Here at SecurityWatch, we often talk about malware that masquerades as legitimate software in order to trick users into downloading and installing rogue programs. Users need to remember two important tips in order to steer clear of these malicious applications.
Install from Authorized Sources
Cyber-criminals behind these scams rely on users downloading software from unauthorized sources to push their fake products. On Tuesday, Trend Micro researchers reported a banking Trojan that passed itself off as an installation file for Google Chrome to Brazillian and Peruvian users. Even though the fake installer had the same name as the legitimate file (ChromeSetup.exe), users should have been leery of the fact that the files appeared to be hosted on sites such as Facebook and MSN.
Many users often get hit with rogue software when they try to get pirated versions of software. This isn't a discussion on whether or not you should download pirated software, but it seems pointless to try to download free software (such as Chrome) from alternative sources.
Remember the recent furor over the Flashback Trojan that infected Macs? Flashback got its name because it pretended to be an update file for Adobe Flash. If you need Flash, take the time to go to Adobe.com and download from there directly.
"Use caution when you click links in email or on social networking websites," recommended Tim Rains, director of Trustworthy Computing at Microsoft on the Microsoft Security blog.
However, one of the links identified by Trend Micro happened to be a Google Brazil address. While Net-savvy users may be aware that large companies such as Google are unlikely to link directly to an executable file, this is very tricky. Here is where tip number two comes in. Have a firewall and security software running.
No, Really. Stick to Legit Sources
There is a lot of discussion in security circles over the value of anti-malware tools, especially since many malware writers test their code to bypass major scanners. While there are malicious software that can slip through at the beginning of an outbreak, not having security software in place is akin to leaving the door open in a house and being surprised the burglars came in. Most security software nowadays have several layers of protection to detect and trap unknown variants. PCMag.com has a lot of reviews, for instance, Norton 360 Everywhere, Webroot SecureAnywhere Complete, and Bitdefender Total Security 2012.
"Install antivirus from a company that you know and trust, and keep it up to date," wrote Rains.
It's not just security software that needs to be kept up-to-date. Operating system and other commonly used software, such as Flash, Reader, Java, Microsoft Office, Web browsers, among others, should be regularly updated. "Use automatic updating to keep your operating system and software up to date," Rains added.
Many companies are moving towards automatic updates. Turn it on, or run the install from within the application to avoid getting caught by fake update warnings.
Going back to the first point, the security software should come from legitimate sources, as well. Researchers at GFI Software last week identified a Twitter campaign promoting antivirus applications. The problem was, these "must-see" tools were actually scareware. Unsuspecting users who clicked on these links wound up downloading and installing fake antivirus which claimed to find tons of issues with the computer. Some of these links actually directed users to sites boobytrapped with the Blackhole exploit kit to download additional malware before recommending that users download "Windows Antivirus Patch" to remove the infection, GFI warned. The catch in this and other scareware scams, is that the user ponies up (often for $79) for a paid version that does nothing.
Cyber-criminals are crafty and are always working on ways to trick users into downloading their applications. Don't make it so easy for them.
Thứ Sáu, 25 tháng 5, 2012
Đăng ký:
Đăng Nhận xét (Atom)
Bài đăng phổ biến
-
Want to check your Gmail inbox without pointing and clicking? You’ll barely have to touch your mouse with these handy keyboard shortcuts a...
-
Do you want to have free websites? With no costs? Even no Ads? There are many web hosting services that provide a free hosting , but they...
-
Apa yang anda rasakan ketika sebuah perusahaan berhasil memberikan pengalaman begitu besar, begitu pribadi, sehingga menciptakan respons emo...
-
Made the leap to the drastically revamped Windows 8 ? Feeling a little lost? You’re not the only one. Read on for eight tips that’ll help y...
-
Inbound links are the single most important factor in determining your position on Google’s results pages. Inbound links are good Here’s wha...
-
Như bạn đã biết, cái gì nhiều quá cũng không tốt, máy tính hoạt động hết công suất sẽ mau hư, con người làm nhiều việc quá sẽ rất mệt, dễ gâ...
-
Malvertising is a word that has been bouncing around the internet for a while now. It refers to an increasingly common type of online hack,...
-
Despite the apparent advancement of HTML-driven websites and old-school methodology of designing Dreamweaver or NetObjects-based websites,...
-
Many millions of people worldwide enjoy connecting with friends and family via Facebook. We get a kick out of sharing baby pictures, funny...
-
A recently updated and fresh list of top 10, top 50, and top 100+ best and free online ads posting classified ads websites around the int...
0 nhận xét:
Đăng nhận xét