Tag Archives: Kaspersky Lab Inc.

About 2453 days ago Data Security

What are Macroviruses?

A few years ago, macro viruses were one of the most common categories of computer predators. Instead of targeting programs, they infected documents and templates, most notably programs such as Microsoft’s Word or Excel. The most notorious macro virus was the Melissa, a combination virus and worm, unleashed in 1999 by a New Jersey man who named the virus after a lap dancer and wound up confessing in court later that he caused $80 million in damage to U.S. businesses. The virus traveled via e-mail, targeting Microsoft Outlook users, and eventually forced such companies such as Microsoft, Intel, and Lockheed Martin to shut down their e-mail gateways for a spell. At one time, macro viruses comprised an estimated 75 percent of the viruses in circulation according to Webopedia. Then they dropped from the headlines as software makers improved anti-virus programs and other computer threats became more prevalent. But anti-virus software vendor Kaspersky Lab in May revealed the discovery of a new macro virus that targets open-source applications, such as OpenOffice and StarOffice. (OpenOffice.org, the group that released the open source office program, disputes applying the label “virus” to Stardust, the exploit discovered by Kaspersky Labs.) Assuming that macros may make a comeback, here is what you should know to protect your business: What are macro viruses Macro viruses are written in the internal macro language of an application. A “macro” is a sequence of commands that allows users to customize certain tasks with a single click. Among other things, users can use macros to format text, log in, and check mail accounts, copy data between applications. and generate reports. Macro viruses infect computers by replacing the normal macros that handle these tasks with a virus. That’s why Microsoft Office products — such as Word, Excel and PowerPoint — were their most frequent targets in the past. Method of infection Macro viruses spread through e-mail attachments, CD-ROMS, networks, modems, and the Internet. When you open a file containing a macro virus, it can infect your entire system, embedding itself in other documents and templates already stored on your machine, as well future ones. If you share an infected file with someone else, it will invade their system as well if they don’t have anti-virus software installed. By this method, it can quickly spread and overwhelm a network. Signs your computer is infected While your system may function at normal levels even with a macro virus present, there are ways to detect its presence so that you can stop it before it gets too far. Consider these: Unexplainable behavior. You may be prompted for a password on a file that is not password-protected, or a document may unexpectedly be saved as a template. Strange error messages. Past examples include “Just to prove another point” or “ROBERTA, TI AMO!” or “STOP ALL FRENCH NUCLEAR TESTING IN THE PACIFIC!” Unexpected text appears in a document. The Melissa virus, for example, inserted quotes from the animated television series “The Simpsons” into Word documents. Macro viruses will run on any operating system that uses susceptible applications. If you are familiar with the macros on your machine, glance through them periodically to check for any you don’t recognize. Some examples of past macro names include AutoOpen, PayLoad, and AAAZAO. How to protect yourself Microsoft Office can be set to display a warning message whenever a document is opened that contains macros. To make sure this option is enabled, open the application’s preferences file. Under the security tab, check the “warn before opening a file that contains macros” box. Always choose “disable macros” when asked, unless you are sure of the function of the macro. You’ll still be able to open the file and read its contents. Microsoft Office won’t scan your hard disk, removable media such as CDs, or network to find and remove macro viruses. For that level of protection, you need to buy anti-virus software. Once it’s installed, check frequently for new virus definitions and scan your system on a regular basis. Microsoft Office won’t scan your hard disk, removable media such as CDs, or network to find and remove macro viruses. For that level of protection, you need to buy anti-virus software. Once it’s installed, check frequently for new virus definitions and scan your system on a regular basis.

About 2453 days ago Data Security

The Basics: What is Phishing?

It used to be that so-called “phishers” only focused on large international financial institutions — such as Barclays Bank or Citibank — when sending out fraudulent e-mails that tried to imitate the look and feel of correspondence from those firms in order to scam customers. But now law enforcement authorities warn that phishers are invoking the names of local banks and smaller financial firms in their e-mail scams. Phishing is a scam that attempts to lure recipients of the phony e-mails into going to a fake Web site and keying in account or password data — information which then becomes the basis for identity theft. There were 255,000 reports of identity theft in the U.S. last year, according to the U.S. Federal Trade Commission, and phishing scams were a leading cause. But the recipient isn’t the only one vulnerable in these scams — the business’ brand and reputation is also harmed. That’s why business leaders need to be aware of the growing threat from phishing and the need to take steps if their firms become targets, such as notifying authorities and warning customers. What is Phishing? Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials, according to the Anti-Phishing Working Group (APWG), an industry and law enforcement association dedicated to combating phishing. While immediate concern is often focused on the individual receiving the spoofed e-mail claiming to be a legitimate request for personal information, targeted companies are affected in a number of ways. Who are the Targets? Damaged caused by phishers makes consumers wary of an otherwise respected brand. Financial institutions including Barclays Bank — which McAfee, the security software maker, refers to as BarcPhish — are the most prevalent phishing targets. PayPal and eBay are also heavily hit. Security firm SophosLabs estimates that over 75 percent of all phishing e-mail targets PayPal and eBay users, coaxing recipients to log into their accounts on a hijacked site where scammers can grab account info and other personal data. More, recently, however, the APWG has been tracking phishing attempts invoking the names of smaller financial institutions, such as Sky Financial and LaSalle Bank. The number of hijacked brands is on the rise, according to the APWG. In July, there were 154 brands targeted, up from 130 the previous month. The number of new phishing sites also increased to 14,191 from 10,047 in June, the group says. To put the threat to your business in perspective, phishing accounts for less than 0.3 percent of all e-mails sent, according to Kaspersky Lab. What Can a Company Do? Halting fraudulent e-mails is a challenge yet to be solved. Many companies that become targets focus on educating customers on how to look for warning signs. They also notify customers about what types of messages they should and shouldn’t expect to receive from the institution. One of the easiest steps a company can take to combat phishing is by posting a statement on the company website to notify customers that phishing e-mails are being sent illegally and to advise them what type of legitimate correspondence the company sends. Some companies make it a policy to only communicate with customers through paper mail, instead of e-mail and others say they never e-mail to ask a customer to input bank account and password information. Education in-house also helps reinforce safety. Visiting sites set up by phishers can often install keyloggers and other malicious programs to unknowing users. Having programs reside on office, or home computers can spread threats from personal identity — which is serious in itself — to corporate data breaches. Even if they haven’t yet been targeted, some financial firms may want to warn customers about phishing red flags, such as e-mails with links to sites that ask for highly detailed information. On the surface, these e-mails to businesses and individuals often look convincing, use official sounding descriptions, logos from actual companies or banks, and a convenient link to help you get sort out a problem or address another concern. “Is somebody asking me to confirm my account detail including username, password and credit card info?” asks Shane Coursen, Kaspersky Lab, senior technical consultant. “If so, this is the first and most obvious sign that the e-mail is a fraud.” Companies should tell their customers that, Instead of replying or clicking on the link, the best thing to do is to forward the e-mail to the company. Most importantly, tell them not to click on any link.