Thursday, August 26, 2010

Top Malware Infection Method

According to Trend Micro over 90% of malware infections are transmitted via infected web sites.  The "bad guys" just need to do two things, 1) embed some nefarious code in a web page somewhere and 2) entice a user to visit that page.  Neither one of those things are all that hard to do.

Official looking emails and socially engineered enticements leveraging our fascination with Facebook, My Space, and Twitter are just too hard for some people to resist.  Facebook and My Space scams are notoriously effective at getting people to click on a link which takes them on a one way trip to the infected website.  Heck who wouldn't want to see a "funny" video of themselves on Facebook!  Sign me up!  But, sadly, instead of yukking it up over a funny video, you find yourself staring at a fake anti-virus warning that just won't go away!  What a buzz kill!

What's an IT service provider to do? Most people are still thinking like it is 2002 (ancient history) when it comes to the transmission of malware.  I find that a significant percentage of people still think if they don't open email attachments they're safe!  From my perspective, there are two things we professionals must continue to do (over and over and over):
  1. Educate, educate, educate....teach users how malware is transmitted and how to avoid falling prey to a well crafted, socially engineered, correctly spelled, ruse which takes full advantage of a raging Facebook (My Space, Twitter,...)  addiction.
  2. Install security software that provides some form of website reputation screening or scanning.
At my Geeks On Call francise, we recommend Trend Micro Worry Free Business to our small business customers.  Trend's full suite of security protection includes web reputation services to prevent users from clicking on links to websites containing malware.  The current Symantec/Norton product also does a very good job of preventing users from visiting infected websites.

Man, it's a constant battle out here!

No comments:

Post a Comment