Staying ahead of cybercriminals

From the October 10, 2010 edition, The Atlanta Journal-Constitution, page C7

Secret invasions are happening nearly every minute. Zombies are “waking up” and becoming part of a remotely controlled legion. Victims are piling up by the millions.

This isn’t science fiction. It’s the reality of connecting to the Internet, and one that is affecting — and infecting — more consumers than ever.

Phishing, virus-laced spam and hijacked message and social network accounts have become big business for hackers who use these methods to steal financial information or just wreak havoc on home and business computers.

For Rick Snider, who runs a marketing company from his Atlanta home, one such “invasion” hit both his personal and professional life.

“I get on my computer first thing in the morning, and I could tell something was wrong,” he said. “It was kind of eerie. You get that feeling, and I could tell someone hacked into it. Six months of my e-mails were gone, and the strange thing is it wasn’t my recent ones. It was e-mail from six months to 11 months ago. They were all gone.”

His outbox had 20 messages lined up to be sent, only he hadn’t written them. They all had odd links to unknown pharmacy sites. It was a virus replicating itself and automatically sending out to his contact list.

Snider doesn’t know how his computer was infected. He said he’s wary about clicking on any links he doesn’t recognize.

But spammers have lots of tricks. They may send e-mail with attachments, links or images that install secret software when opened. Sometimes, just visiting a website or downloading files can cause a “drive-by download.”

Hackers phish by sending e-mails that look like they’re from legitimate vendors or trusted sites, only to have bogus links or tricks to lure consumers into entering personal information.

The viruses often come, as in Snider’s case, from home computers that have been hijacked and controlled remotely, usually as part of a robot network or “botnet,” sometimes called a zombie army, that can number in the tens or hundreds of thousands.

‘A serious problem’

It’s not just annoying.

“It’s a fairly serious problem,” said Michael Kaiser, executive director of the nonprofit National Cyber Security Alliance, an association that includes the Department of Homeland Security, computer security corporations and other companies like Google.
This past week the alliance launched the “Stop, Think, Connect” marketing campaign with about 28 agencies and companies such as Facebook, AT&T, Symantec and Homeland Security.

“Before you log on or do something on a site, before you click on something, think about it, that the path is clear ahead, that you look for warning signs and then go ahead and enjoy everything the Internet has to offer,” Kaiser said. “It’s not just the PC or computer. It’s your phone and gaming devices and even television sets that are connected to the Internet. Use common sense.”

A study last month from security software provider Norton says two-thirds of Internet users globally — including three-quarters of U.S. users — have been affected by cybercrimes such as computer viruses, online credit card fraud and identity theft. More than 7,000 adults from 14 countries took part in the study called “Norton Cybercrime Report: The Human Impact.”
Computer viruses and malware attacks were the most common types of cybercrime, hitting 51 percent of adults around the world.

A Consumer Reports survey, “State of the Net 2010,” says viruses affected 40 percent of online U.S. households, with 16 million homes having “serious” problems in the past two years. The cost of dealing with viruses, phishing and spam, according to Consumer Reports, was roughly $4 billion.

Cost of connectivity

A growth area for hackers is social networking. Symantec, one of the world’s largest Internet security vendors, said such attacks are coming in many forms — from fake invitations to merge accounts to bogus links telling the user they have been tagged in someone else’s photo album.

Wade Chappell discovered his Facebook account was hijacked only after friends e-mailed to kid him about his posts. His account, which he said he rarely used, was sending the odd video links to all of his friends’ Facebook “walls.”

“You just can’t describe that sick feeling you have when you fear somebody is sending out information that’s obviously something malicious,” said Chappell, who owns Chappell Construction Group. “It makes you think. You start fearing about your bank accounts and all the information you log into all the time.”
And while some of the attacks are merely spam to direct users to sites that sell things like counterfeit drugs, Symantec’s report on social networks says other attacks are about stealing user credentials.

“When users fall victims to these messages, the account is used cleverly by spammers to send even more spam,” the report said. “This is especially dangerous as users are more prone to trust messages from friends.”
Being connected is a premium for technology users, and yet, that’s precisely how viruses can spread. So protecting computers, phones and other technology from attacks doesn’t just make sense for the individual consumer.

“It’s true that we’re only as strong as the weakest link,” Kaiser said. “We have found a really high awareness among the general public. They understand that when they are protecting themselves they are protecting other people. ... We’re really all connected. It’s like dumping sludge downstream. It’ll eventually reach everyone else.”


Internet security ABCs

Some tips to ward off cybercrime and hackers:
● Use security “suites” that include anti-virus, firewall, anti-spyware and anti-spam software. You can download this from Internet service providers [ISPs], software companies or buy it in stores. Look for anti-virus and anti-spyware software that removes or quarantines. Always set your security software to automatically update.
● Keep your applications, browsers, plug-ins and operating systems up to date. Set your operating system software to download and install security patches automatically.
● Surf and download more safely. Be wary. Only download programs from sites you trust. If you’re not sure, enter the name of the program into a search engine to see if anyone else has reported that it contains spyware. Read all security warnings, license agreements and privacy statements associated with the software you download.
● Never click “Agree” or “OK” to close a window. Instead, click the red “x” in the corner of the window or press Alt + F4 on your keyboard to close a window.
● Make complicated passwords of at least five or more characters, including a number and a capital letter, if possible.
● Don’t open an e-mail attachment, even if it looks like it’s from a friend or co-worker, unless you are expecting it or know what it contains. If you send an e-mail with an attached file, add a message explaining it.
● Disconnect from the Internet when you’re away from the computer.
● Back up your files and data on a regular basis to mitigate any losses in the event of a security failure.
● Only use secure wireless connections that require passwords or other forms of security.
● Check outgoing messages. If you find anything you didn’t send or that seems suspicious, your computer may be infected with spyware, and may be part of a botnet.
● If your computer is infected or hacked, disconnect from the Internet and scan with an updated anti-virus and anti-spyware software. You can report unauthorized access to the FBI at www.ic3.gov. If you believe your passwords have been breached, change them immediately.

Sources: National Cyber Security Alliance, OnGuardOnline.gov , various security websites


Worms, horses and phish

What is a computer worm or Trojan horse? A piece of worm software uses computer networks and security holes in specific software or operating systems to replicate from machine to machine. Many hackers design worms to exploit security holes in popular operating platforms. A Trojan horse can’t replicate. It’s a computer program pretending to be something harmless, such as a game, but instead does damage when the user runs it, often erasing the hard drive.

What is phishing? A phishing attack is usually begun with a special type of spam (unsolicited e-mail) with links to a bogus site that appears legitimate. It typically tricks the user into entering personal information. Often, the phishing site is designed to install malicious software or acquire information such as credit card numbers, personal identification numbers (PINs), Social Security numbers, banking numbers and passwords.

Source: DigiCert, a secure website company


Resources and help

For more information about the state of cybersecurity and more tips for keeping safe:
● “Norton Cybercrime Report: The Human Impact”: http://bit.ly/agkNcJ
● National Cyber Security Alliance: staysafeonline.org/tools-resources/stop-think-connect
● Free computer security checkups: http://bit.ly/aZfBIl
● Tips from the Federal Trade Commission, other federal agencies and the technology industry on keeping your computer information safe: www.onguardonline.gov/topics/computer-security.aspx
● How to avoid phishing scams: www.antiphishing.org/consumer_recs.html
● To report a phishing attempt: Forward the suspect e-mail to reportphishing@antiphishing.org, or follow the instructions at www.antiphishing.org/report_phishing.html
● Symantec’s report on the state of spam and phishing: http://bit.ly/9qwKxt