Malicious links: Spammers change malware delivery tactics

Significant spike in malicious spam emails containing links, as attackers move away from attachments in their efforts to spread Downloader.Ponik and Downloader.Upatre.

Attackers behind malicious spam campaigns have shifted their tactics in recent months and are increasingly attempting to infect victims by luring them into clicking on links rather than sending them malicious attachments.

Since late November, Symantec Security Response has seen a spike in the number of malicious emails using this tactic. Over the last six months, there were relatively few spam emails containing malicious links. For example, in October, only seven percent of malicious spam emails contained links. That number jumped to 41 percent in November and has continued to climb in early December.

Symantec advises users to be on their guard and to adhere to the following security best practices:

  • Exercise caution when receiving unsolicited, unexpected, or suspicious emails
  • Avoid clicking on links in unsolicited, unexpected, or suspicious emails
  • Avoid opening attachments in unsolicited, unexpected, or suspicious emails
  • Keep security software up-to-date

Are Cloud Storage Sites Safe

Passwords can be hacked.

This doesn’t mean that passwords aren’t safe, just that they’re vulnerable to dictionary and brute force attacks. If you’re cloud storage solution relies on a password to access your data, choose a password that’s difficult to hack, using numbers, lower case letters, uppercase letters and special characters, and change your password often to reduce the chances of success from brute force attacks.

Data can be captured while being uploaded or downloaded.

Most storage services will encrypt the data while it’s traveling up or down, making it impossible to read even if someone captures the files. If your cloud storage works through a Web app, look for “https” instead of “http” in front of the URL in your browser’s address bar. The “https” indicates the form is using secure http. If you have a standalone cloud storage app installed on your computer, check to be sure that app uses some type of encryption for its Internet exchanges. Keep in mind many services such as dropbox require a third party app to encrypt the data.

People can cause their own problems when it comes to hacking.

Don’t give out your password to anyone, even someone claiming to be from technical support. Hackers will often make calls claiming to be support in one form or another in order to create a trust between the hacker and the end user that causes the end user to happily hand over personal information. Note that when you speak with the real technical support specialists, they’ll require only minimal identifying information from you, and most likely not your password.

Your data isn’t immune to seizure by local government.

In the U.S., for example, any cloud storage company could be served a subpoena requiring them to open their clients’ data for government examination. It does not matter what country the data originated from. Some cloud services such as Amazon are up front about one of your security risks. In its user agreement, Amazon Cloud Drive declares its right to access your files and disclose account information to offer support and to ensure compliance, largely to enforce copyright law.