Taking Back the ID: Identity theft prevention analysis
expect cyber criminals to stand still. Their goal is to stay far ahead
of you. Here are some of the latest updates on their common schemes.
SPEAR-PHISHING SELECTED FISH
FBI’s Internet Crime Complaint Center (IC3) reported on its website
that cyber criminals are increasing their spear-phishing attacks to gain
access to the networks of numerous industry sectors. The intrusions
allow hackers to exploit the vulnerabilities of software programs, which
gives them the opportunity to create fake identities, steal
intellectual properties and gain access to personally identifiable
information (PII) for stealing money from victims’ financial accounts.
The result? An increase in identity theft. (See “Cyber Criminals Continue to Use Spear-Phishing Attacks to Compromise Computer Networks,” June 25, 2013.)
to typical phishing schemes sent in mass emails, spear-phishing targets
selected individuals in organizations that have the “keys” or access to
their networks that the hackers want to exploit. To help legitimize the
email messages and thus increase the probability that the targeted
individuals will open them and respond as directed, hackers will write
them to give readers the impression that the senders are employees
within the organizations or reputable persons in other businesses, such
as banks or merchants. However, to do this, hackers need to gain
accurate knowledge about these parties from previous intrusions or
social networking websites and blogs on which users post and share
personal information about themselves, friends and business associates.
to the IC3 notice, “recent attacks have convinced victims that software
or credentials they use to access specific websites need to be updated.
The email contains a link for completing the update. If victims click
the link, they are taken to a fraudulent website through which malicious
software (malware) harvests details such as the victim’s usernames and
passwords, bank account details, credit card numbers, and other personal
information. The criminals can also gain access to private networks and
cause disruptions, or steal intellectual property and trade secrets.”
recipient of this type of email should always contact the sender,
especially if he or she supposedly is a fellow employee, to establish
authenticity. If the message purports to be coming from a business, then
a simple corroborating telephone call (not using, of course, the number
included in the email) to someone of authority in the firm is all that
is necessary. Or you can type in the website address, included with the
email message, into your computer’s browser. Banks or other businesses
won’t request PII in emails.
The FBI says that individuals
should “avoid following links sent in emails, especially when the sender
is someone you do not know, or appears to be from a business advising
that your account information needs updated [and] keep your computer’s
anti-virus software and firewalls updated. Many of the latest browsers
have a built-in phishing filter that should be enabled for additional
protection.” Victims should file a complaint by contacting the IC3 at
Beta Bot “Windows Command Process” message box
TARGETED BETA BOT MALWARE
IC3 says that the FBI is aware that cyber criminals are using a new
type of malware called Beta Bot to “target financial institutions,
e-commerce sites, online payment platforms, and social networking sites
to steal sensitive data such as login credentials and financial
This unique malware allows a hacker to modify a
user’s computer settings, which blocks “access to security websites and
disables anti-virus programs, leaving computers vulnerable to
compromise.” If a user isn’t able to assess security websites, then he
won’t be able to clean up the infection. (See “Beta Bot Malware Blocks Users Anti-virus Programs,” Sept. 18, 2013.)
often employ an authentic-looking Microsoft Windows “User Account
Control” message box to lure users into giving permission to allow the
“Windows Command Processor” to modify the user’s computer settings. (See
an example of the message box on page 62.) If users agree, then the
downloaded malware allows hackers to gain access to network systems
where it searches for vulnerabilities in software programs for stealing
PII. According to the IC3, hackers also distribute the Beta Bot malware
via USB thumb drives and Skype.
Obviously, don’t authorize
“Windows Command Processor” to make any changes. According to the IC3,
users with infected computers should run full system scans with current
anti-virus software. If Beta Bot blocks access to security sites,
download the latest anti-virus updates or a new anti-virus program onto
an uninfected computer, save it to a USB drive and run it on the
infected computer. Subsequently, re-format the USB drive to remove any
traces of the malware.
The FBI is
warning consumers to avoid malware by purchasing software only from
reliable vendors and not from unknown sellers, peer-to-peer networks,
online auction sites, less-than-reputable websites and from street
vendors and kiosks. “Pirated software can also be found pre-installed on
computers overseas, which are ordered by consumers online and then
shipped into the United States,” according to the FBI. (See “Pirated Software May Contain Malware,” FBI, Aug. 1, 2013.)
The FBI lists these real dangers:
installed [directly from a site or with a physical disc] on a computer,
malware can record your keystrokes (capturing sensitive usernames and
passwords) and steal your PII (including Social Security numbers and
birthdates), sending it straight back to criminals and hackers. It can
also corrupt the data on your computer and even turn on your webcam
Malware can spread to other computers through
removable media like thumb drives and through emails you send to your
family, friends and professional contacts. It can be spread through
shared connections to a home, business or even government network.
Criminals can also use infected computers to launch attacks against
other computers or against websites via denial of service attacks.
Pirated and infected software also may decrease the speed of your operating system and block security updates.
According to the FBI, here are some signs to look to see if your software is pirated:
- No packaging, invoice, or other documentation — just a disc in an envelope.
- Poor quality labeling on the disc, which looks noticeably different than the labeling on legitimate software.
- Software is labeled as the full retail version but only contains a limited version.
- Visible variations (like lines or differently shaded regions) on the underside of a disc.
- Product isn’t wrapped correctly and is missing features like security tape around the edges of the plastic case.
- Typos in software manuals or pages printed upside down.
- User is required to go a website for a software activation key (often a ploy to disseminate additional malware).
The FBI offers advice when purchasing software:
For full access to story, members may sign in here.
Not a member? Click here to Join Now.
Or Click here to sign up for a FREE TRIAL.
buying a computer, always ask for a genuine, pre-installed operating
system, and then check out the software package to make sure it looks
- Purchase all software from an authorized retailer. If
you’re not sure which retailers are authorized, visit the company
website of the product in which you’re interested.
out the company’s website to become familiar with the packaging of the
software you want to buy.Be especially careful when downloading software
from the Internet — an increasingly popular source of pirated software.
Purchase from reputable websites. Before buying software off the beaten
path, do your homework and research the average price of the product.
If a price seems too good to be true, it’s probably pirated.