Happy Cyber Monday! If your website has survived the Thanksgiving rush, let’s hope it doesn’t suffer from a post-Thanksgiving malware hangover. Because in the usual run up to Christmas, the only people busier than elves are hackers. And their favorite tool this year appears to be malware. What’s a website to do without trusted malware removal?
We took a look at many of the top security stories to hit the headlines in just the last couple of weeks, and it’s not surprising that most of them were about malware.
Security firm Symantec says that hackers have recently been very successful in delivering a nasty gift of malware to unsuspecting users by blasting out emails pretending to be antivirus software updates. What makes the emails so convincing, according to Symantec, is that they look very authentic and incorporate logos from most of the popular antivirus products – probably even those that you use. Because most users are likely to be familiar with the brands and use at least one of them, it makes the email appear more personal and genuine. And therefore more likely to be opened. And clicked – which is what causes the most damage.
Security firm Trusteer also announced that it discovered some of the most advanced financial malware yet, malware that not only has more features than any previous malware, but also creates a private and secure communications channel back to the hackers behind it. According to Trusteer, the malware can steal information entered into web forms as well as steal log-in credentials from dozens of the most popular FTP clients.
And this is especially dangerous to small businesses in the U.S. If this malware is able to steal the login and password for your business bank account, it will very quickly empty that account. And small business accounts are not protected by zero liability. So if the thieves steal every last dime you have in the bank account, you’re out of luck. And maybe even out of business.
To add to the misery, Trend Micro also reported that it discovered more than 200,000 different types of malware targeted at online banking in just the third quarter of this year, with at least 25% of them targeted at U.S. banks.
One of the most dangerous pieces of malware in circulation right now is Cryptolocker. This is ransomware. Once it infects your computer, it will encrypt or lock your files and then demand a ransom to unlock them so you can use them again. The ransom can vary, from $300 to more than $3,000. And even if you pay the ransom, chances are you still won’t get your data back. And thousands of users have fallen victim. Even one police department admitted that Cryptolocker had managed to kidnap their data.
And not to be left out, researchers have discovered that even the NSA has turned to malware to do their job, infecting at least 50,000 with a botnet that will allow them to spy on those computers.
So if website malware scanning and defense is not on your Holiday to-do list, it might be a good time to update that list. After all, it’s supposed to be the season of cheer.