Yeaaaaaaaaaah
 
Home » News Stories » 2011: Dangerous Living Online

News Stories

Job Search

Events

Back to News »

2011: Dangerous Living Online


Share this:
digg it  | kickit | Email it | del.icio.us | reddit | liveIt
Subscribe to IrishDev News RSS Add to Google
CategoryBusiness
DateTuesday, December 20, 2011
Author

2011: Dangerous Living Online

Antivirus &Threat Protection Firm ESET Predict Social Networkers Most at Risk, but Good News for Windows Mobile 7 Users

 

ESET_Grim_Reaper.jpgESET Ireland has released its end of year review, claiming that the use of social media has led to an alarming rise in virus and malware infections with 1 in 4 Irish computer users having experienced a computer crash or other damage by viruses or malware. Further, 1 in 5 has had their computer infected or data stolen, and 14% were hacked or had their social media accounts hijacked. And nearly ten percent of the survey population had been cheated, had their credit cards or private info abused, or their system was used to unknowingly dispatch spam.

 

 

With more and more businesses using social networks as a platform for  attraction of customers, online shopping and financial transactions online are also increasing sharply in spite of the global recession. ESET say statistical info reveals that the amount of money spent for Christmas shopping online has risen nearly 14% since last year and almost 39% since 2008, and with the stakes increasing, it makes it more the worthwhile for cybercriminals to invest time and resources in trying to divert some of the money spent online into their own pockets.

 

 

You Are the Weakest Link

The scammers know that the human factor has always been the weakest link in cyber-security because of people's curiosity, and this is why social media and networks are so appealing for the cybercrim because while advanced technologies are constantly being developed to combat malware, they are aiming directly for the computer users instead!

 

 

Faking it
2011 saw a great increase of fake links to stories or videos hitting social media such as Facebook or Twitter. Links purporting to offer some "shocking news" or "rare video" on a widely publicised topic (in 2011 some of the more resounding ones were the Japan earthquake, the Royal wedding, the killing of Bin Laden, the Oslo massacre and Amy Winehouse's death) in reality lead to malicious sites, often infecting users with malware, or to various survey scams that automatically spammed their online friends with more fake links. But due to people's inquisitive nature, they kept clicking and clicking and spreading this in spite of many warnings from all sides not to.

 

 

Search engine poisoning
A widespread variation of the above also came in the form of search engine poisoning. Because people tend to search online for hot topics (or news of hot celebrities), cybercriminals poison the search results by creating webpages that refer to any current hot topic, making them appear prominently in web searches using search index optimization techniques. When the users click on the search results, as described above, they may be taken to malicious websites, where they get infected or are prompted to "purchase" various items or subscriptions on fake shopping, online pharmacy or pornography sites.

 

 

Botnets
Once infected with malware many users' computers were turned into so called "zombies" in huge botnets. Large networks made up of thousands upon thousands of infected computers, remotely controlled to do their controller's bidding without the computer user having any clue that his computer is sending out spam emails, trying to hack websites, distributing malware or illegal content (such as pirated software or child pornography) while he's browsing the web or playing an online game. While several large botnet organisations have been successfully defeated this year, the scope of them surprised even many researchers and as is the case with dangerous things such as icebergs, indicated that many more lie under the surface (including many smaller botnets that are intended to be less conspicuous but still profitable).

 

 

110926_Have_Your_Say_2.gif

Support scams
When the users were reluctant to get themselves infected or spend money on dodgy sites, the cybercriminals got busy and just phoned them. "Hello, we're calling you from We-Fix-Computers-Company and will remotely fix your computer of any viruses and other trouble for a modest fee of several hundred euros", they said. With sometimes a more, sometimes less credible sounding story and company name. And a surprisingly large number of trusting people allowed them access to their computer, to do pretty much whatever they wanted on it remotely, as well as handed over their credit card details to them to pay for the "fee".

 

 

 

What can be expected in 2012

ESET Ireland continue by offering their predictions for the year ahead:

 

  • We will see increased interest in digitally signing malware using stolen code-signing digital certificates.
  • Expect an increase in native 64-bit malware, especially rootkits (may tangentially tie into digital certificates, above).
  • We will see increased use of social networks' real time search results for social engineering and Black Hat SEO.
  • Poisoned search engine results will continue to be a popular way of distributing malware.
  • The use of software wrappers by file download sites seeking to monetise downloads will increase
  • We expect a fair amount of talk about Windows 8's anti-malware functionality; basically, the same things we heard with Windows Vista and Windows 7.
  • There will be reports of a vulnerability in the forthcoming Windows 8 that is called a "major security flaw" only to find out-a few days or perhaps a week or so later-that it cannot be conventionally exploited or remains firmly in the realm of the theoretical.
  • No actual malware for Windows Phone 7 will appear, although we will see some increased interest in security for the Windows Phone platform as it becomes more popular.
  • Win32/Conficker will remain in the Top Ten threats for the year but continue to decline as computers and networking infrastructure are replaced.

 

 

How to Stay Safe?
Urban Schrott, an analyst at ESET Ireland says: "The first step towards being safe is knowing about the dangers. Do not count on software alone to protect you, but stay informed of the threats and scams out there in order to be better able to avoid them.


But most of all, as we keep repeating: Think before you click."

 

 

 

 

 

 

 

 

Corporate Information

 

Visit ESET Ireland

 

 

People reading this article also read....

 

Read More about ESET on IrishDev.com

 

 

 

 


 

Get Instant Irish Tech News Updates....

Join IrishDev.com at Facebook Join IrishDev.com at LinkedIn Follow IrishDevdotcom on Twitter

 

 


Got a Story – Share it with the Irish Software Community – Email us at

Back to News »
digg it  | kickit | Email it | del.icio.us | reddit | liveIt | RSS
E-mail