strategies and methodologies of computer security often differ from most other computer technologies because of its somewhat elusive objective of preventing unwanted computer behavior instead of enabling wanted computer behavior.

Computer Network Security

Computer networks are an integral part of any organization these days, as they facilitate the free flow of data and services to the authorized users. However, such networks also pose a security threat in case the data is classified and confidential, thus making network security a vital necessity. As the data is available only for authorized users, it is possible for hackers to pretend to be one, by providing the correct user name and password. Computer network security can be disrupted or encroached in the following ways:

• Denial of Service: Denial-of-service is meant to disable a computer or a network and can be executed with limited resources. It is one of the most common forms of attacks by hackers and can effectively disable the whole network of an organization. Denial of service attack makes a computer resource unavailable to its intended user. To carry out this kind of attack, hackers generally flood a network or the access routers with bogus traffic. They also make attempts to disrupt connections between two machines and prevent individuals from accessing a service.
• Trojan Horse: Trojan horse is common and one of the most potential threats to computer security. They are malicious and security-breaking programs, disguised as something which is considered as non-malicious by the security softwares. They are a useful tool for hackers who try to break into private networks. Hackers generally attach Trojan horse to a file, which triggers a virus or remotely controlled software, giving the hacker complete control over the computer.
• Viruses and Worms: Viruses and worms are well known for their destructive nature and the property of replicating themselves. They are basically pieces of computer program codes which are written by hackers and other computer geniuses.
• Sniffing: Sniffing is the act of intercepting TCP/IP packets while they are getting transferred on a network. The interception generally takes place through simple eavesdropping done by a hacker.

 Different Types of Computer Security Threats

1. Adware

 

Adware is software that displays advertisements on your computer.

Adware, or advertising-supported software, displays advertising banners or pop-ups on
your computer when you use the application. This is not necessarily a bad thing. Such
advertising can fund the development of useful software, which is then distributed free
(for example, the Opera web browser).

However, adware becomes a problem if it:

• installs itself on your computer without your consent
• installs itself in applications other than the one it came with and displays advertising
  when you use those applications
• hijacks your web browser in order to display more ads (see Browser hijackers)
• gathers data on your web browsing without your consent and sends it to others via
  the internet (see Spyware)
• is designed to be difficult to uninstall.

Adware can slow down your PC. It can also slow down your internet connection by
downloading advertisements. Sometimes programming flaws in the adware can make
your computer unstable. Advertising pop-ups can also distract you and waste your time if they have to be closed before you can continue using your PC.

Some anti-virus programs detect adware and report it as “potentially unwanted
applications”. You can then either authorize the adware program or remove it from the
computer. There are also dedicated programs for detecting adware.

2. Backdoor Trojans

A backdoor Trojan allows someone to take control of another user’s
computer via the internet without their permission.

A backdoor Trojan may pose as legitimate software, just as other Trojan horse programs do so that users run it. Alternatively – as is now increasingly common – users may allow Trojans onto their computer by following a link in spam mail.

Once the Trojan is run, it adds itself to the computer’s startup routine. It can then
monitor the computer until the user is connected to the internet. When the computer
goes online, the person who sent the Trojan can perform many actions – for example,

run programs on the infected computer, access personal files, modify and upload files,

track the user’s keystrokes, or send out spam mail.

Well-known backdoor Trojans include Subseven, BackOrifice and, more recently,

Graybird , which was disguised as a fix for the notorious Blaster worm.

To avoid backdoor Trojans, you should keep your computers up to date with the latest
patches (to close down vulnerabilities in the operating system), and run anti-spam
and anti-virus software. You should also run a firewall, which can prevent Trojans from
accessing the internet to make contact with the hacker.

3. Bluejacking

Bluejacking is sending anonymous, unwanted messages to other users
with Bluetooth-enabled mobile phones or laptops.

Bluejacking depends on the ability of Bluetooth phones to detect and contact other
Bluetooth devices nearby. The Bluejacker uses a feature originally intended for
exchanging contact details or “electronic business cards”. He or she adds a new entry

in the phone’s address book, types in a message, and chooses to send it via Bluetooth.

The phone searches for other Bluetooth phones and, if it finds one will sends the message.

Despite its name, Bluejacking is essentially harmless. The Bluejacker does not steal
personal information or take control of your phone.

Bluejacking can be a problem if it is used to send obscene or threatening messages or
images, or to send advertising. If you want to avoid such messages, you can turn off

Bluetooth, or set it to “undiscoverable”.

