I got an email from what looked like the IRS that would allow me to see when I am going to get my Stimulus Payment, but when I clicked on the link, it went to a dead page. Are these emails a scam? –Brenda

The skilled crafting of “phishing” scams, which are attempts to fraudulently acquire sensitive or personal information by posing as a trustworthy entity, is getting more creative. Creative phishing scams make it increasingly more difficult for the average user to tell a scam from a legitimate message.

One of the more commonly faked entities in these scams is the Internal Revenue Service because everything starts and ends with your social security number.

If you aren’t paying attention and assume your working with the IRS, you will likely enter your social security number without thinking about it.

The phishing scam policing arm for the IRS, the Treasury Inspector General for Tax Administration (TIGTA), has shut down over 1,600 phishing Web sites in the past couple of years and there is nothing to suggest that this won’t increase in the future.

The fact that the link in the message went to a dead page is a pretty good indicator that the message was the lure to get you to go to one of the rogue info stealing pages that thankfully has already been shut down.

These days, phishing sites are shut down within hours of launching as the various reporting entities have gotten pretty efficient at the process. Back when phishing scams first started appearing, the average lifespan of a fake page was over two days, which allowed the bad guys to collect more info with less work.

The IRS does not send out unsolicited e-mail messages, warnings or request for your information, so unless you are actively working with someone at the IRS, you should assume that anything claiming to be from the IRS is bogus. (There are also a number of phishing e-mails circulating that claim that you are entitled to a refund, which you can receive by clicking on a link in the fake message.)

What’s making this latest scam so likely to catch folks off guard is all the talk in the news about the “Stimulus Package Payment” from the IRS to taxpayers.

Any number of e-mails may come your way that encourage you to check your status by going to the “Where’s my Stimulus Payment” link on the IRS Web site.

While there actually is a page to do just that, creating something that looks exactly like it is very easy and is in circulation at malicious Web sites around the world.

The key is to never click on a link in a message of this nature, but rather, manually launch your browser and type the address of the resource in yourself.

That allows you to independently confirm or dispel the information in the message without putting yourself at risk. In the case of the Stimulus Payment, if you go directly to the IRS’ Web site, you will see a link right on the home page that will take you to the Stimulus Payment resources.

If you want to report this or any future phishing attempts that poses as the IRS, you can send a copy to phishing@irs.gov or file an online report at the TIGTA Web site.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

Windows XP Service Pack 3 is to about to be released… should we download it right away? –Ray

For those not familiar with a Service Pack (SP), think of it as a collection of updates, patches, and enhancements for a software program all rolled into one download.

Service Pack 3 is the long awaited major update for Windows XP (SP2 was released in August of 2004) that is mainly the collection of all previous downloads along with some minor enhancements.

Most of the enhancements are designed to assist those that manage large numbers of computers on business networks; however, some of the security enhancements will be beneficial for all users.

Various entities on the Internet that have tested Service Pack 3 claim that they have seen performance improvements (as much as 10%) on their test systems after installing the update (your mileage may vary).

Microsoft is making no claims of improved performance for Windows XP systems, but then again, anything that could cause consumers to stick with XP over Vista is not something Microsoft would want to promote.

The real concern with major updates of this nature is that we don’t know what we don’t know. More important, history has shown that Microsoft doesn’t know what it doesn’t know until it releases a Service Pack. To that end, the safe money will sit on the sidelines for a month or so to let all of the potential issues surface before taking the plunge.

Microsoft planned to make SP3 available on April 29th, but halted its release when it found a compatibility issue with one of its own fairly obscure software programs called RMS (Retail Management System), which oddly enough is what we use in our stores across the country.

They plan to release the update once they either have a fix for the RMS issue or an automatic block for systems that are running RMS.

If you keep your systems updated on a regular basis, you probably have most of the fixes that are in SP3 already, so rushing out and installing it as soon as it’s available isn’t that critical.

If your computer is running “mission critical” applications, being cautious about installing any major update to your operating system is always the way to go. If you have more than one Windows XP computer, installing the update on a system that isn’t relied upon as heavily is a good way to understand how the update might impact your computers, especially in a business environment.

For those that want to control when Service Pack 3 is installed on their Windows XP systems, a simple change to the way Windows handles updates will do the trick.

To access the Automatic Update configuration interface, right-click on My Computer and then select Properties to open the System Properties window. Next, click on the “Automatic Updates” tab and select the “Download updates for me, but let me choose when to install them” option.

This will tell Windows to download updates as they become available and notify you so you can decide when or if you want to install them.

A yellow shield will appear in your Systray (lower right hand corner next to the clock) to notify you that new updates are available for installation (so don’t ignore the yellow shield)!

When you double-click the yellow shield, a screen will appear with an Express Install or Custom Install option for the updates. Choose the Custom Install update if you want to decide what does and does not get installed in your system.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

I think someone has taken over my Gmail account and has changed the password. What can I do? –Lloyd

It’s possible that someone has “hijacked” your Gmail account and could end up using it for anything from a prank, sending out spam, or the worst case scenario: to steal your identity.

Identity thieves have figured out that if they can gain access to your email account, they can probably access some critical information that would allow them to start acting like they are you.

For instance, when you sign up for an online banking account, they ask you what your primary email address is in case you ever lose your password.

If an ID thief can take over your email account, they can tell your bank that they lost the username and/or password and to send the info to reset the password to your registered email address.

Once that happens, they are off and running!

Free Web mail accounts like Gmail are great resources, but many people have become too lax in how they use these wonderful tools.

For instance, if you’re at a friend’s house, at an Internet cafe or at work and use a computer to check your email, it’s possible that the browser on that computer is set to remember usernames and passwords automatically.

That means that the next person that happens to go to your email service’s login page will only need to hit the Enter key to start accessing your email account (and change your password, etc.)

You can get in the habit of clearing out the Internet History and passwords whenever you use someone else’s computer, but that won’t guarantee that your login information stays private.

There are a number of ways that someone with malicious intent can capture your keystrokes when you are using a computer that doesn’t belong to you, so be very selective where you access your email account in the future.

If you think your Gmail account has been compromised, go to mail.google.com/support and click on the “Privacy & Security” link then on the link that says: “My account has been compromised” and follow the instructions.

If you use this account for any kind of online banking, stock accounts, or anything that could jeopardize your identity, make sure you change all of your account access codes and change the security email address for those accounts to another address.

