Posts

“Old” Malware Attacks Rising Significantly

Earlier this week McAfee Labs™ released the McAfee Threats Report: First Quarter 2013, which reported that malware shows no sign of changing its steady growth, which has risen steeply during the last two quarters.

Many of the most significant growth trends from previous three quarters actually went into remission, while older types of attacks and what can only be called “retro-malware” experienced significant new growth.

The resurgence of these “retro-malware” includes:

Koobface: This worm targets Facebook, Twitter and other social networking users was first discovered in 2008, and had been relatively flat for the last year yet it tripled in the first quarter of 2013 to levels never previously seen. That’s a record high point and double the size of the prior mark, set in the fourth quarter of 2009. The resurgence demonstrates that the cybercriminal community believes that social networking users constitute a very target-rich environment of potential victims. To avoid falling victim make sure you are careful of what links you click on in social media sites—don’t fall for those too good to be true deals!

Mobile Malware:  Android malware continued to skyrocket, increasing by 40% in Q1. Almost 30% of all mobile malware appeared this quarter. While the overall growth of mobile malware declined slightly this quarter, McAfee Labs expects to see another record year for mobile malware. You need to be proactive and protect your mobile devices with comprehensive security software and pay attention to social engineering attempts to get you to give up your personal information.

Suspect URLs: Cybercriminals continued their movement away from botnets and towards drive-by downloads as the primary distribution mechanism for malware. At the end of March, the total number of suspect URLs tallied by McAfee Labs overtook 64.3 million, which represents a 12% increase over the fourth quarter. This growth is most likely fueled by the fact that these malicious sites are more nimble and less susceptible to law enforcement takedowns. You should take care to make sure you’re using a safe search tool to visit sites that you know are safe before you click.

Ransomware: Ransomware has become an increasing problem during the last several quarters, and the situation continues to worsen. With ransomware, cybercriminals hold your computer or mobile device files “hostage” and insist on payment to unlock it. But there are no guarantees that they will “free” your device after you pay. One reason for ransomware’s growth is that it is a very efficient means for criminals to earn money and various anonymous payment services make it hard to track them down. The problem of ransomware will not disappear anytime soon. You should always take precautions to back up your valuable data.

AutoRun malware:  Traditionally, AutoRun worms were distributed via USB thumb drives or CDs. This type of malware can allow an attacker to take control of your system or install password stealers. AutoRun malware has risen rapidly for two quarters and reached a new high, with almost 1.7 million new threats. The spike is likely being driven by the popularity of cloud-based file-sharing services. Having comprehensive security that automatically scans all devices that are attached to your computer and scans your hard drive is a must to protect against this.

Spam: After three years of stagnation, spam email volume rose dramatically. McAfee Labs counted 1.9 trillion messages as of March, which is lower than records levels, but about twice the volume of December 2012. One significant element behind this growth in North America was the return of “pump and dump” spam campaigns, which targeted would-be investors hoping to capitalize on all-time equity market highs.

 

We are facing an uphill battle against the growing threats and attacks. Fortunately we can protect all our devices including PCs, Macs, smartphones and tablets with one solution, McAfee LiveSafe. Of course you should still take care to educate yourself on the latest threats and techniques that cybercriminals use and be suspicious of anything that doesn’t seem right.

Stay safe!

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

What is malware and why should I be concerned?

“Malware” is a shortened version of the words malicious software. It is defined as: a generic term used to describe any type of software or code specifically designed to exploit a computer/mobile device or the data it contains, without consent.

Most malware is designed to have some financial gain for the cybercriminal. Whether they are seeking your financial account information or holding your computer files for ransom or taking over your computer or mobile device to “rent” it out for malicious purposes to other criminals, they all involve some sort of payment to the cybercriminal. And because they are making money with malware, they continue their malicious ways.

There are a number of ways that malware can get “on” your computer or mobile device. You might open an attachment from someone you know whose files have already been infected. You might click a link in the body of an email or on a social networking site that automatically down­loads a virus. You might even click an ad banner on a website and end up downloading a virus or malware (known as “malvertising”). Or just by visiting a site you could get infected from what is called a drive-by download. Malware is also spread by sharing USB drives and other portable media.

And, now that mobile phones and tablets are basically mini computers, cybercriminals are targeting mobile devices. They are taking advantage of the inherent nature of the device to spread the malware, so as a mobile user you not only need to be aware of the same tricks cybercriminals use for computers, but also ones that apply to mobile devices.

Currently most mobile malware is spread by downloading an infected app so you need to be aware of what sites you download apps from and what permissions it accesses on your mobile device. Mobile malware can also spread via text messages (SMS). Scammers send phishing messages via text (called SMiShing) to try and lure you to give up personal or financial information or sign you up to premium text messages unknowingly.