Bluetooth-enabled devices may also be at risk from the more serious Bluesnarfing.

4. Bluesnarfing

Bluesnarfing is the theft of data from a Bluetooth phone.

Like Bluejacking, Bluesnarfing depends on the ability of Bluetooth-enabled devices to

detect and contact others nearby.

In theory, a Bluetooth user running the right software on their laptop can discover a

nearby phone, connect to it without your confirmation, and download your phonebook, pictures of contacts and calendar.

Your mobile phone’s serial number can also be downloaded and used to clone the

phone.

You should turn off Bluetooth or set it to “undiscoverable”. The undiscoverable setting
allows you to continue using Bluetooth products like headsets, but means that your
phone is not visible to others.

5. Boot Sector Viruses

Boot sector viruses spread by modifying the program that enables your
computer to start up.

When you switch on a computer, the hardware looks for the boot sector program –
which is usually on the hard disk, but can be on a floppy disk or CD – and runs it. This

program then loads the rest of the operating system into memory.

A boot sector virus replaces the original boot sector with its own, modified version and usually hides the original somewhere else on the hard disk. When you next start up,

the infected boot sector is used and the virus becomes active.

You can only become infected if you boot up your computer from an infected disk, e.g.
a floppy disk that has an infected boot sector.

Boot sector viruses were the first type of virus to appear, and they are mostly quite old.
They are rarely encountered today.

6. Browser Hijackers

Browser hijackers change the default home and search pages in your
internet browser.

Some websites run a script that changes the settings in your browser without your
permission. This hijacker can add shortcuts to your “Favorites” folder or, more seriously,
can change the page that is first displayed when you open the browser.

You may find that you cannot change your browser’s start page back to your chosen
site. Some hijackers edit the Windows registry so that the hijacked settings are restored
every time you restart your computer. Others remove options from the browser’s tools
menu, so that you can’t reset the start page.

In every case, the intention is the same: to force you to visit a website. This inflates
the number of “hits” and the site’s ranking with search engines, which boosts the
advertising revenue that the site can earn.

Browser hijackers can be very tenacious. Some can be removed automatically by
security software. Others may need to be removed manually. In some cases, it is easier
to restore the computer to an earlier state or reinstall the operating system.

7. Chain Letters

An electronic chain letter is an email that urges you to forward copies
to other people.

Chain letters, like virus hoaxes, depend on you, rather than on computer code, to
propagate themselves. The main types are:

• Hoaxes about terrorist attacks, premium-rate phone line scams, thefts from ATMs
  and so forth.
• False claims that companies are offering free flights, free mobile phones, or cash
  rewards if you forward email.
• Messages, which purport to be from agencies like the CIA and FBI, warning about
  dangerous criminals in your area.
• Petitions. Even if genuine, they continue to circulate long after their expiry date.
• Jokes and pranks, e.g. the claim that the internet would be closed for maintenance
  on 1 April.

Chain letters don’t threaten your security, but they can waste time, spread
misinformation and distract users from genuine email.

They can also create unnecessary email traffic and slow down mail servers. In some
cases the chain letter encourages people to send email to certain addresses, so that
these are deluged with unsolicited mail.

The solution to the chain letter problem is simple: don’t forward such mail.

8. Cookies

Cookies are files on your computer that enable websites to remember
your details.

When you visit a website, it can place a fi le called a cookie on your computer. This
enables the website to remember your details and track your visits. Cookies can be a
threat to confidentiality, but not to your data.

Cookies were designed to be helpful. For example, if you submit your ID when you visit
a website, a cookie can store this data, so that you don’t have to re-enter it next time.
Cookies also have benefits for webmasters, as they show which web pages are well used,
providing useful input when planning a redesign of the site.

Cookies are small text files and cannot harm your data. However, they can compromise
your confidentiality. Cookies can be stored on your computer without your knowledge or
consent, and they contain information about you in a form you can’t access easily. And
when you revisit the same website, this data is passed back to the web server, again
without your consent.

Websites gradually build up a profile of your browsing behavior and interests. This
information can be sold or shared with other sites, allowing advertisers to match ads
to your interests, ensure that consecutive ads are displayed as you visit different sites,
and track the number of times you have seen an ad.

If you prefer to remain anonymous, use the security settings on your internet browser to
disable cookies.

