It’s Halloween tomorrow, the traditional time when we dress up in scary or not-so scary costumes to disguise our identity and trick our friends and family. It’s good to remember that malware often uses disguises to trick us into committing an action that releases the attack. What follows are my scary Halloween stories.
- Social Engineering – In this exploit the attacker may present themselves in person, over the phone, or by email, representing themselves as the tech from Comcast, Randy from IT, or Pete from an important client. Often the easiest way for an attacker to access your network is just to ask for it.
- Email Links – In this exploit the email itself may be tricked out to look like a legitimate message from UPS, FedEx, an important vendor, a client, or your bank. There will be some sort of plausible story encouraging you to click on the supplied web link. Once at this website, you may be coaxed out of your user credentials, or you may just download some malware that opens the attack.
- Malvertising – Many websites sell advertising space on their margins in order to pay for services provided by the website. Malicious actors will buy ad space and supply an ad the has malware embedded in it. Clicking on the ad or even just mousing over it is often enough to install malware on your computer.
- Drive-By Downloads – When legitimate websites are illegally accessed by attackers, often they will insert their malicious software into the code for the home page, and when people visit the site, they are unwittingly given the gift of malware. Site owners may be unaware of the breach for a few days or even weeks, so you might get infected, have your computer cleaned up, and the get infected again when you return to a favorite site.
- Trojan Horses – This malware is often bundled with other software we think we want, such as a game, a video file, music, or some sort of free software. In addition to what you see, you may end up installing a remote access tool, or a keylogger, or software that turns your computer into a zombie host in some cyber-criminal’s bot-net.
- Phishing – The most common (94%) way that criminals get access to your computer, personal data, or network. Like email links above, these emails are designed to look like they are from a legitimate source, and often contain links to malicious or infected website, or attachments that install malicious software when opened.
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com