If you think that you’re exposed to identity theft as a result of this hijacking, you may also want to put a fraud alert or credit freeze on your credit file with the three major consumer credit reporting organizations: Equifax.com, Experian.com, and TransUnion.com.

A fraud alert will tell the credit bureaus to contact you if any new credit accounts are being opened, while a credit freeze tells the credit bureaus that no lender can access your account without you lifting the freeze for that lender.

A credit freeze is much more secure than a fraud alert, but there are associated costs and inconveniences, so make sure you fully understand the differences before you make a decision on either of them.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

What’s the best way to get rid of my personal information before disposing of an old computer? –Marcus

When it comes to disposing of an old computer, whether you are selling, donating or recycling it, you’re biggest concern should be your personal information. Identity theft through electronic means has become such a focus of cyber-criminals that disposing of your old computer without taking steps to ’scrub’ the personal or business data off first could be very risky.

There are several options to consider, ranging from very simple to somewhat technical, that will allow you to keep your files from being accessed by future users of your old computer.

If you’re selling your computer, you may want to maintain the software programs on the computer so that it’s more valuable for the next owner. In those cases, your best bet is to “scrub” the individual data files off the drive with a secure deletion program such as Eraser.

The reason that you don’t want to rely on the ‘delete’ function in your computer’s operating system is because it doesn’t actually remove the data. When you tell Windows to “delete” a file, it simply removes it from the view of the user and marks the space as ‘free’ for use by other data. If nothing ever overwrites this space (which is a completely random process), retrieving the ‘deleted’ files is fairly simple for a moderately technical cyber-criminal.

Eraser is much more secure then deleting through the operating system because it immediately overwrites the space previously occupied by your personal data files.

If you want to add another layer of protection, run the ‘Disk Defragmenter’ utility built into Windows after you use Eraser (in the ‘System Tools’ section of the Accessories group of your program listing).

If you don’t care about maintaining a working computer, you can wipe out the entire hard drive with a secure wipe program such as Darik’s Boot and Nuke. This free utility will completely and securely wipe your entire hard disk and is available here.

This is a great option for those that are only interested in donating, selling or recycling the hardware and not any software. Boot and Nuke does a much more thorough job then simply “reformatting” the hard drive with your operating system. It conforms to Department of Defense data clearing and sanitizing standards and makes it nearly impossible for anyone to get anything of value off of the drive.

This procedure is much more comprehensive but requires some technical experience (making a boot disk or bootable CD) in order to use it.

If either of those options sounds too technical, simply remove the hard drive from the system before disposing of it so you can deal with the sensitive data at a later date. Keep the drive until you can find someone that you trust to securely delete your data for you.

I often hear people say that it’s just easier to throw their old equipment in a dumpster, which is a really bad idea. Never throw an old computer away as it’s filled with hazardous waste. Recent studies claim that as much as 40 percent of the lead in our ground water is from all of the consumer electronics that have been dumped into our landfills.

If you can’t find a church, school or charitable organization that is willing to accept an old computer in your local area, check out the National Christina Foundation, which will help match donors with organizations that can make use of older technology.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

Someone is using my email address and other info to sign me up online for various groups, seminars, etc. Are there laws regarding this? –Jim

While there are various federal and state laws against email “spoofing” and other forms of misleading or deceptive transmissions, the problem is tracking down and prosecuting the perpetrators.

You’re assumption that “someone” is doing it is the first problem. In many cases, automated processes written by those that have less than noble intent are “scraping” your email address from a legitimate source (a Web site, a forum, a blog or one of those infamous emails that someone sends to “everyone they know”) and using it for their malicious purposes.

If you are getting email from sources that seem legitimate that you’ve never signed up for, your assumption that “someone” is signing you up is more likely to be the result of something that you subscribed to that had a side relationship with another group buried deep within the ‘I agree’ page.

As a business owner, I am constantly barraged by marketing firms that claim that they have “clean” email lists that only contain addresses of folks that have “opted-in” to a list saying that they would be OK with being sent “special offers.”

The problem I have with these claims is that I have yet to meet anyone since the inception of the Internet who has ever knowingly said that they have approved some random marketing firm to send them “special offers” whenever they felt motivated to do so.

The most likely causes of what you are describing are from rogue automated systems that have subscribed to a service using your address (in order to gain access to something else they were after) or your own actions of signing up for something and not fully reading the legal psychobabble agreement that you were required to agree to in order to get what you wanted (free download, chance to win, register for, etc.)

This is why we have preached since the beginning of the spam problem that you always have two email addresses: one that you keep private and one that you use for all of the various sites that you make purchases on or register for or when you join a social networking group.

The Internet is infested with sites that have no other motive than to get you to sign up for something that seems legitimate, but in fact is nothing more than a front to mine for email addresses.

Unless you are paying very close attention to everything you ever do on the Internet, it’s nearly impossible to keep your email address from being manipulated by those that can profit from it.

If you don’t have a second email address, sign up for a free account at sites like Gmail.com (Google’s free Web mail service), Yahoo.com, and Hotmail.com (Microsoft’s free Web mail service) and use it for anything that isn’t important from now on.

If you are being sent newsletters or other correspondence from legitimate companies or Web sites that you recognize, you can usually be safe in clicking on the unsubscribe link located at the bottom of the messages. But be very careful not to unsubscribe from messages that are not from familiar companies, because this is often a tactic used by spammers to get you to verify your address so they can sell it to other spammers as a verified address.

Old world ethics like respect and civility don’t exist on most of the Internet and your email address is the currency of the new economy, so guard it as best you can!

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

My computer is making strange grinding sounds, but not all the time. There is no rhyme or reason to when the noise occurs; it just seems to go in and out on its own. What can this be and what should I do? –Tom

Most of us operate our computers in an environment where we can hear the normal whirring and blowing sounds of the various fans and mechanical components that are inside of the computer.

When you start to hear grinding sounds from your computer box (often referred to as the CPU), it most likely will be one of the mechanical devices inside the computer.

The actual device that is making the noise can either signal a minor issue or a major issue, so it is important that you determine the source of the noise as soon as possible.

Some of the more minor items include floppy drives, CD or DVD drives or secondary case cooling fans. The reason that I refer to them as minor is that if they do fail, it won’t cause permanent damage to the system or cause the system to be completely inoperable.

