December 4, 2013 2 Comments-
Being infected by a computer virus is always irritating, but getting one because you’ve tried to protect your PC? That’s infuriating. Unfortunately, criminals know that they can easily fool users into downloading and running malicious code by pretending to be a security authority.
A recent email example of this type of dangerous deceit was recorded earlier this month. Its subject line (although multiple variations have been noted) suggested that the email would help users fix a potential security hole in their computer.
The sender posed as Microsoft, AVG or Kaspersky in an attempt to fool users into believing their message was from a reputable security source. It contained an explanation as to why it was important to download the email attachment, and claimed the file was “system patch KB923029” for Microsoft Windows. This patch doesn’t actually exist on Microsoft’s website.
The file is really a malicious ZIP file (identifiable as ending in .zip), which contains an application (with the file ending .exe). Running this .exe unleashes the bank data-stealing Zbot/Zeus onto your computer, which is one of the best-known bank detail-stealers on the net.
How to avoid infection
Unfortunately for the criminals, while they are excellent at exploiting systems, they’re not so good at using proper English. The emails feature numerous misspellings – a huge giveaway that the message isn’t actually from Microsoft.
If you’re unsure if an email is from a legitimate source, always be mindful of spelling and grammar mistakes. More than one typo is a big clue that the email is probably fraudulent.
Of course, the most important tip is to never download attachments that you aren’t expecting. Real companies would never send you security updates via email. Lots of malware also pretends to be emails sent from your friends, so if you’re in any doubt, don’t open the file.
Some of this advice might seem obvious, but we still need to spread awareness. For example, there was a 253% increase in online banking malware infections in the third quarter of 2013. Ouch.
This means the infection count is now beyond the 200,000 mark – a number not seen since 2002. With Zbot/Zeus rumoured to be responsible for most of these infections, everything you do really does keep down the number of infections.
So if you already know all this, tell a friend!
Norman Safeground Blogs Archive