This won't come as a big surprise, but a news release (which I've edited somewhat for clarity) just in reports a rise in various, and nefarious, attacks on our computer security and online privacy:

MessageLabs, [a] l... provider of messaging and web security services to businesses worldwide, today announced the results of its MessageLabs Intelligence Report for April 2008. Analysis shows that during April, the Storm botnet has dramatically decreased to just five percent of its original size, whilst web-based malware has increased by 23.3 percent.

The introduction of new malicious software removal tools, which are aimed at targeting and removing Storm infections, are deemed responsible for the sudden reduction in Storm-infected machines, now estimated at approximately 100,000 compromised computers. Previously estimated at two million, the decline in Storm's botnet size is evident by the 57 percent decrease in malware-laden emails distributed
by the Storm botnet during April.

Whilst the Storm botnet decreased in size, analysis of web-based malware identified that 36.1 percent of interceptions in April were new, an increase of 23.3 percent since March. MessageLabs also identified an average of 1,214 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, an increase of 619 per day compared with the previous month.

"April was a month of unpredictability with the mighty Storm botnet losing all but five percent of its anonymous army and web-based malware reaching new levels," said Mark Sunner, Chief Security Analyst, MessageLabs. "This month we find ourselves fighting the cybercrime battle on many fronts, with the bad guys using an arsenal of weapons in order to detonate spam, viruses, phishing attacks and targeted Trojans, making it more important than ever to have a strong security shield in place."

On the cusp of the 30th anniversary of the first spam message, MessageLabs identified a new spamming technique being used to send authenticated spam email via Yahoo!'s SMTP servers. This spam attack accounts for one percent of all spam intercepted in April and has been used to advertise services for Canadian Pharmacy, a well-known spam operation. By using the SMTP server and a DomainKeys Identified Mail (DKIM) authentication technique, the spammers can ensure that the email generated is harder to block based on traditional anti-spam methods.

In addition, MessageLabs Intelligence reported targeted attacks reaching new heights this month, with MessageLabs intercepting approximately 70 targeted Trojans per day, an increase of 250 percent on the December 2007 levels of 28 per day. Leveraging interest in the Beijing 2008 Olympics Games, MessageLabs has intercepted 13 separate Olympic themed attacks over the past six months which use legitimate-sounding email subject titles, such as "The Beijing 2008 Torch Relay" and "National Olympic Committee and Ticket Sales Agents". Some attacks purported to be from the International Olympic Committee, based in Lausanne Switzerland, however in reality all of the attacks but one were sent from an IP address within [the] Asia Pacific
[geographic region].

Finally, MessageLabs has uncovered a new way that scammers are abusing professional social networking sites like Linked-In. For the first time, they are taking advantage of these sites to lend legitimacy to Nigerian 419 advance fee fraud scams by creating profiles with false credentials that pertain to the business involved in the
scam.

While my tendency is to take such reports with a dash of salt — computer security firms are in the business of, well, selling computer security. However, some of the specifics, such as Olympic-related attacks, are worth noting. In a similar vein, I've run across (and deleted) e-mails purporting to be from the Internal Revenue Service purporting to having information about the economic stimulus checks that are starting to hit mailboxes and/or bank accounts. As the IRS says at the link referenced here, don't fall for such tricks.

— Mark Kellner, The Washington Times

One of the "perks" of writing about computer technology is that, from time to time, I get "sneak peek" briefings in advance of the launch of new products, as do many other journalists in the tech space. Today, I saw a bunch of new products — almost too many to count — from a very interesting source. I can't tell you who, or what the products are — they won't be announced for a while, and secrecy is part of the deal.

But I will say this: If all goes well, you'll see several of these items, I hope, in "On Computers" here in The Washington Times, and you may be as impressed as I am. If nothing else, getting the preview got me excited about the level of creativity in this industry. It's far from spent, and that's what makes this beat a lot of fun.

— Mark Kellner, The Washington Times

Much ink — and even more bits — has been spilled over the unsuccessful takeover bid attempt by Microsoft Corp. to grab Yahoo.

When I heard the news, I recalled an incident from my youthful career in the stamp collecting business. Don't laugh: there was such a thing, once upon a time; it still exists, albeit in a smaller scale. But I digress.

Anyway, the gentleman for whom I was working at the time was at an attorney's office, about to turn over a $2 million check to buy a certain stamp firm which had a huge publishing arm and concessions in stores such as Woodward & Lothrop (I told you this was a while ago).

At the last moment, his attorney asked him, "John, what are you buying that you can't duplicate more easily and at less cost?" John, one of the most brilliant people I've known, thought for a moment, tore up the check and walked away from the deal.