If you are familiar with the insides of a computer, you can remove the cover (with the system turned off) and try to locate the source of the noise just by listening. Be sure to avoid touching any of the electronic boards so you don’t generate electrostatic discharge (ESD), especially if you are on carpet.

If the grinding noise is constant, all of the minor items can be quickly eliminated by shutting down the computer and disconnecting the power to each item (one at a time) then restarting your system.

The items that could create a major issue include your power supply cooling fan, your processor cooling fan and your hard drive.

If the power supply cooling fan (usually located at the top and back of your computer) is the source of the noise, it is more annoying than it is destructive. If the nose stops, however, it could mean that the grinding fan has stopped spinning all together, which will cause the power supply to overheat and fail (the most obvious symptom of this failure is that nothing will power on).

When a power supply overheats, before it completely fails, it is likely to start sounding erratic voltage to the various devices that are connected to it, such as your motherboard, add-on cards, memory, processor or hard drive.

If the voltage becomes excessive, it can cause damage to these components further increasing the cost of repairs.

The key here is that if the grinding sound suddenly stops on its own, make sure that the power supply fan is still spinning. Usually, you can just hold your hand by the opening of the fan to feel that it’s still blowing out.

If it has stopped spinning, shut your computer off immediately and have it serviced by an experienced person that will also examine your main board for signs of “blown caps” (capacitors).

Blown capacitors are much more common than most folks realize because they don’t necessarily cause the computer to stop working, they cause the computer to have very strange intermittent issues (examples of how to spot them can be found here).

If the noise is coming from the fan that is designed to cool your processor, you will want to replace the fan before it fails, especially if you are running an AMD processor. Over the years, we have seen Intel processors hold up better when they overheat, but you really don’t want to put any processor in a position to ever overheat.

The final mechanical item that will cause you the most distress is your hard drive. If you know that the sound is coming from the hard drive or if the grinding sound coincides with the flashing of the hard drive light (on the front of your computer) or if it’s accompanied by an occasional clicking sound (in the data recovery business, we refer to this as the “click of death”), your data could be in jeopardy.

The various components inside of the hard disk drive are designed to operate in very tight tolerances and running a computer with a failing disk drive will most likely cause irreparable damage. Again, if you think the sounds are coming from your hard drive, turn off your computer immediately and seek a qualified technician, especially if you don’t have a good backup.

The real message is when you hear strange noises coming from your computer don’t ignore it. Unless you like big repair bills, you don’t drive your car until it breaks, so from now on, don’t drive your computer until it crashes either.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

How long should a hard drive last and are the new solid state drives going to be more reliable? –Peter

Today’s hard drives are faster, store more information, and are more reliable than ever before, but just like any other electronic devices, they have the possibility of failing.

Current hard drives are designed to run non-stop for years and have warranties that range from one to five years, but that is of little comfort if a six-month-old drive full of your family photos, address books, or financial information fails and you don’t have a current backup.

A thin attempt at trying to rate the life of a hard drive through MTBF (Mean Time Between Failure) has been around for a long time, but the reason I call it “thin” is that every manufacturer uses different parameters for publishing this spec.

An MTBF of 700,000 hours equates to about 80 years, which is NOT how long you can expect the hard drive to last, but a rating based on a bunch of math that the manufacturer chose that can be misleading.

MTBF has become in the words of a pundit on the Internet “a statistical measure that we are not supposed to believe,” so don’t take it at face value.

Based on our Data Recovery lab’s experience over the years, a high MTBF rating is fairly immaterial because the vast majority of the failed drives we are asked to recover data from are less than three years old.

What makes a hard drive failure unlike any other type of electronic failure is not only do you lose the use of the device, you potentially lose all of the information that is stored on it.

Think about how tragic the failure of your DVD player would be if all your movies and family videos disappeared along with it.

Despite the age and mechanical nature of magnetic hard drives (which were first created in 1956), they continue to be the most economical way to store large amounts of information.

For almost the entire 20+ years that I have been involved in the computer industry, I have been hearing the prophecies of the “end of the magnetic hard drive.”

Despite all of the various alternative storage technologies that have been developed, none have been able to overcome a simple economic equation: the cost per megabyte.

The most recent entry into mass storage is the Solid State Drive (SSD) which is based on the same technology as your digital camera’s memory card, just a lot bigger (and a lot more expensive)!

As a point of reference, the current price for an 80 GB SSD is over $1500, while a magnetic 80 GB drive is less than $60. The SSD’s cost per GB will have to come way down before the average Joe has any interest in owning it.

While it’s true that SSDs have no moving parts, there is no data that suggests that they are more reliable as a result. In fact, some are suggesting that since chip failure is more common than drive failure in today’s personal computers, it might actually make SSDs less reliable in the long run.

The most interesting thing that I have seen from the mass storage community is what are being labeled “hybrid” hard drives (HHDs).

Hybrids incorporate the best of today’s magnetic technology with a very large Solid State “cache” drive, which makes the drive faster and consume less battery life making them ideal for laptops.

A cache circuit stores recently accessed information, which reduces the need to go back to the spinning magnetic hard drive which is what speeds up access times.

There are some drawbacks to this method of data storage and access, so the jury is still out as to whether this combination is worth the extra money.

What you really need to take away from this column is this:

There are only two kinds of hard drives: those that have failed and those that are going to fail, so plan accordingly (back up, back up, back up)!

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

I will be leaving for a vacation for three months; how should I shut down my computer while away? I would also like to get my emails while away. –Bob

Technology has changed how most of us vacation and knowing what your options are before you leave can often save you lots of money and frustration.

As far as protecting your computer while you’re away, the best thing to do is to shut it down and unplug it from the electrical outlet as well as any Internet connection that you use.

The primary objective is to protect it from any external power anomalies that might occur while you are away.

Most folks remember to unplug the computer from the power outlet to eliminate any chances of getting “hit,” but don’t realize that the computer is still exposed to potential power surges through a high-speed Internet connection or even a dial-up modem.

Another thing to consider is your inkjet printer. One of the most common problems for those that don’t use their inkjet printers for an extended period is that the ink is clogged up when they get back from a long vacation (this is not an issue with laser printers).

No matter what brand of printer you use, run the built-in head cleaning utility for your inkjet printer prior to leaving for an extended period.

