So I recently received a call from a family member who was in distress. Windows said they had 17 root kits, 23 viruses, and 17 malware. I immediately knew what was wrong. A pop up that looks just like your installed Windows protection programs. You are told that you are infected and you need to act immediately. It will download a program or ask for money in order to cure you of this. The end result is either of to scenario's they want your credit card info or they want to install malware on your computer. THIS IS A SCAM DO NOT BE TRICKED.
This is what they want. But I assure you it is all a trick. I have also received these Pop Ups. But I use a Mac for my casual browsing. So when this Windows Anti-Virus program begins its fake scan and summation of my infection I know that it is a hoax. But to users that are on a Windows PC they think they are actually viewing a valid scan and report. Windows or Microsoft does not require you do download fixes or request payment from you. So all these facts in total prove its deception.
So what is happening here is a combination of amazing techniques. Social Engineering, the hopes that users are untrained and unskilled at Windows, improper Internet Browser settings that allow these Pop Ups, and the hopes that the combination of these will make you fall for the scam. I will help you try and understand or better defend yourself against such deception.
Fear is being used in the form of Social Engineering. Who would no be scared of having all these horrible things on their computer. The Pop Up is showing so many infections and in large numbers in a sight familiar to you or unfamiliar to you. They are preying on your fear of losing your pictures, documents, the fear of damage that will require a new install and have to start from scratch, and all the stories they have heard from their friends. It is common for most people to not have a backup procedure in place. So the videos of the kids or the pictures of your trip to distant place are now at the risk of being gone forever. This is what they want. This is what they expect. Of course you are going to do what ever or click what ever it takes to keep everything from being corrupted and gone forever.
Basis computer training and knowledge are not always as great as others. And everyone can not possibly know everything. So you may not notice this is a Pop Up initiated from your Web Browser. You may not run scans or have them run at a time that you are not actively using your computer. You may not know all the tricks and traps that attackers use. And they can change so frequent that you can not keep up unless that is your job. You should become familiar with all the security products and software you have installed on your computer. The Firewalls, the Anti-Virus, and the pre-installed security software from what ever flavor of Windows you use. While it is plausible that you have become infected and to some degree of the extreme the numbers the pop up give are only to induce fear. We are all becoming the residents of the Internet community. And we must educate ourselves at the most basic functions and use of the internet. I would not jump in the pool without knowing how to swim. And if you do I suggest wearing floaties.
There are a few different browsers that can be used to interact with the World Wide Web. Choose what you like best. They each have their strengths and weaknesses. It just comes down to personal opinion. You just need to become familiarized with the nuts and bolts. Go through the preferences. Download the addons. Find what works for you. There is always a balance to be found with Security and Convenience. The tighter the controls the harder it will be to display or use lots of bells and whistles on a website. But on the other side it will keep bad things from happening like remote code or pop ups. You just have to find what works for you because if it is too strict you are going to bypass it anyway.
Just use your best judgement. Close the Virus scan and open your own. The best security is the one you start yourself. That being said don’t use security that is offered to you when you did not seek yourself. I learned this from Steve Gibson a Master and Mentor to Security Professionals.
No comments:
Post a Comment