Daily Archives: January 19, 2010

The New Malware Epidemic – Cause and Cure

Is it me, or are there more and more computers getting infected with malware these days? Being under the impression that this is the case, I set out to research a bit on that.

It seems like the DIY kits for creating malware have recently gone down in price and made more user friendly. It has gone down to the level where new and inexperienced cybercrimals can create malware even when their computer skill level is barely enough to download music or a movie from the internet. That’s a scary thought.

The creation and selling of these DIY kits has emerged as a business, and according to Marc Rossi, manager of research and development at Symantec “It’s possible that the people creating and selling these kits may be the same groups already profiting from cybercrime, and they could see this as yet another revenue stream.”

Indeed, newbie cybercrooks and veterans alike are using DIY kits to carry out phishing campaigns at an accelerated rate, security researchers say. They’ve been blasting out fake e-mail messages crafted to look like official notices from UPS, FedEx or the IRS; or account updates from Vonage, Facebook or Microsoft Outlook; or medical alerts about the H1N1 flu virus.

The faked messages invariably ask the recipient to click on a Web link; doing so infects the PC with a banking Trojan, a malicious program designed to steal financial account logons. Often, the PC also gets turned into a “bot”: The attacker silently takes control and uses it to send out more phishing e-mail.

What to do? Follow the advice in this article, and get all the protection layers in place in your computer(s), paying special attention to the good emailing and web surfing habits.

Let me know if you need help doing it or reviewing your security level.

Phishing

the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

Phishing, also referred to as brand spoofing or carding, is a variation on “fishing,” the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.