Threat Database Phishing 'VIDEO SHOCK – Hurricane Irene New York kills All' Fake...

'VIDEO SHOCK – Hurricane Irene New York kills All' Fake Video

By Domesticus in Phishing

Hurricane Irene may have already washed over New York, but many Facebookers are still experiencing its vicious waves -- of phishing scams. Social networks like Facebook and its real-time platform are fueling the web and the greed of cybercriminals who are quick to plant malware in emails, message boards and chat rooms, to exploit those interested in the natural disaster.

Cybercriminals exploit any and everything they can to dupe unsuspecting PC users and are using web trends to net new victims out of the friendly sea of Facebook. The latest shock video is titled, ‘Hurricane Irene New York kills All’ and has anxious Facebook members clicking and not only self-infecting their PCs with nasty viruses but also spreading the disease to their friends and families.

Phishing scam Hurricane Irene took to the waves in the midst of the highly talked about storm, hoping to nab Italian speakers who use Facebook and who too own PCs running Windows OS and have weak Internet security in place. The mock Facebook page uses a sensationalized title and a clickable image of a video player to lure victims into its trap. When persons click they are prompted with the below message, written in Italian:

"Per Vedere il video devi prima condividere" (English translation: To see the video you must first share.)

You will be presented with two options: Share or See the video. If you choose to spread the disease, a link will be pasted on your Facebook wall for your friends and family to enjoy. However, choosing to view the video will take you to a 'deals' page where you must register and provide vital data. Don't do it! These supposed deals actually lead to affiliate websites or advertisements, which are also part of the scam. These types of schemes are common place in Facebook and may lead to scams or infectious surveys.

Social networks are a breeding ground for social engineering ploys and scams learned by cybercriminals. Many members are socially vulnerable and quick to trust communications posted in the friendly climate of the viral world of Facebook, MySpace, Twitter or other popular forums.

Today, it is very important to not only use common sense and good judgment, but to invest in stealth anti-malware protection. The promise of unearned, insurmountable wealth is keeping cybercriminals up at night, and for this reason, you need protection that does not sleep! Your anti-malware tool should update definitions around the clock, so it can protect you from yourself! Sadly, most malware infestations come at the hands of its victims who are lured daily into social engineering traps like the one that reported the recent but false death of Lady Gaga or offered free ticket giveaways to the highly publicized Twilight Saga or Harry Potter movies.

Once the malware is planted on your PC, it may activate immediately or lay dormant until an appointed or scheduled time. Some malicious attacks are carried out quietly while you work, unaware in the background. A few of these sniper attacks might be:

  1. Collection of data such as passwords, usernames, PINs, certificates, etc., saved in your browser's cache.
  2. Collection of data about your PC to help a hacker shape new malware programs and plan future attacks.
  3. Spying your surfing habits to sell the information to an unscrupulous advertiser, so he can plan an assault of advertisements.
  4. Theft of your email address book to sell it to a spammer, so he can spam everyone on the contact lists.
  5. Downloading a Backdoor Trojan who gives a hacker administrative control, so he can quietly roam and use your PC. Some things a Backdoor Trojan is capable of involve:
    1. Distributing a DNS attack.
    2. Arranging a mass email spam campaign.
    3. Upgrading malicious programs to counter efforts by the Internet security community, such as definition upgrades.
    4. Locking you out of your system!

Louder more obvious attacks might be that of a rogue security program that uses fake alerts, scans and reporting to scare you into buying its useless, full-versioned software. You should never trust any program that self-loads and runs a scan without your permission.

Today's malware programs or tools are quite dangerous and when used with a rootkit, can hide and camouflage its infectious files deep in your system kernel. Rootkits can literally annihilate weaker anti-virus or anti-spyware programs, deleting pertinent files or hiding so deep in a system that they fall off the weak scanning radar. Getting a false report or clean bill of health from your anti-virus or anti-spyware tool is very dangerous. While you use your system and carry on with online banking or purchasing, some hacker is quietly copying all of the vital data you enter into these forms.

Don't risk a false report or take chances manually removing and deleting the wrong files. Just deleting or removing the wrong system, registry or .dll directory file could corrupt your hard drive and you may lose valuable data.

Security experts highly recommend using a reputable anti-malware tool known to contain an anti-rootkit component and capable of safely removing aggressive malware like the one behind the Hurricane Irene Facebook phishing scam.

Until your system is wiped clean, you should:

  1. Disconnect your Internet to stop any new transmissions of data to a remote server.
  2. Get to a clean PC and change all your security credentials and logins for your online accounts, even for the social networks that you and your family enjoy.
  3. Contact your financial institution and alert them of the situation.

Here are a few tips to practicing good Internet security safety habits:

  1. Invest in a stealth anti-malware solution that updates definitions around the clock and contains an anti-rootkit component to remove safely viruses in your BIOS or MBR.
  2. Always upgrade or patch known software or hardware vulnerabilities.
  3. Be careful when web surfing. Cybercriminals plant malicious links and URLs on search engine results pages.
  4. Be careful when downloading freeware or shareware. These types of file transfers are usually riddled with viruses.
  5. Do not pirate!
  6. Use strong passwords and do not share with anyone.
  7. Do not open spam emails; just delete it.
  8. Since online fraudsters are hijacking and spoofing accounts, you should verify the email's authenticity before 'clicking' or responding.

Trending

Most Viewed

Loading...