One of the problems about knowing anything about IT is that family and friends are always asking you for advice or help with their computer problems. I don’t mind helping when I can but it can be damn annoying at times. Recently I’ve encountered two computers where the are reporting that the PC was infected by a trojan and that the only way to remove it was by downloading and paying for some supposedly great anti virus software that most people have never heard of. Now people like me are technically savvy enough to know that quite a lot of links are not safe to download. Unfortunately not everyone who uses a computer knows to stop and think before they download something. they just merrily click on a link and let something download to our pc.
Quite a lot of people live by the idea that they have anti-virus so there is no way any virus/malware could effect them. It’s a sad reflection of the state of some people’s understanding of computers that this is the case. The MBS payment system mentioned above is a good example of what I am talking about here. I’ve seen this a few times in the last few years. The software is ’supposedly’ a way to ensure that websites get paid for visits. Rather than having a person sign up and give credit card details they download a software that gets quite aggressive in chasing payment if you don’t cancel your subscription after the free period. This payment chasing basically revolves around popups that start appearing on your PC telling you that you own them around £40. These popups appear with decreasing frequency until you give in and pay them their money. It’s most commonly linked to porn sites on the Internet, sites that really should be using credit card registration to prove their views are over 18!
A neat trick really, the makers have obviously realised that most people (read: men) who look at porn on the Internet are too eager to get to the content to read the fine print. They see the option of a free trial and click the link without looking too closely. This is a social engineering trick really. Using something you know your target will do against them, its a good bet that they wont look too close as they rush to get to the free porn! I also think its an underhand tactic. But then again I’m not really a fan of popups. I’ve seen over flavours of this trick though. Where the user gets a pop up telling them they have a virus and the only way to fix it is to download and pay for some piece of antivirus like Windows Antivirus 2009, a piece of antivirus that does nothing other than infect their system with more crap.
It’s a sad state of affairs really. More and more people are falling victim to similar tricks as this, take the amount of people taken in by the fake emails they receive supposedly from banks asking for their user names and passwords to clear a security breach, its a sad fact that even after all the publicity in the media about these not being really from their banks but still people fall for it.
The problem is, while ever most there are a lot of less than computer savvy users of the Internet this kind of thing will keep on happening. People are naive and thing themselves safe just because they have antivirus or a firewall. It’s up to us more computer literate users to educate them in safe browsing practises. Do your bit for the community and help them out
September 22nd, 2008 at 12:06 am
[...] Yesterday I talked about a method used by some companies to trick people into downloading and installing some software on to their computer that was less than good. Lets face it, there are a lot of people out there looking to download something on to people’s computers that is less than good. Some are relatively harmless but annoying like the MBS Payment and Windows Antivirus 2008, but others are rather malicious pieces of code. I like a lot of other people probably get asked to look at computers quite often that are running some malicious code on start up. This never used to be a problem Things that ran at startup used to be easy to locate, it was enough to open up msconfig and scroll down the list of processes running and disable the one you want. Of course things evolve, after a while the people creating these programs found ways to start their programs with out showing them on this list. They created registry keys that were hard to find. [...]
September 25th, 2008 at 10:12 pm
[...] hot on the heels of my recent article about Social Engineering tricks used to deceive users into downloading dangerous software on to their computers comes knews [...]
November 18th, 2008 at 6:03 am
Post trackbacks and comments to remote blogs automatically with Trackback Submitter! This tool will submit your comments to millions of blogs automatically. Trackback Submitter – the most powerful tool on the planet to submit trackbacks automatically!