We've asked the age old question, why in the heck would
someone create and distribute a virus, spyware or bombard your PC with Spam
mail or pop-ups? The answer is simple...money! Typically originating from
countries where laws against this type of behavior are lax, a breeding ground
for deception and fraud flourish. Not every piece of malware is written for the
same purpose. Depending on what it is, the objective for how it makes the
hacker money can be different. Below I'll go into 8 ways of what happens.
1.
Selling
you something - they setup a fake storefront and either steal your credit
card info or ship you counterfeit / stolen goods.
2.
Steal
your login info - the objective here is to capture the login for sites like
PayPal, Facebook, Twitter, and Banking sites. This can be done in 2 ways:
hijack your web browsing sessions and silently transmit your login details to a
server somewhere on the internet. OR, rick you with Spam e-mail that looks very
close to what a bank or other institution would send. Typically they ask you to
reset your password or update your login info via a link in the email. If you
visit that site, it is engineered to look exactly like the institution they are
stealing your info from.
3.
Pay-per-click
fraud - After compromising a user's computer the hacker can install malware
that manipulates Internet traffic. They redirect the victim’s clicks to
advertisements located on the criminals’ webpage. They make money from ad
networks by sending traffic to their customers’ ads. Ever have the problem when
you go to Google and every single search you do goes to a site you didn't want?
That's exactly what Pay-Per-Click Fraud is.
4.
Fake
security software - also disguised as fake anti-virus, these typically are
very intrusive and you can't close them out. It shows you virus scans and
hundreds of infections then ask for you to purchase the product to remove them.
After the credit card has been submitted, it is then sold on the Black Market.
Call your Credit Card Company immediately if you've fallen victim to one of
these scams.
5.
Ransomware
- this malware is a quickly spreading very rapidly. It encrypts your
documents, boot files or other critical component of your PC and holds it
hostage until you pay a ransom. The only person that has the decryption key is
the criminal. As of late, fake FBI warnings stating the police have detected
child porn on your computer. The warning tells the victim their computer has
been locked and they must pay a $100 fine to unlock it.
6.
Social
media spam - they steal your Facebook, MySpace, Twitter account and then
use it to spam everyone in your networks.
7.
Banking
malware - rather than taking just your username and password, this type of
malware also sends video clips of your PC as you login so they capture the
entire process to the banking sites.
8.
Premium-rate
SMS fraud - Rather than ask you for your credit card or pull money straight
from your bank account, they use your cell phone. Ever respond to a survey on
Facebook and they ask for your cell number? You just signed up for a
premium-rate SMS service. The app you downloaded may come with a program that
can send text messages to premium rate numbers at your expense, like an
international number.
So what can you do to protect yourself and your business?
Keep your anti-virus and anti-spam systems updated. Next train and notify
employees when counterfeit e-mails from banks are coming through. If you have fallen victim, immediately contact
your Credit Card Company or Bank and notify them your account has been
compromised. Change the credit card number or freeze the account. The better
your protections are, the better you can shield yourself from these attacks.
The Astaro firewall platform has dual anti-virus and dual spam filters in
addition to rejecting traffic based on the country it came from. Just from the
last point can reduce spam and fraud website traffic by 80% or better.
If you need assistance setting up systems and training employees
against such types of attacks, drop us a line. We’re here to help you. Or if
you have questions, we can answer them too. Thanks!
Will Kutzler
F1 Networx Inc.
F1 Networx Inc.
631-764-2600