What does this mean for you? You need to be aware of these tricks and scams as it could mean financial loss, reputation harm and device damage to you and your friends.There are things you should do to protect yourself, including making sure you protect all your devices with a cross-device security software like McAfee All Access. You should also make sure to:

Keep your operating system and applications updated, as updates often are to close security holes that have been exposed

Avoid clicking on links in emails, social networking sites, and text messages, especially if they are from someone you don’t know

Be selective about which sites you visit and use a safe search plug-in (like McAfee SiteAdvisor which is included with McAfee All Access) to protect you from going to malicious sites

Be choosy about which apps you download and from which sites you download them and be sure to look at the permissions for what information its accessing on your mobile device

Be smart and stay aware about cyber tricks, cons, and scams designed to fool you

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen.  Disclosures.

Internet Security Isn’t Getting Any Prettier

Malicious software (malware) is, in many ways, very well understood. Security experts know how it works and why. Cybercriminals’ motivations are pretty straightforward—making money from malware and related attacks.

In the latest McAfee Threats Report: Q3 2012 , malware is still growing and while it’s not growing quite as fast as it was in previous quarters, the amount of malware still topped 100 million samples.

Besides the large growth in mobile malware , there has also been an increase in the tactics that cybercriminals are using to attack you. Some of these techniques include:

Autorun Malware
AutoRun (also known as AutoPlay) is a feature in Windows systems that dictates what action the system should take when a device is connected to your PC. So when you connect your USB drive or insert a DVD into your drive, AutoRun is what will automatically open or in some cases play what is on these devices. Cybercriminals use this feature to automatically install malicious software when an infected USB or other removable device is plugged into your PC. What makes AutoRun scary is it requires no effort on your part to click any links. This is a “plug and play” malware and can even come on products shipped right from the factory such as external hard drives, USB drives and LCD picture frames.

Mac malware
With over 350 new samples in Mac malware in Q3 2012, the growing popularity of Apple products has inspired cybercriminals to create malware that will harm Macs. McAfee Labs is seeing fake antivirus programs targeted at Mac users. In other words, there are an increased number of programs known as “scareware,” which claim to protect users from viruses and malware but users who attempt to install the supposed antivirus software are actually downloading malicious software. This malware can damage your Mac or compromise your personal information.

Ransomware
Ransomware malware typically accuses you of visiting illegal websites, locks your computer then demands a payment to unlock the device. And even if you pay, you are not guaranteed to get access to your files and now the criminal has your financial information.You can get “infected” with ransomware in a myriad of ways, including links in emails, instant messaging, texts and social networking sites, or by simply visiting a website that can download the malicious software on your computer. With a 43% growth this past quarter, ransomware is definitely something to watch out for.

The past quarter’s threats report has shown cybercrime exhibits few signs of slowing down, and cybercriminals using more tricks to steal your money. To help protect yourself you should:

Keep your operating systems updated on all your devices

Be selective about websites you visit and use a safe search tool like McAfee SiteAdvisor® to warn you about risky sites before you click

Avoid clicking links in emails, text messages or instant messages, especially from people you don’t know

Stay educated on the latest tricks, cons and scams designed to fool you

Use comprehensive security software like McAfee All Access that provides cross-device protection for all your PCs, Macs, smartphones and tablets

 

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

Mobile Malware is Here: Beware!

iPhones, Androids and other smartphones are much more than just a way to call our friends and family and store their phone numbers. Today’s smartphones have become our most personal computer and contain much more than pictures and contacts. They now allow us to access financial data, bank accounts, and medical information from anywhere at any time. And for many people, their mobile device has or is replacing their PC.

With all this convenience and access, comes some risk. Criminal hackers see this as an opportunity for them to access your information and make money. And so as the number of mobile devices has grown, McAfee has seen the amount of mobile malware grow.

The Android platform remains the largest target for both mobile malware and spyware. In fact, we see very few mobile threats that are not directed at Android phones. After a slight decline earlier in the year, Android malware has rebounded and almost doubled this quarter with over 20,000 samples.

The infographic below illustrates some of the ways that cybercriminals use to “infiltrate” your mobile device.

What most of these attacks have in common is that they allow a cybercriminal to take over your mobile device in some way. This is why it is critical to protect your mobile device.

