Complete Transcript of Interview - Randy Abrams - ESET
on Let’s Talk Computers, Host Alan Ashendorf
May 31 2008
However, if we set up a direct deposit and allow them to put it directly into our bank we will get it even faster; and all we have to do is click here and put in the information.” Our guest today is Randy Abrams, Director of Technical Education with ESET. Welcome back to Let’s Talk Computers, Randy.
Randy: Thank you Alan. It’s great to be back here.
Alan: Randy, this looks like just the thing that we need. Now we can get our tax stimulus package even faster and we don’t have to worry about their sending it in the mail.
Randy: If it is an email, unless you initiated the contact with the IRS – absolutely not. The IRS is never going to email you about your stimulus package or about owing them money or about having money for you. That’s now how the IRS works. They are also not going to call you on the telephone unless you have already received probably half a dozen or more regular-mail envelopers, telling you that you owe them money and that you are going to jail if you don’t pay them. So, if you think that you’ve gotten email from the IRS that was a hoax; it was a fake, trying to steal your money.
Alan: I always heard this that this is the first time they have offered a stimulus package and they are probably doing it differently because they are going to have such a backload of sending these out, that it actually helps the IRS to get it as a direct deposit.
Randy: If you think that might be the case, then go to http://www.irs.gov and start reading about it and by all means, look up the phone number for your local IRS office and call them on the telephone and ask them if the email is legitimate; because you will find out that, nope, they are not doing it; they don’t send out emails. That’s not how they operate.
Alan: But it looks so legitimate. And when you move the mouse over and click here to access the electronic stimulus refund – it actually says, “IRS.gov,” in part of the URL.
Randy: Well, Forrest Gump was actually standing next to Richard Nixon, wasn’t he? You can modify anything on the computer. Computers lie all the time. They only tell you what they are told to tell you. And if the Bad Guys want to tell you that this is an official thing from the IRS, it’s going to look exactly like an official thing from the IRS, but it’s not.
Alan: What you see down there at the URL is like “211.119.242. some number and then it has an “.irs.gov,” and that’s not really going to take you to irs.gov, is it?
Randy: No, not at all. That’s like an email that I got and it said it came from 900.irs.gov; that was a hoax.
Alan: And you actually look up where that address is and it is in some place in Korea. I don’t think the IRS has anything to do with Korea. I may be mistaken, but I don’t think so.
Randy: And not is it some place in Korea, but the person that owns the account might be in China or in Russia, or even some where in the United States. They try to make it really hard to trace where all it coming from. But what I can tell you with 100% certainty is that it didn’t come from the IRS.
Alan: Yes, because this may be a BotNet. You know this could be a school somewhere in Korea that their machine basically got compromised. They may not have any clue, whatsoever that it is being duped.
Randy: Exactly. And the stimulus package is like the current threat de jour; it’s not the only one. Because the regular IRS scams never go away, either. On April 22, I received something that the - from says, Internal Revenue Service and then (IRS). It is sent
to - undisclosed recipients, which is a great indication that it’s a scam. The subject is - Tax Notification and it says, “Dear Taxpayer, After the last annual calculations of your fiscal activity, we have determined that you are eligible to receive a tax refund of $184.80.” Undisclosed recipients all get the same amount of money?
Alan: But, how many people actually fall for this? You have to have a certain percentage of people that actually get conned for the con to work, don’t you?
Randy: You do. But, using BotNets, you’re not paying for the computing resources; you can send out 50, to 100,000,000 emails to people. Let’s say five people fall fir it and you get $5,000 out of each of their accounts and credit cards and all the other information that you steal and sell. It takes a very low percentage of people to fall for it to make it highly profitable.
Alan: And you get these from your bank all the time that says, “Your account is going to be closed because you didn’t fill out some piece of information correctly.” Or you get something from PayPal that says, “Your account is going to be shut down because somebody has fraudulently accessed your account,” and you need to clean it up now. And it’s always on a Friday night where you can’t really pick up the phone and call somebody on the telephone to verify this.
Randy: If you go to your bank’s website they will have emergency contacts. They will probably also have something warning about these scams and threats. There are a variety of things that you can do to help protect yourself. One of the big ones is to become more educated and understand how these things works.
Another thing to do is to use a good quality anti-malware solution such as ESET NOD32 or Smart Security. We do identify a lot of the phishing attacks; nobody identifies them all, which is why you need to have defense in depth.
And so another part of your defense in depth is to use a current browser, something like the latest version of Internet Explorer or the latest version of Firefox, because those also have anti-phishing features built into them that can help protect you. When using Smart Security you get anti-Spam, as well. You want to combine both technology and education to protect yourself from these threats.
Alan: And this is where your ESET ThreatSense.Net really comes into play, because you allow all of us to work together as a team to combat these threats, don’t you?
Randy: That’s exactly right, Alan. The threat-sense.net network helps collect suspicious samples from individual users. It doesn’t collect the user information, but just the samples. And then we are able to perform further analysis and improve our heuristic detection so that we can catch the brand-new threats that we know will be coming out that we might not yet detect. And then we can also develop better heuristics to catch the variations that we know will be coming.
Alan: And that’s where your ESET ThreatSense, which is built into your Engine really helps because the heuristics really keeps us safe because we don’t have to worry about a definition file coming out or being out of date.
Randy: No single technology, not even something as good ESET NOD32 or Smart Security is going to give you 100% protection. You need to always become more educated; it’s good for your brain and it’s good for security.
