The novice or casual user of today’s Internet is often the target of cyber-criminals seeking to financially gain from naïvety. You have heard of the plethora of attacks lurking out there…Malware, Adware, Ransomware, phasing, whaling, et al.. The list of attack types seems to grow each day.
A new subscriber to our forum sent me this email with a few pictures the other day. She was hit unexpectedly by an Adware attack:
I have a question. Last week I was on the internet and was in a program and all of a sudden a screen took over my computer saying I had a “Backdoor Virus.” A voice played over the speaker telling me to call a number immediately and to click OK to get out. A new button showed up that said my computer was offline. I wasn’t sure what to do. I panicked I called my husband who said not to do anything. Do you have any suggestions? –LD
As you can see from the screen shots that LD provided, the Adware looks quite convincing. Fortunately, LD did just the exact right thing…nothing. By clicking any of the buttons (“OK”, “OFFLINE”) she would have executed the Adware weapon giving control of her computer to someone else. Had she called the telephone number she would have been social engineered into revealing personal information and possibly leading the hackers into her computer remotely. By doing nothing she denied the hackers this opportunity.
What is Adware?
Adware is a form of malicious code that enters your computer through a web-browser. The Hacker (aka..the bad guys) actually purchased an advertisement slot from an ad-server. Using hacker trickery through technologies called Java or iFrame, the Hacker inserted carefully crafted code into their Ad. While on the Internet, you enter a website (that is not doing a good job of security, btw) and it connects to the ad-server that then serves that advertisement to your web browser. Your web browser assumes all is good and executes the code the Hacker has placed in the Ad.
Modern browsers limit exactly what a web browser can and can’t do to your computer. That way the Hacker can’t just take over. ADWARE REQUIRES YOU TO EXECUTE A COMMAND FOR IT TO WORK. That is why the links are so dangerous, you don’t know what the link is. If it’s code, you just lost control of your computer. An additional layer of social engineering (the telephone number) ensures that the Hackers has a third vector to convince you to give him/her access to your computer by walking you through the steps on the phone (convenient, no?).
What to do when Adware strikes..
I can’t over emphasize this enough. The human brain takes 250 milliseconds to move a muscle once you think about moving it. In computer time, that is an eternity! Any code that was going to be executed is already nearly completely executed before you can react. Waiting a few moments to think about what you are looking it is the best course of action. Anxiously pushing buttons is the worst course of action!
Close the Browser
If Adware happens to you, first close your Internet Browser. You want to terminate the session between your computer and the Advertisement server that sent you that malicious code. You may find it hard to close. In a Mac, use “Force Quit” from the menu. In windows, open the Task Manger (Ctrl+Shift+ESC) and end the process.
Reboot your computer
Just in case.
Reopen your Browser
You should not see the Adware anymore. If you do, open a new “Tab” in the browser, open a safe site like www.google.com and close the “Tab” that has the malware screen. Repeat the steps above.
Install a anti-virus software suite
Software exists that will detect Adware and prevent it from executing the bits of code that will do harm to you computer. McAffee and Synamtec both make excellent PC/MAC internet security software packages for a reasonable price.
Being proactive and cautious is the best way to be safe against the various cyber threats on the Internet today. Don’t rely 100% on software or your provider to keep you safe. It’s your responsibility to keep you and your family safe!
What tips and software advice do you have? Please share in the comments below.