Skip to main content

How can I get infected?

For a network user who is protected by a firewall and whose ICQ and IRC connections are disabled, infection will mostly occur via an email attachment or through a software download from a website.

Many users claim never to open an attachment or to download software from an unknown website, however clever social engineering techniques used by hackers can trick most users into running the infected attachment or downloading the malicious software without even suspecting a thing.

An example of a Trojan that made use of social engineering was the Septer.

troj, which was transmitted via email in October 2001.

This was disguised as a donation form for the American Red Cross's disaster relief efforts and required recipients to complete a form, including their credit card details.

The Trojan then encrypted these details and sent them to the attacker's website.

  >> Infection via attachments

It is amazing how many people are infected by running an attachment sent to their mailbox.

Imagine the following scenario: The person targeting you knows you have a friend named Alex and also knows Alex's email address.

The attacker disguises a Trojan as interesting content, for example, a Flash-based joke, and emails it to you in your friend's name.

To do so, the attacker uses some relaying mail server to falsify the email's FROM field and make it look like Alex is the sender: Alex's email address is alex@example.com so the attacker's FROM field is changed to alex@example.com.

You check your mail, see that Alex has sent you an attachment containing a joke, and run it without even thinking that it might be a malicious because, hey, Alex wouldn't do something like that, he's my friend!

Information is power: Just because the attacker knew you had a friend Alex, and knew and guessed that you would like a joke, he succeeded in infecting your machine!

Various scenarios are possible. The point is that it only takes ONE network user to get your network infected.

In addition, if you are not running email security software that can detect certain exploits, then attachments could even run automatically, meaning that a hacker can infect a system by simply sending you the Trojan as an attachment, without any intervention on a user's part.
  _________________________

Labels:

Comments

Post a Comment

Popular posts from this blog

Step by Step: Connecting to a VPN (Outgoing)

Step 1 Click the Start button. In the search bar, type VPN and then select Set up a virtual private network (VPN) connection. Step 2 Enter the IP address or domain name of the server to which you want to connect. If you’re connecting to a work network, your IT administrator can provide the best address.   Step 3 If you want to set up the connection, but not connnect, select Don’t connect now; otherwise, leave it blank and click Next.   Step 4 On this next screen, you can either put in your username and password, or leave it blank. You’ll be prompted for it again on the actual connection. Click Connect.   Step 5 To connect, click on the Windows network logo on the lower-right part of your screen; then select Connect under VPN Connection.   Step 6 In the Connect VPN Connection box, enter the appropriate domain and your log-in credentials; then click Connect.   Step 7 If you can’t connect, the problem could be due to the server configuration. (There...
Post a Comment
Read more

What is Trojan Virus?

A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system These actions can include: Deleting data, Blocking data, Modifying data, Copying data.. Disrupting the performance of computers or computer networks Unlike computer viruses and worms, Trojans are not able to self-replicate. _________________________
Post a Comment
Read more