Why are we targeted by cybercrime on the Internet?

Have you noticed that whenever there is security threat, new virus, new malware attack, new spyware scam that it seems to be targeted at the most innocent and vulnerable.

Why would that be?

Zero day exploits, the ones that are found by virus writers are errors in coding in an application. ? Putting numbers into a form instead of letters can cause a website to crash because of a vulnerability that was accidentally produced in the coding, is a problem but zero day exploits are similar but allow the person who imputed the incorrect information to take control of your system.

The malware writers know this and create web sites that have this exploit in the code – you go there and you get infected and then they have control of the computer, to do what they want to do. ? How do they get you to go to their web site?

This is where social engineering comes into the equation? Want to download some free music, a free app for your android, get a new game or movie? Well most of the places on the Internet where you can get this level of interaction have been created by those same type of people.

They use malware infected web sites, infected torrents and seeds and they even write malicious code into the application that they provide for you for free. That is one of the reasons that they do it.

Stealing the game, music or movie is easy, making it available for you to download is easy, stealing your MasterCard info priceless.

So there you are playing your new game, which has had the copy protection removed (so you can install it without purchasing the key) and the program sequence that has been added is now stealing all of your personal information, your bank details, your identity.

In addition to this, the bad guys are not stupid, worst of all they are not geeks (yes they have geeks working for them), they read the news, they see what is happening on the Internet and they create false websites to reflect that.  One of the biggest money spinners is nude pictures of celebrities, these are stolen from somewhere and put onto infected website where they can be downloaded to infect the gullible.

What can you do to protect yourself from cybercrime?

Well the first thing is get a good AV solution preferably one that does, malware, spyware and viruses, most endpoint protection solutions will do this for you. ? Once installed keep it up to date.

The second thing is keep your computer, applications and utilities up to date.  Microsoft updates, Apples iTunes update process are all important to protecting your computer.

The final point is use common sense, the old adage of ” if it’s too good to be true then its probably too good to be true” comes to mind. There is nothing for free and that goes especially for the Internet.  If you have a need to watch a movie, play a game, or listen to a piece of music then go out a buy it from a reputable dealer.  If you download it from a torrent or a website for free then you are looking for trouble.

 

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.

Leave a Reply