People are so inundated with warnings regarding email, viruses and malware, that any understanding of what cyber criminals are after and what the victim has to lose can get lost. Motives can be clear when it comes to certain technological scams, while in other instances there seems to be little gained by an attacker. The truth of the matter is that cyber criminals always win when the victim loses.
Today’s cyber criminal is after identity resources such as social security numbers, credit card information and login credentials. These can be used to impersonate or steal directly from the victim. The victim's physical resources can also be used to the gain of the cyber criminal as a compromised device or account can be used to perpetuate criminal activities.
Phishing emails attempt to gain access to a victim’s resources by using social engineering techniques, such as being familiar to the victim or using language spurs the victim into reacting before thinking. Some phishing messages may have a threatening tone in an attempt to scare the victim into responding. An example message could contain “If you don’t provide your login ID and password immediately, your account will be deleted!” Others might add to their legitimacy by attempting to represent themselves as a familiar party such as Tulane University, a financial institution, or an email provider. These phishing emails will often contain links to a website where the victim enters his credentials.
Negative consequences can include the use of the victim’s email account to send hundreds or even thousands of email messages. Email credentials can also be used to gain access to other accounts such as the victim’s bank or credit card accounts.
Tulane Technology Services or any other department will NEVER, under any circumstance, ask for login information via email or web form. Parties asking for this type of information via email are very likely fraudulent.
A computer virus is an invasive piece of software that takes advantage of an exploit in a computer such as the operating system or an installed application. Like biological viruses, they have adverse effects on the victim device, creating noticeable symptoms (sluggishness, software errors, missing files), but it’s what is happening underneath that is the scary part.
One of the most common uses of virus software is to take control of computers. This can be done en masse in the form of a ‘bot,’ which will likely use the systems to perform attacks on higher-level targets of the criminals. A group of these bots form a powerful chain of infected computers known as a “bot net”. If a victim is part of an institution that may have valuable information or resources, the compromised device may be used to piggyback into a network to attack more sensitive computers. Once infected, a computer becomes an open doorway for additional infections and malware.
Malware and Ransomware
Malicious software is less subtle than a computer virus is that it is often dependent on the target downloading and installing the software outright. Often, these applications will pose as legitimate free services or widgets to enhance the victim’s computer. They may even be labeled as professional mainstream software that is available free on a website in a foreign country. Once malware is installed, it has the same access as the user of the computer. When it is finished setting up, malware has free reign of the device and can be devastating.
A common malware scam is to hold a computer’s data for ransom in exchange for a credit card or bitcoin payment. Some of these are easy to get rid of as they use older techniques to keep the operating system from behaving normally. Some malware may state that the victim's computer has a virus, and pose as a legitimate software company that can fix the issue. Cryptographic ransom-ware locks away all of the data on a computer in unbreakable code, while storing the key that unlocks the data remotely. If the victim's data was not backed up somewhere trusted, then the victim will have to pay up or lose the data forever. The more successful the ransom-ware, the more payments the cyber criminals receive and the more opportunity they have to make the ransom-ware more robust.
Follow us on Twitter @TulaneInfoSec