With Yahoo, what was Microsoft going to buy that it couldn't duplicate? Not much, I thought beyond online search and some advertising platforms. Turns out I'm not alone in that line of thinking: veteran Microsoft watcher — as in 25 years of doing this — Mary-Jo Foley, author of the new book Microsoft 2.0, about the company from which co-founder Bill Gates retires in July, agrees, as she noted in an e-mail interview today:

"I think [Microsoft CEO Steve] Ballmer and CFO Chris Liddell and Platforms/Services Chief Kevin Johnson initially thought of Yahoo as a quick fix for its search-share and ad-inventory problem.
They really underestimated how much companies in the [Silicon] Valley hate Microsoft. They also underestimated how much their own shareholders and investors thought the deal was too expensive with too little potential payback.... Yahoo's infrastructure is based completely on open-source products; Microsoft's is based on Windows and.Net was it really going to be possible to combine these to leverage the economies of scale Ballmer promised. I think lots of Microsoft watchers were doubtful. … Microsoft came around to realize that they were not going to get $44 billion worth out of Yahoo. …"

As to whether Dulles-based AOL — which sells a fair amount of advertising itself — would be a good target, as some have suggested, Ms. Foley has her doubts: "AOL is seen by many in the tech space as an also-ran, just like Yahoo. What would Microsoft get out of buying [them] — other than some more content and sites it could offer to advertisers as places to run online ads? AOL services overlap with many of the Windows Live/MSN services/sites."

I have to agree with Ms. Foley, and I look forward to reading her book. Microsoft may be the company some users love to hate (and which Apple, Inc., likes to rib in their "I'm a Mac" ads), but there's little denying that Microsoft is a major tech influence, and one we'll be living with for years to come. Understanding them, I believe, is essential if you're a technology decision maker, or an end user.

— Mark Kellner, The Washington Times

Their ads on XM Radio are a bit annoying — the repetition of the toll-free number and all — but the underlying message isn't a bad one: sometimes you need help in getting your computer to work, and the folks at Massachusetts-based PlumChoice.com are all too happy to help.

I spent some time with their sales and marketing vice president, Fred King, at a Starbucks in Silver Spring Monday afternoon, and the story he told me was fascinating: the firm is growing, from around 300 employees on January 1 to a projected 550 technicians by the end of the year. These people don't all sit in the firm's offices; in fact, none do, Mr. King asserted. Instead, they're work-from-home types using broadband Internet connections and several layers of security, to reach out to customers' PCs and untangle problems. Right now, the firm only services Windows-based PCs, but Mr. King said they'll add Apple's Macintosh range in the third quarter of this year.

The top service issue, as you might suspect, is spyware and viruses. Next, improving performance, which usually involves removing unneeded temporary and startup files, as well as making sure all the relevant Windows updates are properly installed. After that, the firm's customers — a mix of at-home and small business users — want to solve wireless and wired networking problems, as well as get training on software.

Costs are varied, from a $24.95-a-month plan that offers unlimited calling and a free "PC Tune-Up," to one-time charges ranging from $129.95 on down. The firm will also help you set up your digital camera or your Logitech Harmony remote control for either $49.95 for the camera or $79.95 for the remote.

Those prices may seem steep — and perhaps they are — but time, as the saying goes, is money, and Mr. King's company, covered in "On Computers" nearly four years ago, is saving users time and heartache. If I were working at home full time, and if I were PC-based, I'd grab this service and hold on, especially since they're including online backup and anti-virus software in the deal.

Even without having (yet) tried the PlumChoice service, two things appeal to me: one, that the workforce is U.S.-based, or "home-shored," as Mr. King put it. No offence to our globalization friends, but it's nice to see a company create jobs in America for our tech workers. Second, I like their reliance on broadband, both for customer service and as a way to connect with their workforce.

On the customer side, if I'm a person in a hurry, do I really want to set aside the time for someone to come to my home or office, and sit in front of my computer for a couple of hours? Do I really know who this person is? Can I trust them, or do I need to be vigilant every second?

The remote connection eliminates those worries. According to Mr. King, PlumChoice is able to solve about 85 percent of users' issues via remote access. For the other 15 percent, if desired, a technician can be dispatched. That's fair enough, and, having contacted the firm earlier and worked with them online, I might feel better about the aforementioned stranger showing up.

For the tech worker, it sounds like a real "win-win" proposition. The technician can work from home, saving time, gas, wear and tear on their vehicle and general aggravation. They're probably in a better mood, and are better able to focus on the problem and the solution.

What's more, Mr. King said, the people PlumChoice hires tend to have certifications as Microsoft Certified Systems Engineers (MCSE), Certified Novell Administrators (CNA) and as Certified Novell Engineers (CNE). Of the two Novell certifications, which deal with the "guts" of computer networking, the CNA designation is a prelude to CNE certification, by the way.

