x_0_0_0_14118007_800

What does the modern malware landscape look like?

Hackers are constantly updating their tools and techniques in order to get the most reward for their efforts. However, this doesn't mean that you're completely helpless. Arming yourself with knowledge about what malware these criminals use can help you improve your personal cyber security. To that end, what kind of malware are hackers currently relying on?

Dridex

Although hackers very often work to steal personally identifiable information, at the end of the day all they really want is money. Many cyber criminals accomplish this by simply selling the data they discover, but the creators of Dridex had something more sinister in mind. This particular piece of malware is sent via email as a Microsoft Word document. 

When someone opens the attachment in this email, a macro is activated that automatically downloads Dridex onto your computer. Once it's in there, this malware can do everything from upload and download files to taking screenshots of your browser activity. What's more, Dridex is extremely active. Spain security firm buguroo has found the malware in more than 100 countries, according to Dark Reading's Jai Vijayan.

The end-goal here is to gather enough information to allow the hacker to steal your money. That said, the average consumer generally isn't the target here. Hackers usually go after big organizations, like the Moldovan cyber criminal who was prosecuted for stealing close to $ 10 million from U.S. businesses. Regardless, it's important to know about this malware, and that you should always avoid clicking any link from an email address you don't recognize. 

Dridex's capabilities are far-reaching. Hackers are using Dridex to steal millions.

Locky

Much like Dridex, Locky starts out with an innocent looking email. According to Bleeping Computer's Lawrence Abrams, this often looks like an invoice with a Microsoft Word attachment. However, hackers know people are starting to recognize this pattern and have begun to change their tactics. What's interesting here is that when someone clicks the attachment, the malware will prompt them to enable macros if the victim hasn't already. 

"Locky can even change the names of your files."

Once this is done, Locky is downloaded and encrypts all the files on a particular computer. Abrams even stated that this malware can do this on network shares, meaning multiple machines can be affected. What's more, Locky can even change the names of your files, making it extremely hard to decrypt the data yourself. 

Like all other ransomware, Locky demands payment in bitcoin, as it's an untraceable form of currency. Abrams reported hackers generally ask for 0.5 bitcoin, which is currently worth around $ 332. This number is meant to be high enough to make a profit, but low enough to encourage payment. 

If you've already been hit by Locky, there isn't much you can do aside from wipe your computer and start over. Paying the hacker is never a good idea, as it's not a guarantee that they'll even decrypt your files. Those wishing to avoid this problem altogether should invest in backup software so they can have access to their most important files in the event of an infection. 


Total Defense

Insider Thoughts

Find More Anti Virus Articles

Read More

x_0_0_0_14130644_800

What features should you be getting out of cyber security software?

Getting hacked can majorly affect your life. The amount of information cyber criminals can gather about you in one way or another is incredibly frightening, and the population has certainly started to take note of this. According to a survey conducted by the U.S. Department of Commerce's National Telecommunications and Information Administration, around half of Americans who go online have started to lessen the amount of time they spend on the internet due to concerns about their security. 

The internet is an amazingly versatile tool, and it's a shame that so many people feel they can't use it because of the nefarious actions of a few malicious individuals. Thankfully, many of these hacking risks can be mitigated through the use of robust cyber security software. But what kind of features should you be looking for in such a product? 

Anti-phishing tools

Phishing is one of the most effective tools in a hacker's arsenal. Social engineering in general is a pretty solid way to gain access to a person's most valuable information, but phishing allows for a level of anonymity that other attacks just don't. While these scams often attempt to get the victim to give up their data willingly, they also can be used to distribute malware. A report from PhishMe found that 93 percent of phishing emails observed by the firm had links to ransomware in them. 

"Phishing is one of the most effective tools in a hacker's arsenal."

Therefore, any cyber security software worth its salt needs to have anti-phishing tools built in to help users avoid these kinds of attacks. This includes the ability to sniff out and block phishing emails, as well as fake social media sites used to log usernames and passwords. 

Automatic updates

Another way hackers attempt to gain access to your data is by infiltrating your computer via outdated software. A lot of people tend to ignore update reminders for all of the programs on their computer, which is a major problem in terms of overall cyber security. The reason companies put these updates out is because they are constantly reviewing their software, looking for and eventually patching the holes that they find. When you don't choose to enable these fixes, you're opening yourself up to attack. 

Outdated software is dangerous. Hackers use vulnerabilities in outdated applications to gain access to your system.

A solid cyber security software solution should help you with this task by automatically updating applications on your computer in order to ensure you're as safe as you possibly can be. 

Backup storage for when disaster strikes

Just about every computer user has some piece of data on their machine that's completely irreplaceable. Sadly, a huge portion of the population currently isn't taking any measures to prevent the loss of this data. Although any person's backup routine should definitely involve some sort of local storage option, users can also benefit immensely from an online cloud-based backup platform. 

