You could say that computers and the Internet are with us long enough that we could be considered ‘understanding’.
When we get an email telling us we won a million dollars or wants our bank details, we say “yeah right”, and dump it to the trash. Then yet how do we still fall into traps?
Don’t be fooled that you are totally safe. Hackers and other Internet criminals are not giving up not by a long shot, always inventing new and sophisticated methods to reach your personal information. From legitimate programs of familiar companies that contain “extra” unwanted plugins, to attacks on your smartphone via your personal computer.
Here are some of the latest pitfalls:
-Malicious browser extensions
Browser plugins are something many of us install without thinking, but last year was a sharp increase in use of additives with hidden malicious features. One example of that is the Orbit Downloader plugin, considered one of the most popular extensions and video downloader from YouTube.
To stay safe, use browser add-ons only if it is absolutely necessary, install them only from trusted sources and look at the reviews of users before installation.
-Attacks on smartphones through personal computers
Unfortunately, it is still very easy to convince Android users to install malicious applications. More bad news are that hackers were able to create contagious viruses that infect smartphones when connected to a personal computer. An example of that is the virus ‘Kan Kan’ that installs apps on Android devices without the user noticing when it’s connected to a computer in “Debug Mode”.
Another recent threat that attacks smartphones via personal computer is the HesperBot. The HesperBot has been distributed via email in which it addressed bank customers asking them to provide their phone number in order to be able to send a link for a new app supposedly from their bank. The purpose of the attack was of course to obtain the victim’s bank username and password.
To avoid such threats be sure to install only from the official app-stores, lock your device with password and protect it by using security software.
-Virtual money attacks
The digital currency had quite a few headlines recently, with ATMs that allow users to draw their virtual money just like regular money and dealers that agree to be paid in Bitcoins. But virtual money has a dark side – sites like ‘Silk Road’, which operated on the Internet underground and used as the trading of illegal goods such as drugs, money laundering ,pornography of children and received payment in Bitcoins to prevent tracing of purchasers.
Network criminals did not remain indifferent to the increasing use of virtual currency and executes attacks to reach the users virtual wallets . If you are using virtual money it is recommended to create two digital wallets, one for small amounts spending and one for larger amounts, which should be stored offline, so hackers could not reach it – too easily that is.
-Utilization of legitimate sites for viral distribution
Sites where we go on daily basis are stored on servers that were created for this purpose. If those servers are not maintained properly and have poor security, attackers can gain access to them and to the sites hosted on them. This is exactly what happened recently with a campaign called “HOME” – thousands of legitimate sites were broken and in turn infected users.
The ‘Good news’ is that most of the viruses circulating in this manner typically exploit vulnerabilities in browsers, operating systems and software like Java and Flash, so if you keep these programs up to date, you can avoid most cases.
As always, you do not have to become victims of online crime. Make sure that all your software is updated, including the operating system, software like Flash and Java, and of course the browser. Think well before you install something, try as much as possible to install applications and plugins only from official stores or official websites of well-known companies and of course, be sure to use a good and reliable anti-virus software.