In some cases, you can remove the ink cartridges and place them in a sealed plastic bag to reduce the chances of them drying out (check the support section of the manufacturer’s Web site before doing this).

Make sure you store the ink cartridges upright and put a piece of tape over the print nozzle and any breather holes.

As far as getting your e-mail while on the road, there’s no shortage of options. The key is to make sure you have a “web-mail” account before you hit the road so you can get to your messages from any Internet terminal.

Most larger e-mail services offer a Web-mail option, so start by checking with your vendor. If they don’t offer anything as part of your service, sign up for a free Gmail account from Google.

You can configure Gmail to check your regular e-mail account(s) as long as they conform to industry standards for electronic mail.

Once it’s set up, you can get to your mail from any computer that has an Internet connection or any handheld device that can access the Internet.

Internet cafes can be found in virtually every country in the world these days and finding them right down to a neighborhood is generally possible.

There are a number of online cyber cafe directories such as cafetouch.com, but I have found that if you search for “Internet cafes in (name of the city, or region)” in Google, you can find location specific resources that are more helpful.

Cruise ship and hotels these days offer options for gaining access to the Internet, but most are very expensive as they are charging you for the convenience.

If you do a little homework before you leave and think through exactly what level of access you will need while on vacation, you can be very efficient and keep the costs down.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

What is the difference between viruses, worms, and Trojans? –Patrick

The world of computing has always had pranksters developing rogue software programs with ill intent, but these days, the intent is becoming more menacing.

Technically speaking, viruses, worms, and Trojans are different transmission methods to deliver a malicious “payload”, usually to compromise your computer. Knowing the differences can help you understand how to protect yourself from them all.

A computer virus is much like a human virus, in that it needs the help of a human to spread. The most common way to get infected by a virus is to manually run a program that has the malicious code attached to it.

All viruses are avoidable because the user has to double-click or run the infected file in order to get infected. The best way to avoid computer viruses is to avoid running any program or file attachment that you are not 100% sure about. In addition, keeping your anti-virus program up-to-date will generally stop you from running an infected file before it has a chance to attack your computer.

The problem with relying on your anti-virus program to protect you all the time is that the bad guys have the upper hand. Anti-virus program vendors can create protection against a new virus only AFTER it has been released in the wild and in most cases started to infect users.

Before the Internet connected us all together, the most common way to get infected by a virus was to run a program on a floppy disk that came from an infected computer, which meant virus spread was slow and anti-virus companies had the time to create and distribute updates.

Today, a new virus can spread across the world in a matter of hours if humans can be “tricked” into opening or running a file they get via e-mail, instant messaging or from a rogue website. One of the key indicators that a file may be dangerous is if it has the .EXE extension, which means that it is an executable file.

You should never open or run an EXE file that you receive via e-mail, instant messaging or from a website unless you are absolutely sure of its validity.

A computer worm, unlike a virus, doesn’t need a human in order to spread. A worm is capable of “worming” its way from computer to computer through a network without the assistance or knowledge of the infected party.

The Internet is the world’s largest computer network, so any one user is capable of spreading a worm to every other user on the entire network, which is why this method is so insidious.

One of the keys to defending yourself against worms is to install a firewall. If you are on a high-speed (always on) Internet connection and you don’t have a firewall in place, the thousands of worms traversing the Internet every minute are capable of infecting you just because you are physically connected to the Internet.

Broadband “routers” (which are considered hardware firewalls) are a must have on today’s Internet because they provide a single point of protection for all the computers in your home or at your business. Software firewalls should be considered a second layer of protection to be used in conjunction with a hardware firewall.

Trojans are programs that hide themselves inside of other programs and “jump out” once the carrier program has been run. Users that like to download and install lots of free programs that they find on the Internet or on file sharing networks are at the highest risk of being infected by a Trojan.

Unfortunately, the vast majority of today’s attempts to infect you use a “blended threat” approach, which means a virus and a worm or Trojan are usually coded together in the same attack, so don’t let your guard down!

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

What do I need to do to be safe before I start preparing tax returns on my computer? –Amanda

The Federal Trade Commission estimates that nearly 10 million U.S. consumers annually are victims of identity theft and it’s no secret that computers and the Internet play a prominent role.

Malicious computer activity for the longest time has been blamed on young, misguided computer nerds that were out of touch with the real world. The reality is that very sophisticated crime rings have gotten Internet savvy so that they can take advantage of the millions of unsuspecting users that traverse the Internet every day.

Organized crime from around the world is constantly looking for ways to sneak into your computer, often with the intent of capturing your personal information through silent running “keyloggers” or backdoors that allow complete access to everything on your computer.

Keystroke logging (often called keylogging) was originally developed as a diagnostic tool most commonly used in the development of software and hardware products. It can help developers debug code and improve the user experience by understanding exactly what was typed and when.

And just like every computer tool that has ever been developed for productive reasons, there is always someone looking to exploit the tool for malicious reasons. Malicious programs can be hidden inside of other programs or make their way into an unprotected computer by simply visiting a rogue website.

Once one of these hidden programs is installed into your system, it can silently record every keystroke made and send it to a remote computer anywhere in the world or provide a remote user complete access to all your files.

Software keyloggers and Trojans can be transmitted via e-mail file attachments, instant messaging, self-replicating worms, or hide within the pages of a malicious Web site.

Thankfully, most anti-virus and anti-spyware programs today are capable of searching for currently known exploits and remove them, but only if they are constantly updated.

If you’re one of the 22 million households that will prepare your taxes on your personal computer, you should take the time to make sure that your system is “clean” and properly protected before getting started. (Data Doctors has posted a complete set of tips here.)

The quickest way to see if you should be concerned is by checking the number of processes running on your Windows-based computer. After a fresh reboot and with no programs running, launch the Task Manager by pressing Ctrl-Alt-Del.

In the bottom left hand corner of the Windows Task Manager window look for the word “Processes.”

A well-optimized and clean system will generally have no more than 35 - 40 processes running. The higher this number is, the more unnecessary processes you have running in your system, which could be an indicator that you have spyware or other undesirable software running in the background of your computer.

While a high number of processes is not necessarily an indication that you have a keylogger installed, it’s never a good idea to have unneeded processes running, especially since the bad guys are really good at hiding from you.

