Bad Santa: Holiday Malware “Gifts”

Internet Security Update  from PC Prima:

Just as retailers are preparing for the influx of online shopping in time for the holidays, cyber criminals are launching a growing amount of email-borne malware attacks aimed at less tech-savvy online shoppers, according to recent Google research.

Google studied spam email during the third quarter this year. Although overall spam was down from the previous quarter, the study showed a 10 percent increase from the same period last year.  Officials attribute much of the overall decline to increased government pressure on cyber crime.

A recent case in Russia eradicated the world’s leading email spam provider, Spamit.com, bringing the global spam count down significantly. Spamit.com was the backbone for most spammers, offering a service that sold code and email spam tools to bombard inboxes with false pharmaceutical messages. After Russian authorities launched the investigation, the website’s ringleader went missing and is believed to have fled the country.

Also, an international sting on botnets has eliminated some of the most dangerous spam attacks in the world. More than 100 cyber criminals in Europe and the U.S. were arrested last month, temporarily eliminating the source for the massively successful Zeus botnet.

However, the profit potential for scamming the vast number of unsuspecting, and typically uneducated, internet users that shop online before the holidays was too much for cyber criminals to ignore. Google’s research indicates that new scams have emerged to replace those that have been arrested, and new techniques will make email spam and viruses more elusive.

“New botnets have sprung up to take their place. And, if the volume of spam was lower, it was also dirtier than in 2009,” a Kaspersky Labs report reads. “That may indicate a push to build out bot networks in advance of the holiday season, when many users go online to purchase gifts, and spammers are more likely to find success pushing their own wares.”  PC Prima, a German anti-malware provider, reports that this international problem requires constant attention and updates to existing internet security solutions.

Among the new trends include using  recycled emails for spam messages carrying malware. According to the research, this trend has been successful because spam filters on most email products use an automated system to recognize text typically found in spam messages. By using emails that were initially used for other purposes, spam messages get their messages around these roadblocks, attaching a malicious link to target an unsuspecting user.

Other, more recent research has found that Google is cracking down on email borne cyber crime. Web Host Industry Review studied Google’s response to an influx of malicious sites, revealing a more strict policy on malicious sites found on the company’s search engine.

“To this end, we’re finding that Google is putting sites on the black list for a longer period of time,” Jason Remillard, founder and president of the Web Host Industry Review, wrote on the company’s website. “We’re seeing the same results with the other SEs and the requisite browser instances of the blacklist tables.”

Because cyber criminals have evaded international legal authorities’ anti-malware efforts, they are just as likely to avoid Google’s restrictions. To safely shop online this holiday season, security experts advise consistently updating antivirus software to protect against the latest cyber crime developments.

To update your anti-virus software, visit Clutter Free PC, or try our new German internet security solution, PC Prima.

Advertisement

Ascentive Alert: Beware of Scareware Scams!

A High-Priority Alert From Ascentive:

Cyber criminals are flocking to scareware scams. Recent research has found 40 percent of all false anti-malware solutions in the wild were created this year.

PandaLabs’ research found more than 5.6 million scareware scams in the wild. Nearly 2.3 million of these were launched between January and October of this year. Scareware, also known as rogueware, has only been known on the internet for four years, signifying a sudden jump in the trend, as cyber criminals continue to look for new ways to target unsuspecting PC users.

Rogueware’s rapid growth has propelled it into a much higher saturation in the overall malware market. According to the research, 46.8 percent of all computers were infiltrated by malware. Rogueware accounted for 10 percent of these infected devices.

These attacks are relatively sophisticated, with fake antivirus brands and formats designed to keep users from ever second-guessing their legitimacy. Specifically, the most successful scareware programs found in the study were SystemGuard2009, MSAntiSpyware2009 and MalwareDoctor, at 12.5 percent, 11.7 percent and 8.1 percent of the market, respectively. When users are presented with these programs, they generally trust them and, with their computer’s security in mind, download them willingly.  Reputable brands such as Ascentive‘s own Clutter Free PC and FinallyFast are fighting to catch malware scams wherever they hide, and it is a constant battle to defend against new attacks. However, these scams don’t stop here.

