PC House Call - Case Studies
Thanks for disinfecting my Dell laptop. I want to ensure that my
desktop does not get infected what do I need to do?
Courtney’s laptop was infected with what is called scareware. According
to blogs at ZDNet, throughout the last two years, scareware (fake
security software), has emerged as the single most profitable
monetization strategy for cybercriminals to take advantage of. Due to
the aggressive advertising practices applied by the cybercrime gangs,
thousands of users fall victim to the scam on a daily basis, with the
gangs themselves earning hundreds of thousands of dollars in the
process. Courtney probably visited a compromised website that delivered
Apparently a primary source for propagation is through the social
networking using illegal acquisition tactics. I have also seen instances
of the malware spread through clicking on links embedded in email and
through simple searches. Another source is from the serving malicious
ads on legitimate and high profile sites in an attempt to exploit the
end user’s trust via a mouse click on the “malvertisement.”
The criminals behind these efforts use sophisticated software that
tricks users into believing the compromised website is serving
legitimate content. Without a trained eye, it is difficult to detect the
legitimate from the illegitimate. Infection detection and removal has
become more difficult because certain scareware releases will prevent
legitimate security software from loading. Moreover, it will also
attempt to make its removal a time-consuming process by blocking system
tools and third-party applications from executing.
I received an email from what appears to Pay Pal, asking for
me to click on a link to submit information. Although I have
an Pay Pal account, I have not used it in years.
I am suspicious.
When I visited Bill’s house he showed me this suspicious email, which in
many ways appeared legitimate. We decided to visit the
site for more information.
According to Pay Pal, thieves on the Internet simply go fishing, or
'phishing', as the practice has come to be known, trolling the sea of
online consumers in hopes of netting unsuspecting victims. One method of
phishing is the sending of 'spoof' (fake) emails, which copy the
appearance of popular Web sites such as eBay and Pay Pal in an attempt
to commit identity theft or other crimes. It's incredibly difficult to
detect fraudulent emails - as spoofers have become increasingly
sophisticated in their attacks.
Bill and I decided to forward the email to abuse @ paypal.com. If we had clicked on
the link in the spoof email, we would have been directed to a fake Web
site - where the real damage could have been done, similar to Courtney’s
malware infections described above.
Is my mobile device secure?
smartphone devotees and tablet-toters are unaware of risks that lurk behind
their apps. Take for example the 260,000 people who recently downloaded one
of 58 legitimate-looking apps like Scientific Calculator and Color Blindness
Test from the Android Marketplace.
What they received instead was the nightmarish DroidDream Trojan, which
gains access to your phone, roots out private information and then sends
that information back to the bad guys for extraction. This debacle provides
a pretty convincing case for mobile security, but here are a few other ways
you can help protect yourself from mobile threats:
Carefully read reviews, ratings and permissions for suspect information
Always verify that your software comes from a trustworthy source (visit
the developer's website)
in doubt, use a search engine to see if the app has made any news
What are those strange icons that I see people using their mobile phones
a QR Scanner (downloaded from the Android Marketplace) and they're scanning
a QR Code - like the one below. A QR code (short for Quick Response) is a
specific matrix barcode (or two-dimensional code), readable by dedicated QR
barcode readers and camera phones. The code consists of black modules
arranged in a square pattern on a white background. The information encoded
can be text, URL or other data.