This article from the BBC website makes VERY interesting reading.

I know the problems that I had earlier in the year when I clicked on one of those links thinking it was genuinely from my daughter. It ended up costing me money to have the machine stripped and reloaded by my computer suppliers, and it was a brand new computer. Then there was the nuisance factor of having to reload my software.

This is Part 1 on the trap which I have just read.

The moral would seem to be 'Never click on a pop-up ad, no matter what it offers or warns against, nor what web-site it appears on'!

For me it was in an email which was supposed to be from my daughter, asking me to click a link to a website she was creating for herself - and since I used to write web pages for a living it seemed perfectly feasible that she would ask for me to check it.

I note that the honeypot was set up as a completely unprotected virtual computer. Perhaps this might be a bit obvious to an attacker. Lots of people don't take adequate security precautions but I wonder how many leave themselves entirely without protection at all? Windows' own firewall is on by default. Almost everyone getting a computer these days has heard of the dangers relating to the Internet and take at least some measures against attack. This might mean that a typical computer may not be quite as vulnerable as a honeypot where security measures have been deliberately turned off. If a criminal does find a computer with all the doors left open, wouldn't he/she smell a rat? Nonetheless, the experiment does highlight the need for looking into good security measures.

The computer in question was, in itself, secure. The vulnerable system was run from within a protected environment installed upon it (VMWare). I understand that Windows Vista is going to have a similar feature. What a great idea if this is the case. It means that nothing gets through to the what I'd think of as the 'parent' system to cause trouble. All within the virtual OS is isolated and troubles reversible.

There is something that I've mentioned before called 'Sandboxie' (that's like, 'Sandbox IE') that can go some way towards doing that. It isolates any Internet Browser from the rest of the system. Malware, browser hijacking etc picked up during a browsing session can be got rid of by emptying the isolated area know as the 'sandbox'. It is possible to run any program sandboxed but I've only tried it with various Browsers. It's a free program that keeps working forever but it nags periodically for a donation after a month.

Apart from that, if the firewall, AV and anti-spyware programs are kept running, the computer shouldn't be as vulnerable as a honeypot.

Let me add a few more 'morals' to help keep you safe. assuming you are running MS Windows -
1)Never hide extensions, & Never click on a file with an extension of *.exe. *.bat or *.com among others, especially if you are not sure of where the file came from. I have seen payload files called "postcard.gif.exe"
2)In MS Outlook/Express, TURN OFF THE PREVIEW WINDOW!!!!!!
3)Any unsolicited email that wants personal info like credit card #/account info/et al is a phishing expedition, ignore & delete, please, I beseech thee!
4) know the difference between a dialog box and a popup window!

That'll do for tonight, more later

Earlier today I received an e.mail as follows, which purported to come from a known reliable source, and by-passed my spam filter:-

<<Mail server report.
Our firewall determined the e-mails containing worm copies are being sent from your computer.
Nowadays it happens from many computers, because this is a new virus type (Network Worms).
Using the new bug in the Windows, these viruses infect the computer unnoticeably. After the penetrating into the computer the virus harvests all the e-mail addresses and sends the copies of itself to these e-mail addresses.
Please install updates for worm elimination and your computer restoring.

Best regards,
Customers support service>>

There was an attachment to the mail for carrying out the installation update - which of course I didn't open as from the poor use of the English language it was obviously spam!
e.mails such as this are usually hoaxes, but this one could be dangerous as the attachment contains a worm virus. If you receive any e.mail similar to this, DO NOT open any attachment. In fact don't open attachments at all, if you have any doubts or suspicions about their authenticity!

http://www.hoax-slayer.com/ has this to say about the above warning:-

<<Commentary:
This email message attempts to trick the recipient into opening an attachment by claiming that "e-mails containing worm copies" have been sent from his or her computer. The message purports to be a "Mail server report" and instructs the recipient to install updates to remove the worm infection. The update is supposedly included in an attachment that comes with the email.
However, the "update" actually carries a variant of the W32.Stration worm. Once executed, the worm can download and execute remote files, harvest email addresses from the infected computer, and send itself to these addresses. Ironically, the warning about worms contained in the message text more or less describes the behaviour of its own malicious payload. The messages use spoofing to disguise their true origin.
Service providers and anti-virus companies would never send software updates via unsolicited email attachments. The bogus update ruse has been used before to distribute computer worms. In 2005, official looking emails that claimed to be from Microsoft carried worms disguised as "security patches". Any message that claims the recipient needs to open an attachment to install an update should be treated with extreme caution.>>