Symantec spots new threats

Symantec has identified two new online threats: Facebook phishing attacks and a new viral web infection using malware that manipulates Google-style search results.

Attackers use a comprised Facebook account to send a malicious link to ‘friends,’ which directs them to a site that looks identical to the Facebook login page. Users are prompted to provide their login credentials which are then phished. Those Facebook accounts are then used by attackers to send ‘friends’ of those accounts similar phishing emails in an attempt to gather more login credentials.

Symantec is advising a high level of caution about any message from within a website or that appears to be sent by that website, and to protect themselves by updating their security definitions. Those who use the same password for multiple accounts, including online shopping and banking, are most at risk.

Cybercriminals will quickly be able to access all of their online accounts and cash in on their password provision.

“Rather than clicking on any links in a message, type the URL directly into the Web address,” a Symantec advisor said. Double click the arrival at any web destination.

“When clicking over to a website, make a habit of looking at what appears in the address line. You might not always be able to spot a fake site but in the case of this particular scam, it’s obviously not www.facebook.com.

“Be suspicious of requests to enter your account name and password.

Maintain an up-to-date browser and operating system. Use and update security software. Consumers can visit Norton Safe Web to report dangerous phishing and malware sites.”

VIRAL WEB MALWARE

Symantec has also detected a second threat where infected websites have compromised visitors’ computers, making them part of a botnet – a collection of PCs that have been taken over by a cybercriminal. This botnet manipulates Google search results, injecting ads and links that infected users wouldn’t otherwise see.

The malware appears to be to siphon dollars away from Google by injecting ads and links into certain searches. Infected users will receive replaced links that point to malicious and fraudulent website within their Google search.

www.symantec.com/business

< Return to the Exchange front page

More topics:

• Support continues for ‘Rising Stars’
  
• IN FOCUS:
  Mr Phil Mumford / CEO Queensland Motorways
  
• World’s Smartest delivery system even smarter…
  
• Once, twice, three times the commitment
• Symantec spots new threats
  
• Sydney Innovation Series 4th June