9. Denial of Service attack (DoS)

A denial-of-service (DoS) attack prevents users from accessing a computer or website.

In a DoS attack, a hacker attempts to overload or shut down a computer, so that
legitimate users can no longer access it. Typical DoS attacks target web servers
and aim to make websites unavailable. No data is stolen or compromised, but the
interruption to the service can be costly for a company.

The most common type of DoS attack involves sending more traffic to a computer than
it can handle. Rudimentary methods include sending outsized data packets or sending
email attachments with names that are longer than permitted by the mail programs.

An attack can also exploit the way that a “session” of communications is established
when a user first contacts the computer. If the hacker sends many requests for a
connection rapidly and then fails to respond to the reply, the bogus requests are left in
a buffer for a while. Genuine users’ requests cannot be processed, so that they can’t
contact the computer.

Another method is to send an “IP ping” message (message requiring a response from
other computers) that appears to come from the victim’s computer. The message goes
out to a large number of computers, which all try to respond. The victim is flooded with
replies and the computer can no longer handle genuine traffic.

A distributed denial-of-service (DDoS) attack uses numerous computers to launch the attack. Typically, hackers use a virus or Trojan to open a “back door” on other people’s
computers and take control of them. These “zombie” computers can be used to launch
a coordinated denial-of-service attack.

10. Dialers

Dialers change the number used for dial-up internet access to a premium-rate number.

Dialers are not always malicious. Legitimate companies that offer downloads or games
may expect you to use a premium-rate line to access their services. A pop-up prompts
you to download the dialer and tells you how much calls will cost.

Other dialers may install themselves without your knowledge when you click on a
pop-up message (for example, a message warning you about a virus on your computer
and offering a solution). These do not offer access to any special services – they simply
divert your connection so that you access the internet via a premium-rate number.

Broadband users are usually safe, even if a dialer installs itself. This is because
broadband doesn’t use regular phone numbers, and because broadband users don’t
usually have a dial-up modem connected.

Anti-virus software can detect and eliminate Trojan horse programs that install dialers.

11. Document Viruses

Document or “macro” viruses take advantage of macros – commands that are embedded in fi les and run automatically.

Many applications, such as word processing and spreadsheet programs, use macros.
A macro virus is a macro program that can copy itself and spread from one file to
another. If you open a file that contains a macro virus, the virus copies itself into the
application’s startup files. The computer is now infected.

When you next open a file using the same application, the virus infects that file. If your
computer is on a network, the infection can spread rapidly: when you send an infected
file to someone else, they can become infected too. A malicious macro can also make
changes to your documents or settings.

Macro viruses infect files used in most offices and some can infect several file types,
such as Word and Excel files. They can also spread to any platform on which their host
application runs.

Macro viruses first appeared in the mid-1990s and rapidly became the most serious
virus threat of that time. Few viruses of this type are seen now.

12. Email Viruses

Many of the most prolifi c viruses distribute themselves automatically by email.

Typically, email-aware viruses depend on the user double-clicking on an attachment.
This runs the malicious code, which will then mail itself to other people from that
computer. The Netsky virus, for example, searches the computer for files that may
contain email addresses, and then uses the email client on your computer to send
itself to those addresses. Some viruses, like Sobig-F, don’t even need to use your email
client; they include their own “SMTP engine” for constructing and sending the email
messages.

Any attachment that you receive by email could carry a virus; and launching such an
attachment can infect your computer.

Even an attachment that appears to be a safe type of file, e.g. a file with a .txt
extension, can pose a threat. That file may be a malicious VBS script with the real file
type (.vbs) hidden from view.

Some viruses, such as Kakworm and Bubbleboy, can infect users as soon as they read
email, exploiting a vulnerability in the operating system or mail program. They look
like any other message but contain a hidden script that runs as soon as you open the
email, or even look at it in the preview pane (as long as you are using Outlook with the
right version of Internet Explorer). This script can change system settings and send the
virus to other users via email.

Email viruses may compromise your computer’s security or steal data, but their most
common effect is to create excessive email traffic and crash servers.

To avoid email viruses, you should run anti-virus software and avoid clicking on
unexpected attachments. You should also install the patches issued by software
vendors, as these can close down the vulnerabilities exploited by email viruses.

13. Internet Worms

Worms are programs that create copies of themselves and spread via internet connections.

Worms differ from computer viruses because they can propagate themselves, rather
than using a carrier program or file. They simply create exact copies of themselves and
use communication between computers to spread.