Only buy apps from a well-known reputable app store, such as Google Play

Keep your operating system software updated

Be selective about websites you visit

Avoid clicking links in text messages or emails, especially if they are from people you don’t know

Stay educated on the latest tricks, cons and scams

Use comprehensive mobile security, like McAfee Mobile Security that includes antivirus, anti-theft, and web and app protection or comprehensive device protection like McAfee All Access that protects all your devices including your mobile devices

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

QR Codes Could Deliver Malware

You’ve seen barcodes all your life. So you know what they look like: rectangles “boxes” comprised of a series of vertical lines. When a cashier scans a barcode, you hear a familiar beep and you are charged for that item.

A QR code looks different and offers more functionality. QR stands for “quick response.” Smartphones can download QR readers that use the phone’s built-in camera to read these codes. When the QR code reader application is open and the camera detects a QR code, the application beeps and asks you what you want to do next.

Today we see QR codes appearing in magazine advertisements and articles, on signs and billboards; anywhere a mobile marketer wants to allow information to be captured, whether in print or in public spaces, and facilitate digital interaction. Pretty much anyone can create a QR codes.

Unfortunately, that’s where the cybercriminals come in. While QR codes make it easy to connect with legitimate online properties, they also make it easy for hackers to distribute malware.

QR code infections are relatively new. A QR scam works because, as with a shortened URL, the link destination is obscured by the link itself. Once scanned, a QR code may link to an malicious website or download an unwanted application or mobile virus.

Here’s some ways to protect yourself from falling victim to malicious QR codes:

Be suspicious of QR codes that offer no context explaining them. Malicious codes often appear with little or no text.

If you arrive on a website via a QR code, never provide your personal or log in information since it could be a phishing attempt.

Use a QR reader that offers you a preview of the URL that you have scanned so that you can see if it looks suspicious before you go there.

Use complete mobile device security software, like McAfee® Mobile Security, which includes anti-virus, anti-theft and web and app protection and can warn you of dangerous websites embedded in QR codes.

Robert Siciliano is an Online Security Evangelist to McAfee. See him discussing identity theft on YouTube.(Disclosures)

5 Tips To Secure Online Shopping This President’s Day

Making a purchase online around Presidents day? Keep in mind criminals are working hard to intercept your credit card numbers in various way.

#1 SCAM: Black-Hat SEO: Criminals create fake websites and then use the same techniques as legitimate online businesses regarding search engine optimization, marketing, and online advertising via Google AdWords. They use keywords to boost rankings on Internet searches, causing their spoofed websites to appear alongside legitimate websites. These same processes are also used to infect unsuspecting users with malware.

SOLUTION: Do business with known sites. Use the exiting e-tailers you’ve done business with. Otherwise install a “SiteAdvisor” that scans websites looking for malware.

#2 SCAM Phishing: emails offering high-end products for low prices. The same applies to any offers received through tweets, or messages sent within social media.

SOLUTION: Common sense says that whenever you receive an unsolicited email offer, you ought to automatically be suspicious. Delete.

# 3. SCAM: Domain squatting: When what looks like a trusted website sends you an email looking like a familiar domain, beware of cybersquatting and typosquatting, in which the address only resembles the legitimate domain, but is a trap.

SOLUTION: Make sure you’ve been taken to the correct URL for the retailer.

#4 SCAM: Unsecured sites. Scammers generally don’t take the time to create secure websites.

SOLUTION: When placing an order online, always look for “https://” in the address bar, signifying that a page is secure. Note that an image of a closed padlock also indicates that a website is secure.

5. SCAM: eBay email scammers. It’s difficult to tell a real eBay email offer from a fake one.

SOLUTION: If you are seeking deals on eBay, go directly to the site itself, and don’t bother responding to emails. If a deal in an email is legitimate, you can find it by searching eBay.

Robert Siciliano personal and home security specialist toHome Security Source discussing home security and identity theft on TBS Movie and a Makeover.

What Are Your Digital Assets Worth?

Digital assets include: entertainment files (e.g. music downloads), personal memories (e.g. photographs), personal communications (e.g. emails), personal records (e.g. health, financial, insurance), and career information (e.g. resumes, portfolios, cover letters, contacts), as well as any creative projects or hobbies involving digital files.

If your PC crashes or is hacked and your data is not properly backed up, how devastated will you be? Whether for personal use or for business, chances are you have a collection of documents, music, and photos that, if compromised, would almost feel as if your house and all your belongings had been burned up in a fire.

A recent survey found that 60% of respondents own at least three digital devices per household, while 25% own at least five. (Digital devices are mainly desktop or laptop computers, tablets, and smartphones.) As many as 41% of those surveyed spend more than 20 hours per week using a digital device for personal use. Admittedly, I’m online for at least 16 hours a day.

