Threats we ordinary Web users face online leave us no choice but learn. Haven't you noticed how many new things you learned lately? We are much better informed about malicious programs than just a year ago.
This section of our vocabularies grows rapidly: now we all know what a "keylogger" is,"worm" for us has something to do not only with zoology, nor a "Trojan Horse" with Ancient Greek literature. We are getting better at avoiding such scams as phishing, and this word doesn't look like a spelling mistake anymore.
We Web users are getting smarter -- at least the numbers from the recent survey by the Pew Internet and American Life Project say so. The study shows that 91% of respondents (adult Web users from the USA) have improved their online behavior in one way or another.
81% of respondents have become more cautious about e-mail attachments.
People are also avoiding certain Web sites (48%), using file-sharing networks less often (25%), and even switching browsers (18%).
But, alas? As Web users get wiser, cybercriminals become more insidious and commit more sophisticated crimes.
More people are now aware of a worm, virus or Trojan which might be hidden in a spam email attachment -- for cybercriminals it means that spam becomes less "effective" means of spreading malware.
Why they are spreading malware? What motivates them? Money, of course.
All security experts are at one in thinking that " cybercriminals are primarily motivated by financial gain". In other words, they prefer cash to fun. Instead of doing mischief just for the h? of it, they steal money. Big money.
Along with other unlawful activities, cybercriminals are actively hunting for valuable data that can be turned into cash. Stealing information needs contaminating as many PCs as possible with malicious programs. Most PC users now are aware of (or we even can say, almost got used to) the fact that Trojan horses can be included into e-mail messages, multimedia files or free knick-knackery like postcards, smileys and screensavers. We users know that many viruses, worms, and Trojan horses contain information-stealing (keylogging) modules.
Spreading malware as wide as possible that's what cyberthieves do in order to reach their treacherous goal. At least it was their main approach -- until recently, when crooks began to more intensively exploit a new tactic.
Targeting at Individual Addressees
On July 8, 2005 CERT (the US Computer Emergency Readiness Team), issued an alert warning about the rise of Trojan attacks of a new kind. Signs of these stealthy Trojan attacks, which were targeting specific firms to evade detection, have been detected for the last year. Targeted Trojan-horse attacks are a new trend in online threats, states the alert.
Trojan attacks by themselves aren't new, but CERT said this technique has two features that make it very dangerous, especially for businesses.
First, conventional anti-virus software and firewalls can't beat Trojans of this kind. These programs are "tailor-made". Source code of known Trojans, if altered, is unfamiliar to anti-viruses, and they can't detect it.
Any new variation of known malicious program is a new program for anti-viruses. There is a long way from detection of a piece of malware to the moment when an anti-virus or anti-spyware vendor is able to offer protection against it. This cycle takes time -- from several hours to a couple of days. When such a program is detected, its signature (piece of code) should be picked and included into an update. Only after all anti-virus or anti-spyware programs on all users' PCs are updated it is possible to protect them against this particular piece of malware. Poor consolation for those unlucky ones who were hit by a new kind of malware FIRST.
These e-mails contain dangerous malware-laden attachments, or links to web sites hosting Trojan horses. When such an attachment is opened or a link is clicked, a malicious program installs the Trojan onto the users' machines. These Trojans can be configured to transmit information via ports used for a common service, like TCP port 80, which is assigned to Web traffic. That's why firewalls are helpless against them.
Second, this time the e-mails are TARGETED -- sent to specific recipients. Their subject lines often have something to do with the user's work or interests.
What the criminal can do when the attachment is opened? He can: (Quote from the alert issued by US-CERT)
CERT made recommendations for system administrators on how to prevent this kind of Trojan horse attacks. You can get the complete list from: http://www.us-cert.gov/cas/techalerts/TA05-189A.html
As for us ordinary Web users -- to lessen the risk of these attacks we all should:
And, of course, be more cautious about everything which appears in our inboxes.
Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company. This company provides software capable of disabling even "tailor-made" information-stealing modules, which can be hidden inside spyware as well as viruses, worms and Trojans.