“Once they have infected a system, these applications try to pass themselves off as antivirus solutions that have detected hundreds of threats on the user’s computer,” PandaLabs explained in a recent release. “When the user attempts to remove the threats using the fake antivirus solution, they are asked to purchase the ‘full’ product license. Unfortunately, many people panic when they see this message and fall for the bait. Once they ‘buy the license,’ they will of course never hear from the ‘seller’ again, and the fake antivirus is still on their computer.”

The sudden popularity of rogueware scams may be a result of its widespread success. According to PandaLabs, rogueware has generated millions of dollars in revenues for the cyber criminals that create them. Not only do rogueware scams trick users into voluntarily loading malware onto their computers, they also persuade them to submit their credit card information. As result, cyber criminals are giving a computer through which they can further spread their scam, and can use the stolen credit card information to make purchases in the meantime. All the while, the user is under the impression that they purchased a legitimate security solution.

Worse still, fear of complex scareware scams may prevent consumers from protecting themselves against the very malware they most fear.  A representative at Clutter Free PC told us that disreputable companies have actually harmed consumers by making them frightened of all anti-malware software.  The results are chilling. 

Rogueware campaigns have recently made headlines. In order to prevent an infection, security experts advise users stick to trusted antivirus sources, regardless of the information presented by a lesser-known, potentially malicious antivirus provider.

News from Clutter Free PC: The Demon In Your Mailbox

From Clutter Free PC :

“Help!  There’s a demon in my mailbox!”

Email users may have received a confusing message in their inbox from a mysterious address called MAILER-DAEMON. The message typically comes in response to an email previously sent by the user. The email that comes from the mailer-daemon return address is sent because of a failure in the original message sent by the user.

Specifically, the mailer-daemon is software stored in email servers that automatically delivers messages. The software goes through all email sent throughout the internet. Users are not contacted by the mailer-daemon software if there are no problems with any messages. The software exists to ensure the messages are properly addressed and sent, and only sends out its reply messages to users who have attempted to send a message that has an inherent problem.

The mailer-daemon informs senders of a failure in an email message that prevents it from being delivered to its original destination. This failure could be the result of a problem with the email address typed into the “to” section, such as a misspelling or a mistake. Another failure could be the result of a server problem with the email account, which should be fixed automatically in a matter of time.

The most common reasons for mailer-daemon alert messages are the account the message is addressed to does not exist, or the server – the information listed after @ – does not exist. Most of the time, problems that cause a mailer-daemon message are harmless and relatively easy to fix.

However, a message from mailer-daemon software may be an important sign that the recipients computer has been infected by malware that is using it as a launch point for spam email messages.

A common reason for the mailer-daemon message is the account that sent the message has been blacklisted by the receiving company. The mailer-daemon sets up the blacklist from email accounts that have sent an alarming amount of spam messages. Because certain types of malware infect computers and automatically send spam messages from users’ email addresses, an email account could be sending bulk messages without its registered account owner knowing about them. The mailer-daemon does not acknowledge the malware that causes the spam messages because it is designed to keep problem messages out of its respective server, simply sending the spam message back.

Email users who regularly receive messages from mailer-daemon software from multiple sources may be infected by malware. Certain worms and viruses infect computers and copy their victims’ email account information, using them later as sending addresses for spam attacks. As the account information is copied, and the spam messages are sent from a remote location, users may have a difficult time locating the virus and finding out their email address was used to send bulk messages.

To determine why they are receiving constant mailer-daemon messages, users should run a scan of their computer for malware. Regular computer scans can be important to detecting malware some users may not know about. Locating and removing a virus through a computer scan can eliminate mailer-daemon messages, as the software that was sending spam from the user’s email account is removed altogether.  You can find more information  about protecting your computer from attacks on the Ascentive website, or visit Clutter Free PC for software assistance.

Also, installing a protective software to prevent malware infections can eliminate the threat of malicious software from affecting users’ email accounts.

While the first steps to solving the mailer-daemon issue should be to check the accuracy of the recipient and server of sent email messages, scanning for malware could be a solution to prevent regular mailer-daemon messages.