Make sure you have all of the latest security updates and do a complete scan of your entire computer with both your anti-virus and anti-spyware programs. These procedures will take hours to run, but it’s better safe than sorry when it comes to your identity!

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

I keep seeing ads for business card scanners and they make it look convenient — but do they really work? –Jason

Having just returned from our annual franchise trade association conference, this question couldn’t have been timelier.

As with any large conference, we often return with a stack of business cards with miscellaneous notes scribbled on them that need to be processed.

The value of a business card scanner is based on the value of the information that you want to scan. If you are in sales, business development or any other position that relies heavily on keeping in touch and you don’t have a good structured process already in place, they can be worth their weight in gold.

They are certainly more efficient than manually inputting business card info into your address book, but they are not perfect.

I did a test on one of the more common units that you’ll see in electronics and office supply stores: The CardScan Personal ($150 -$160 street price).

The installation and calibration only took about five minutes and was very easy. From a hardware perspective, all business card scanners are quite similar so the real key is the software that does the organizing and OCR (optical character recognition).

I scanned 80 business cards that ranged from traditional simple formats to elaborate layouts and color schemes.

What I found was quite understandable; the more traditional the card, the higher the accuracy.

The government issue business cards that I received from FBI agents that I met at a speaking engagement scanned in flawlessly. The name, title, company address, phone, fax and e-mail information was all captured perfectly.

Unfortunately, most companies get more creative with their business cards these days, so don’t expect that kind of accuracy for most of your scans.

Of the 80 scans I did, 57 of them required some editing of the results, but most of it was minor.

For instance, the Company field was blank on any card that had the company name only in a fancy logo or when it guessed wrong and put the person’s title in the Company field.

The good thing is that the actual scanned business card image is displayed (in black and white) just below the database fields, so it’s real easy to know what changes need to be made.

More important, it doesn’t take much to fix the minor issues (often you simply cut and paste from one field to another or type in a company name).

Once I had the 80 cards scanned and cleaned up, I was able to export the entire database of information into a file that could be imported into my Outlook contacts. The instructions on how to import the file into Outlook was included on the screen once I completed the export from within the CardScan software.

If you really want to get sophisticated, you can synchronize the CardScan database with your Outlook or Palm Desktop contacts so that all contacts would exist in both databases.

You can also setup an Internet based “At Your Service” account which copies your contacts up to a Web-based interface for backup and flexible anywhere access.

All-in-all if you deal with a lot of business cards on a regular basis and want to keep an electronic copy of every card you ever get and convert them into a database, this product does the trick.

CardScan also offers more robust scanners that are capable of interfacing with many of today’s most popular CRM (Customer Relationship Management) programs such as ACT! and Goldmine.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

How can I burn music from any online radio station? Is there any software available that will do a good job? –JP

If you’re an old timer like me, you fondly remember the days when recording music from the radio was the pinnacle of cool…

All the latest stuff could be recorded for free as long as you were willing to deal with the commercials and the less than desirable songs that usually accompanied the hits.

While over the air radio is still a possible source for recording free music, the plethora of Internet radio stations that broadcast a clean digital signal is a much better choice.

Instead of the “old-school” method of capturing the songs on an analog cassette tape and fast forwarding through the junk, capturing audio streams from the Internet in a digital format gives you much better control of what can be done after the recording.

Once you capture any audio from an Internet stream, you can edit what was captured to eliminate commercials, purge the less than desirable songs and save each piece as an individual song.

In many cases, the audio capture program can detect pauses in sound as the logical beginning and end of a song and save each song separately on the fly.

Just about anything that passes through your sound card can be captured with this type of software, much of which is free.

One of the easiest to use programs that I have tested is called Freecorder from Applian Technologies, which actually integrates as a toolbar into your browser (Internet Explorer or Firefox).

Once installed, the Freecorder toolbar will appear in your browser with simple options to record, stop, pause, play, and change the settings of the program.

Depending upon how your computer is setup, you may have to play with some of the “Record from…” settings to make sure you capture your audio properly, but within minutes of installing the program, you are ready to go.

I tested it first with one of my favorite online music sources: Pandora, which creates personalized radio stations with no commercials based on artists and songs that I start with.

I clicked on the “Record” button in the Freecorder toolbar then started my Pandora music channel and let 6 songs play before hitting the Stop button on the recorder. Next, I hit the Play button and a window opened with the newly recorded music.

I was pleasantly surprised to see that each song had been saved as an individual file and even my Outlook “new mail notification sound” was captured as individual files (so make sure you turn off your e-mail audio alerts or they will get captured as well!)

From there, I can simply rename each file (the default format is MP3 at 128kbit/s) and then stage them to be burned for an audio CD or add them to my iTunes library to sync to my iPod.

If you are more of an audiophile or want to be able to schedule recordings, there are a host of programs that you can buy that will give you much more control over the finished product.

Some of the higher rated products that contain a scheduler include the i-Sound WMA MP3 Recorder Professional ($29.95) and the Total Recorder series from High Criteria ($17.95 Standard Edition, $35.95 Professional Edition).

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

I occasionally communicate via e-mail, text messaging, and forums with people in other countries and want a resource to translate things quickly so I can better understand some of what is posted. Any suggestions? –Reg

Despite the fact that the Internet was launched and fostered in the English language, today you can find resources posted in every language on the planet.

Gone are the days that English was the required language in order to communicate with the online community. Everything from social networking sites, forums, and instant messaging to online games will put you in contact with folks that don’t necessarily speak English.

Having the ability to say hello in a number of languages or to decipher an e-mail or Web site that is in a foreign language is becoming more common.

There are many free Web sites that can do the trick and most of them look the same, but the results can be quite varied.

As with any automated translation process, the quality of the translation will always be less accurate then having a human translator. In fact, it can be downright wrong, so I would never recommend using automated translators if you’re working on an important business transaction or legal document.

The best description was posted at one of the sites: They allow you to grasp the general intent of the original text, not to produce a polished translation.

One of my long-standing favorites for translating words or small groups of words is Babel Fish from the long forgotten search engine AltaVista.

It can translate English to Chinese, Dutch, French, German, Greek, Italian, Japanese, Korean, Portuguese, Russian, and Spanish and vice versa (and it will use the character set for that language — even the Asian dialects).

It can translate words and sentences (up to about 150 words at a time) but oddly enough, it works best when the text you translate uses proper grammar! Slang, misspelled words, poorly placed punctuation, and complex or lengthy sentences can all cause translations to be incorrect.

