THE CONSTANT UPWARD GRAPH OF MALWARE ATTACKS


In the recent spate in high-profile attacks, malware has been the tool of choice for hackers. 2011 seems to be a landmark year hackers with scam attacks, including the politically motivated online attacks on social networking sites like Twitter, Facebook, Android Market. These series of upsurge attacks are alarmingly the fact that nothing, rather no one is secure on internet. The World Wide Web continues to top malware infection wherein emails are a host to malicious attachments and links, while websites come in as a host to a wide variety of exploits and drive-by downloads targeting browsers and applications alike.

For online users, individuals or organizations, malware has always been a significant threat. A rapid rise is being witnessed that is more than capable of compromising, damaging or acquiring sensitive data which can either be personal or could lead to loss of intellectual property in the overall threat landscape. Statistics say that, rather than being hacked by using an exploit; IT users are more likely to be tricked into downloading malware. Hence, there is a continuous challenge in detecting and preventing such threats. Though, not all of these attacks are socially engineered, however, the technique is being used to evade security programs and is being applied to the web that increasingly triples the distribution of malware, of which 55% (Malware) is now delivered via Internet downloads, whereas only 14% is delivered through malicious emails. Which means that as there are more than a handful that don’t understand the complexity of web based threats, from a hacker’s perspective tricking users into installing malware is much preferred.

Also, the inappropriate use of SEO is on the rise. Attackers lure the users to the sites that contain the malware software and expose them to fake Anti-virus downloads, Trojans, worms and fake surveys. In addition to Search Engine Poisoning, the upturn in social networking sites makes them the prime focus of cyber criminals. As the information accessibility and services are interconnect and interdependent of each other, it opens more opportunities for more effective attacks on individuals and organisations.  The emerging Java threats due to Java plug-ins soon will be ruling the malware distribution. Also, URL Shortcut services and Location services contribute greatly in the business of malware distribution. URL Shortcut services will be witnessed.

Apart from creating new malware, Cyber-Criminals are effectively re-modifying the code of known deceased malware. A very good example would be that of the Ramnit Worm which has recently morphed into a financial malware. Moreover, there has also been an enormous increase in malicious programs accounting for at least 25% rise in fresh threats when compared to similar months in 2010. Trojans dominated the line of newly detected threats comprising of at least 70% of all newly created malicious software.

There was a whopping $114 Billion loss due to cyber crime itself cost the world last year. With over 2.9 million users falling as victims to cybercrimes, India alone stood at a loss of $7.6 Billion or Rs 36,200 crore out of which $4 Billion was the total financial loss while $3.6 Billion was the amount spent to resolve reported theft. Of the total amount reported a mere 21% of victims actually reported the crime to the police. Despite the efforts made by security vendors, only 16% had security software installed on their cell phone while 21% had on their PCs. Also, additional $274 billion was lost, based on the value victims placed on time lost due to their cyber crime experiences. More than two thirds of all adults who used the Internet more were victims of cyber crime. While most issues are more than preventable, over 54% of online users have experienced malware followed by 11% in online scams and 10% in phishing scams. In comparison to 2009 and 2010, there has been a decent increase in malware amounting to 19% in 2011.

There key reason for this increase in the cyber attacks is financial profit. Also, there been a whole automation in terms of the creation of malware due to the web attack toolkits that are growing at a rapid rate as the chosen weapon.

On the other hand, the way cyber crime is dealt by people online shown by the overall number of infected users itself signifies a defect. According to studies, in the last one year the overall number of users infected with regard to online cyber crime has tripled in comparison to offline crime. A major flaw is been noticed in the way users perceive online threats. There is a huge gap between awareness and the action that needs to be taken by IT users. Approximately, 80% of PC users are aware of cyber crime as a growing threat, however the necessary precautions are not being taken against it. At times, either the Security is outdated or the implementation of the necessary updates to protect users from complex threats id not up to the mark.

With respect to enterprises, cyber crime is increasing at an alarming rate with over $30 Billion being invested annually on corporate defences and cyber criminals are invariably being able to evade these conventional defences. In fact, even the most security conscious industries are vulnerable to online attacks such as HBGary, Epsilon, RSA and DigiNotar, Comodo– to name a few.

How good is being social?


“Are you on Facebook or Twitter or Google+?” This is the most generic question asked these day to anyone you meet or interact with.

