The FBI has issued a warning regarding spear-phishing email which has the appearance of being sent from the National Center for Missing and Exploited Children. The subject of the e-mail is “Search for Missing Children,” but attached to the email is a .zip file containing 3 malicious files. The FBI is reminding email recipients to always treat links and attachments in unsolicited or unexpected email with caution. Spear-phishing attacks are frequently utilized in targeted rather than opportunistic attacks. It is information that is sought, as opposed to financial gain.
The FBI has also announced the release of Google Chrome 29.0.1547.57, for Windows, Mac, Linux, and Chrome Frame, which addresses several vulnerabilities. These vulnerabilities could allow a remote attacker to obtain sensitive information, cause a denial of service condition, or conduct a directory traversal attack.
With denial-of-service (DoS) attacks, the hacker’s goal is to prevent legitimate users from accessing applications and services on a computer. So, an attacker may be able to prevent the use of email, websites, and other products and services. Users and administrators are encouraged to view the Google Chrome release blog to determine which updates should be applied.
McAfee is warning Android users that there has been a 35% increase in Android-based malware. “Backdoor Trojans and banking malware were the most popular mobile threats this quarter,” McAfee stated in its report (PDF). “We counted more than 17,000 new Android samples during this period. The year is certain to establish another record. New malware of all types exceeded 18 million this quarter, pushing our all-time tally to more than 147 million binaries.”
According to McAfee, in addition to AutoRun threats, which are typically spread via USB drives, being at record levels the same can be said of password-stealing programs. And, signed malware, which masquerade as legitimate software, is also on the increase. Ransomware is also on the rise, according to McAfee. Ransomeware is a type of malicious software designed to block access to a computer system until a sum of money is paid. “Not only do criminals make relatively safe money from this scheme, they often do not remove their malware — leaving the poor victim’s system as dead as before,” McAfee says. So, be careful to only download apps from trusted sources such as Google Play and Amazon’s App Store.
Below are some steps to take to avoid intrusion:
- Always Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access.
- Install Antivirus Software & Keep It Updated: Antivirus software’s purpose is to prevent malicious programs from gaining access to your computer.
- Be Sure to Install Antispyware Technology & Keep It Updated: Spyware is secretly installed on your computer to enable others to collect information about you without your consent or to propagate unwanted pop-up ads on your browser.
- Keep Your Operating System Up to Date: Operating systems are periodically updated to stay current with technology requirements and to fix security holes.
- Be Very Cautious With Downloads: Downloading email attachments can disperse malware onto your computer that even the best anti-virus software can’t block. To be on the safe side, never open an email attachment from someone you don’t know, but also be careful about opening forwarded attachments from people you do know. It is possible that they may have unwittingly forwarded a malicious link.
Click here to report crime, fraud or suspicious activity to the FBI.