Once the translated text appears, simply copy and paste it and voila, you are semi-multilingual.

Babel Fish can also attempt to translate an entire foreign language Web site, but remember, it will give you the general intent of the original text and so much of it will make no sense.

For instance, I tested various translators with the EPA’s Spanish version of its Web site. The opening sentence of the welcome paragraph was translated to say this:

Independently from our cultural patrimony, all we benefitted from a clean and healthful medio.ambiente.

Not only did it misspell a word (benefited) but it was unable to translate medio.ambiente to environment, which is what the entire Web site was all about.

You can expect this same level of accuracy when you translate English sentences into any other language; much is lost in translation and you can end up sounding like a dork!

Another site that seems to be slightly more accurate on Web site translations (but no more accurate for words and sentences) is freetranslation.com (free translators are on the far right). It also offers a number of professional human-based translation services for anyone that needs to rely on an accurate translation.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

All the cables around my computer are an eyesore and I would love to find a way to make it more organized. Please help! –Jan

Despite the popularity of wireless, the majority of computer users are dealing with this same problem because much of what connects to the computer has a cable.

Those that want reliability over convenience tend to stick with wired solutions, but as wireless technology becomes more reliable, some gains will occur from converting.

For instance, if you get a wireless keyboard and mouse, you can eliminate the wires from those devices to your computer, but it still requires the same number of wires be connected on the computer from the transmitter/receiver.

The real question (even if you have one of the new iMacs that do a great job of cable management) is how can I organize the cables that are required for my printer, scanner, USB hub, iPod, monitor(s), power protection and the list goes on.

Converting some of those peripherals from wired to wireless is an option, but it comes with some downside. Wireless peripherals tend to be more expensive, often more complicated to setup and keep running and commonly have batteries that need to be replaced on a regular basis.

If all of those concerns are not a problem for you, decide which devices you are willing to convert to wireless. Wireless printers are my least favorite, because when they work their great, but when they don’t they are a nightmare!

If you are not sure about a particular peripheral, don’t buy a wireless substitute because the salesman at the store said they were great; ask around and surf the Internet so you know what a large number of people are saying about it.

No matter what you decide, you will still have to deal with some cables, so finding good cable management products is very helpful and will make the ladies in your life really happy when you’re done (I am writing this on Valentines Day)!

There are a plethora of cable organizers on the market, but having worked with many of them, here are some things to keep in mind.

Any system that is difficult to remove will become a pain in your neck down the road. For instance, you can use standard cable zip ties (examples are here) that will quickly allow you to tie all the cables together, but if you ever have to make an adjustment (like replace the keyboard, etc.), you will have to cut them all off and start over again.

My favorite basic solutions use either Velcro ties, “spiral wrap,” or the “split loom tubing” (a corrugated flex tube that is split on one side) approach.

Velcro ties are inexpensive and reusable but they leave the decision on how to organize the cables up to you. Where you put them and how many you use is generally determined by the various paths that your cables may need to take. This solution will clean up the cables, but it won’t hide them.

Most office supply and electronics stores sell them in packages for $5 to $10 and they come in different colors in case you want to identify cable groups by their color.

If your cables are exposed (desks that are not pushed up against a wall, for instance) or they tend to all run in the same path, the spiral wrap or split loom tubing solutions are nice because they completely cover the cables (you can see examples here).

You can usually buy a roll of these types of cable organizers and cut it to the required length. It takes more time to install these types of organizers, but it will look cleaner when you are done. They are also a little more work than Velcro ties if you have to make a change down the road, but not bad.

If you want more elegant options for managing your cables, do a search in Google for “enclosed cable organizers.”

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

Is there any way to capture the videos you view on YouTube? –Judy

The extraordinary popularity of YouTube for both aspiring videographers and viewers has made online video one of the most consumed types of content on the Internet.

Most of us have gotten an e-mail with a link to a YouTube video that was funny or interesting and thought “I’d like to download that video.”

The folks at YouTube really don’t want you to download the videos, because they make their money from visitor’s “page views,” so they designed their videos to only play from your browser.

Their method of saving your favorite videos is to sign up for a free account and save it to your favorites, which are only available when you log in.

That’s not the same as downloading it, but it will allow you to keep track of your favorites.

The reason you can’t just right-click on the video and save it to your hard drive is because YouTube videos are in the Flash Video (.flv) format.

There are two steps to achieving your objective: downloading the video and choosing a method to view the video.

There are a number of download “helper” Web sites that can grab video and download it to your computer. One of the more popular sites that can download video from YouTube and many other video sites is KeepVid.com.

Simply copy and past the exact URL of the video that you want to download, tell the downloader the site where it’s hosted, and you’ll be asked where you want to save the file.

You can name the file anything you want, but in order to see the video once you download it, you will need a Flash Video viewer. A free player is available here, but pay attention during the installation or the Yahoo! toolbar will be installed in your browser and Yahoo! will become your default search engine (just remove the checkmarks during the installation).

If you aren’t in any particular hurry, you can use another download helper at Zamzar.com that can also perform the conversion at the same time. The reason you can’t be in a hurry is that once you paste in the URL and choose the file format you want it converted to, you will have to wait to get an e-mail notifying you that the conversion is done.

You must then click on the link in the e-mail in order to download the completed file and you must download the file within 24 hours of receiving the notification e-mail or your video will be deleted.

There are plenty of not so subtle offers to speed up the process, which of course will cost you a monthly fee.

If you plan on doing this a lot, you may want to consider purchasing a program that is specifically designed for the task such as Replay Media Catcher.

Both a trial version of the program and a demonstration video are available at the site, so you can try it before you buy it.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

Is there a way to download a recorded program from a DVR to a PC or laptop which would then possibly be burned on to a DVD for permanent storage? –Ben

The Digital Video Recorder (DVR) has replaced the VCR as the de facto standard for most households that want to record television programming.

The range of options include stand alone systems, such as the TiVo, to DVRs that are built into cable and satellite tuner boxes that can record exponentially more programming than our old six-hour VCR tapes.

Since what is recorded is digital, it can be transferred and copied in numerous ways without the traditional loss of quality that occurred when making copies of analog video tapes.