In the recent past, there seems to be an unprecedented growth of these so-called social interaction platforms. The main intention of the invention of Internet is for the exchange of information. Social networking sites took this trend further. Though over the last few years, they have simply taken the world by storm. It was initiated with MySpace, Badoo.Com, Bebo, Flingr and Orkut and now the most popular are Facebook, Twitter and the recent one- Google + joining the world of Social Networking sites.

It is strange that in the span of just last 6-7 years these social networking sites have picked up a great momentum and now have garnered the global attention, making people badly addict to it. They have successfully attained the must-visit web destinations on internet on daily, rather hourly basis. Today, many of us just can’t imagine living without social networking. It has become a daily routine no matter wherever we are. And with mobile phones getting more advanced day-by-day with their applications, use of social networks today is not an issue anymore.

Social networking websites work by asking you to create a profile by filling in basic information and personality, adding people you know to your friend’s list. These profiles are generally quite open and can be easily viewed by anyone. And, the worst part is that there is no way to guarantee that the people viewing your profile are the people you want to see it.

These sites no doubt come with the advantages of you getting connected to your long lost friends, which can be otherwise impossible in the case of many of us. Also, these sites have proved to be a great platform for marketing by entrepreneurs considering that it has emerged as a viable, profitable marketing tool. However, these networking sites do come with a whole lot of package of some unavoidable disadvantages!

I know at the first instance, you many not agree though this is the hard fact!

Forget about alcohol, the addiction of these social networking sites is taking new dimensions! It has no doubt turned many of us emotionally dependent on the virtual relationships developed by these sites. But the other big concern which is the worst is privacy. Until, you have a habit of regularly updating your privacy settings to ensure that your personal information is not viewed by unknown people and their pictures are not misused, you are in a big problem. And the other health issues that come along with this package… we usually don’t even think about them!

If you ask my granny, she feels that we- the so-called new generation has become lethargic because of social networking feature. She feels that it is simply making us unsocial by just being stuck in front of computer and least bothered about interacting face-to-face. It’s true to quite an extent that social networking is slowly taking over face-to-face communication, and these days’ people prefer expressing themselves online. They feel a great comfort zone. So the bottom line is communication has become rapid and easier, though at the cost of personal interaction.

It’s been observed that these days the companies spy on future employees on social networking sites. Well my point is, isn’t that supposed to be just for social networking and not to be mixed with our professional lives?

Hence, I feel that one needs to be serious about what you have in your social networking account. The stuff that you don’t want some one to see needs to be secured or blocked. We can’t consider this as spying as social networking sites are public spaces on internet. Anyone can have access to them and use the data for their own purposes. There is no such thing as separation between personal and professional anymore.

I know many people with worst experiences in their life due to these networking sites, especially teenagers who are more attracted to these sites as they meet different people not really knowing their original characters, habits etc. They call their relation as ‘love’ and ruin their live by inviting disasters. I have seen many people adding 1000 or more friends and feel happy about it. Though what I don’t understand is that what is the need of having such a huge friend’s list when from that list you don’t know about the 99% of them…. You don’t talk to them… how can you call them as your friends… just because they are in your friend’s list ???

Looking at all this, at times a though comes to my mind that if this is the scenario in the span of 6-7 years of the existence of social networking sites, then what will be the scenario after 5 years?

Agreed, technologies and inventions do make our lives easier along with some added pleasures. Though it is up to us, whether to make them become intrusive in our lives… or just stay on the sidelines as helpful tools!

I guess… let technology not master us!

Internet Threats to children


I recently read about investigation that resulted in child rape charges against a 19-year-old in Salisbury with an ugly journey into the world of Internet crime and child pornography. As the investigation proceeded deeper into the underground realm of child pornography and Internet crime, this extensive nature of the danger to children goes far beyond what most of us would imagine.

Internet has proved to be a both boon as well as bane for this generation. With the rapid & intense penetration of Internet in our lives, our screen time is increasing day-by-day. Today’s world is full of information that is accessible to all age groups just with a click. This age group can be as young as 4 years to as old as 70 years. All the information, good or bad is right in front of children which can be both misused and put to good use.

