Members
Stats
  • Total Posts: 28510
  • Total Topics: 8239
  • Online Today: 852
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Internet Threat Protection Guide (Must see)  (Read 2139 times)

0 Members and 1 Guest are viewing this topic.

Security l33t

  • SCF Member
  • **
  • Posts: 62
  • KARMA: 2
  • Gender: Male
  • SCforum's Security Manager o.0
    • Security Central Forum
Internet Threat Protection Guide (Must see)
« on: 31. July 2007., 02:23:54 »
Internet attacks have become a business. And as with any business, the product must be ever-changing in attempting to entice you.



Internet Threat Protection Guide
Internet attacks have become a business. And as with any business, the product must be ever-changing in attempting to entice you. But where a slick legit ad campaign might sway you into buying a gadget you don't really need, these social engineering techniques try to trick you into infecting your computer with malware you surely don't want. Look through these images of some of the latest tricks from malware pushers and phishers so that you can keep your most important security tool -- you -- up-to-date. And if you receive any of these messages, be sure not to click any links in them or follow their instructions.



Targeted Attacks Grow
The latest wave of e-mail-borne attacks looks entirely genuine and even uses your real name. This example, a fake BBB message, was one of the first. Similar attacks continue in the form of supposed IRS audit warnings, false business invoices, and Microsoft vulnerability warnings. (Image provided by Joe Stewart, SecureWorks)



Malware Lurks in Word Docs
If you do get pulled in enough to open a Word doc attachment and see something like this, delete the file. Crooks have been embedding malware within such Word files; double-clicking the icon will launch the attack.



Malicious Mimicry
It looks real, but instead of downloading the actual Malicious Software Removal Tool (which does exist), this fake Automatic Updates alert launched from a MySpace profile, leading victims to install rogue antispyware. It's a good example of why you must consider not only whether something looks right (as this does), but also whether it comes up at the appropriate time. (Image provided by FaceTime Security Labs)



Fake Security Alerts
The next step in this Automatic Updates attack used a common scare tactic to make victims think their system was infected. Be sceptical of supposed security warnings that don't come from your own security software. (Image provided by FaceTime Security Labs)



Video Bait-and-Switch Attack
Spyware spreaders throng to this technique, which lures people in with a salacious-sounding movie and then tells them they need to download a new video codec to watch it. Of course, you don't get a video -- you get a 'Zlob' malware infection. (Image provided by Sunbelt Software)

htt

Do You Agree to This Malware Infection?
The media codec attack even goes so far as to display a fake license agreement during installation. How's that for misdirection? (Image provided by Sunbelt Software)



Camouflaged Phishing
To fool people who might be alert enough to look at the URL, phishers today often use faked site names that begin with a real domain name and then add what looks like site input but is actually the name of the attack site (in this case, logwjwgwwwqwkqwk.com). Antiphishing tools, including those built into IE 7 and Firefox 2, are becoming more adept at blocking such sites, but keep your eye out.



If in Doubt, Upload to Virustotal
You now know about avoiding these dirty tricks, but tomorrow will no doubt bring a new batch. If you suspect a download or attachment might actually be the latest attack, upload it to Virustotal.com, an excellent free service that scans the upload using more than 30 different antivirus scanning engines. Click 'Browse,' select the file, and click 'Send.' The resulting report won't be a 100 percent guarantee of safety even if the file's reported clean, but having no less than 30 second opinions can sure help.


From PCWorld

Samker's Computer Forum - SCforum.info

Internet Threat Protection Guide (Must see)
« on: 31. July 2007., 02:23:54 »




Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Re: Internet Threat Protection Guide (Must see)
« Reply #1 on: 31. July 2007., 07:11:26 »
Very good post C. (one of the best here).

Security l33t

  • SCF Member
  • **
  • Posts: 62
  • KARMA: 2
  • Gender: Male
  • SCforum's Security Manager o.0
    • Security Central Forum
Re: Internet Threat Protection Guide (Must see)
« Reply #2 on: 31. July 2007., 18:02:42 »
Very good post C. (one of the best here).

:D

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising