What's Your PC Security Savvy?

April 2009 - Leading security software vendor PC Tools is just released the "Security Savvy" test in response to increasing concern that the "digitally active," particularly Gen Y, are easy targets for cybercriminals. PC Tools is warning that social networking and phishing threats are becoming progressively more sophisticated and prevalent, requiring the digitally active to be both technically and security savvy. To help consumers identify their security vulnerability, PC Tools encourages consumers to take the "Security Savvy" test and find out how to stay better protected.

In conjunction with the launch of this initiative, PC Tools is donating 10,000 units of behavioral based security point solutions and packages to TechSoup, an international technology resource center for nonprofit organizations, based in San Francisco.

"Many would assume that Gen Y are too savvy to be fooled by online threats, but just because they are tech savvy doesn't mean that they are security savvy—and this is a very important distinction. Recent threats such as Koobface, a delivery threat from a well known courier company, Internet Banking Software Failure and compromised PDF readers are just a few of the many dangers facing internet users," said Michael Greene, Vice President Product Strategy, PC Tools.

"In fact, Gen Y and the digitally active are at greater risk because of their high consumption of a wide variety of online content. The popularity of social networking sites, instant messaging services and shopping, music and video websites make these venues a virtual open door for financial gain for cybercriminals," said Greene

"As cybercriminals adopt more sophisticated methods to trick users into downloading malware, even the most tech-savvy and cautious Internet users are at risk of infection. It is imperative that consumers adopt the latest in security software, behavioral-based protection," said Greene.

PC Tools also advise that even with leading behavioral-based protection, the methods of cybercriminals continue to evolve every day, and therefore Internet users should always be aware and that they can start by taking the "Security Savvy" quiz to find out their current vulnerability level.

A January 2009 study by the Pew Research Center revealed that Gen Y (18-32 year olds) are the most social Internet users, with 59% regularly using instant messaging and 67% frequenting social networking sites. Of nonsocial-networking tasks performed online, 57% of those ages 18-32 use online banking.

"Threats deployed using social engineering techniques and phishing schemes targeting online bankers have significantly increased over the last year. For example, the Waledac threat, an iteration of the infamous Storm threat," has been one of the most active threats that rely on social engineering techniques, convincing users worldwide to unknowingly run malware on their operating systems. In early 2009, Waledac threats have increased by 7,300% with more creative schemes certain to be on the way" said Greene.

Assuming that the Waledac botnet has grown to approximately 30, 000 hosts, PC Tools estimates that the botnet could successfully spam 51, 000 messages per second to users around the globe and that includes the ability to potentially bypass the multiple layers of security filtering and scanning on the internet, demonstrating the need for comprehensive behavioral based protection.

Recent threats to watch out for:

Koobface: The widely publicized social networking worm gained access to Facebook profile pages and posted links that enticed users to unknowingly download malware. While the worm did not require users to stop using Facebook, Koobface proved that not all content on Facebook can be unconditionally trusted. The first evolution of Koobface directed some users to view a video that then encouraged users to update their Flash player. Malicious files such as flash_update.exe and bloivar29.exe were downloaded and installed, which resulted in a range of visible problems for the user including modifications to their Facebook profile, with the immediate result being an error message to contact support.

Picture files carrying malware: Another common method used by cybercriminals on both social networking websites and instant messaging programs is to convince users that a friend has sent them a message or IM to view pictures. These messages include a legitimate looking URL, which when clicked on sends the user to an illegitimate website hosting malicious files and executables modified to appear to be genuine picture files (jpg, gif or bmp). When the user downloads and opens the said "pictures" the malware unknowingly runs on the user's computer. With the ability to infect an entire instant messenger address book, this threat has the potential to create a botnet., allowing a hacker control over of the operating system as well as the information in it. Despite wide publicity, this tactic continues to fool a large number of users and exposes them to identity fraud and financial loss.

Courier Delivery Threat: a common malware threat known as Zbot delivers an illegitimate file to users visiting a counterfeit courier delivery site. Zbot has been known to distribute via email phishing and instant messenger. Upon informing users that they have missed a courier delivery from a reputable courier service, the message urges them to view the invoice online, which in fact sends them to the counterfeit website that downloads a malicious program designed to bypass the firewall and then steal banking and personal information. Zbot is not confined to a particular region and thus digitally active consumers in any part of the world should be wary of unexpected IM messages and emails urging them to open or run an attachment or download.

Internet Banking Software Failure: PC Tools warned its ThreatFire community to be on the lookout for warnings, messages and notices from banks and other financial institutions. A recent email blast with the subject line "Bank of America Security Department: How to Update Software" warns the receiving user that "Automatic Installation failed for Bank of America certificate component" and to click on a web link that appears legitimate. The webpage presents a video and automatically prompts the users to install "Adobeflashplayer.exe," which is in fact a malicious file that when installed uses stealth, rootkit-type techniques to hide from the user.

Compromised PDF readers: PC Tools have also identified that PDF software has continued to be highly exploited and targeted by hackers, with PC Tools blocking tens of thousands of malcrafted PDF exploits within its ThreatFire community systems this year alone. Cybercriminals deliver the PDF files via malicious websites that request the user to update their PDF software. The most common malicious payload delivered is rogue or fake security software. PC Tools recommend all users who have installed PDF software to upgrade it to the latest version.

"Research conducted by PC Tools in March 2009 alone demonstrates the prevalence, sophistication and variety of techniques used by cybercriminals to target the digitally active consumer, so to help consumers gauge their security savvy and get the latest tips and tricks for safe online activity, PC Tools has launched the "Ask Dr. Greene" website," said Greene.

The "Ask Dr. Greene" website will provide users with an opportunity to take the Security Savvy quiz to determine their security know-how, find out more about behavioral-based security, identify appropriate package and point solutions, update their knowledge of security 'dos and don'ts' and ask PC Tools' resident technical expert Dr. Greene their computer security questions. Consumers can also join PC Tools' Twitter Conversations. You can view the "Ask Dr. Greene" site here: www.pctools.com/askdrgreene.

SOURCE PC TOOLS