Cyber criminals are using increasingly sophisticated tactics to trick unsuspecting computer users in to downloading and installing software laced with malicious code, which, when activated, gives hackers "back door" access to a computer.

One of the most popular scams is to frighten computer users by popping up messages on their screen, warning them that a virus has been detected on their machine, and advising them that the only way to remove the virus is to download the advertised antivirus software.

How are people becoming infected?

Social Engineering

Users who click on the fake pop-up link are in fact often duped in to handing over their credit card details to cyber criminals in exchange for software laced with malicious code that can put their machine at the mercy of crooks.

Attackers use other methods to attempt to trick users into installing the malicious software — including email, downloading files directly, or simply visiting a compromised web page.

Inadequate Patching

Simply browsing the web with out-of-date or unpatched software can cause a computer to become vulnerable to these attacks. The damage can be somewhat limited if the user does not have administrative privileges, but files located within their scope of permission can still become infected.

Consequences

The consequences for becoming infected are similar to that of most malware, including but not limited to identity theft and the theft of personal financial information and/or funds. Your computer will likely require a fresh operating system, which has time and productivity costs — not to mention any files lost due to infection.

How can I prevent this?

If I see a popup or message I'm unsure of

"Most of these attacks go from scary to nightmare as soon as you start clicking 'yes,' or 'no' or 'cancel' (the malicious script is likely to try to run no matter which you choose)." For more information, visit this Washington Post blog post by Brian Krebs: What To Do When Scareware Strikes.

Apply patch software and operating system patches

Always ensure that your operating system is receiving critical updates regularly. Also, be sure to install Secunia Corporate Software Inspector (for IU-owned machines) or Personal Software Inspector (available for any user affiliated with the University). Secunia will report when your software requires an update or security patch.

Install legitimate antivirus and be familiar with it

IUware provides multiple quality antivirus solutions at no cost (UISO recommends either Symantec Endpoint Protection or Microsoft ForeFront). Ensure that you've downloaded one of these and are familiar with the program. Then, you won't be deceived by the false warnings. If you're an LSP or other IT professional, make sure your users are familiar with the types of warnings or pop-ups they may see, so they too can distinguish the difference.

For more information about the antivirus software available through IUware, visit one of the following:

• What is Microsoft Forefront Client Security, and where can I get it?
• What is Symantec Endpoint Protection?