Internet Threat Protection Guide
Internet attacks have become a business. And as with any business, the product must be ever-changing in attempting to entice you. But where a slick legit ad campaign might sway you into buying a gadget you don't really need, these social engineering techniques try to trick you into infecting your computer with malware you surely don't want. Look through these images of some of the latest tricks from malware pushers and phishers so that you can keep your most important security tool--you--up-to-date. And if you receive any of these messages, be sure not to click any links in them or follow their instructions.
Targeted Attacks Grow
The latest wave of e-mail-borne attacks looks entirely genuine and even uses your real name. This example, a fake BBB message, was one of the first. Similar attacks continue in the form of supposed IRS audit warnings, false business invoices, and Microsoft vulnerability warnings. (Image provided by Joe Stewart, SecureWorks)
Malware Lurks in Word Docs
If you do get pulled in enough to open a Word doc attachment and see something like this, delete the file. Crooks have been embedding malware within such Word files; double-clicking the icon will launch the attack.
It looks real, but instead of downloading the actual Malicious Software Removal Tool (which does exist), this fake Automatic Updates alert launched from a MySpace profile, leading victims to install rogue antispyware. It's a good example of why you must consider not only whether something looks right (as this does), but also whether it comes up at the appropriate time. (Image provided by FaceTime Security Labs)
Fake Security Alerts
The next step in this Automatic Updates attack used a common scare tactic to make victims think their system was infected. Be skeptical of supposed security warnings that don't come from your own security software. (Image provided by FaceTime Security Labs)
Video Bait-and-Switch Attack
Spyware spreaders throng to this technique, which lures people in with a salacious-sounding movie and then tells them they need to download a new video codec to watch it. Of course, you don't get a video -- you get a 'Zlob' malware infection. (Image provided by Sunbelt Software)
Do You Agree to This Malware Infection?
The media codec attack even goes so far as to display a fake license agreement during installation. How's that for misdirection? (Image provided by Sunbelt Software)
To fool people who might be alert enough to look at the URL, phishers today often use faked site names that begin with a real domain name and then add what looks like site input but is actually the name of the attack site (in this case, logwjwgwwwqwkqwk.com). Antiphishing tools, including those built into IE 7 and Firefox 2, are becoming more adept at blocking such sites, but keep your eye out.
If in Doubt, Upload to Virustotal
You now know about avoiding these dirty tricks, but tomorrow will no doubt bring a new batch. If you suspect a download or attachment might actually be the latest attack, upload it to Virustotal.com, an excellent free service that scans the upload using more than 30 different antivirus scanning engines. Click 'Browse,' select the file, and click 'Send.' The resulting report won't be a 100 percent guarantee of safety even if the file's reported clean, but having no less than 30 second opinions can sure help.