The aforementioned is a common tactic used by rogue security software that the industry has christened “scareware” or “extortionware”. The first objective is to fool the user into believing the security warning pop-ups by creating an appearance and look very similar to Windows warning messages or the warning messages associated with popular virus protection software such as Symantec, McAfee etc.. The second objective is to lure the user to give up their credit card and other personal information through purchasing the rogue security software.
Even if you weren’t “fooled” your computer is still infected!!
But, even if you aren’t fooled, that doesn’t mean you’ve avoided the worst part of the infection. Often, more than one malware infection is loaded on the user’s computer. “…the underlying JavaScript code ensures that wherever on the image a user clicks, whether on the ‘Remove All’ or ‘Cancel’ buttons, the malware will load.”, says Greg Masters in the April issue of SC Magazine (a computer security industry trade magazine).
What to do when you computer has been slammed…
First thing you should do is disconnect your computer from the company network. In other words, remove the Ethernet cord from your computer. It is important to disconnect the computer access to the Internet as soon as possible. Why? “Some iterations of rogue security software contain keystroke loggers and back door functionality. This allows the malware authors to siphon off personal information on an infected computer. And, like legitimate registered software, this establishes a connection between the computer and a server controlled by the scam artists – linking what is now estimated to be millions of computers together into a botnet. Thus, updates can be pushed out to the network commanding the enlisted computers to perform any number of functions”, explains Greg Masters.
Secondly, have a professional look at the computer. These rogue security software are created by well funded criminal organizations, and have a sophistication inherent to well paid programmers that are beyond your average computer user knowledge to successfully remove. Often, the payload includes more than one infection. So, the original fake antivirus application may be removed, but the other infections remain intact.
In fact, most virus protection software fails to detection “botnet” infections that are part of the payload associated with rogue security software. A recent study found that only 9 out 41 virus protection software vendors were able to detect a “botnet” infection. That is a pitiful percentage. This is just another reason enlist a professional to clean your computer.
Your mother always said that an ounce of prevention was worth more than a pound of cure
Here are some suggestions to help you avoid computer infection
- Use a website advisor, such as McAfee Site Advisor. According to Greg Masters an estimated 70 percent of infections are coming from visiting websites.
- Educate your employees on the best computer usage practices. For example, avoid clicking on links embedded in email. Instead, manually type the website address into your web browser. Education is often one of the best investments in protecting your computer systems.
- These days virus protection software and firewalls are only rudimentary protection. Consider network monitoring tools, web content filtering, user account restrictions, and program white listing. If you are not familiar with these options, talk to a professional who can explain what these additional layers of protection do and how they add increased protection.
0 comments:
Post a Comment