While large private data compromises such as TJX, Hannaford and LexisNexis often get a lot of publicity, and are often the first thing we think of when it comes to identity theft, I believe that most private data compromises these days are due to infected desktop computers - such as the computer that you are reading this post with. The threat that I am describing is sometimes referred to as "crimeware", which can be defined as (malicious) software designed to steal data from computers for use by criminals.
While I won't try to quantify the threat that crimeware poses, I will leave you with some references that will help you understand just how prevalent this type of identity theft is.
ZeuS Tracker (which unfortunately uses a self-signed SSL certificate) is a Web site dedicated to posting a list of known ZeuS (aka Zbot, Wsnpoem, Trojan.prg) controllers. As of this post, they list 510 active ZeuS hosts, meaning there are 510 known servers that infected computers post their stolen passwords and other stolen keystroke data to.
The Malware Intelligence Blog documents a number of crimeware packages, listing their features, cost, and more, as does Dancho Danchev's blog, Sourcefire's blog, and likely thousands of others. However, while they typically do a good job describing what the criminals are doing, folks might get a bit depressed reading them, thinking that the battle is lost. Well, I'd like to tell you that the battle isn't over just yet.
While there isn't much you can do about the large scale breaches such as the ones I mentioned earlier, there are definitely things you can do to safeguard your computer against crimeware. Here they are, in no particular order:
While I won't try to quantify the threat that crimeware poses, I will leave you with some references that will help you understand just how prevalent this type of identity theft is.
ZeuS Tracker (which unfortunately uses a self-signed SSL certificate) is a Web site dedicated to posting a list of known ZeuS (aka Zbot, Wsnpoem, Trojan.prg) controllers. As of this post, they list 510 active ZeuS hosts, meaning there are 510 known servers that infected computers post their stolen passwords and other stolen keystroke data to.
The Malware Intelligence Blog documents a number of crimeware packages, listing their features, cost, and more, as does Dancho Danchev's blog, Sourcefire's blog, and likely thousands of others. However, while they typically do a good job describing what the criminals are doing, folks might get a bit depressed reading them, thinking that the battle is lost. Well, I'd like to tell you that the battle isn't over just yet.
While there isn't much you can do about the large scale breaches such as the ones I mentioned earlier, there are definitely things you can do to safeguard your computer against crimeware. Here they are, in no particular order:
- Install critical security patches for all software on your computer shortly after they are released by the vendor. While most computer Operating Systems have an automatic update feature, this feature generally does not provide updates for additional software that you have installed. One way to check the status of the most critical Windows applications is to visit the Secunia Online Inspector.
- Install Antivirus software from a trusted source. The University of Minnesota has purchased a license for Symantec Antivirus that can be used on all University owned computers, as well as one home computer per employee. For other Windows computers, one solid free option is Microsoft Security Essentials.
- Do not open E-mail attachments, or follow links in Instant Messenger (IM) or social networking sites like Facebook & MySpace that you are not expecting. E-mail viruses still exist, and generally do appear to come from people you know and trust. And many crimeware packages spread by posting malicious links and/or content to social networking sites, including by automatically sending messages to your friends. If you aren't sure if an attachment or Web site link (URL) was sent by your friend or if it was sent by a virus, simply ask your friend about it.
- Do not be tricked into installing Antivirus software that is promoted by scaring you into thinking you have multiple viruses installed. There are literally hundreds, if not thousands of different rogue (bogus) Antivirus products on the Internet, and they will stop at nothing to get you to install their product. Many of them actually download and install malicious software (malware) onto your computer, then tell you they can clean up infections by purchasing their product - often at a price of $40 or more. Do not install their "free" version, and by all means, do not purchase these bogus products! By purchasing rogue (bogus) Antivirus products, not only are you essentially providing funding to criminal organizations, but you are giving them your credit card and billing information as well! When you encounter these bogus Antivirus Web sites - and you will - the safest course of action (in Windows) is to close your browser window or tab. If the site makes it impossible to do so, you can hold the Crtl, Shift and Esc keys to open the Windows Task Manager, go to the Applications tab, highlight the browser process, and click "End Task". You'll receive a warning message, and you will ultimately (likely) close all of your open tabs. But that is better than getting tricked into installing these bogus, malicious programs.
Leave a comment