Internet Security Information |
|
Cybercriminals Trick: Targeted Trojan-Containing Emails
Threats we ordinary Web users face online leave us no choice but learn. Haven't you noticed how many new things you learned lately? We are much better informed about malicious programs than just a year ago. This section of our vocabularies grows rapidly: now we all know what a "keylogger" is,"worm" for us has something to do not only with zoology, nor a "Trojan Horse" with Ancient Greek literature. We are getting better at avoiding such scams as phishing, and this word doesn't look like a spelling mistake anymore. We Web users are getting smarter -- at least the numbers from the recent survey by the Pew Internet and American Life Project say so. The study shows that 91% of respondents (adult Web users from the USA) have improved their online behavior in one way or another. 81% of respondents have become more cautious about e-mail attachments. People are also avoiding certain Web sites (48%), using file-sharing networks less often (25%), and even switching browsers (18%). But, alas? As Web users get wiser, cybercriminals become more insidious and commit more sophisticated crimes. More people are now aware of a worm, virus or Trojan which might be hidden in a spam email attachment -- for cybercriminals it means that spam becomes less "effective" means of spreading malware. Why they are spreading malware? What motivates them? Money, of course. All security experts are at one in thinking that " cybercriminals are primarily motivated by financial gain". In other words, they prefer cash to fun. Instead of doing mischief just for the h? of it, they steal money. Big money. Along with other unlawful activities, cybercriminals are actively hunting for valuable data that can be turned into cash. Stealing information needs contaminating as many PCs as possible with malicious programs. Most PC users now are aware of (or we even can say, almost got used to) the fact that Trojan horses can be included into e-mail messages, multimedia files or free knick-knackery like postcards, smileys and screensavers. We users know that many viruses, worms, and Trojan horses contain information-stealing (keylogging) modules. Spreading malware as wide as possible that's what cyberthieves do in order to reach their treacherous goal. At least it was their main approach -- until recently, when crooks began to more intensively exploit a new tactic. Targeting at Individual Addressees On July 8, 2005 CERT (the US Computer Emergency Readiness Team), issued an alert warning about the rise of Trojan attacks of a new kind. Signs of these stealthy Trojan attacks, which were targeting specific firms to evade detection, have been detected for the last year. Targeted Trojan-horse attacks are a new trend in online threats, states the alert. Trojan attacks by themselves aren't new, but CERT said this technique has two features that make it very dangerous, especially for businesses. First, conventional anti-virus software and firewalls can't beat Trojans of this kind. These programs are "tailor-made". Source code of known Trojans, if altered, is unfamiliar to anti-viruses, and they can't detect it. Any new variation of known malicious program is a new program for anti-viruses. There is a long way from detection of a piece of malware to the moment when an anti-virus or anti-spyware vendor is able to offer protection against it. This cycle takes time -- from several hours to a couple of days. When such a program is detected, its signature (piece of code) should be picked and included into an update. Only after all anti-virus or anti-spyware programs on all users' PCs are updated it is possible to protect them against this particular piece of malware. Poor consolation for those unlucky ones who were hit by a new kind of malware FIRST. These e-mails contain dangerous malware-laden attachments, or links to web sites hosting Trojan horses. When such an attachment is opened or a link is clicked, a malicious program installs the Trojan onto the users' machines. These Trojans can be configured to transmit information via ports used for a common service, like TCP port 80, which is assigned to Web traffic. That's why firewalls are helpless against them. Second, this time the e-mails are TARGETED -- sent to specific recipients. Their subject lines often have something to do with the user's work or interests. What the criminal can do when the attachment is opened? He can: (Quote from the alert issued by US-CERT)
CERT made recommendations for system administrators on how to prevent this kind of Trojan horse attacks. You can get the complete list from: http://www.us-cert.gov/cas/techalerts/TA05-189A.html As for us ordinary Web users -- to lessen the risk of these attacks we all should:
|
RELATED ARTICLES
Viruses, Trojans, and Spyware - Oh My! Have you ever had to call Symantec or McAfee to ask them how to remove a virus? Or have you spent hours online trying to figure out how to remove spyware, only to find out that you did something wrong and now your computer won't boot? I know your pain and frustration with just trying to use your computer without worry. As a computer technician at ARCH Computing Services, I know how hard it can be to pay someone to remove viruses and spyware. In fact that's how I started in the computer business. I didn't want to pay someone to fix the problems that I usually caused. A little voice in my head told me "I can build a computer, it doesn't look that hard!" How to Fight Spyware If you are wondering how to fight spyware for safe web surfing, this Internet privacy article will answer some of your questions. By now you have probably heard about the dangers of spyware. The Bad Guys Are Phishing For Your Personal Information Do you know what "phishing" is? Computer-Virus Writers: A Few Bats In The Belfry? "Male. Obsessed with computers. Lacking a girlfriend. Aged 14 to 34. Capable of creating chaos