Wednesday, 28 October 2009

For Scareware, Every Day is Halloween


Halloween is all about tricks, treats and pretending to be something your not. Scareware must think every day is Halloween.

Computer experts are reporting that scareware is on the rise. Scareware - a sneaky hacker technique used to steal personal information and spread viruses - is being found in more and more places online and even on trusted sites, like the New York Times.
"The recent scareware attacks are cropping up everywhere and can be found on even the most trusted Web sties online," said Alison Southwick, BBB spokesperson. "The threat of scareware undermines consumer trust in compromised Web sites, and on the Internet in general, but there are steps computer useres can take to protect themselves."

How Scareware Tricks and Treats

Scareware usually presents itself as a pop up window on your computer that looks like it is from your computer. It gives some message that your computer has been infected with a virus that needs to be removed. Often the message tells you to go to the link provided to purchase and download anti-virus software. Once the software is purchased the download begins. Unfortunately, it is not anti-virus software that is being downloaded, but more viruses and malware.
If that weren't bad enough, now the hackers have your credit care information too.
This senario is playing out all over the internet. It was in mid-September that visitors to the New York Times web site started getting the infected pop up window. The New York Times traced the infected window back to an unauthorized ad. They later found out that the ad space was sold to hackers posing as Vonage.
But The New York Times is not the only site being affected and pop up windows are only half the story with scareware. According to Computer World Magazine, hackers are also "poisoning Google search results." Hackers monitor popular search topics and then create infected web pages with related content. They work to get those to the top of Google search results and when someone clicks a link in the search results - the infamous pop up window appears.

How to Protect Your Computer

Fortunately there are steps that you can take to protect your computer from scareware:
  • Never let your guard down. It is a fact that scareware can show up on even the most trusted sites, Google, Twitter, The New York Times, etc.
  • Protect your computer. Keep your operating system updated and install a good quality anti-virus program. We recommend the following packages: Norton 360 (includes backup and other features), Norton Internet Security 2010 (good all around option), or avast! (free and good), and keep it up to date. Also make sure that all security patches and updates are installed for your webrowser and programs like Adobe Flash Player.
  • Take immediate action during an attack. If a scareware window opens up force close it using the task manager and then run your trusted anti-virus software.
If you clicked on the link and have downloaded the software all is not lost, but things aren't good. The Washington Post offers advice on their Security Fix blog of how to rid your computer of the viruses and malware. But if you aren't computer savvy, you may think about calling a professional to clean up the mess.

UPDATE: An article from Wired magazine's Threat Level blog sheds more light on how web sites are being targeted for malware distribution:
Web ads have become much more advanced over the years and many now include scripts that provide data tracking and other functions. Because of this, crooks are working to have their "ads" run on popular websites. Their ads also contain scripts, but the code displays scareware instead of tracking clicks or views.
In the article, Gawker Media - a major blog network of sites like Gizmodo, LifeHacker, Jalopnik and others - was targeted for ad placement, but fortunately Gawker has a team of geeks that digs into the code of any ads and confirms that it contains no malicous code. I'm guessing the NY Times now is enforcing a similar policy (yep, it is now).
Heaven help us when we visit sites that have no such team of geeks to protect us from malicious ads...

emails

a

The Register - Security

IQ test

The Register - Security: Anti-Virus

HackWire - Hacker News