Along with the "alphabet soup" designations, Mr. King said, a PlumChoice tech also has to have the kind of people skills needed to make tech-speak comprehensible to the rest of us.

Again, I have yet to put PlumChoice to the test, but I like the concept a lot. Use the "comments" space below to share your experiences, if you care to.

— Mark Kellner, The Washington Times

Even without the "r" word, as in recession, there's an apparent slowdown in IT spending, a leading distributor reports:

The lack of confidence in the momentum and direction of the IT marketplace has spread from small businesses to medium-sized firms, according to the latest reading of the CDW IT Monitor, a bi-monthly indicator of sentiment in the U.S. IT industry.

The overall CDW IT Monitor index dropped one point to 72, compared to February's reading of 73. In the medium business segment, the IT Growth Monitor, a sub-index measuring anticipated investment in IT, dropped seven points from February and posted a reading of 70. Additionally, 21 percent of medium size businesses expect to hire IT staff in the next six months, down 10 percentage points from two months ago.

"There is a hesitancy on the part of IT decision makers to invest heavily in new staff or infrastructure in a volatile economic environment," said CDW Vice President Mark Gambill, the company's executive responsible for market insights. "This trend was first noticeable in the small business sector in the previous IT Monitor two months ago, and now the uncertainty is spreading to medium size businesses."

The CDW IT Monitor is based on an online survey of at least 1000 IT decision makers from businesses of all sizes and all sectors of government. Data breakdowns for all corporate and government segments are available at www.cdwitmonitor.com.

The previous CDW IT Monitor in February revealed a definitive gap between the small business sector and medium and large businesses with regard to confidence and prospects for growth. In the small business sector, the IT Growth Monitor registered at 51, compared to 77 for mid-size and 80 for large businesses.

In contrast to the small and medium business sectors, the April IT Growth Monitor for large businesses remained steady at 80.

"In the case of large businesses, many budgets have already been approved, and there is less volatility at the onset of changes in the economy," said Gambill. "However, if economic conditions continue to weaken, it will be interesting to see how this trend develops as we approach the second half of the year."

While prospects for growth in IT investment have declined, the value that decision makers place on IT and its role within the organization remained steady. Eighty-two percent of overall IT decision makers (including 88 percent of medium size businesses) believe that IT is effective in helping to achieve the company's mission and goals. Additionally, the IT Value Monitor, which measures the perceived value of IT, registered a score of 76 — unchanged from the February 2008 IT Monitor.

"Even in the midst of an economic downturn, the perceived value technology brings to an organization stayed strong," said Gambill. "It's also important to remember that not all IT spending has stopped. There's a barbell effect in which organizations are likely moving forward with investments at the ends of the IT spectrum. Projects such as large enterprise migration or small equipment replacement might be moving forward while mid-sized investments that are not absolutely necessary are being placed on hold until economic conditions improve."

Fewer than half (45 percent) of small businesses see IT investment as helping their bottom line, down seven percentage points from December 2007.

One in five companies (20 percent) report IT problems that disrupted customer needs on at least six days in the last six months, up from 14 percent in December 2007 and 16 percent in February 2008.

Medium size businesses registered a four point decline in the overall Monitor reading, from 77 in February 2008 to 73 in April

One in six (17 percent) of government organizations expect decreasing IT budgets over the next six months, and 8 percent expect to reduce staff.

In the federal sector, the firm also reported, there's an apparent pull-back:

Forty percent of government organizations are planning on increasing their IT budgets in the next six months compared to 45 percent in February.

Fifteen percent of government organizations are planning on hiring additional IT staff in the next six months compared to 16 percent in February.

Fifty-five percent of government organizations had two or more days of IT outages that disrupted the needs of clientele.

These are the opinions of one firm, of course, and things can — and do — sometimes change rapidly in this field. But the numbers are something to ponder.

— Mark Kellner, The Washington Times

As if filling up at nearly $4 per gallon isn't bad enough…

"The high gasoline prices are luring even the most savvy Internet users to click on spam," a publicist in the computer security field writes. "With the Memorial Day weekend ahead… and gas prices at an all-time high, spammers have found yet another way to target unknowing victims for identity theft. MX Logic, an email security software company, has recorded an increase of fake email campaigns that promise discounted or free gasoline. Sam Masiello, director of threat management at MX Logic, said, 'These emails are phishing attacks and they should not be clicked on or opened. This is yet another way spammers are taking advantage of the economy.'"

Strictly speaking, I don't know if the alleged spammers are "taking advantage of the economy" or of people's natural concerns about high gas prices. As always, caution is advised on too-good-to-be-true e-mail offers.

At the same time, check out GasBuddy.com for a more reliable way to find lower gas prices in your area.

— Mark Kellner, The Washington Times