Trust is a scarce commodity online, but crooks are skilled at mining it. Viruses often propagate by sending themselves from a host machine to everyone in the address book. The message will appear to come from someone known to the target and will more likely be opened.
Similarly, no-one would ever give their bank details out to a stranger who asked for them, so phishing attacks extract such sensitive information by using the bank’s brand to reassure victims. By creating web sites that closely resemble the bank’s own, fraudsters can persuade account holders to divulge their usernames and passwords. By spamming emails that warn the account is about to be closed, they can drive swarms of concerned customers to their fake site.
That’s not the only threat to account credentials, either. While early viruses left obvious signs of vandalism, new strains are more likely to lurk and record the user’s keystrokes, so that his or her accounts can be plundered later. This is a threat to anyone engaging in e-commerce, banking or any other sensitive activities online.
Cybercrime isn’t going away, but there’s a lot that people can do to minimise the risks. Unsolicited bulk emails should be discarded immediately, even if they appear relevant. Anti-spam software can help with this. Banking and e-commerce sites should only be reached through trusted links, or ideally by typing their address into the address bar. Anti-phishing software is available now that adds a safety net, warning users if they are about to enter details into a risky web site. Regular scans with anti-virus and anti-spyware software are an essential healthcheck.
But today’s criminals can trade on complacency. It’s shocking that so many of the viruses in circulation are years old and would be stamped out overnight if everybody used anti-virus software. If everyone ensured their machines were secure, the networks of zombie machines that send spam and phishing attacks would shut down overnight. The Trojans that intercept account details would never take hold on a machine or spread. We would all face less risk. As a bonus, our online communications would be cleaner, more efficient and cheaper.
Aston Fallen is chief executive of Steganos.
Vendor's announcements include AI-powered Microsoft Office, a move away from password verification and an alliance with Adobe and SAP
Vendor claims hackers are hijacking machines to mine for cryptocurrency
Nearly half of SMBs are planning to invest in digital workflows to reduce their paper-based processes by 2025, according to Quocirca
The charter has pulled together the biggest names in tech in an unprecedented attempt to address the tech industry's lack of diversity. Tom Wright asks how it plans to do it