Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

IM Worm Drives Users To Malicious Websites

ESET : 30 November, 2010  (Technical Article)
ESET has produced some guidelines to Instant Messaging users to help them prevent themselves from becoming a victim of the latest aggressive worm affecting IM services
Last week, an unnamed computer worm forced Microsoft to temporarily suspend active links in its Live Messenger 2009 to prevent the aggressive instant messaging (IM) worm spreading. Instant messaging is a very effective way for malware to stay active and thrive. As time progresses, cybercriminals are refining their techniques to lure potential victims to visit malicious hyperlinks.

Mak James, technical manager at ESET UK comments, "This is quite a surprising measure, because worms spreading through Instant Messaging (IM) such as Skype, Yahoo! Messenger and Microsoft Live Messenger are not new at all. For example, the AimVen worm was discovered in 2003 and was targeting the America Online Instant Messenger platform,"

James continues, "The modus operandi for this type of attack is simple. First the victim receives a message that contains a hyperlink from one of their contacts, clicks on it and gets infected. The worm can also use geo-localisation in order to use the victim's language and even relate to news or events trending in the victim's country. These advanced techniques may trick even the most cautious users.

ESET has compiled seven golden security rules while instant messaging:

1. Opening pictures, downloading files or clicking links should be avoided at all cost in case it comes from someone you do not know. Do not open suspicious files or links even if they come for someone you know; try to confirm with the person on the origin of the attachment.

2. Do not reply to messages from people you don't know if you were not expecting them. If someone you do not recognise sends you a request to add him/her to your contacts, decline the request if not sure about the identity of the contact.

3. Unwanted messages ought to be blocked - blocking spam or messages from strangers might be easier than you think - most IM software allows you to create your own contact list.

4. Do not post sensitive information and private data in instant messages, especially refrain from sharing credit card numbers, banking details, paswords or important personal identification data like phone number or addresses. You should also avoid sharing information about your IM name or e-mail contact over the Intertnet.

5. Your Instant Messaging should also have as strong a password as any other account. Always use different passwords for different accounts and other online services (such as online banking, e-mail). Do not recycle your password. If you log in on public or shared computer, make sure to uncheck the automatic login feature.

6. Avoid meeting strangers that you have met online while instant messaging. If you decide to meet someone in real person anyway, take safety precautions - bring someone along with you.

7. Turn off your Web camera if you are not using it, as some malware allows criminals and strangers to spy on you through your own webcam. If you have an integrated camera, always check the control light that it is off when you are not using it.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo