Cyber criminals love a good Valentine's Day
PUNE: As Valentine's Day approaches, people's thoughts turn to romance and flowers. For the cyber criminal, however, it heralds another opportune moment to draw an unsuspecting user in. Many of the most common scams around February rely on existing vulnerabilities in software, spam, fake sites and distraction techniques.
"Organised criminal units have a long history of timing their attacks to coincide with popular occasions in order to achieve maximum success," says Surendra Singh, regional director, SAARC and India, for IT security firm Websense, Inc.
Singh said that in the weeks running up to February 14, many emails that promote love or dating opportunities are already doing the rounds. Websense Security labs have seen several fake Valentine's Day sites serving up malware, an increase in adult dating and healthcare'-related email spam, and blended email/web/phone techniques, promoting premium rate phone services which are a good way to make a fast buck, Singh pointed out.
Cyberoam, a division of Elitecore Technologies that has innovated Unified Threat Management Plus (UTM+) solutions, also warned of increased spam attacks tied to Valentine's Day. Spammers are including attachments and links in emails leveraging subject lines such as I Love You Soo Much'; Inside My Heart'; or You... In My Dreams'; My Valentine Sunshine'; and Be My Valentine', to exploit unsuspecting targets.
Once these attachments are opened or the links are clicked, malware is instantly downloaded. The success of these attacks depends on social engineering techniques that are targeting a younger demographic, particularly students and teenagers that will use the internet to buy discounted Valentine's gifts, flowers and send e-cards.
"Spammers are renowned for tying large-scale spam attacks to significant holidays and events, so it's important for organisations to warn employees and students against opening emails from people they don't know," says Joshua Block, VP of North American Operations, Cyberoam.
Unfortunately the web page is one big image and a single click from a tricked user commences the download of Trojans named "onlyyou.exe" or "youandme.exe" which are not as friendly as they sound. The Trojan can connect to remote websites to receive commands and send information about the compromised system.
According to Singh, the three top things to look out for are, Broken hearts', I'm your friend' and Money can't buy you love'. Broken hearts are sites that show colourful images such as puppy dogs or a picture of 12 pretty hearts and ask "Guess, which one is for you?"
A popular technique doing the rounds at the moment is spam email pretending to originate from social networking sites complete with love hearts and cartoon characters. If you were to click through to the link on the email the user would unwittingly download a banking Trojan designed to steal log in credentials for banking sites, Singh warned.
Thirdly, said Singh, messages such as Money can't buy you love' may get you a masked redirect. "Seventy per cent of the top 100 most popular websites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites.
In fact, we have seen specially created malicious sites decline as cyber criminals switch to compromising trusted' websites. They are cashing in, literally, on our increased confidence in shopping and researching online a lot of which happens whilst in the office.
"As people turn to the internet to order flowers, chocolates and other gifts so too are cyber criminals turning to these sites to compromise them and steal data," Singh explained. Spam attacks of this nature often lead to a malware download that can infect PCs, and potentially lead to a download of the Storm Worm botnet that is notorious for spreading emails with malware that can launch Denial of Service (DoS) attacks. These attacks also often lead to email campaigns that put many in danger of information and identity theft.
Shantanu Ghosh, vice-president of India operations for software security firm Symantec, said spammers have continued centring their social engineering tactics on holiday and gift themes. "While subject lines like Great watches for your Valentine' and Best Valentine's gift ever' continued, Symantec has observed that some other subject lines shifted a little towards the obscene this year. Increase your length, the best Valentine's gift' and Show off your length for Valentine's', were some of the top subject lines this time round," Ghosh said.
"Spammers are using our appetite for social networking and turning to properties such as Twitter, Facebook and Myspace as new ways to trick users into visiting fake sites, installing viruses and spreading malware on the internet. Web spam, in blogs and on comments pages, is also on the rise. Be wary of links posted by strangers on your blog, chances are the link may not lead to you finding the love they promised," Singh observed.
According to Ghosh, not responding to spam would be the best way to address the threat, though in the long run, getting multiple email addresses for multiple purposes would be safer. "Have one email address specifically for personal use, known only to family, friends and colleagues. Another email address could be used for mailing lists and newsletters, and still another for online inquires and orders," Ghosh advised.
0 comments:
Post a Comment