Internet worms can travel between connected computers by exploiting security “holes”
in the computer’s operating system. The Blaster worm, for example, takes advantage of
a weakness in the Remote Procedure Call service that runs on unpatched Windows NT,
2000 and XP computers and uses it to send a copy of itself to another computer.

Many viruses, such as MyDoom or Bagle, now behave like worms and use email to
forward themselves.

A worm can have malicious effects. For example, it may use affected computers to
deluge websites with requests or data, causing them to crash (a “denial-of-service”
attack). Alternatively, it can encrypt a user’s files and make them unusable. In either
case, companies can be blackmailed.

Many worms open a “back door” on the computer, allowing hackers to take control of
it. Such computers can then be used to send spam mail.

Quite apart from such effects, the network traffic generated by a fast-spreading worm
can slow down communications. The Blaster worm, for example, creates a lot of traffic
on the internet as it spreads, slowing down communications or causing computers to
crash. Later it uses the affected computer to bombard a Microsoft website with data,
with the aim of making it inaccessible.

Microsoft (and other operating system vendors) issue patches to fix security loopholes in
their software. You should update your computer regularly by visiting the vendor’s website.

14. Mobile Phone Viruses

Mobiles can be infected by worms that spread themselves via the mobile phone network.

In 2004, the first mobile phone worm was written. The Cabir-A worm affects phones
that use the Symbian operating system, and is transmitted as a telephone game file (an
SIS file). If you launch the file, a message appears on the screen, and the worm is run
each time you turn the phone on thereafter. Cabir-A searches for other mobile phones
nearby using Bluetooth technology, and sends itself to the first it finds.

There are also conventional viruses that send messages to mobile phones. For example,
Timo-A uses computer modems to send text (SMS) messages to selected mobile
numbers, but in cases like these the virus can’t infect or harm the mobile phone.

Until now, the risks for mobile phones have been few. The reason could be that they
use many different operating systems, and that the software and device characteristics
change so rapidly.

15. Mousetrapping

Mousetrapping prevents you from leaving a website.

If you are redirected to a bogus website, you may find that you cannot quit with the
back or close buttons. In some cases, entering a new web address does not enable you
to escape either.

The site that mousetraps you will either not allow you to visit another address, or will
open another browser window displaying the same site. Some mousetraps let you quit
after a number of attempts, but others do not.

To escape, use a bookmark or “Favorite”, or open the list of recently-visited addresses
and select the next-to-last. You can also press Ctrl+Alt+Del and use the Task Manager
to shut down the browser or, if that fails, restart the computer.

To reduce the risk of mousetrapping, you can disable Javascript in your internet
browser. This prevents you from being trapped at sites that use this script, but it also
affects the look and feel of websites.

There are still 19 types of computer security threats that i will share to you next time. Keep on visiting this site or you can subscribe to our RSS feeds or follow us on twitter.

Share your thoughts on the comment section below.

16. Obfuscated spam

Obfuscated spam is email that has been disguised in an attempt to fool anti-spam software.

Spammers are constantly trying to find ways to modify or conceal their messages so that
your anti-spam software can’t read them, but you can.

The simplest example of this “obfuscation” is putting spaces between the letters of
words, hoping that anti-spam software will not read the letters as one word, for example

V I A G R A

Another common technique is to use misspellings or non-standard characters, for example

Viagra

These tricks are easily detected.

More advanced techniques exploit the use of HTML code (normally used for writing
web pages) in email. This allows the spammer to write messages that anti-spam
software “sees” quite differently from the way you see them.

For example, words can be written using special numerical HTML codes for each letter,
e.g. instead of “Viagra”, you can write

Viagr&#97

HTML can also allow the reader to see one message, while the anti-spam software sees
another, more innocent one. The more innocent message is in the same color as the
background.

<body bgcolor=white> Viagra
<font color=white>Hi, Johnny! It was nice to have dinner with you. </font></body>

Spammers often include large amounts of hidden text, often cut from online reference
books, to try to fool anti-spam software that assesses mail according to the frequency
of certain key words.

17. Page-jacking

Page-jacking is the use of replicas of reputable web pages to catch users and redirect them to other websites.

Scammers copy pages from an established website and put them on a new site that
appears to be legitimate. They register this new site with major search engines, so that
users doing a search find and follow links to it. When the user arrives at the website,
they are automatically redirected to a different site that displays advertising or offers
of different services. They may also find that they cannot escape from the site without
restarting their computer (just like mousetrapping).