Today, children are exposed to a wide variety of information on the internet. Statistics shows that approximately 80% of children who are five years of age use the Internet at least once a week. And I am astonished to know that over 60% of children from three years are watching movies on the Internet and mostly are using Internet TV. It is estimated that time spent watching TV is 47% of all time spent to the media devices by children and 90% of 5-9 year old children on a daily basis reads books for at least an hour. However, children’s screen time is increasing day-by-day every year, though the books time remains the same. Well, that is the only reason I feel that children of such an age are quite vulnerable to Internet threats. Frankly speaking, at times, they even don’t exactly know, at which link they are clicking and whether the Internet site is free of Malware, Spyware and Viruses. No doubt, many times they land up navigating child-sensitive content sites that can affect child’s psychological health. Their inquisitive mind does also have some questions about some aspects of life. They have found the answer on internet and now know how to access the tool quite well. They easily become victims as they don’t know what they’re getting themselves into when they respond to Internet predators.

With social networking sites like Facebook, Twitter, Google+, and many, the current generation seems to be too much obsessed with themselves. They have these so-called ‘short attention spans’ and a childlike desire for constant feedback on their lives. Well, why should someone be so much interested in what someone else has had for breakfast or gets stuck in traffic or goes out for shopping? Though the present scenario is that, children who are these social networking site users, feel the need to become mini celebrities who are watched and admired by others on a daily basis. They do things that are Facebook status worthy and keep updating about their lives on these walls because they feel that this is the only way they can define themselves by ‘people knowing about them’.

It is almost as if they are going through some kind of identity crisis…

In a sense it seems as if keeping the brain in a sort of time warp…

It is almost as if people are living in a world that is unreal where what counts is what people think of you or if they can click on you…

And to gain attention children don’t even bother to know much about whom they are adding… all they want is to have a fan following…! They don’t know that with updating almost about every move and activity, there are chances of them being kidnapped easily, too!

I am not a psychiatrist, though somewhere I feel that this growth of so-called ‘Internet friendships’ have the capability to effectively rewire a child’s brain that can result affecting their concentration, a need for instant gratification and poor non-verbal skills, such as the ability to make eye contact during conversations…!

Talking about the child rape charge in Salisbury, the fact that somehow the victim’s mother discovered those disturbing e-mails sent to her son by the criminal was the reason behind the investigation which was initiated. The e-mails were soliciting the boy to pose nude for money for pictures to be posted on a graphic Internet pornography site and criminals very clearly told victim that he earned a lot of money doing exactly the same thing. What if the victim’s mother could not have been able to get access to those emails? Imagine the mental state of the innocent who is going through such situations!

Well, the ideal solution for parents to prevent their children from falling victim to such Internet-borne child predators is, knowing where your child is wandering in the Internet. I have heard about many parents logging onto social networking sites like Facebook to spy on what their children are doing. They did it to avoid having ‘awkward conversations’ with the children but I feel the reason here is also that they feel it is the only way they could find out about their lives. Yes, ‘overprotective’ instincts are the reason… and I respect that!

On the other hand, majority of the cases are found where children know more about computers than their parents do; they even know how to hide things. At times I feel the need to pull in some kind of law enforcement to make sure that parents are educated enough about computers and the Internet so as to safeguard their children. It’s a new age. Hence parents need to be alert!

Children on the other hand may feel that their privacy gets disturbed with parents doing so. And I have come across few groups on face book such as ‘For the love of god-don’t let parents join Facebook’, with more than 7,700 group members. Well, all can say is that this is the world we live in now!

So if you feel that your child is spending a lot of time on the Internet, I recommended you to use a good Internet Security Suite that offers you with an effective ‘parental control’ feature. Because as a parent, it is your duty to take control of the website/content they are viewing or gathering information and e-security plays a major role in this. If the computer is secured and protected with the good security suite then the website/content can be guarded and children’s interest can be taken care off. There are innumerable websites that contain adult content, games and objectionable pictures or movies that can create a long lasting impression on these tender minds. Hence, a good security suite would help the parents as well as their children to answer the questions only relevant to their age and interest and the website/content which is not required can be filtered.

Also, if possible computers at home should be in places where you can walk by and see the screen, not in children’s bedrooms behind closed doors. Also a good idea is to set up all computers and be the administrators so you as a parent can control access to all its parts and programs. Avoid children being the administrators of their computers. They are capable enough to control their parents’ access to it, allowing things to be hidden!

Quite smart enough… right! 🙂

Take care of your Lifeline…!


When we say the advancement of technology has influenced humanity in the various aspects of life that governs almost all acts of man… out of some of the few important inventions, I find Credit Cards as the prominent.

Just because you don’t have cash so don’t pay cash… but still you buy and when you use this credit card, with just that one swipe… assures that you have paid the bill. See it builds that trust… though no actual hard cash transaction!

