Beware of malware called Sinowal (also as Mebroot) captures bank and similar data. A gang of Internet criminals have been using this and even morphing the malware to temporarily fool antivirus software.
Windows Secrets contributing editor Woody Leonhard likens Mebroot to "a parasitic operating system that runs inside Windows". [Disclaimer: I subscribe to the paid version of "Windows Secrets" newsletter. Prior to that subscribed for years to the paid version of Fred Langa's "LangaList" newsletter, which is now integrated into Brian Livingston's "Windows Secrets" newsletter. I highly recommend Windows Secrets anyone concerned about or interested in PCs.]
Leonhard says that his experience is that a lot of systems get infected with Mebroot (Sinowal) because the owners did not keep up with Adobe Reader, Adobe Flash, or Apple Quicktime security patches. You can manually check for such patches, set the apps to automatically check for updates, or (even better), install the free Secunia Personal Software Inspector (PSI) and scan for programs that need updating.
In October 2008 Brian Krebs, Washington Post, alerted readers to the "virtual heist" going on. Mebroot infects the Master Boot Record (MBR) of your PC and sends personal data to its "owners". Krebs says that the criminals have stolen over half a million credit and debit card account in the past few years.
While Symantec lists the malware's risk as low, if your data gets stolen, it won't be a little thing to you. Here are some actions Symantec and I recommend to reduce your risk of malware infections:
- Use a firewall
- Enforce complex passwords for all users of your computer
- Use the lowest level access privileges.
- Never use an Administrator-level login account as your normal one. Always login as a lower level account and then "Runas" or login as the Administrator level only as needed. Vista security is a big advance in making this type security easier. Yes, you get pop-ups to login as Administrator, but that's much better than manually running a "runas" command and you don't need to know the runas command line syntax.
- Disable Auto-play
- Turn off "File Sharing"
- Turn off and remove unnecessary system services
- Always keep your programs patched (You can use the free Secunia PSI to monitor patch status)
- Don't open email attachments unless you were expecting them. Contact the sender separately (not by a "Reply") and see if they really did send you that email and attachment.
- Turn off Bluetooth via Windows Control Panel if you are not using it.
- If you really need to use Bluetooth, make sure every Bluetooth device's visibility is set to "Hidden".