Your exact DVR and PC will determine the options available to you, so checking with your supplier or manufacturer is a good first step (TiVo has the TivoToGo option for instance, while some PCs come equipped with special video cards and software designed to connect to any video signal.)

Typically, DVRs have standard RCA output jacks (coded as red and white for the left and right audio channels and yellow for the video channel) or S-Video jacks that would allow you to transfer the recorded shows from the DVR to your computer.

In order to do this, you will need some special equipment that will allow you to connect the two and capture the video signal as it’s being played.

For most non-technical users, one of the easiest methods that I have found is to purchase a video transfer “kit” that includes the cables, converter box, and recording software in one package.

These kits are converting the analog output from your DVR into digital, so it’s not as clean as a pure digital transfer, but if you want it to be easy, this may be your solution.

I have had good success with the Video Xpress system from ADS Tech ($50) that allows you to capture any analog video output (VCR, DVD, DVR, camcorder, etc.) to your computer through a special box that connects to a USB 2.0 connection.

Once you install the software on your laptop and connect all the cables, you simply press the play button on your DVR and the record button in the software on your laptop to record the video stream real-time.

Once you have captured the video, you can do simple edits and then burn it to CD, DVD, or convert it for use on other devices such as Sony’s PSP or video iPods.

If you are interested in other video capture options including HDTV or direct to disc, take a look at the other offerings at ADS Tech’s Web site.

Another company that has some interesting offerings is Pinnacle Systems, including a brand new product called Pinnacle Video Transfer ($130).

The difference in the Pinnacle Video Transfer system is that you don’t even need a PC to transfer your video from your DVR to an iPod, PSP, USB 2.0 hard drive, or USB flash memory device.

Once it is on an external hard drive or flash memory stick, you can transfer it to any PC to burn DVDs, video CDs, or whatever you want to do with it.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

I have a mountain of music CDs that I want to have transferred to my iTunes, but I don’t have the time to get it all in. Are there services out there that will do this for me? - Rob

The explosion in popularity of portable music players such as the iPod has created a new problem for many music lovers: transferring their extensive CD libraries into digital format on their computer.

Depending upon the speed of your computer and its CD/DVD drive, a single CD can take up to 10 minutes to “rip” onto your computer. If you have a library of 300 CDs, you are looking at a 50 hour job to get them all transferred.

Most users have manually ripped a CD in iTunes or Windows Media Player and the thought of doing it 300 times is overwhelming.

But before you go shipping your CD collection halfway across the country and paying $1 to $2 per CD (many services have a minimum of 50 to 100 CDs), there may be a way for you to easily get your music into your computer.

If you change the default setting for your music program, you can tell it to automatically rip a CD any time that you insert it into your machine.

For instance, in iTunes you can set the program to automatically rip CDs by clicking on the “Edit” menu, then on “Preferences,” then on the “Advanced” tab, and then on the “Importing” tab. Change the option for “On CD Insert” to read “Import Songs and Eject” and while you’re there, be sure to change the “Import using” option from Apple’s proprietary AAC format to the universal MP3 format (this will allow you to use the files on any standard MP3 player down the road, just in case the iPod someday loses its luster!) Once you have changed this setting, if you have iTunes open when you insert an audio CD, it will automatically start importing the music into your library and eject the disk to let you know when it’s done. You can also set Windows “AutoPlay” to automatically open iTunes and import a CD the next time you insert a CD without iTunes open (be sure to check the “Always do this…” box once you have made your selection.) If you are a Windows Media Player fan, you can set the same option by going to “Tools,” then “Options” and click on the “Rip Music” tab. In the “Rip Settings” section, change the format from the WMA format (Windows Media Audio which won’t play on an iPod) to MP3 and put a checkmark in the “Rip CD when inserted” and “Eject CD when ripping is complete” boxes.

If you keep your CDs in a stack next to your computer, in a relatively short period of time, you will be surprised to see how quickly you get your music transferred into your computer. Before you get started, however, there a few things you should check. The first is the amount of free disk space on your computer’s hard drive. An average CD will take 50MB of space on your hard drive, so be sure to calculate how many CDs you can transfer before getting low on space. Also, check the CDs to make sure they are clean before you insert them and finally, once you get you music library imported, get an external hard drive backup system so you don’t lose all this hard work. If you still would rather pay someone to do the work, use Google to see if a local company offers the service (even if it cost more per CD) before you go through the hassle and expense of packing and shipping your collection. Try using “CD to MP3 transfer service (name of your city and state)” in Google to find a local company. Also, do some homework (BBB, user forums, etc.) on the company that will be in possession of your music library, especially if you only know them from their Web site — and don’t forget to insure the package when shipping.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

How can I tell if my child is being subjected to cyber bullying? - Laura

The recent events of the teen that committed suicide in Missouri as a result of being tormented through a MySpace page illuminates the phenomenon that has been labeled “cyber bullying.”

As it turns out, a neighbor and associated school mates posed as a teenage boy that was interested in the girl, then suddenly turned on her via the MySpace page.

While the resulting suicide in this case is not commonplace, the incidence of using technology to bully others has been on the rise.

Our kids are completely immersed in technology these days, with a major form of their communication coming through text messaging, instant messaging and social networking sites.

This constant contact via technology also allows the school yard bully to continue to hound their victims 24 hours a day and invite others to pile on.

This pack mentality combined with the anonymity of the attacks puts a lot of stress on young victims that don’t know how to deal with the situation.

The statistics according to iSafe.org are pretty alarming:

• 42% of kids have been bullied while online. 1 in 4 have had it happen more than once.
• 35% of kids have been threatened online. Nearly 1 in 5 have had it happen more than once.
• 21% of kids have received mean or threatening e-mail or other messages.
• 58% of kids admit someone has said mean or hurtful things to them online. More than 4 out of 10 say it has happened more than once.
• 53% of kids admit having said something mean or hurtful to another person online. More than 1 in 3 have done it more than once.
• 58% have not told their parents or an adult about something mean or hurtful that happened to them online.

Parents that are completely out of the loop with their child’s technology usage can find it hard to detect when something of this nature may be occurring, but generally speaking, changes to the child’s behavior will accompany the attacks.

