Are you a victim of viruses spreading on facebook? And have you been embarassed by being
called a spammer because of suddenly posting stuff on your friends’ facebook walls? Well,
here’s what has been happening.
Five years ago, hackers found it so simple to slip their code into computers, but this has been
solved since the evolution of Internet security making browsers more protected.
However, hackers have found a new way of spreading malicious contents not by entering
internet browsers, but by directly hacking internet users instead. This is called Social
engineering, which has become a serious problem these days. This is merely the act of
psychologically influencing people into performing measures or exposing private information,
rather than using technical cracking methods. According to wikipedia encyclopedia, the term
typically applies to trickery or deception for the purpose of information gathering, fraud, or
computer system access.
According to a Yahoo News Report, “Social engineering is how the Koobface virus spreads
on Facebook. Users get a message from a friend telling them to go and view a video. When
they click on the link, they’re then told that they need to download some sort of video playing
software in order to watch. That software is actually a malicious program. Social engineering
hackers also try to infect victims by hacking into Web pages and popping up fake antivirus
warnings designed to look like messages from the operating system.”
A social-engineering method called spearphishing is a recognized problem. According to the
Federal Bureau of Investigation, criminals need some inside information on their targets to
convince them the e-mails are legitimate. Then, they send e-mails that look like the real thing to
targeted victims, offering all sorts of urgent and legitimate-sounding explanations as to why they
need your personal data. Finally, the victims are asked to click on a link inside the e-mail that
takes them to a phony but realistic-looking website, where they are asked to provide passwords,
account numbers, user IDs, access codes, PINs, etc. Once criminals have your personal data,
they can access your bank account, use your credit cards, and create a whole new identity
using your information.
Because of this escalating problem of user-downloaded malware, browser giant Internet
Explorer has developed the Application Reputation in IE9. It helps protect users from these
socially engineered malicious assaults. SmartScreen Filter Application Reputation screening,
introduced in IE 9 offers security against Trojan horse programs, including Trojans sent in
spearphishing attacks.
Jeb Haber, SmartScreen Lead Program Manager stated that from their experience of operating
these services at scale, they have found that 1 out of every 14 programs downloaded is later
confirmed as malware.
How does this work? Ryan Colvin of SmartScreen explains that, “When you download a
program in IE9 a file identifier and publisher of the app (if digitally signed) are sent to a new
app reputation service in the cloud. If the program has an established reputation there’s no
warning. If the file is downloaded from a reported malicious site, IE9 blocks the download, just
like IE8 does. However, if the file doesn’t have an established reputation, IE lets you know in the
notification bar and download manager, enabling you to make an informed trust decision.”
With the increasing malware threats, it would be best to optimize your network security and take
malicious warnings seriously. It is an option to invest for your maximum system protection.