Computer online attackers have become organized criminals, attack in groups, do their homework well and go for the big market! What is their target market? Where customers are in big numbers and where many of them are an easy prey. Where do you find the best combination of these two elements? In the email communications industry, where every user on the net being Bill Gates or Jack the milkman to my 8 year old daughter has an email account. Yes, criminals do Email marketing, they launch a massive spam and phishing e-mail mechanism that direct whoever follows that spam message to malicious fake websites setup by the attackers themselves. They built virtual websites temporarily or hack into someone else’s to invoke their malicious content.
‘So never open or click any links of spam or emails that you were not expecting’
Once you follow the link, attackers can compromise your computer either through exploitation of Web browser vulnerabilities or convince you of downloading some valid application without knowing that you are downloading and installing malware as well!
‘So have your anti-virus/malware application up-to-date and running at all times’
If they manage to install malware on your machine, then they can monitor your keystrokes, monitor your actions, modify programs, or perform other functions on your computer without being detected. Also, they can use your computer to conduct a range of activities, from distributing spam and viruses to conducting denial-of-service attacks. These tools can retrieve your credit card number together with other personal data!
‘Check your credit card statement regularly & carefully and report any malicious activity immediately’
Organized attackers use third-parties to deal with the stolen data when transferring funds. Third-parties are paid a percentage (on commission basis) which may or may not know that they are participating in an illegal affair.
‘Pay attention to “work from home” spam as they normally involve third parties through fake programs‘
Organized crime continues with the process of exchanging funds into electronic checks and other activities (overseas accounts, gift cards, etc) that complicates the whole process while it makes it difficult to trace back in case a third-party is caught in the process. However, if a third-party is caught, the story ends there as a third-party would not be able to identify his/her malicious employer.
