Nerdy News Blog From A Geek To Go!

Striving to deliver a daily dose of the techie trials and tribulations on a 'Need 2 kn0w' basis. U kn0w wh0 u r!

Wednesday, October 27, 2010

Identity theft, phishing and Scareware

Phishing scams and attacks have been the preferred medium for thieves and hackers to steal your personal information, then your cash. Any request for data, whether online or offline, should sound the alarm in your head: Identity theft alert!

Most people have heard about phishing scams, and are reasonably guarded against them. But criminals are very inventive and imaginative, and are constantly dreaming up new ways to deceive us and bilk us out of our hard earned money.

One method that has been around for a while called "scareware." It works well. Suddenly you get a pop-up on the screen, a warning that your PC has been suspected of being infected with a virus. The picture looks like the common dialog box we are used to seeing from Windows, so they are not very suspicious.

You see a link to a website where you can buy a program to remove the malware. However, if you buy and run the software, that will do the opposite. Now - the real virus and spyware are installed on your computer. This malware will scan your computer for credit card numbers, passwords and bank details. Worse, the hacker is in fact charging the credit card you used for the purchase. Trust us, we have seen this four times in the last week!

How did pop onto your computer first? You may have inadvertently dropped a phishing scam. Or, you may have been the victim of a drive-by download. You visit a site well-known and respected site that had been already attacked and compromised. Simply visiting caused a malicious program that downloads and installs on your computer, without any further action on your part.

Here are two other common avenues of attack: you click on an advertisement on Google or news site. The announcement had been placed by a hacker. This takes you to a malicious website that infects the PC. Or thieves determine what is popular and in the news these days. Then, create web sites that deal with these issues.

They are also distributed through optimization techniques, which receive their pages appear in the top 10 Google search results. This is called poisoning the results. Clicking one of these "false" results, you get a pop-up scareware malware or otherwise.

Twitter and other social networking sites have been attacked several times, using different combinations and variations of the above methods. A recent survey revealed that nearly half of Internet users who rely on their safety programs were being protected. But in fact, programs were not updated, so it hardly provides any protection at all. Identity theft alert!

Your antivirus software must be updated every day. Anti-spyware programs are updated once a week. A couple times a month, check Windows updates for your computer.

Before usingweb-searched useful tips, you must be careful how close that pop-up on the screen. If you click the pop-up menu itself or the small red X in the upper right, rather than close the dialog box, you can actually start downloading malicious software! So do the following:

Click the tab pop-up in the taskbar at the bottom of the screen, and click Close. If this fails, press Ctrl + Alt + Delete. Find your browser in the list of running programs, and click End Task. Then turn off pop-up windows together on your browser.

So what should you do if, unfortunately, you fell into the trap and buy the software? Disconnect from the Internet. call your financial accounts and tell them your computer has been compromised, IMMEDIATELY! View your statements of credit cards closely over the coming months. Report any unauthorized charges at once. MOST importantly, get professional help. That FREE security software your provider gave you or that came with your computer can't be trusted. After all, where was it when you got the infection?

Get all software from trusted sources only. Never buy anything in response to a pop-up or spam. Keep all your programs and applications updated often, not just security software. Hackers love to use Adobe Reader or Flash, or media players to attack. I know that malware removal all day can be a long and tedious dillema.

But a relatively painless way to do this is to use the Managed Services Program to repel infections and the unlimited U.S.-based Phone and Remote Support is always available when a new infection is released into the wild and access your computer before anti-infection definitions are created. Remember, nothing is 100% effective, as 12 new infections are released every day..

Identity theft is a complicated and expensive. It may take a year of frustration and gnashing of teeth to get your life back on track. The good news is that the application of these guidelines, plus a little common sense should keep you secure. Happy (and safe!) Surfing.

Labels: , , , , , , , , , , , , , , ,