Alan: Well, that’s where your job, Director of Technical Education with ESET comes into play, because you educate all these people as far as what to look for and what not to do when they get an email that looks too good to be true!
Randy: Exactly right. If we could fault these problems with technology, alone, I’d have to find another job. We can’t, because what we are looking at – we can call it phishing; we can call it a scam – but what we are looking at is good old-fashioned crime that has been with for thousands of years. And the technology is just another tool to perpetrate it. It’s really being smart and educated that makes the difference in being a victim or not being a victim.
Alan: We always tell people, “Don’t open an email unless you know who the email is actually coming from.” But, you can’t really even count on that anymore, because somebody can spoof the account. I know here at Let’s Talk Computes, we get bounce-backs, saying that we sent this email and we yet really didn’t send any email, because somebody is now using our name, because we are so popular.
Randy: That’s it. You don’t even have to be popular for that to happen, because what some of these threats do is that they will harvest email addresses from another person’s computer or off the Internet. For example, our email addresses is on our computer Anti-virus Organizations’ Website and my email address has been harvested from there and used as the from line, so that it looks like it came from me, but it didn’t come from me.
So, I never say, “Don’t open an email once you’re sure of who it comes from,” because you can’t be sure, based upon what the email says. I always say, “Look at the context of the email.” I put something in the email that someone who knows you will be the only one that really knows this information. Then, there’s a good chance it came from me, but if I send it to undisclosed recipients and say that you’ve got a specific dollar amount of money coming - here’s no chance of that.
And if you have any question or specifically, if the email saying that you need to go to the Website and answer personal information or you need to open an attachment, then contact the person you think sent it to you and verify that they sent it. It’s not that the person that it came from that is suspicious; it’s an email out of context that is suspicious.
Alan: We take our credit card to a restaurant or we go shopping and we hand it someone that we really don’t know that we never have met before. But they are inside the business. We wouldn’t dare just hand our credit card to the first person who walked by on the street, would we?
Randy: I certainly hope not. However, that’s fundamentally what’s happening with the social networking sites, nowadays. Whenever some one wants to add you to their network, you get something that says, “So and so wants to be your friend.” If you’re walking down the street and some person comes up and says, “I want to be your friend.” Do you say, “Oh, yeah, sure you’re my friend, now?” Social networking sites are anonymous and people just assume that friend means friend, when it often times does not.
Alan: So many times you really don’t know who’s on the backend. I mean, that you go to some of these MySpace accounts and LiveJournal and you really don’t know whom you are talking to. You think it might be somebody in high school, but they could be a lot older, couldn’t they?
Randy: Absolutely. It could be a murderer, for all you know. They could be a Saint. But then you never know. When I first opened up the MySpace account, I actually had no interest in opening one up, except for professional reasons. I wanted to find out what it was about. So, my account name is mee2 .Less than two days after I opened that account, I got a request to be someone’s friend.
Alan: Oh, yes and with friends like that, I don’t think you really need enemies, do you?
Randy: No, you don’t need enemies; you also don’t need many alternate forms of entertainment.
Alan: Some people when they get home from work and the first thing they do is they hit the computer. The social network is just unbelievable. It’s the best thing that’s ever happened and probably the worst thing that’s ever happened. And it makes us so gullible, doesn’t it?
Randy: It really does. One of the scariest ones that I saw – I don’t remember the exact name right now, but it was something like, “whereaminow.” People are posting where they are in the world! Often times they’re not limiting the audience to just people that they actually are certain they know well. That’s just a perfect way to get your house burglarized.
Alan: How is ESET, especially with their ESET Smart Security helping to protect us from all these phishing scams – because you have built-in phishing protection in your Software, now, don’t you?
Randy: Correct. There are a variety of approaches. In some cases, the emails can be identified as scams if you’re using ESET Smart Security. With NOD32, more often, what it is, is if you click on a link that website has already been identified or has characteristics that the heuristics will identify and block access to the website to prevent you from entering the critical information.
ESET’s a tool to help you drive more safely on the Internet, just like the air bag in the seat belt are tools to help you be safer in your car, but you really still have to steer your car and using the computer wisely is how you steer your computer.
Alan: Having seat belts in a car and not buckling up is the same thing as having all this wonderful protection available and we don’t use it.
Randy: Absolutely. Novocane isn’t going to do you any good at the dentist’s office if you don’t use it.
Alan: If someone would like to find more information about your award-winning NOD32 and ESET Smart Security, where would they go?
Randy: They can go to http://www.eset.com and they can send me any questions they have at askeset@eset.com .
Alan: You also have a lot of security tips on your Website that gives us some good pointers about what we shouldn’t do, what we should. And you stay right up on top of all these scams. What’s the worst scam that you have seen in a last couple of months that affect us?
Randy: I would be hard-pressed to call out for a worst scam, because they are all pretty similar. The IRS Tax Stimulus Package Scam is just as bad as any of the IRS Scams. The ones that say that, “You have won some UK lottery,” or things like, that – if you fall for this stuff, it’s just as bad. Rather than focusing on the worst one, what you want to do is protect against falling for any of those scams.
Alan: Yes, it just depends on what part of the year it is. If it’s going to be Valentine’s Day, you’re going to be getting Valentine’s Day scams.
Randy, as always, it’s our pleasure to have you as our guest on Let’s Talk Computers, keeping us up to date about how to protect our computer system from all these scams. We look forward to having you back on the air again, real soon.
Randy: I look forward to being back. I thank you again for having me; it’s always a pleasure.