Not any of these signs on their own is an indicator, but combined they could warrant a discussion with your child:

• Unusually long hours on the computer
• Clearing the screen when you enter room
• Secretive Internet activity (won’t say who their chatting with)
• Getting behind in school work
• Lack of appetite, headaches or Stomachaches
• Trouble Sleeping
• Fear of leaving the house, especially to go to school
• Appears upset after Internet use.
• Hesitation to get online
• Cries for no apparent reason
• A marked change in attitude, dress or habits

Our schools and lawmakers are still trying to catch up with this new form of abuse, so how to report such activity will vary greatly based on your community.

There are many Web sites that can help if you think your child is a victim of cyber bullying, including stopcyberbullying.org, cyberbully411.com, ncpc.org/cyberbullying and iSafe.org.

It’s also vital to discuss with your “screenager” the importance of not participating in any online discussion that serves to demean or belittle others. What may seem like a harmless action only serves to amplify the problem for the victim and encourages the instigator to continue.

From a technology standpoint, if you feel the need you can install a program that will track all of the activity that occurs on your child’s computer, including what others are sending them via instant messaging.

Check out the various tracking software available from sites such as spectorsoft.com and spytech-web.com as the activity logs that they generate can come in handy if you need to report the problem to a school or law enforcement.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

On occasion, I have the need to hold online meetings with folks from around the country, but most of the companies that offer the service charge more than its worth for my needs. Are there any cost effective online meeting tools for those of us that only need it 3 or 4 times a year? - Joseph

Virtual meetings can be a very cost effective way to meet and the options for meeting continue to grow.

The video teleconferencing trend started over a decade ago, but the cost of these elaborate video based systems is not for the casual user.

In addition, many found that they didn’t really need to see the other participants; they really just needed to see the presentation materials that were connected with the meeting.

This made way for less expensive “online collaboration” tools that would allow a presenter to share their screen via the Internet with all of the participants while on a telephone conference call (and add a webcam if you really needed to see what the others looked like).

These tools have developed over the years into very sophisticated meeting and training tools that include features such as recording both the audio and display screens (great for building a training library), transferring control of the presentation to any of the participants and support for Windows, Mac and Linux users on the same session.

Most of the tools give you the option to use a toll or toll free telephone number for the phone conference call as well, so everything you need to hold an online meeting is included.

There are a number of services available for online meetings, but what you want to do during the meeting and how many participants will be involved are the primary factors that will determine the best fit for you.

If you don’t care about recording the sessions, don’t need room for more than 10 attendees and don’t mind a little advertising during your meeting there are free services, such as Yugma that could fit the bill.

You can use it as many times as you want, but never more than 10 attendees at a time.

If you want to be able to record the sessions, avoid the advertising and add options such as session scheduling or mouse & keyboard sharing, you can upgrade to one of Yugma’s pay services, which start at $9.95 a month or $99.50 per year (10 users).

If you want to hold larger meetings (15 to 25) and want reports on everything that happened during the session (including how many people went to another screen during the presentation!) another service to consider is GoToMeeting (starting at $49.95 per month).

Webex has a number of services for small businesses including a “pay-per-use” option that charges you 33 cents per user per minute, plus 20 cents per user per minute if you want to use their integrated teleconferencing system.

Or if you want to host a “webinar” (web seminar) where up to 1,000 attendees can see the presentation and listen to the conversation but not speak during the meeting (they can interact through a chat interface), you may want to look into GoToWebinar (starting at $99 per month).

They way all of these systems work is that the individual that is “hosting” the meeting installs the software that allows them to start or schedule a session which shares their desktop with others and then send invitations via e-mail to the desired attendees.

The attendees click on the link in the e-mail just prior to the beginning of the session so that the software that allows them to join the session can be installed.

As the attendees connect to the online meeting, the host’s dashboard shows who has connected so you can determine when you want to start your meeting (the audio is carried via a standard conference call phone number).

If any of these services seem interesting, you can take them all out for a test drive by looking for the free trial option at each site.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

Q: Can I get a virus from watching a YouTube video?- Cassandra

A: The methods used by the various malicious elements that are lurking on the Internet continue to evolve and some security experts are warning that the next target will be to exploit online video (not just YouTube videos).

As of this writing, there is no current exploit that is known to infect users that simply click on a YouTube video, but that does not mean that there is no danger.

The popularity of YouTube has extended to millions of Web sites that post images that link to the YouTube Web site and run the video when clicked (referred to as an embedded video). As long as the link is actually pulling the video from YouTube, you would be safe, but a recent scam illuminates how attentive you must be when clicking on what appears to be a YouTube video.

Last year, fake YouTube videos started to appear on approximately 1,400 MySpace pages that tried to lure users into installing a pop-up adware program.

The fake player appeared to be a YouTube video, but the link took users to a completely different Web site: Yootube.info (a site hosted in Amsterdam that has since been taken down).

Once there, users were presented with a Windows Media Player video and a prompt to install software to view the clip. Those that agreed to the license ended up installing a program that generates pop-up ads from a company called Zango Cash.

Zango Cash, oddly enough, agreed to pay a 3 million dollar Federal Trade Commission fine for deceptive and unfair adware installations, so we already know that this company does not play by the rules.

The lessons to be learned by the latest attempts to infiltrate your computer are that the incredible popularity of social networking sites like MySpace have made them the latest target of those that have malicious intent and that you must make absolutely sure that you are working with an actual YouTube video when you click it.

YouTube videos can be embedded into any Web site (a very common practice) which will allow you to view the video without leaving the host site. An embedded YouTube video and a scam YouTube video will look the same (with the logo, the play button, etc.) so the big tip off will be what happens when you click on the link (remember, as of this writing, simply clicking on the video poses not danger, it’s what happens after you click on the link).

Most legit links will simply play the video within that same space, while others will take you directly to the www.YouTube.com site to view the video. If you click on the video and it takes you to a new page, make sure you look very closely at the actual address (http://www….) of the new page, as the scammers can create a page that looks exactly like a YouTube page.

You should not be asked to install anything to view the video, especially if you have played YouTube videos in the past, so that is another red flag.

This also speaks to the importance of trusted sources on the Internet. If you are familiar with the resource and trust it (CNN.com, DataDoctors.com, Lockergnome, etc.), you can trust the videos.

If you are not sure about the host site, but you really want to see the video, you can always go to YouTube.com yourself and search for the video manually (search using the description on the posting). If you can’t find it by searching for it at YouTube.com, it’s likely a scam video.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

Tags: youtube, security, internet security