I call Credit cards as ‘The Financial Lifeline’ because of their ability to pay for us when we don’t have cash. One of the laws of nature that we all have noticed or rather experienced is that, when we have something valuable, people around try to take advantage of that and if it is not possible directly, they try fraudulent ways. Isn’t it?

Well, that’s the same case with Credit Cards also. Every now and then we hear criminals behind the credit card, some or the other ways.

You may find some one calling from FBI, law firms, banks and other legitimate-sounding agencies and trying to obtain credit card information. On this Phishing call, they try to collect on loans and ask you to fax your important information to pay the debt. And if not you are not co-operative, chances of being threatened with legal action, arrest, and in some cases, physical violence are possible. Sometimes all this is done by the automated phone messages, also known as ROBOCALLS, which serves as a reminder to us to pay off our debt.

At times we think that, “Why me?” or “Why is someone behind my credit card information?” But let me tell you, all these Phishing scam artists aren’t targeting any one person in particular, rather they send out mass emails, make mass robocalls, or mail out mass letters in hopes of getting someone to bite on their scam. To prove their fraudulent activity legitimate, they will usually mention the name of an actual bank, hoping that you are the customer of this bank. They scare us into giving out our information by claiming there’s a problem with our account and then asking for our account information. Sometimes, a sales pitch outlining lower credit rates is summarized over the telephone. To receive these great rates, all you have to do is give your credit card number to the unknown caller. And if you question the caller, all you get is a ‘click’ and a dial tone as the swindler promptly hangs up!

And one of the recent phishing scam is the use of the unsolicited text messages to get you to provide credit card information to scammers. You receive a text message that appears to be legitimately linked to your bank or credit card lender. The text message informs you about some sort of discrepancy with your credit card account and asks you to send text message or call a phone number that is provided in the message, in order to be able to clear up the confusion. And now, when you do so, you are asked to enter your credit card account information including the security code on your credit card. You may also be asked to provide other identifying information. Of course, the scam is that this text message isn’t coming from your bank at all but rather is a phishing scam designed to fool us to provide credit card information to the one who then plans to use that.

I feel that, scam artists are getting more and more creative day-by-day with their methods of taking advantage of credit card holders. You may have noticed that you have been asked for the three digits on the back of your card, which ensures that you actually have the card in your possession. We feel safe giving out these numbers as these numbers cannot be lifted with skimming or other electronic scamming devices. Though, scam artists know they need to get them if they hope to make any purchases with our card, particularly for making online purchases. So now, with this new scam, the scam artist calls and tells you about some suspicious activity on the card and when you deny those purchases, you are asked to confirm your address and later promised to begin a fraud investigation too. So they over your trust and confidence. And now, you are provided some instructions to call the 800 number on the back of their credit cards and to direct any further questions to the security department. Before finishing the call, however, the scammer will ask you to verify possession of the card by giving the three digit security code on the back of the card. Once you do so, the scammer finally has what he wants! Well, I know, this is particularly troublesome as it is not unusual for a credit card company to contact you if any suspicious activity is observed on the card.

At times the scammer may call you claiming to be working for the fraud department for your bank and tell you that your card was flagged because of an unusual purchase pattern. He may tell you some names the bank that the card is issued through and later ask you if you made the purchase of some ‘X’ amount with a marketing company. When you deny, you will be told that your credit will be sent to you through the mail, and also he verifies your address, adding to his genuinity. This is because he already has all of the credit card information he needs – except for the last three numbers that are located on the back of the card.

And after Phishing, now there is Vishing Scam also for which VoIP services are used to call people and asking them to call the local Central Bank with a toll free number. Once you dial the toll free number, you are asked to provide personal information in order to avoid account deactivation. In case, you blindly do so, Sorry to say that your information is in danger!

To make matter worse, it is a relatively easy scam to pull off. All the scam artist needs is specialized equipment or access to an online service that manipulates caller ID information by making a fake number appear on the recipient’s caller ID. It is easy to get a hold of this machine as it is quite cheap and easily available in the market. On the other hand, selling these cards is perfectly legal because they are sold under the impression that they are to be used for entertainment purposes or personal use. To add to it, the company says it will surrender all documents of users if subpoenaed. All good, however, it does little for the unsuspecting person that receives one of these spoof phone calls and believes it to be legitimate because of the number appearing on the caller ID.

After knowing all this, we feel quite insecure of having a credit card. However, I am sure we cannot just avoid them in our lives. In this case, I feel all we can do is to be quite cautious, as far as out credit card information is concerned.

