Consumer Reports on Viruses, Malware and the Unsuspecting Masses

Follow the link above for an excellent, in-depth report by the well-regarded Consumer Reports folks. They include ratings on available software for home use security (both ratings require membership, but you can join cheaply for one month, or get a subscription for online use for monthly payments), reports on the free software, and investigative reporting on the State of the Net in 2007. Here is an introductory snippet.

Despite stepped-up law enforcement and better security software, those threats remain potent, according to the 2007 Consumer Reports State of the Net survey. Findings from our fourth annual national survey of online threats, conducted this spring by the Consumer Reports National Research Center based on 2,030 online households, include the following:

* Your chances of becoming a cybervictim are about 1 in 4--slightly less than last year because a few problems appear to be easing, though significant threats remain.

* Consumers are still falling prey to phishing scams, in which bogus e-mails and Web sites ask them to disclose information about their financial accounts. The number who submitted personal information in such identity theft scams remained constant since last year, at about 8 percent of respondents. In the past two years, we estimate, a million consumers have lost billions of dollars to such scams.

* Thirty-eight percent of respondents reported a computer-virus infection in the past two years, and 34 percent reported a spyware infection in the past six months. Based on projections from our survey, virus infections prompted 1.8 million households to replace their PCs in the past two years and spyware infections 850,000 in the past six months. Very few Mac users reported either infection type.

* Defenses are still down. Seventeen percent of respondents didn't have antivirus software installed. Thirty-three percent didn't use software to block or remove spyware, which would help to stop identity theft. Most households had installed a firewall, which keeps out hackers. But based on our survey, we project that 3.7 million U.S. households with broadband still lack a firewall.

* Wireless users face additional risks, our survey showed. Half of those who used their home computer with a wireless router didn't take basic precautions such as enabling encryption. Among those who used connections at public hotspots, which are at greater risk than home connections, 63 percent possibly exposed themselves to hackers or identity theft by logging on to password-protected accounts.

* Many youngsters are at risk. Among respondents with minors online, 13 percent of their children who were registered at the giant networking site MySpace.com were younger than 14, the minimum age the site officially allows. We also found that many parents haven't prepared their children for online risks.


In short, in a world where online criminals have become quite sophisticated, consumers must become more wary of online threats. Consumers Union, the nonprofit publisher of Consumer Reports, believes that government and industry must step up their efforts to protect the public from online threats, including identity theft, though there's a lot consumers can do to avoid becoming cybervictims. For advice on how to protect yourself and Ratings of security software, see Best security software.

And just to cheer you up this Monday, this note from the larger report on spam:

Almost four years after the passage of the federal Can-Spam Act, which gave law enforcers new anti spam tools to use against cyber thieves, its effectiveness is still in question. While bringing some accountability to commercial e-mail and giving officials legal tools, it legitimized some spam and pre-empted strong state laws.

Since 2004, the Federal Trade Commission has brought 26 cases against spammers using the act, according to Lois Greisman, associate director in the FTC's division of marketing practices. Courts awarded close to $13 million in those cases. Two criminal spam cases were prominent in 2007. This spring, Robert Soloway, a Seattle-based Internet marketer, was indicted for allegedly sending tens of millions of pieces of e-mail, much of it promoting bulk e-mail services, over four years. He pleaded not guilty. Earlier this year, Jeffrey Goodin, a phisher from Azusa, Calif., became the first spammer to be criminally convicted under Can-Spam. His sentence: almost six years.

Sic 'em! Be sure to visit and read their recommendations for safer web browsing -- from folks who test without accepting ad revenue, and have no stake in the outcome. Good stuff!