Scam Emails Archive : Employment/Job

Subject: US-CERT Cyber Security Tip ST06-009 -- Coordinating Virus and Spyware Defense

From: US-CERT Security Tips <>

This email with the subject "US-CERT Cyber Security Tip ST06-009 -- Coordinating Virus and Spyware Defense" was received in one of Scamdex's honeypot email accounts on Wed, 11 Mar 2009 08:16:53 -0700 and has been classified as a Employment/Job Scam.

The sender was US-CERT Security Tips <>, although it may have been spoofed.

Hash: SHA1

                        Cyber Security Tip ST06-009
                  Coordinating Virus and Spyware Defense

   Using anti-virus and anti-spyware software is an important part of cyber
   security. But in an attempt to protect yourself, you may unintentionally
   cause problems.

Isn't it better to have more protection?

   Spyware and viruses can interfere with your computer's ability to process
   information  or can modify or destroy data. You may feel that the more
   anti-virus and anti-spyware programs you install on your computer, the safer
   you will be. It is true that not all programs are equally effective, and
   they will not all detect the same malicious code. However, by installing
   multiple programs in an attempt to catch everything, you may introduce

How can anti-virus or anti-spyware software cause problems?

   It  is  important  to  use  anti-virus  and anti-spyware software (see
   Understanding Anti-Virus Software and Recognizing and Avoiding Spyware for
   more information). But too much or the wrong kind can affect the performance
   of your computer and the effectiveness of the software itself.

   Scanning your computer for viruses and spyware uses some of the available
   memory on your computer. If you have multiple programs trying to scan at the
   same time, you may limit the amount of resources left to perform your tasks.
   Essentially, you have created a denial of service against yourself (see
   Understanding Denial-of-Service Attacks for more information). It is also
   possible that in the process of scanning for viruses and spyware, anti-virus
   or anti-spyware software may misinterpret the virus definitions of other
   programs. Instead of recognizing them as definitions, the software may
   interpret the definitions as actual malicious code. Not only could this
   result in false positives for the presence of viruses or spyware, but the
   anti-virus or anti-spyware software may actually quarantine or delete the
   other software.

How can you avoid these problems?

     * Investigate your options in advance - Research available anti-virus and
       anti-spyware software to determine the best choice for you. Consider the
       amount of malicious code the software recognizes, and try to find out
       how frequently the virus definitions are updated. Also check for known
       compatibility issues with other software you may be running on your
     * Limit  the  number  of programs you install - Many vendors are now
       releasing packages that incorporate both anti-virus and anti-spyware
       capabilities  together.  However, if you decide to choose separate
       programs,  you  really  only  need  one anti-virus program and one
       anti-spyware program. If you install more, you increase your risk for
     * Install the software in phases - Install the anti-virus software first
       and test it for a few days before installing anti-spyware software. If
       problems develop, you have a better chance at isolating the source and
       then determining if it is an issue with the software itself or with
     * Watch for problems - If your computer starts processing requests more
       slowly,  you  are  seeing  error messages when updating your virus
       definitions, your software does not seem to be recognizing malicious
       code, or other issues develop that cannot be easily explained, check
       your anti-virus and anti-spyware software.

     Authors: Mindi McDowell, Matt Lytle

     Produced 2006 by US-CERT, a government organization.

     Note: This tip was previously published and is being re-distributed 
     to increase awareness. 
     Terms of use
     This document can also be found at

     For instructions on subscribing to or unsubscribing from this
     mailing list, visit <>.

Version: GnuPG v1.4.5 (GNU/Linux)