Learn more -- visit the company's website http://www.anti-keyloggers.com
Watching how the traditional media covers the latest virus or... Read More
Spyware/adware is a new major concern for PC users everywhere.... Read More
I am in the midst of Oscar Wilde's The Picture... Read More
Whether we like it or not, we are all living... Read More
In recent days, I was one of the unfortunate persons... Read More
They're out there. Individuals trying to make a quick buck... Read More
The trash folder in my main inbox hit 4000 today.... Read More
What is computer security? Computer security is the process of... Read More
The internet is undoubtedly a fantastic resource for families and... Read More
When it comes to reporting Internet scams most of us... Read More
Identity Theft is one of the most serious problems facing... Read More
Have been an Internet user for more than 9 years,... Read More
I got a virus the other day, Thursday I believe... Read More
Monday morning, 6am; the electric rooster is telling you it's... Read More
Microsoft routinely releases new security updates, many of which are... Read More
My first experience with a spyware BHO based infection was... Read More
Ok, ok, I know you've seen them. All those pop... Read More
As the number of people using the Internet as an... Read More
Airport Menace: The Wireless Peeping Tom As a network... Read More
We all get the odd virus now and then, but... Read More
The Internet offers a global marketplace for consumers and businesses.... Read More
You may not realize it, but as you are surfing... Read More
Do you know what "phishing" is?No, it doesn't mean you... Read More
As more people are logging onto the Internet everyday, Network... Read More
1. Importance of a Virus Scanner: A Antivirus program can... Read More
First off I should explain what phishing is. Phishing is... Read More
A little bit of time invested into learning about internet... Read More
A crowded marketplace can lead to unethical webmasters using underhand... Read More
Spyware and adware are becoming major problems for online surfers... Read More
Every single time you access a website, you leave tracks.... Read More
There are folks out there who use their powers for... Read More
I Challenge You To Crack The Code ------------------------------------- I had... Read More
You'd better learn news from media, not from emails, security... Read More
Nobody wants to pay to remove spyware. At the very... Read More
High-tech private investigators are becoming the answer for many Internet... Read More
1. Importance of a Virus Scanner: A Antivirus program can... Read More
Nowadays more and more people are using a computer. A... Read More
Shopping for horse gifts or other gift items on the... Read More
"Dear Bank of the West customer", the message begins. I've... Read More
There are several basic concepts to keep in mind when... Read More
What is Phishing? In a typical Phishing attack, a criminal... Read More
Having a good Spyware eliminator on your computer is vital... Read More
What is computer security? Computer security is the process of... Read More
On December 8, 2004 Webroot, an award winning anti-spyware solution... Read More
Today the internet is a mine field of malicious code... Read More
In today's times spyware is a very serious issue and... Read More
One evening, during the graveyard shift, an AOL technical support... Read More
Over £5 billion pounds was spent on online shopping in... Read More
Manual Spy Bot Removal > BookedSpaceBookedSpace is an Internet Explorer... Read More
The Threat10 years ago you could probably have run no... Read More
Internet is the ocean of knowledge. In this ocean you... Read More
Monday morning, 6am; the electric rooster is telling you it's... Read More
Much has been said on the theory of password protection... Read More
Beware of a New Scam Aimed at Bargain-HuntersTrying to buy... Read More
Identity Theft is one of the most serious problems facing... Read More
When you signed up for that ultra-fast DSL or Cable... Read More
Well, if that would have been said to me by... Read More
File sharing on p2p is soaring despite the music and... Read More
Whether we like it or not, we are all living... Read More
Have you ever had to call Symantec or McAfee to... Read More
WHAT IS HACKING?Hacking, sometimes known as "computer crime" has only... Read More
The menacing campaigns that drive the corporate spyware and adware... Read More
Threats we ordinary Web users face online leave us no... Read More
Today's Internet or World Wide Web is being over regulated.But,... Read More
A crowded marketplace can lead to unethical webmasters using underhand... Read More
The words Corporate Security may conjure up images of a... Read More
Internet Security |