worldwide." Is My PC Vulnerable on the Internet? No longer are viruses the only threat on the internet. In recent years other threats have evolved which include spyware, adware, hacking, identity theft, information theft, pop-ups and the loss of information. SCAMS ? Be Aware ? And Report When Necessary The Internet is a vast International Network of people and businesses ? and a place where people can make a fairly decent living. However, it is also a place where certain unsavory characters can freely roam ? to take your dollars and run. Scams ? the human mind can be either pure or devious ? and it is the devious mind that you have to look out for and be aware of at all time. Identity Theft -- 10 Simple Ways to Protect Your Good Name! Identity Theft is one of the most serious problems facing Internet users. Identity Theft is exactly as the name states -- someone steals your Identity and commits fraud in your name. It can result in untold financial and legal problems that may literally ruin your peace of mind and/or your life. Someone gaining control of your most personal details can reck havoc and result in dire consequences for you and your family. Computer Viruses - How to Remove a Computer Virus from Your Computer Computer viruses infect millions of computers every day. Viruses can destroy data, steal important information, and even make a computer completely unusable. When a computer is infected by a virus it is imperative that the virus be removed as quickly as possible. Delete Cookies: New-Age Diet or Common Sense Internet Security? No, this article isn't about some new, lose-20-pounds-in-a-week, certified-by-some-tan-Southern-California-doctor diet. It's about cookies on your computer - what they are, why they are there, and what to do about them. Computer cookies actually have quite a bit in common with their baked counterparts - some are good, some are bad, and they have expiration dates. Phishing - A High Tech Identity Theft With A Low Tech Solution Have you ever got an email asking you to confirm your account information from a bank or a company that you have never done business with? The email looks official and it even has a link that appears to take you to the company's website. The email you have received is actually from an identity thief. These crooks are hoping people that have an account with the business will click on the link and submit their account information for verification purposes. These thieves are phishing for account information. Phishing is a sophisticated way to lure you to phony websites where you voluntarily surrender your passwords and account information to identity thieves without realizing it. Detect Spyware Online You can detect spyware online using free spyware cleaners and by installing spyware protection software on your computer. Often it's best to start with free spyware cleaners because these free programs will remove any spyware programs currently running on your computer. What to Look for before You Purchase Spyware Software Huge number of spyware software applications are available in the market, some being offered as shareware while rest as freeware. (Shareware means a software available for download / CD, and can be used for a particular length of time, usually 30 days. Some are disabled as well). Before making a decision to purchase any such software we should check the reliability and should consider various attributes possessed by them and then select the best and the most appropriate one. The various attributes that one should consider to be the most important when purchasing spyware detection and removal software are - How to Prevent Online Identity Theft Identity theft rates one of the fastest growing crimes in mAmerica today and the Internet can make it even easier for some criminals to take your good name and drag it through the mud. Personal Firewalls for Home Users What is a Firewall? Virus Nightmare..Lessons Learned I got a virus the other day, Thursday I believe and since then I have been making FRANTIC efforts to save all my info. What Can Be Done About Spyware And Adware Having a good Spyware eliminator on your computer is vital now a days with all of the different Spyware, Adware, and other malicious computer parasites that are out there. Most of them are reasonably priced and very easy to use. Information Security for E-businessmen: Just a Couple of Ideas If you constantly deal with bank or electronic accounts, it must be your worst nightmare--to wake up and learn that you are a bankrupt. Some crook stole your personal data and all the money you have been sweating blood for years has flown to somebody else's account. Almost everybody must have heard that such a tradegy is called identity theft and millions of people in the USA alone suffer the same every year. Poor consolation for its victims, isn't it? Eliminate Adware and Spyware Everyone should eliminate spyware and adware from your hard drive for your computer privacy protection. Spyware and adware programs also slow down the speed of your computer by cluttering your hard drive with annoying programs. Once you eliminate adware and spyware, your computer speed will improve immediately. Identity Theft ? Beware of Phishing Attacks! "Dear Bank of the West customer", the message begins. I've just received an e-mail message, purportedly from the security department at the Bank of the West. The message explains that certain features of my account have been suspended due to "suspicious activity" on my account. The message then provides a link that I can follow in order to fill out an online form confirming my identity. It's certainly nice that Bank of the West is worried about the status of my account. There's just one problem ? I don't have an account at Bank of the West. In fact, I've never even heard of Bank of the West. The 5 Critical Steps to Protecting Your Computer on the Internet Spyware, viruses and worms... oh my! |
home | site map |
© 2005 |