- Internet & the Web
IDENTIFY VIRUS ALERT
IDENTIFY VIRUS WARNING AND TIPS TO ENSURE YOUR SAFETY
Do you trust the websites that you visit regularly? Malware developers hope so, because if the browser displays a warning on a known page, few users believe that there is a virus and ignore the warning. Attacks on well known sites show that this trust can be dangerous. About 500,000 websites were victims of an attack that infiltrated dangerous malicious codes into the sites, including a few podcasts on iTunes.
Even in other cases, the malware developers targeted the innocence of the users. In addition to the perennial issue of phishing mails, attackers are now concentrating on two emerging markets in particular: social networking sites and smartphone apps. Yet only a few users believe that posts from their Facebook friends could be dangerous. However, new attacks are seen every day that are out to get the personal data of the users. Also, the number of apps in the App-store and in particular in the Android market that spy on cell phone data or rip off users is increasing rapidly.
On the other hand, browsers and operating systems confront the user time with similar harmless and false warnings.However, if you look at the right place and with the right tools, you will find the solution in no time.In this hub,i am writing about some security threats and Virus alerts.how do they come? and how to ensure your safety?
ATTACKS FROM HACKED WEBSITES
Attackers are increasingly using reliable sites to spread malware. The latest example: the aforementioned attack on about half a million websites, which became famous as the LizaMoon attack. Via SQL Mass Injection, hackers infiltrated codes into the sites that automatically forwarded you to a page that hosted the malware. Most of these forwardings led to the domain lizamoon.com – hence the name.
A similar attack affected about 114,000 sites in June last year. Exactly like that attack, the LizaMoon targeted sites that used the Microsoft server platform IIS and the content development technology ASP.net.
The malware packets on the target sites of the redirects specifically search for un-patched loopholes in the browser, the plug-ins or even in Windows. These are often Trojans that spy on the data or rogueware programs.
Even if the browser or virus scanner displays a warning, users rarely expect an attack on known sites. One would barely notice this, since it is usually run in the background. Therefore, you should always update the virus scanner, the browser and its plug-ins so as to rectify the security loopholes as properly as possible. With the Firefox add-on NoScript, you can also regulate the execution of active elements and block embedded scripts. Sometimes, the site itself is not the problem, but the contents on the page added via iFrame. Hence, after installing NoScript, use the icon next to the URL line to go to ‘Settings | Embedded Objects’ and activate the ‘Ban <IFRAME>’ function there.
INCORRECT VIRUS DETECTION
Do not buy the tool. At first glance, the warnings seem threatening, but if you take a look at it again, the unusually large number of viruses that have been found should make you suspicious. You should generally install only reliable, well-known antivirus programs. If you see such a false alarm, check your computer thoroughly. The Remove Fake Antivirus tool can be used to find and remove the most common samples. You can find the tool at ‘http://www.softpedia.com/get/Antivirus/Remove-Fake-Antivirus.shtml’
Despite original logos or seemingly real Windows messages, one can recognize such extortion attempts. Rare business practices (Windows activation solely via foreign telephone numbers), misspellings, email addresses that do not refer to an official domain, or anonymous payment methods indicate the scam. But even those who do not pay must still disinfect the computer. Since the system accesses in Windows are usually completely blocked, only a restart and system check with the live CD of the antivirus program helps. If this also does not help, the only remaining option is to reinstall Windows.
ALLURING FACEBOOK LINKS
Fraudulent content spreads rapidly on Facebook. The reason: many users simply click contents, which have allegedly come from their friends. The harmless variant of this so-called Facebook scam is videos that promise celebrity sensations, violence, or sex. If you click such a video link, the contents are posted on the user profile via a hidden ‘Like’ button. Advertising companies are behind this most of the time and earn money with every click. However, Apps are more dangerous; for instance, they promise you that you will be able to see all the people who visit your profile - something that is not possible on Facebook. Such apps forward the user data without permission or even steal passwords and infect the computers with malware.
You can quickly identify the suspicious videos on strange links such as chalaepic.zapto.org. In Apps, you should pay close attention to the data they use. You can delete already registered Apps in ‘Account | Privacy settings | Apps and Websites | Edit settings’. For safety, you should set a new password after each scam attack. You can do this in ‘Account | Account settings | Password | Change’.
DECEIVING APPS FOR SMARTPHONE
The applications in the App-stores for iOS or Android are not always as harmless as they appear. With free apps in particular, it is possible that you click an ad banner and subscribe to something by mistake that is automatically billed to your phone bill. Smartphone viruses are worse.
In March, hackers infected more than 50 Android apps with the malware DroidDream, including Photo Editor, Super Guitar Solo and Best Password Safe. In four days, the Apps were downloaded 50,000 times according to Panda. Once installed, such viruses can read the data, send expensive SMSs automatically and activate administrator rights and thus download more malware.
Antivirus apps for the smartphone prevent such attacks. A sleek and effective solution is AVG Antivirus Free (free of charge in the Android market). After installing an app, you should also check in the application information whether it is accessing your messages or browser history; this is typical of hackers and spies. However, if you find unusual entries in the bill, complain about this to the provider. Nevertheless, you must hope for fairness because it is very difficult to prove that you unintentionally subscribed to something.
Phishing sites spread via email are once again increasing: According to Symantec, the number of phishing mails rose by 50 percent from January to February. The mails link you to professionally recreated banking sites, where you are asked to enter your log-in data.
Always enter the web addresses of banks, shops or payment services manually or invoke them via bookmarks. Remember that banks never send such mails. Ensure that the bank and payment service websites use https links because only then are they really safe. Unusual domains such as paypaldeb.com are also suspicious. Click other links or sub-pages and they do not work in most cases. If you receive an error message when entering the access data and have to re-enter it, this could also be a trick. With this, attackers want to hack other accounts as well.