Malware is becoming an increasingly lucrative business among internet criminals. They're not out to annoy you with spam and amateurish letters, hoping that someone falls for a link to a highly questionable website.
We spoke to Security Expert Janus R. Nielsen from www.mysecuritycenter.com for his take on the four most efficient methods that cyber criminals use to get in the pockets of PC and smartphone users.
1. An Adobe Flash update that tricks users into providing full access to their system
Since most videos on YouTube are streamed through Adobe Flash Player, which is a plug-in for your web browser, it is not surprising that hackers aim to make fake updates in order to reach the maximum number of users. When PC users click on the pop-up, which installs the fake update, the program will be able to steal passwords for online banking and other online payment sites and this way get hold of the users’ money.
The best known example of a fake Flash update was the Flashback Trojan Horse that attacked more than 600,000 Mac users a few years ago, but this is still a potential trap, which makes it one of the most lucrative scams on the internet.
The best advice is to download the update directly from Adobe - this way you know you're getting genuine software.
2. Fake antivirus alerts
“Your PC is infected with viruses. Click here to install suitable antivirus software” or “Your antivirus software has expired”.
We've all seen these messages appear on websites, or even popping up on our dekstops. There are many fake pop-ups in circulation that try to imitate the real antivirus programs, thus fooling users into paying for something they believe protects them, but which is in fact malware.
What these programs typically do is to steal contact information, which they can sell to third parties. But how do you separate false warnings from the real ones?
The fake pop-ups are more aggressive, more frequent, and keep popping up even though you are offline. If your PC has been infected, it will run considerably slower, adding new toolbars, new wallpaper and a new home page, which all indicate that you have installed malware instead of antivirus software.
The best advice is never to click on pop-up warnings – do not even try to close them with the “X” in the corner, as this can lead to even more pop-ups. Delete it instead by pressing Control + Alt + Delete to see the list of programs running and remove the pop-up warning from the list. If you are unsure about the authenticity of the update, then go to the respective antivirus company’s website and check if they have issued updates recently.
Ransomware is the name of a specific type of software that hackers use to block a user’s PC and then demand money to unlock it again. The most recent example of this type was the so-called Police Virus that infected millions of PCs worldwide.See also: Why the Police Virus was so effective
The virus also flourished in Denmark from the Danish National Police, which resulted in police scam warnings nationwide. Many Danes paid around 100 Euros to get their PC 'unlocked'. But then again; you need to use common sense before you pay.
4. Trojan attack on smartphones
Nowadays, the term Trojans covers the most prevalent group of malicious programs that often reminiscent of worms, but does not contain an automatic spreading mechanism. Originally, the Trojans scattered via web pages and links in e-mails, but today the Trojans also target smartphones, which especially is an issue because of the increasing use of services such as online banking on mobiles.
The hackers are becoming more cunning and they constantly improve their ability to trick money out of the peoples’ pockets. There are even examples of false requests from the banks to install new banking apps on the phone, and when they are installed, the fraudsters have installed spyware that can intercept codes for online banking and more.
The best advice is to always question anything you're about to download or click on.Check user reviews of apps, or use your browser's address bar to go directly to the website rather than using a link from a site or email you may not trust.
Furthermore, the security industry and the authorities must make all efforts to tackle this increasing problem.
The big problem with malware is that there's almost never any consequences for those criminals who create and spread the harmful programs. There are several explanations for this. First, it is a question of resources and if there is not a big organised attack against one of the big companies, it's not a high priority for the police to investigate. Trying to identify who is targeting random people with spam, phishing, viruses, etc is simply too time consuming.
Second, it can be difficult to track the exact location of the senders.
For more information about how cyber crime is tackled in the UK, see the SOCA website
Janus R. Nielsen, CEO and security expert of MYSecurityCenter, that provides antivirus and PC optimisation software for home users. At www.mysecuritycenter.com you can try the different packages out for free.