With credit card phone scams on the rise, its better to avoid rather decide never give credit information over the phone. Rather, tell the caller you will be returning their call via the phone number on the back of the card. Also make sure that you do not reply any emails or pop-up message or telephone call requesting personal or personal financial information such as banking account numbers, or card numbers. If you have received a phishing phone call, contact your bank as well as the local law enforcement agency and provide as many details as possible about the call itself.

In case of receiving Phishing emails, contact the governmental organizations that collects phishing email information in order to help protect the general public or contact Anti-Phishing Working Group (APWG). Also, avoid sending you personal or personal financial information through emails. Always use Anti-Virus software which filters the phishing emails. If possible, contact your Internet Service Provider (ISP) about it as well and get the emails blocked from being sent out or by directly sending out a warning to all of their account holders who might be affected. Social media is a great source where we can express our civic responsibility. Hence, try to inform others to help stave off from this type of crime with the help of  Twitter, Google+, etc.  Every little bit helps… isn’t it?

Use some common sense and be a smart Credit card user. It’s always better to be safe than sorry when it comes to dealing with credit card security. It becomes our responsibility to take care of this lifeline when it takes care of us during rough times… right?

Oops… you are caught!!!


When Doctor Martin Cooper invented the cell phone, his thought must have not traveled the horizons to the extend today his invention is being used. He might have invented it for the purpose of easy communication, though with the advancement of device, now anything and everything is possible using a cell phone.

My imagination goes beyond what’s happening these days and if I relate it this way- I can eat through cell phones … I can drink through cell phones and I can sleep through cell phones….  – I may not be wrong… I guess!

To this I can add – I can have fun through cell phones too!

The modern cell phones / smart phones not only facilitate taking pictures and video clips but also sending them to some one too. No doubt this seems to be a great tool to share candid moments with friends and family at a later time. However, we all know that there are some pictures and videos which we access secretly for our pleasure. Now, that’s were you are caught!

No…. no… no…. I don’t say that you will be caught watching those pictures or videos secretly, but I mean to say that you may be caught and be a victim of some hackers.

I remember some time back a professional hacker announced in an IT security conference that he could hack any cell phone or iPhone in the world by just a text message. Cell phone getting hacked is not a new thing these days. There are infinite victims to it and seems that with the advancement in technology, it will too reach heights.

I also remember reading about a so called ‘Sexy View worm’ attacking the cell phones. All it does is sending a text inviting users to look at pictures and, if unfortunately user tries to look at the pictures, it will take over the phone just the way a Botnet takes over a computer, and then send itself to the entire contact list. As many of us mix business and pleasure via mobile devices, it is more of a struggle to keep sensitive information safe.

As we see that these smart cell phones today have all the power of computers, this means that a smart phone can fall prey of all the same types of attacks that could happen to a computer. These attacks include viruses and other malware, activities like Phishing for passwords and other information; theft of data stored on or sent to or from the phone, and spam. Also, with social media expanding to mobile devices and proving as successful marketing strategy, many threats are attacking these sites and it is quite common to find a malicious URL link. Text messages also are a very common way to receive malware.

It is not at all possible to ban the use of cell phones, seems impractical right ??? But I feel that if we take the security issues little seriously we can be saved from being caught.

All you need to do is try to follow some security practices that can help you keep cell phones out of harm’s way like, having a password protection on your cell phone and using encryption. You can use Anti-Virus for your cell phone and make sure you keep it up to date. With this you will be able to protect your cell phone from viruses and other malware. Though at times we are eager, but if possible, avoid opening suspicious or unsolicited SMS, even if it appears to come from someone you know else you might end up paying for that premium call. Also avoid downloading or installing applications from insecure / unknown websites.

Social networking sites like Twitter and Facebook have been the target for some of the recent most successful Phishing attacks. And these days accessing these sites on cell phone are very common. Hence beware of such attacks. Do not use your passwords or other personal information to any site or service, you feel suspicious about. Do not store your sensitive banking information and passwords on your mobile.

We usually prefer Bluetooth as an alternative to a physical wire, helping us to connect with appropriate devices within its range. This can too lead to a Malware attack, like CommWarrior. Hence, make sure your Bluetooth is off as a default setting. Apart from this, also make sure you use the secured Wi-Fi network, which you know and trust.

In case you lose your cell phone, make sure you inform your service provider and block the SIM card.

Not only security of your cell phone is in your hands, but also of the data in it too!

Isn’t it ????????

%d bloggers like this: