Why do people make spyware, viruses and Spam Mail

We've asked the age old question, why in the heck would someone create and distribute a virus, spyware or bombard your PC with Spam mail or pop-ups? The answer is simple...money! Typically originating from countries where laws against this type of behavior are lax, a breeding ground for deception and fraud flourish. Not every piece of malware is written for the same purpose. Depending on what it is, the objective for how it makes the hacker money can be different. Below I'll go into 8 ways of what happens.

1.       Selling you something - they setup a fake storefront and either steal your credit card info or ship you counterfeit / stolen goods.

2.       Steal your login info - the objective here is to capture the login for sites like PayPal, Facebook, Twitter, and Banking sites. This can be done in 2 ways: hijack your web browsing sessions and silently transmit your login details to a server somewhere on the internet. OR, rick you with Spam e-mail that looks very close to what a bank or other institution would send. Typically they ask you to reset your password or update your login info via a link in the email. If you visit that site, it is engineered to look exactly like the institution they are stealing your info from.

3.       Pay-per-click fraud - After compromising a user's computer the hacker can install malware that manipulates Internet traffic. They redirect the victim’s clicks to advertisements located on the criminals’ webpage. They make money from ad networks by sending traffic to their customers’ ads. Ever have the problem when you go to Google and every single search you do goes to a site you didn't want? That's exactly what Pay-Per-Click Fraud is.

4.       Fake security software - also disguised as fake anti-virus, these typically are very intrusive and you can't close them out. It shows you virus scans and hundreds of infections then ask for you to purchase the product to remove them. After the credit card has been submitted, it is then sold on the Black Market. Call your Credit Card Company immediately if you've fallen victim to one of these scams.

5.       Ransomware - this malware is a quickly spreading very rapidly. It encrypts your documents, boot files or other critical component of your PC and holds it hostage until you pay a ransom. The only person that has the decryption key is the criminal. As of late, fake FBI warnings stating the police have detected child porn on your computer. The warning tells the victim their computer has been locked and they must pay a $100 fine to unlock it.

6.       Social media spam - they steal your Facebook, MySpace, Twitter account and then use it to spam everyone in your networks.

7.       Banking malware - rather than taking just your username and password, this type of malware also sends video clips of your PC as you login so they capture the entire process to the banking sites.

8.       Premium-rate SMS fraud - Rather than ask you for your credit card or pull money straight from your bank account, they use your cell phone. Ever respond to a survey on Facebook and they ask for your cell number? You just signed up for a premium-rate SMS service. The app you downloaded may come with a program that can send text messages to premium rate numbers at your expense, like an international number.

So what can you do to protect yourself and your business? Keep your anti-virus and anti-spam systems updated. Next train and notify employees when counterfeit e-mails from banks are coming through.  If you have fallen victim, immediately contact your Credit Card Company or Bank and notify them your account has been compromised. Change the credit card number or freeze the account. The better your protections are, the better you can shield yourself from these attacks. The Astaro firewall platform has dual anti-virus and dual spam filters in addition to rejecting traffic based on the country it came from. Just from the last point can reduce spam and fraud website traffic by 80% or better.

If you need assistance setting up systems and training employees against such types of attacks, drop us a line. We’re here to help you. Or if you have questions, we can answer them too. Thanks!

Will Kutzler
F1 Networx Inc.

631-764-2600

info@f1networx.com

www.f1networx.com