Photographs and similar memorabilia are the main digital asset that most people (73%) consider irreplaceable, should they be lost without having been backed up. Respondents valued personal memories at an average of $18,919, compared to $6,956 for personal records, $3,798 for career information, $2,848 for hobbies and projects, $2,825 for personal communications, and $2,092 for entertainment files.

Consumers estimate the total value of all their digital assets on multiple devices at an average of $37,438, yet more than a third lack protection for those devices.

According to Consumer Reports, malware destroyed 1.3 personal computers and cost consumers $2.3 billion in the last year. Not only have hackers continued to target PCs, with the increased popularity of tablets, smartphones, and Macs, threats are becoming both more common and more complex for non-PC devices. For example, according to McAfee Labs, malware targeted at Android devices has jumped 76% in the last three months.

Many people protect their PCs and digital assets from malware by installing antivirus software. When it comes to smartphones, tablets, and Macs, however, they leave the doors open to criminals. Bad guys are now targeting these devices, as they have become the path of least resistance. Now more than ever, a multi-device security strategy is necessary.

McAfee understood this and solved the complexity and cost pain points by developing a product called McAfee All Access (www.mcafee.com/allaccess) This is the first full security offering for Internet connected devices — from smartphones and tablets to PCs and netbooks. Basically you can get a single license for a great price to secure all of the devices you own!

Robert Siciliano is a McAfee Consultant and Identity Theft Expert. See him discussing identity theft on YouTube. (Disclosures)

Think You’re Protected? Think Again!

In 1990, when only the government and a number of universities were using the Internet, there were 357 unique pieces of malware. The need for security began with desktop computing when the only means of compromising data was by inserting a contaminated floppy disk into a PC or opening an infected email attachment. That was the anti-virus era.

The need for security evolved with the Internet as more companies developed internal and external networks. That was the network security era.

Now as companies leverage the power of the web, information security has evolved yet again: We are in the application security era. And as big companies get better at locking down their software and protecting their data, criminals are targeting the little guy. Ordinary citizens’ every day digital lives are at risk via infected web pages, instant messaging, phishing, Smartphone viruses, text message scams and now hackers are targeting Macs in a big way.

In the past 20 years, e-commerce and social media have taken over. The numbers behind the explosive growth of cybercrime are astounding. In a little over two decades, we’ve gone from less than 500 pieces of malware to over 55 million annually. Cybercrime has evolved from nothing to a multibillion-dollar industry.

In 1995, 8069 unique pieces of malware were detected. One out of 20 emails were spam, and the Melissa virus infected hundreds of thousands.

In 2000, 56,342 unique pieces of malware were detected, mostly on PCs, but some began spreading to Macs. Then smartphones got the Cabir virus. The “I Love You” worm slithered its way onto millions of PCs, and the MyDoom worm slowed down the entire Internet by 10%, resulting in loses totaling 38 billion dollars.

In 2005, 164,000 unique pieces of malware were detected, including the first virus for Mac OS X and another 83 mobile viruses. 57 million U.S. adults fell for phishing scams via 17,877 different spoof websites. 80% of all email was spam. The Conficker worm, Zeus Trojan, Koobface, Applescript.THT, Storm botnet, and Ikee iPhone virus all made their debuts this year.

By 2010, 54 million unique pieces of malware were spreading to tablets, too. More than 90% of all email was spam. 27% of teens infected their families’ PCs with viruses in 2010. Almost 420,000 phishing sites were discovered. OpinionSpy, Boonana, and MacDefender infected Macs. Hackers commandeered Skype’s instant messaging service to deliver malware. The Gemini and Zitmo Trojans gathered location data and stole financial transaction information.

But if that’s not enough. In 2010, more than three million malicious websites were created, any one of which could infect your computer.

The question is are you protected? Are you using some free download by an unknown company to protect yourself? Or do you have a comprehensive multi layer approach to digital security protecting all your devices?

Robert Siciliano is a McAfee Consultant and Identity Theft Expert. See him discussing identity theft on YouTube. (Disclosures)

 

Check out this video to learn more about: The History of Malware

 

 

 

 

 

 

 

The FFIEC Wants You to Know…

The Federal Financial Institutions Examination Council recently released a supplement to the guide it issued in 2005, on authentication in an Internet banking environment. One of the FFIEC’s key recommendations for eliminating fraud is consumer awareness and education.

At some level, you may be aware that financial institutions have a layered security approach in place. Those layers include multi-authentication, which may mean requiring users to punch in a second security code or carry a key fob, as well as due diligence in identifying customers as real people whose identities haven’t been stolen, and consumer education.

Consumers are largely oblivious to the multiple layers of security put in place by financial institutions in order to protect them and their bank accounts. All consumers really care about are ease and convenience. However, a better understanding of what goes on behind the scenes can help consumers adapt to new technologies that affect their lives.

