It’s called “Zeus” the latest and rather nasty virus that has been spreading like wild fire through social media forums like Facebook and Twitter via “links” to fake Web pages. Once your computer is compromised, the virus hides and waits until you access your financial account or credit card website and then it goes to work capturing your logins and personal data. That information is then transferred to the cybercriminals’ servers — who then sell the data or drain the victim’s bank account. Zeus isn’t exactly new, it began circulating the Net about six years ago, but it has made its way to the top in recent months according to Internet security firm Trend Micro. The New York Times’, Nicole Perlroth reports that millions of computers are already infected, most of which are in the United States … and many computer users have no clue. Social Media Links: Much of this malware’s recent disbursement is via links posted on social media sites like Facebook. The culprits set up fake profiles and post links on popular fan pages or hack user accounts to spam links to their ‘friends.’ In many cases, links take the user to a website where they’re prompted to purchase knock-off designer goods. After entering credit card info to complete the purchase, the victim’s credit card number (along with name and address) is sold or used to place fraudulent charges. In other cases, the website link takes the user to an infected page that installs malicious code when accessed by the unsuspecting victim. E-mail Accounts: The virus is also spread from compromised e-mail accounts: the Trojan accesses an infected user’s contact list and then sends e-mails with links to malware-infected pages. The sender’s address is spoofed to appear as though the e-mail was sent by the infected account, so anyone in the infected user’s contact list receives a message that appears to have come from a known source. If you ever receive a suspicious-looking e-mail with a link or attachment, even if you recognize the sender, do not click the link. Instead, contact the sender to confirm the e-mail was truly sent by them. What Now: Once infected, the Trojan virus runs silently in the background, harvesting users’ private data. In some cases, infected computer systems redirect victims to dummy websites made to look like the user’s bank or credit card account login page so that more valuable personal information (such as social security number, date of birth, address, etc.) can be collected. Many of the fraudulent links used to spread Zeus via Facebook in recent months have ended in .tk (where you’d typically see or .org). This domain indicates the website is hosted via Tokelau, a small territory part of New Zealand which is, according to Jerome Segura of the anti-malware software company Malwarebytes, “a hotbed for all sorts of online fraud.” As infected Web pages are identified and blocked by browsers and/or antivirus software, cyber-criminals simply set up a new Web address, so there’s no easy way to eradicate Zeus and its variants from the Net. That’s where computer repair experts come in. In a blog post on Trend Micro’s “TrendLabs,” Jay Yaneza recommends you bookmark trusted websites so you don’t inadvertently mistype an address and end up re-directed to an imposter site. He cautions that users should avoid visiting unknown websites and keep their system’s anti-malware software up-to-date to reduce the risk of exposure. While Facebook has partnered with Web security specialists WebSense and Web Of Trust (WOT) to identify, flag and alert users of potentially fraudulent links, it’s ultimately up to the user to exercise caution when clicking links on Facebook, in e-mails, or anywhere on the Net. Keep in mind that links to Zeus-infected pages are cropping up all over the Web, from comments on articles or blogs to sponsored ads, so users must remain diligent about avoiding Web links from anywhere but a completely trusted source.
Posted on: Mon, 24 Jun 2013 15:06:07 +0000
Trending Topics
Recently Viewed Topics
© 2015