In Pictures: Warning Signs of an Internet Attack

Online crooks are constantly switching tactics in an attempt to invade your PC. Be on guard for these latest sneaky tricks.

By Erik Larkin, PCWorld

8 of 9

All Images
Related Articles

Find and Update Out-of-Date Drivers With RadarSync PC Updater
Unthethered Jailbreak for iOS 5.1.1 Available for Download
Is Siri Spying On You?
How Companies Buy Facebook Friends, Likes, and Buzz
Lawmakers Call on DOJ to Reopen Investigation Into Google Wi-Fi Spying

Would you recommend this slideshow? YES NO

Camouflaged Phishing

To fool people who might be alert enough to look at the URL, phishers today often use faked site names that begin with a real domain name and then add what looks like site input but is actually the name of the attack site (in this case, logwjwgwwwqwkqwk.com). Antiphishing tools, including those built into IE 7 and Firefox 2, are becoming more adept at blocking such sites, but keep your eye out.

Targeted Attacks Grow

The latest wave of e-mail-borne attacks looks entirely genuine and even uses your real name. This example, a fake BBB message, was one of the first. Similar attacks continue in the form of supposed IRS audit warnings, false business invoices, and Microsoft vulnerability warnings. (Image provided by Joe Stewart, SecureWorks)

Malware Lurks in Word Docs

If you do get pulled in enough to open a Word doc attachment and see something like this, delete the file. Crooks have been embedding malware within such Word files; double-clicking the icon will launch the attack.

Malicious Mimicry

It looks real, but instead of downloading the actual Malicious Software Removal Tool (which does exist), this fake Automatic Updates alert launched from a MySpace profile, leading victims to install rogue antispyware. It's a good example of why you must consider not only whether something looks right (as this does), but also whether it comes up at the appropriate time. (Image provided by FaceTime Security Labs)

Fake Security Alerts

The next step in this Automatic Updates attack used a common scare tactic to make victims think their system was infected. Be skeptical of supposed security warnings that don't come from your own security software. (Image provided by FaceTime Security Labs)

Video Bait-and-Switch Attack

Spyware spreaders throng to this technique, which lures people in with a salacious-sounding movie and then tells them they need to download a new video codec to watch it. Of course, you don't get a video -- you get a 'Zlob' malware infection. (Image provided by Sunbelt Software)

Do You Agree to This Malware Infection?

The media codec attack even goes so far as to display a fake license agreement during installation. How's that for misdirection? (Image provided by Sunbelt Software)

Camouflaged Phishing

If in Doubt, Upload to Virustotal

You now know about avoiding these dirty tricks, but tomorrow will no doubt bring a new batch. If you suspect a download or attachment might actually be the latest attack, upload it to Virustotal.com, an excellent free service that scans the upload using more than 30 different antivirus scanning engines. Click 'Browse,' select the file, and click 'Send.' The resulting report won't be a 100 percent guarantee of safety even if the file's reported clean, but having no less than 30 second opinions can sure help.

Comments
More Slideshows

Comments

Submit Comment

Once you click submit you will be asked to sign in or register an account if you are not already a member.

Name	City

Address 1	State	Zip

Address 2	E-mail (optional)