The Deadliest Security Threats Right Now

Security threats are ever-present online, always changing, always adapting, constantly probing for weaknesses in a seemingly infinite number of ways, with the express goal of turning your life upside down (and making money for the perpetrators).

As an internet user you need to be aware of the increasingly sophisticated ways that hackers are able to break down security barriers and help themselves to your personal information. It’s no longer just about brute force attacks and silly Nigerian email scams – today’s infiltrators have come up with dozens of ingenious methods of catching you offguard, playing on your weakness for social networks and (in some cases) your sense of guilt.

Fake Apps

We’ve all heard that apps can be dangerous, especially if you’re talking Android apps downloaded from third-party app stores, but in spite of all the sensationalism in the media (or maybe, because of it?) most people have a care-free attitude towards this risk.

Until they get stung, that is.

Malicious apps are spreading like a cancer, with even the most popular games giving birth to evil twins. Take Angry Birds: Star Wars for instance, which recently spawned a sinister variant that installs a Trojan into Android devices, sending out premium rate SMS messages and racking up a devilish phone bill – even before the app finished installing itself! And it’s not just Angry Birds we need to worry about, for there are plenty of other ‘angry apps’ around that get up to exactly the same dirty tricks.

You’re advised to avoid third-party app stores if possible, but if you must use them be sure to thoroughly check anything you download first.

Ransomware

Who can say that they honestly haven’t ever looked at something a little ‘naughty’ online at least once in the last few months? We’re not all deviants of course, but the facts speak for themselves – internet porn is rife and no doubt provides ‘entertainment’ for people from all walks of life. Not everyone likes to admit it of course, and some might even feel a little guilty about doing so, and it’s exactly this feeling that hackers are looking to take advantage of with one of their latest scams.

Ransomware has been around for a while, but the perpetrators are getting clever. Police in Germany recently issued a warning about a new kind of malware that locks up user’s hard drives and accuses them of viewing child pornography, before demanding payment of a €100 ‘fine’ before giving it back.

Once installed, the malware pops up a message saying that the computer has been locked down due to “illegal activity”, claiming that images of suspected child abuse and pirated content have been found on the machine. The virus is convincing enough that dozens of victims (no doubt feeling a little guilty, perhaps?) quickly paid up.

“It seems that hackers are attempting to increase the pressure with this kind of emotional blackmail,” said the German cops in a statement. “This is a form of digital extortion.”

German police have advised that anyone unlucky enough to come across this virus should avoid paying the ‘fine’, and instead use antivirus software to clean up their machine.

Smart Phishing

Phishing scams are nothing new, but even though we’ve all heard about them millions of times already, thousands of people still fall for them each year. The reason isn’t that we’re stupid or anything. Rather, the scams are getting smarter, playing on our desires to get the hackers what they want – your personal information.

A classic example of this is the DHL scam, which is a clear and present danger for anyone who regularly shops online. GFI Software reports that the scam goes like this:

Dear Customer,

Your parcel has arrivesd at the post office an October 25th.
Our postrider was unable to deliver the parcel to your address.

To receive a parcel you must go to the nearest DHL office and
show your postal receipt.

Thank you for your attention.

The clever part is that your so-called ‘postal receipt comes in the form of an attachment that needs to be downloaded. Only it isn’t a receipt of course – hit that download button and you’re actually inviting malware into your machine. Enjoy!

Adobe Dangers

This one’s been around for a while but still countless users are falling prey to it. If you thought that reading and/or editing something as simple as a PDF document was safe, think again – it’s not.

Hackers take advantage of a well-known exploit in Adobe Reader and Adobe Acrobat that uses malicious JavaScript in form data. The exploit works by copying the data into a duplicate temp folder, which gives the hackers access to the rest of the computer’s hard drive. From there, anything is possible, and it has been known to cause havoc with business users especially…

The exploit can be removed, either by deleting the infected document itself, deleting the %temp%\file.dll folder, and then updating to the current version of Adobe.

 

About Mike Wheatley

Mike loves to talk about Big Data, the Internet of Things, Hacktivists and hacking, but he also hates Google and can never resist having a quick dig at them should the opportunity arise :) Got a REAL news story or tip? Email Mike@SiliconANGLE.com.