4 Tactics Cybercriminals Are Using to Steal From Us

Today McAfee Labs™ released the McAfee Threats Report: Second Quarter 2013, which reported that the cybercriminal community is using four main tactics to steal our identities, and our money. As consumers, it’s critical that we are aware of the ways the hackers are trying to attack us and here’s the four main ways:

1. Malicious apps on Android-based mobile devices
2. Infecting websites to distribute malware
3. Holding your devices hostage with ransomware
4. Sending spam promoting fake pharmaceutical drug offers

1. Malicious apps for Android
This quarter nearly 18,000 new Android malware samples were added to the McAfee Labs database. Most of this growth is from malicious apps that are designed to steal your information, spy on your phone activities, or take your money. Halfway through 2013, McAfee Labs has already collected almost as many mobile malware samples as it did in all of 2012.

The motivation for deploying mobile threats is rooted in the inherent value of the information found on mobile devices, including passwords, contacts and access to financial information. You need to be proactive and protect your mobile devices with comprehensive security software and be especially mindful of where you download apps from, and what permissions it is asking to access on your mobile device, before you install them.


2. Infecting websites to distribute malware
McAfee Labs very carefully tracks suspicious websites on an hourly basis. This quarter, they observed a 16% increase in suspicious URLs, bringing the total to nearly 75 million. Adding to the growth from last quarter, cybercriminals are continuing the move to drive-by downloads as their primary means to distribute malware.

96% of these suspicious URLs host malware, exploits, or codes that have been designed specifically to compromise computers. This growth shows that these sites are an easy and successful way for cybercriminals to distribute malware. You should take care to make sure you’re using a safe search tool to visit sites so you know they are safe before you click.

3. Holding your devices hostage with ransomware
Ransomware holds your computer or mobile device and the data on it hostage until you pay to free it. Ransomware is a serious threat and it’s getting worse—McAfee Labs found more than 320,000 new, unique samples this past quarter, more than double from the first quarter of this year.

Anonymous payment methods make this an efficient way for cybercriminals to make money without a lot of implications of being caught. You should always take precautions to back up your valuable data and should not pay the ransom to get your computer “back,” as often times even when the fee is paid, the cybercriminal does not “free” your computer or mobile device.

4. Sending spam promoting fake pharmaceutical drug offers
After almost three years of declining volume, global spam increased this quarter. In April, spam volume surpassed 2 trillion messages, the highest figure since December 2010. A slight decline in May and June still left the count higher than any time since May 2011. More than 5.5 trillion spam messages were delivered this quarter, representing approximately 70% of global email volume.

Pharmaceutical drug offers are one of the top spam subject lines for and compromise anywhere from 17 to 50% of the subject lines depending on the country. To protect yourself from spam, you should make sure your security software includes an anti-spam feature as well as making sure that you don’t open or click on any links in the spam messages.

Just like protecting yourself from crime in the physical world, you need to protect yourself in the digital world. One way to do this is to protect all your devices including PCs, Macs, smartphones and tablets with one solution, McAfee LiveSafe™ service. Of course you should still take care to educate yourself on the latest threats and techniques that cybercriminals use and be suspicious of anything that doesn’t seem right.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.