Once again, this year it will be no surprise to see numerous emails in circulation with links for downloading romantic greetings cards, or with subjects related to Valentine's Day.
Cyber-crooks, however, are also exploiting other channels, such as Facebook or Twitter, and given the access to millions of users that these social networks provide, they have become just as popular among the criminal fraternity for spreading malware as email.
Social engineering is cyber-crooks’ preferred technique for deceiving users. In these cases it basically involves obtaining confidential information from users by convincing them to take a series of actions. Crimeware and social engineering go hand-in-hand: a carefully selected social engineering ploy convinces users to hand over their data or install a malicious program which captures information and sends it on to the fraudsters.
“The continued use of social engineering by cyber-crooks is a good indication of the infection ratios that this technique for tricking users returns. Otherwise, they would simply have stopped using it”, explains Luis Corrons, Technical Director of PandaLabs.
PandaLabs offers users a series of tips to avoid falling victim to computer threats:
- Don’t open emails or messages received on social networks from unknown senders.
- Do not click any links included in email messages, even though they may come from reliable sources. It is better to type the URL directly in the browser. This rule applies to messages received through any mail client, as well as those in Facebook, Twitter, or other social networks or messaging applications, etc.
- If you do click on any such links, take a close look at the page you arrive at. If you don't recognize it, close your browser.
- Do not run attached files that come from unknown sources. Especially these days, stay on the alert for files that claim to be Saint Valentine’s greeting cards, romantic videos, etc.
- Even if the page seems legitimate, but asks you to download something, you should be suspicious and don't accept the download.
- If, in any event, you download and install any type of executable file and you begin to see unusual messages on your computer, you have probably been infected with malware.
- If you are making any purchases online related to Valentine's Day, type the address of the store in the browser, rather than going through any links that have been sent to you.
- Only buy online from sites that have a solid reputation and offer secure transactions, encrypting all information that is entered in the page. To check that the page is secure, look for the security certificate in the form of a small yellow padlock next to the toolbar or in the bottom right-hand corner of the screen.
- Don’t use shared or public computers for making transactions or operations that require you to enter passwords or other personal details.
- Have an effective security solution installed, capable of detecting both known and new malware strains.
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.
Currently, 99.4% of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), who work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.
More information is available in the PandaLabs blog.