Continued from page 1
As soon as these details have been entered, an error page appears; it tells user that transaction has been unsuccessful, and offers instructions on how to pay for ticket by postal money order. So user may well be fooled twice. He loses his credit card details, putting them right into hands of cyber-crooks, and then loses money, if decides to buy ticket by money order.
Of course, these sites have already been disabled, but who knows whether (or better to say when) other ones will appear again, this time offering all kinds of products.
Malicious websites are especially dangerous. Cybercriminals create them exclusively to execute malicious code on visitors' computers. Sometimes hackers infect legitimate sites with malicious code.
Bad news for blog readers: blogs can be contaminated, too. Since January, Websense Security Labs has discovered hundreds of these "toxic" blogs set by hackers.
When unsuspecting users visit malicious sites, various nasty applications are downloaded and executed on their computers. Unfortunately, more and more often these applications contain keyloggers--software programs for intercepting data.
Keyloggers, as it is clear from name of program, log keystrokes --but that's not all. They capture everything user is doing -- keystrokes, mouse clicks, files opened and closed, sites visited. A little more sophisticated programs of this kind also capture text from windows and make screenshots (record everything displayed on screen) - so information is captured even if user doesn't type anything, just opens views file.
In February and March 2005, Websense Security Labs researched and identified about 8-10 new keylogger variants and more than 100 malicious websites which are hosting these keyloggers EACH WEEK. From November of 2004 through December 2004 these figures were much smaller: 1-2 new keylogger variants and 10-15 new malicious websites per week. There is by all means a disturbing tendency--the number of brand-new keyloggers and malicious website is growing, and growing rapidly.
What a user can do to avoid these sites?
As for phishing, best advice is not to click any links in any email, especially if it claims to be from a bank.
Opening an attachment of a spam message can also trigger execution of malicious program, for example a keylogger or a keylogger-containing Trojan horse.
As for fraudulent websites, maybe buying goods only from trusted vendors will help -- even if it is a bit more expensive.
As for malicious websites... "Malicious websites that host adult entertainment and shopping content can exploit Internet Explorer vulnerabilities to run code remotely without user interaction."(a quote from Websense's report). What can a user do about it? Not much, but avoiding adult sites and buying only from known and trusted online stores will reduce risk.
Hackers also attract traffic to malicious websites by sending a link through spam or spim (the analog of spam for instant messaging (IM). So a good advice never follow links in spam is worth remembering once more.
Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security.
Learn more -- visit the company's website www.anti-keyloggers.com