PandaLabs, Panda Security’s malware analysis and detection laboratory, wants to warn St. Augustine readers of Historic City News that cybercriminals are continuing to exploit Valentine’s Day with holiday-themed malware as a lure to trick users and infect computers.
As in years past, Internet users can expect to see numerous e-mails this weekend with links to malicious downloads, which are often perpetrated through romantic greeting cards or messages with subject lines related to Valentine’s Day. In 2010, cyber-crooks are also exploiting social networking sites such as Facebook or Twitter.
Social engineering remains cyber-crooks’ preferred technique for deceiving users. In these cases, cybercriminals obtain confidential information from users by convincing them to take a series of actions: a carefully selected social engineering ploy convinces users to hand over their data or install a malicious program, which captures information and sends it to fraudsters.
“The continued use of social engineering by cyber-crooks is a good indication of the high infection rate that this technique achieves. The technique works well, so criminals will continue to use it until people stop falling for it,” explains Luis Corrons, technical director of PandaLabs.
PandaLabs recommends Internet users follow these guidelines to avoid falling victim to computer threats this Valentine’s Day:
— Don’t open e-mails or messages received on social networks from unknown senders.
— Do not click any links included in e-mail messages, even if they come from reliable sources. This rule applies to messages received through any mail client, as well as those in Facebook, Twitter, or other social networks or messaging applications.
— If you do click on any such links, take a close look at the page you arrive at. If you don’t recognize it, close your browser.
— Do not run attached files that come from unknown sources. Stay on the alert for files that claim to be Valentine’s Day greeting cards, romantic videos or another related ploy.
— If a page seems legitimate but asks you to download something, you should be suspicious and choose not to accept the download.
— If, in any event, you download and install any type of executable file and you begin to see unusual messages on your computer, you have probably been infected with malware.
— If you are making any purchases online related to Valentine’s Day, type the address of the store in the browser, rather than going through any links that have been sent to you.
— Only buy online from sites that have a solid reputation and offer secure transactions, encrypting all information that is entered in the page. To check if a page is secure, look for the security certificate in the form of a small yellow padlock next to the toolbar or in the bottom right-hand corner of the screen.
— Don’t use shared or public computers for making transactions or operations that require you to enter passwords or other personal details.
— Have an effective security solution installed that is capable of detecting both known and new malware strains.