I recently came across a blog post written by a financial institution’s bank manager, “Nerdy Nate,” attempting to educate the bank’s customers in response to the FFIEC’s guidance. Nate’s message is useful for all bank customers, and should be a model for other financial institutions.

“Currently, [this institution] employs a combination of a secure browser connection, customer number, password, and our enhanced login security system. We recently added the ability for you to use email, voice and text to receive a one-time passcode needed when we do not recognize your computer. We do realize that having to use a one-time passcode is inconvenient at times. Please be assured that SIS will research other options to make this more convenient. However, at this time, using a one-time passcode is considered the best practice in authenticating you as a user when you login into SIS Online Banking. This method is also compliant with the FFIEC guidance issued to SIS.

We are also working with our Online Banking provider on other security efforts in response to the FFIEC guidance.

·      Enhanced Device Identification – We will enhance the security of the multifactor authentication enrollment cookie, where it is in use, by adding device fingerprinting. This means that if the cookie is present on a system whose device fingerprint differs from what is on record, the cookie will not be honored and an additional authentication step will be required.

·      Removal of Challenge Questions – In the near future, we will no longer allow the use of a Challenge Question to authenticate you. Instead you will need to use one of the three passcode methods available; text, voice call and email.

·      Web Fraud Detection, Behavior Monitoring – We are evaluating different options to monitor your online access for fraud. Once we have a solution in place, we will notify you on how it might affect you as a user.

·      Malware Prevention & Detection – We are evaluating different options to monitor the use of malware to “hack” your online access. Once we have a solution in place, we will notify you on how it might affect you as a user.

We remain committed to providing you with the best and most secure Online Banking experience possible. With the ever-changing landscape of online fraud, this is proving to be more difficult every day. We are confident that with your help and some hard work on our side, we can achieve our goal.”

Great stuff. Nowadays, education on the “threatscape” is essential. Enhanced device identification is also essential. The FFIEC suggests complex device identification. While complex device identification is more sophisticated than previous techniques, take one step instead of two and incorporate  device reputation management.

This proven strategy not only has advanced methods to identify devices connecting to your bank, but also incorporates geolocation, velocity, anomalies, proxy busting, webs of associations, fraud histories, commercially applied evidence of fraud or abuse, and much more to protect your financial institution against cyber fraud.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses credit and debit card fraud on CNBC. Disclosures

McAfee Reports Most Malware Ever in Early 2011

Malware refers to malicious software, which includes computer viruses and rootkits. McAfee recently released the McAfee Threats Report: First Quarter 2011. With six million unique samples of recorded malware, the first quarter of 2011 was the most active in malware history.

In February alone, approximately 2.75 million new malware samples were recorded.  Fake antivirus software had an active quarter as well, reaching its highest levels in more than a year, with 350,000 unique samples recorded in March.

Mobile malware is the new frontier of cybercrime.

Malware no longer affects just PCs. As Android devices have grown in popularity, the platform has solidified its position as the second most popular environment for mobile malware, behind Symbian OS, during the first three months of the year.

Cybercriminals often disguise malicious content by using popular “lures” to trick unsuspecting users. Spam promoting real or phony products was the most popular lure in most global regions. In Russia and South Korea, drug spam was the most popular, and in Australia and China, fake delivery status notifications were the spam of choice. So far this year, we’ve also seen a new trend of “banker” Trojans, malware that steal passwords and other data, using UPS, FedEx, USPS and the IRS as lures in their spam campaigns.

McAfee Labs saw significant spikes in malicious web content corresponding with major news events, such as the Japanese earthquake and tsunami, and major sporting events, with an average of 8,600 new bad sites per day. In the same vein, within the top 100 results of each of the daily top search terms, nearly 50% led to malicious sites, and on average contained more than two malicious links.

Protect yourself from these and other threats.

McAfee Wave locates, locks, or wipes your phone, and even restores your data when you trade it in for a new one. If necessary, you’ll be able to lock down your service remotely or wipe out important stored data to protect your privacy. You can back up your data directly or use the web to so remotely. You can access your data online from anywhere, or locate your missing phone and plot its location on a map. If it’s lost or stolen, SIM cards and phone calls can help get it back for you.

Invest in an identity protection service. There are times when you cannot withhold your Social Security number, but an identity protection service can monitor your personal and financial data. McAfee Identity Protection provides alerts if your information is misused, credit monitoring and unlimited credit checks, and if necessary, identity fraud resolution. (For more information, visit CounterIdentityTheft.com.)

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss mobile phone spyware on Good Morning America. (Disclosures)