As it turns out, all of these features and more can be found within Total Defense's Unlimited Internet Security software. This tool has provided countless users with the online protection they need, halting all sorts of cyber attacks and hacking attempts right in their tracks. What's more, this software can be installed on an unlimited number of devices, which means you can ensure the safety of every connected gadget you own. 


Total Defense

Our Comments

Read More

x_0_0_0_14087173_800

How to back up data properly

Life doesn't always go according to plan. You may not want to think about the possibility of losing all of your most important data, but the reality of the world is that sometimes you don't get a choice in the matter. Something as benign as a single spilled drink can spiral out into the destruction of all of your family's vacation photos. 

What's more, backups can save you from a lot more than physical dangers. Ransomware scams, which is malware that can encrypt the data on your computer until you pay the criminal to unlock it, ended up netting around $ 24 million in 2015 that the FBI knows about. These kinds of schemes are easily avoided by utilizing a rigorous backup routine. 

That said, figuring out such a program can seem difficult when you're just beginning. So where should you start?

What should you back up?

Your first step is going to be to decide what data you absolutely need in the event that the rest of your information is inaccessible. That obviously starts with the irreplaceable data, such as personal photographs or videos. However, one document a lot of people forget about is their resume. You may be happily employed now, but that may change in a few years, and you don't want to have to start from scratch after a disaster. Music libraries, although not as necessary, are equally as frustrating to put back together when you've lost all of your data, which is why these playlists should also be backed up. 

Always backup priceless data like photographs. Don't lose your most cherished memories to a simple mistake.

3-2-1 backup is a must

Once you've figured out exactly what you need to store, you'll have to think about how you want to go about actually backing it all up. There are multiple different options for you here, but what you need to know is that you should be following the 3-2-1 rule of backup. This means that you should have three copies of any particular form of data you'll need in the future stored on at least two different types of storage, with at least one being kept physically separate from the rest. 

Although that last part may seem overly dramatic, it is by far the most important part of 3-2-1 backup. Perhaps the perfect example is the story of how Toy Story 2 almost didn't happen. A technical error resulted in the mass deletion of much of the movie. Even though the studio had invested in regular backup, this automated process had apparently been failing for the past month or so. Out of sheer luck, one of Pixar's executives copied the movie every night so she could work on it at home with her children, which ended up saving the film. 

"You never know what's going to happen."

You may not have as much on the line as a multi-million dollar movie, but the point here is that you never know what's going to happen. As such, you should be backing up as often as possible in multiple different locations. 

One storage option should be in the cloud

While physical types of backup storage such as flash drives can be helpful, there are few tools as versatile as the cloud. Not only does this form of backup fulfill the requirement of physical separation between data locations, it also lets you access your information wherever you are with whatever machine you need to use. This helps mitigate the risks of both destructive forces in the real world as well as cyber attacks, like ransomware. 

Getting into a backup routine may feel out of the ordinary at first, but it really isn't that hard once you realize how well protected you are. 


Total Defense

What We Have to Say:

Read More

x_0_0_0_14089750_800

How to protect your personally identifiable information

Keeping your identity safe has become a major challenge. The internet has completely changed how people move data around, which has certainly been beneficial to society but has also created a major avenue for criminals to steal private data. Although hackers have multiple different motivations, many of them are out to steal your personally identifiable information (PII). 

As the name suggests, PII is basically any scrap of data that can be used to identify you as a person, and once a cyber criminal gets his hands on it, he can make your life extremely difficult. To that end, let's take a deeper look as to what PII is and what you can do to protect yours:

What can be considered PII?

In order to properly keep your PII out of the hands of criminals, it's important to know exactly what it is. According to the Department of the Navy, anything from your name, birth date, email address or Social Security number can be considered PII. In fact, your race and religion are also under this umbrella. Datapoints outside the encompassment of PII include where your work is located and the telephone number associated with that address, as these pieces of information can be easily found online regardless of your personal security habits. 

Basically, the name of the game for hackers here is to collect as much PII about you as they possibly can. A perfect example of how cyber criminals accomplish their end goal with PII is the hacking of CIA director John Brennan's AOL account. 

The hacker behind this attack began his scheme by figuring out Brennan's mobile phone number, which allowed him to discover that the director was a customer of Verizon, according to Wired contributor Kim Zetter. The criminal then gave Verizon a bogus story about needing Brennan's email address and the last four numbers on his credit card, as well as a host of other PII. The Verizon employee gave the hacker this information, which enabled him to call AOL and masquerade as Brennan, saying that he had been locked out of his email. After this, the hacker convinced the AOL representative to give him access to the account.