Scammers use page-jacking to increase the number of visitors to a website. That
means that their site commands more advertising revenue and is also more valuable if
they decide to sell it. Alternatively, the scammer can redirect users to another site and
claim a fee for “referring” visitors to that site.

Page-jacking annoys users and can confront them with offensive material. It also
reduces revenue for legitimate websites, and makes search engines less useful.

In some cases, page-jacking is used in phishing attacks.

To avoid page-jacking, use a bookmark or “Favorite” (but you must be sure that you did
not set up the favorite at a page-jacked site), or type the desired website address (the
URL) in directly.

18. Palmtop viruses

Palmtops or PDAs provide new opportunities for viruses, but so far
virus writers have shown little interest.

Palmtops or PDAs run special operating systems – such as Palm and Microsoft
PocketPC. These are vulnerable to malicious code, but so far the risks are low.

There are currently only a few items of known malware written for Palm. Virus writers prefer to target desktop systems, perhaps because they are more popular and allow viruses to spread rapidly via email and the internet.

The real risk at present is that your palmtop will act as a carrier. When you connect
it to a home or office PC to synchronize data, a virus that is harmless on the palmtop
could spread to the PC, where it can do harm.

19. Parasitic viruses

Parasitic viruses, also known as fi le viruses, spread by attaching themselves to programs.

When you start a program infected with a parasitic virus, the virus code is run. To hide
itself, the virus then passes control back to the original program.

The operating system on your computer sees the virus as part of the program you were
trying to run and gives it the same rights. These rights allow the virus to copy itself,
install itself in memory or make changes on your computer.

Parasitic viruses appeared early in virus history but they can still pose a threat.

20. Pharming

Pharming redirects you from a legitimate website to a bogus copy, allowing criminals to steal the information you enter.

Pharming exploits the way that website addresses are composed.

Each computer on the internet has a numerical “IP address”, e.g. 127.0.0.1. However,
these are not easy to remember, so web addresses also have a domain name, like
sophos.com . Every time you type in an address, the domain name has to be turned
back into the IP address. A DNS or Domain Name Server on the internet handles this,
unless a “local host file” on your computer has already done it.

Hackers can subvert this process in two ways. They can send out a Trojan horse that
rewrites the local host file on your PC, so that it associates the domain name with a
bogus website. You are then directed to that site, even though you enter the correct
address. Alternatively, they can “poison” the DNS directory, i.e. alter it so that anyone
who tries to visit that address is directed to the bogus site.

To avoid pharming, make sure that you use secure web connections when you access
sensitive sites. Just look for the https:// prefix in the web address. If a hacker tries to
mimic a secure site, a message will warn you that the site’s certificate does not match
the address being visited.

If you see a warning that a site’s certificate is not valid or not issued by a trusted
authority, you should not enter the site.

There are also software solutions. Some software can display a warning if you enter
personal information in reply to an unknown email address. Other utilities can check to
see if websites or IP addresses are blacklisted.

21. Phishing

Phishing is the use of bogus emails and websites to trick you into supplying confi dential or personal information.

Typically, you receive an email that appears to come from a reputable organization,
such as a bank. The email includes what appears to be a link to the organization’s
website. However, if you follow the link, you are connected to a replica of the website.
Any details you enter, such as account numbers, PINs or passwords, can be stolen and
used by the hackers who created the bogus site.

Sometimes the link displays the genuine web site, but superimposes a bogus pop-up
window. You can see the address of the real website in the background, but details you
enter in the pop-up window can be stolen.

Sometimes the hacker uses a technique called “cross-site scripting (XSS)”: the link takes you to the correct website, but subverts it by pulling in content from elsewhere. Once again,
the part of the site where you enter information is controlled by the hacker.

Phishing had its origins in the 1990s, when scammers used the technique to collect
AOL account details so that they could gain free internet access. The details were
called “phish” because they were gathered by “fishing” for users. The “ph” imitates the
spelling of “phreaker”, the term for those who used to hack into the telephone network.

You should always be wary about emails that use generic salutations, e.g. “Dear
Customer”, and about following links sent to you in emails. Instead, you should enter
the website address in the address field and then navigate to the right page, or use a
bookmark or a “Favorite” link. Even if you enter the address, there is a risk of being
redirected to a bogus site (see Pharming above), so you should always exercise caution.