Life is no longer as simple as the song where all you wanted for Christmas were your two front teeth.
These days, we have designated dates for cyber shopping! With our more hectic lifestyles, it can be much more convenient to find something online. Comparison shopping is much easier online than hitting up every store in person. Many times online stores will even wrap and deliver it for you—who needs Santa? Ain’t Technology grand? The thing is, with all of the conveniences of the internet, also come some dangers.
In the good ol’ days, we had viruses and we had to be careful of our floppy disks or which attachment we opened in our email. Unfortunately, we now have malware, spyware, adware, phishing…and more (they have to keep thinking of new names for all of the new threats) to look out for. Sadly, it looks like all of the current dangers and more are here to stay.
As you search for gifts, you are likely to come across less than reputable vendors or simply legitimate vendors who have been compromised. Amongst these vendors you will find yourself with some sort of infection—they will try to entice you into fraudulent purchases or prompt you to give away personal information. And they may put something on your computer that can steal information, grant unauthorized access and install more junk. A quick search on the internet will inundate you with information and reports of all the bad stuff out there. After searching this topic, you’ll realize that no one is completely safe. Google, HP and Microsoft have all been compromised in the past, as well as recent compromises at DoubleClick and MSN adCenter.
Threats have grown dramatically in recent years…take a look at the graph below, which illustrates data from G Data Software. I just want to point out that this is growth of new detections, not totals…the total numbers are cumulative.
According to GDataSoftware.co.uk: “With 1,017,208 new malware programs in the first half of 2010, G Data experts counted more new viruses than ever before in a six month period. At the end of June 2010, G Data had found as many new threats as last year at the end of September.”
The source of these infections has shifted away from the methods requiring users to “do something” with only 20% more coming from attachments in email. The bulk of these come from website links and take advantage of exploits in software, many of which require no user action other than visiting the compromised site. See “Drive-By Downloads Biggest Malware Threat of November” for further details.
These exploits don’t just target Microsoft or Internet Explorer. As reported by Kaspersky in their Outcomes for 2010 and Predictions for 2011, “Vulnerabilities have really come to the fore in 2010, especially those in Adobe software. Exploiting vulnerabilities has become the prime method for penetrating users’ computers, with vulnerabilities in Microsoft products rapidly losing ground to those in Adobe and Apple products (Safari, QuickTime and iTunes).”
Java has also provided a vector for recent infections. Even your phone is potential prey as reported in an article on SecurityNewsDaily.com, “First Trojan Malware Virus Detected for Android Smartphones.”
Furthermore, 75% of infected systems are in the realm of Residential IP addresses. In other words, all the computers in peoples’ homes, where it is up to them to keep their software up-to-date—they don’t have IT departments to keep up with things. How many people do you know who haven’t touched their software, except to run it, since it came out of the box? And how many of them are irritated when software prompts to be updated and they simply cancel out of it? Keeping your computer and software up-to-date is a never ending chore. Keeping all of your software as up to date as possible, along with a good and “current” Anti-Virus/Anti-Malware/Firewall application are best strategies for protection.
So I caution you to be careful where you click this holiday season. Some additional advice: Install some updates while you gather around the fireplace and roast chestnuts.