Saturday, 17 November 2012

Ransomware - A Major Threat To Internet Security

Ransomware is emerging as a major cybercrime strategy, threatening to oust fake anti-virus software as the most popular cyber-attack next year, new research by IT security firm Symantec shows.

A total of 2.8% of victims of ransomware pay a "ransom" of up to £280 to regain access to their computers which have been blocked by cryptoviruses. Victims are tricked into making the payments after receiving fake messages that look like they have been issued by police authorities. Such messages often tell users they must pay a penalty for browsing illegal content.

Cybercriminals pocket £3 million annually from blackmailing users to pay to free their PCs from the malicious software, with one criminal group having tried to plague 495,000 computers in just 18 days, Symantec said, as quoted by IT Pro.

The first cases of ransomware were found in 2009 and were mainly limited to Eastern Europe and Russia.

However, this type of cybercrime is spreading to Western Europe, the USA and Canada, Symantec said. Criminal gangs have been traced back to a single unidentified person who apparently creates ransomware on request.

As consumer demand shifts to mobile devices and the cloud, cyber-attacks will increasingly focus on Secure Sockets Layer (SSL) certificates used by mobile apps, Symantec believes. Meanwhile, according to an earlier report by IT Pro, security experts have identified a new malware strand that steals image files from PCs and dispatches them to a remote server.

Wednesday, 2 May 2012

Have You Been Called From 002538020308?

Many people report having been called from the international number 002538020308.

The scenario is like this: 

Always an english speaking foreigner (Indian sounding). Different name used on each call - Jess, Smith, Stephen, Wayne, & others.

Different Company names have included: Windows security center, Creative Solutions, MPC Help, Windows Service Center, Windows Security Maintenance, 24/7 PC Help, etc.

Sometimes they say they are calling "on behalf of Microsoft", or offer to do a free PC health check, or even directly tell you that your system has been compromised and it has got viruses.

Is this a SCAM?

The New Zealand Internal Affairs Anti-Spam Compliance unit is reiterating it’s warning about a cold caller who offers to fix a problem with home computers. It has received several calls and emails from people who have received similar calls.

Senior investigator Toni Demetriou says a Dunedin computer company had received an infected PC for repairs from a customer who had been taken in by the scamster and police were investigating.

“We now believe the calls are being made from overseas, not from New Zealand as originally suspected, and quite a lot of people are receiving them,” Mr Demetriou said.  “The caller can be quite convincing. On one occasion he handed the conversation across to a ‘supervisor’ in an attempt to make the call sound more professional and convincing. 

“He also gives various explanations for the calls such as phoning from a reputable and well-known international company, maybe a security and anti-virus vendor, suggesting the PC has been infected by a virus and needs repairs.

“The sole purpose of the call is to convince someone to login to a website.  They are given a website name and once they are at the website home page they are then given a six digit code to log into that website.

“Essentially what then happens is that the person is handing over control of their computer to the person they are talking with.   If you follow the instructions you will be allowing and authorising remote access to your computer.  Just about anything could then happen.

Viruses, malware, key logging software could be installed onto the computer.  Any information on the PC could be taken and any sensitive usernames or login credentials and passwords may also be logged and obtained as you continue to use your computer in the future.  If you log into your bank the information could be captured and your account compromised.  The computer may also become part of a botnet and used for spamming activities.”

Mr Demetriou said unauthorised access to a computer system is an offence under the Crimes Act.  Similarly, if the computer is infected through that unauthorised access and used for spamming activities, the Department of Internal Affairs, which enforces the Unsolicited Electronic Messages Act, would investigate.    

If anyone believes their PC has been infected and compromised the Department recommends that it is inspected and repaired by a computer servicing company.