As in years past, Internet users can expect to see numerous e-mails this weekend with links to malicious downloads, which are often perpetrated through romantic greeting cards or messages with subject lines related to Valentine's Day. In 2010, cyber-crooks are also exploiting social networking sites such as Facebook or Twitter.
Social engineering remains cyber-crooks' preferred technique for deceiving users. In these cases, cybercriminals obtain confidential information from users by convincing them to take a series of actions: a carefully selected social engineering ploy convinces users to hand over their data or install a malicious program, which captures information and sends it to fraudsters.
"The continued use of social engineering by cyber-crooks is a good indication of the high infection rate that this technique achieves. The technique works well, so criminals will continue to use it until people stop falling for it," explains Luis Corrons, technical director of PandaLabs.
PandaLabs recommends Internet users follow these guidelines to avoid falling victim to computer threats this Valentine's Day:
-- Don't open e-mails or messages received on social networks from unknown senders. -- Do not click any links included in e-mail messages, even if they come from reliable sources. This rule applies to messages received through any mail client, as well as those in Facebook, Twitter, or other social networks or messaging applications. -- If you do click on any such links, take a close look at the page you arrive at. If you don't recognize it, close your browser. -- Do not run attached files that come from unknown sources. Stay on the alert for files that claim to be Valentine's Day greeting cards, romantic videos or another related ploy. -- If a page seems legitimate but asks you to download something, you should be suspicious and choose not to accept the download. -- If, in any event, you download and install any type of executable file and you begin to see unusual messages on your computer, you have probably been infected with malware. -- If you are making any purchases online related to Valentine's Day, type the address of the store in the browser, rather than going through any links that have been sent to you. -- Only buy online from sites that have a solid reputation and offer secure transactions, encrypting all information that is entered in the page. To check if a page is secure, look for the security certificate in the form of a small yellow padlock next to the toolbar or in the bottom right-hand corner of the screen. -- Don't use shared or public computers for making transactions or operations that require you to enter passwords or other personal details. -- Have an effective security solution installed that is capable of detecting both known and new malware strains.
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security's new security model which can even detect malware that has evaded other security solutions.
Currently, 99.4 percent of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), who work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.
More information is available in the PandaLabs blog: http://www.pandalabs.com