All it took was one piece of PII – the director's phone number – and the hacker was easily able to daisy-chain his way into the personal account of one of the most powerful men in America. Thankfully, the hacker behind this attack didn't do much aside from earn the wrath of the CIA. However, hacks utilizing PII can very easily translate into stolen money or something even worse. So where should you begin on your journey to improve your personal information's security?

"Where should you begin on your journey to improve your personal information's security?"

Limit what you share online

One of the biggest mistakes people make when it comes to their PII is not understanding the widespread nature of modern social media outlets. Many users don't see anything wrong with posting their phone number on Facebook when they get a new one because they have no idea that a hacker can leapfrog that information into a serious data breach. 

A good way to think about it is to imagine you're on a busy street corner in the middle of the city holding a megaphone. Would you be comfortable shouting your dog's name into the crowd? How about your physical address? Making a status telling your friends to come to your party may seem harmless, but you never know who's listening. 

Be on the lookout for phishing scams

Another way hackers go about gathering PII is by utilizing a phishing scam, which is basically where the criminal sends out a huge amount of emails asking for personal data in the hopes that at least a small percentage will fall for it. In fact, Canada's Get Cyber Safe program has stated that out of 156 million phishing emails being sent out every day, only 80,000 are successful

Hackers use phishing to gain access to your personal information. Phishing is an effective way to steal PII.

Of course, that's still an incredibly high number, and you should be doing everything you can to avoid these schemes. We've dedicated an entire article to knowing when something smells phishy, but you'll basically just need to go with your gut. If the situation doesn't seem right – like a representative from your bank asking for information they've never requested before – don't give in. 

Invest in robust cyber security software

Regardless of how safe you are, all you need to do is make a single mistake for a cyber criminal to take your PII and use it at their discretion. While you should obviously work toward increasing your own online awareness, you can probably also benefit from investing in cyber security software. These programs help monitor your information and can help keep your computer safe from viruses and other malware that could be used to compromise your identity. Your PII is entirely your own, so do what you can to protect it from malicious hackers. 


Total Defense

Our Comments

More Anti Virus Articles

Read More

x_0_0_0_14113674_800

All malware is not created equal

Most people are scared of what hackers can do. The National Telecommunications and Information Administration conducted a survey and found that roughly half of people who utilize online resources are scaling back their time on the internet due to concerns about their security. While this is a drastic solution, it certainly isn't unwarranted. The Better Business Bureau has discovered that there was an 176 percent increase in hacking attempts between 2010 and 2015. 

That said, cyber criminals don't just rely on a single tactic to compromise their victim's system. Compiling a complete list of every hacking technique would be impossible, but it is good to know the basics of what these malicious individuals can do. On that note, let's take a look at some of the most common malware variants out there.

"The word 'virus' is by far the most misused term."

Viruses

When it comes to malware, the word "virus" is by far the most misused term. TV pundits often attribute something like a distributed denial-of-service to a virus, and it's caused a lot of confusion about what they actually are. At its most basic, a virus is a piece of malware that latches onto a file or machine and lies dormant until the users runs the program. 

This means that viruses can only spread through human interaction. These malicious lines of code have an executable file that won't activate until a person opens the program the virus is attached to. Your computer can technically be infected without any negative consequences as long as you don't execute the malware. Any other machine that doesn't have proper cyber security software can become infected by the victim unknowingly spreading the virus through link sharing. 

Trojans

Much like the Trojan Horse of Homer's "Iliad," a piece of trojan malware is effective because it has the ability to hide malicious intent from the user by shrouding itself in an otherwise normal file. When a trojan is activated, it quietly sits behind its innocent-looking mask program and gets to work. These infections can allow a hacker to do anything from gather information about your computer habits to simply creating a backdoor the cyber criminal can use to access your machine later. In fact, they often help these nefarious individuals set up botnets, which is a network of infected machines often used for nefarious purposes like conducting DDoS attacks.

Trojans hide themselves. Trojan horses hide their true intentions from victims by posing as non-threatening programs.

Worms

Worms are some of the scarier forms of malware simply because they don't require human intervention to spread. Unlike a virus, a worm can move between systems by using the built-in data transfer capabilities of your computer against you. Worms also have the ability to make copies of themselves, meaning they can spread to as many machines as possible. A single worm can quickly become thousands, spreading itself through email and other digital communication platforms. 

Clearly, the kinds of malware hackers use can be daunting to say the least. However, knowing what these techniques are can help you avoid them. Remaining aware and being suspicious of any unusual activity can help make sure your computer continues to function as it should without any malicious interruption. 


Total Defense

Insider Thoughts

Find More Anti Virus Articles

Read More