Norton Symantec Blog

The release of a research paper in Nature threw up some interesting findings when it was published last month. Viruses, the report claimed, were just a susceptible to infection as the organisms that they attack. Large viruses, for example one like hepatitis B, runs a constant danger of being attacked by other ‘micro’ viruses, which could mutate or even on occasions destroy them.

The same principle, according to online security engineers, also holds true for Internet bound viruses. Dangerous sequences of coding can often collide, joining together and forming long stands of harmless code that nonetheless weigh down your computer. On occasion, two dangerous viruses can fuse together whilst retaining their dangerous properties – it is occasions such as these that are expected to cause widespread damage to unprotected personal computers.

“The best way to protect your computer for the dangerous consequences of catching online viruses remains the presence of a robust and fully functionally virus scan product,� a Symantec spokesperson today claimed. “The fact remains, unprotected PCs are liable to suffer damage at one time or another.�

Using news for Spam

Symantec report that one of the most recent tactics of Internet spammers is to send hoax email addresses containing false subject headings. A cunning trick is to take a well-known news event and post a sensational headline surrounding it. Examples of this can be seen below:

“Beijing Olympics Cancelled!�
“Beijing postpones Olympics due to McCain-Dalai Lama Meeting�
“McCain says unsure if Obama is a ‘secret’ hippopotamus�
“Kick-Up – Obama speaks in London – video�

By drawing people in and playing on general curiosity, spammers have enjoyed a good deal of success through these particular methods. By getting individuals to click on the links they can garner peoples’ personal details – such as email addresses – and in some cases they can plant tracking cookies onto personal desktops.

In many of the samples studied, the URLs were hosting malicious codes (known as malware or badware) and Symantec have deemed these particular threats to be dangerous. It is a further example of the fact that spammers are good at employing current events to hoax users into interacting with them. The message is that Internet users have to be constantly vigilant whilst online.

The number of people having their personal email accounts hacked is on the rise, according to Symantec’s monthly ‘State of Spam’ report. They document how there are many different ways of harvesting different people’s personal email addresses. Some of the different tactics include:

• Using different spambots, which crawl through the Internet looking for different email addresses
• By bombarding a specific email server with email addresses and search for the specific addresses which do not bounce
• Purchasing different lists of email addresses for professional spammers.

The report suggests that during the past few months, a certain number of spammer attempted to simplify their email harvesting techniques. By beginning with a long list of email addresses, obtained surreptitiously, the spammers attempted to send messages to people who were interested in receiving information regarding a number of different products. The messages read: ‘Do you want to buy any stuff: any kind of pills, oem software, cool porn? Just mail me back, i’ll find the best offer for you.’

It was found that a number of people replied to the email, giving spammers access to a ready-made list of people who are willing to invest time and money in their products. Most significantly, the spammers have created a ‘bone-fide’ email list, people have responded willingly and therefore it is difficult for it to be classed by mail providers as spam in the future.

The online social networking website Facebook has been criticised for a ‘shocking’ breach f security. A glitch in the website’s code allowed hackers to be able to gather people’s date of birth – a snippet of information that police have called a ‘golden nugget’ for those attempting to commit identity fraud.

Facebook, which is based in the state of California, have now corrected the error in the code and henceforth the information will not be made publically available. Similar glitches have previously been discovered in Facebook’s code and the police have used the advent of this latest leak to remind people that real dangers exist online.

Many of these dangers stem from identity fraud, which allows a person to assume a different identity to a variety of reasons. Financial gain is one of the main reasons for identity fraud, but another more menacing threat comes from sexual predators that trawl the net. Here the figures are stark and disquieting.
More than one in ten children have had a sexual chat online. A quarter visit adult websites and about half of them lie to their parents about their Internet activity. Meanwhile, eight out of ten parents are convinced that they know what their children do online. *

If you are worried about the dangers of the Internet and how it can affect your family, browse through a list of Norton’s security products online. An array of quality products have been designed and tested to make your Internet experience much safer.

* From a poll commissioned by the Carphone Warehouse

False optimism

‘Two years from now Spam will be solved,’ said Bill Gates in 2004 referring to one of the biggest nuisances that web-users have to cope with on a daily basis. Four years on and the landscape has not improved much for computer users.

In it’s monthly report on the state of spam, Norton state that, ‘spam levels have steadily climbed from 56% to 80% of all emails.´ Undoubtedly the technology has become much more sophisticated but spammers are still keeping themselves one step ahead of anti-virus researchers. Norton warned that Internet users have to remain vigilant.

In the Symantec, July 2008 State of Spam report, Symantec have noted the following current trends in spammers’ behaviour:

Hacked personal email accounts are used to spam email contacts
The Chinese earthquake disaster has been used to spread spam emails
An Olympic-related lottery scam has emerged
More and more bogus news events are luring potential victims

It is interesting to dwell upon these latest developments two years after Bill Gates left his day job at Microsoft in optimistic mood. As the ability to catch and delete fraudulent emails grows, so in proportion does the ability and craft of the spammers. The message from Symantec remains the same: when using the Internet, remain vigilant at all times.

Symantec have revealed in their monthly ‘state of spam’ update a number of interesting statistics relating to the spread of spamming emails worldwide. In the past thirty days Symantec Networks have analysed that ‘spam emails’ are comprised of:

23% - Product promotion

17% - Email attacks that relate to the financial world

16% - Promotion of Internet related goods

12% - Internet based scams

10% - Offering prizes of various leisure pursuits

9% - Offering health remedies

7% - Emails that appear to come from a well known company

6% - Advertising adult services

Good ‘ol days

Each week the technology press is jammed full of articles declaring the imminent arrival of the latest hard disc drive. Long gone are the days when 500 mega bytes were advertised, and the industry cranked up into gigabytes well before the end of the last millennium.

Since then the amount of data stored on personal computers has rocketed. The advent of the Internet era has made file sharing possible; people store family photos and personal documents whilst businesses collect presentations and a wealth of financial data. In parallel the capacity of hard disc drives has soared – from 50Gb to 100Gb and now most computers will come with around 250Gb as standard.

Expert procrastination

Charles Arthur writing in an English national newspaper lamented this weekend the fact that he had so much data that he couldn’t possibly back it up. He notes that ‘I swing through the store like a comet each week, on the elliptical orbit whose two foci are these: I need to do a backup; I don’t want to spend money when there will be bigger, cheaper drives along shortly… I exit the store empty handed, because you never need your backup until something goes wrong, and nothing has gone wrong yet, so I don’t need it. It’s completely illogical, I know, and it’s bound to bite me soon.’

The dilemma that Charles Arthur faces is a common one. However backing up and protecting data is now a serious business. Internet worms can destroy files and mechanical failures do occur. You can protect yourself by ensuring that your virus protection is updated and your files are secure.

The Captcha

Most people who have signed up to an Internet service during the past few years will be familiar with a Captcha. The captcha is a box replete with slanted letters and wavy lines, and the customer has to reproduce what they see in a box below.

Traditionally such means are used to filter out Internet spammers. Irregular shapes and a scrambled background combine to confuse the codes that spammers employ – stopping them from being able to infiltrate various search engines and online shops.

Alan Turing

The idea was developed by Yahoo and stemmed from an experiment conducted by the famed mathematician Alan Turing over fifty years ago. Turing has proposed to develop a test which distinguished the varying abilities of computers and people, a test that caused the computer to ‘think’. He argued that the test would be passed if a machine could carry on a conversation in a manner that was indistinguishable from a human.

The rise of the bots

The constant evolution of online threats has now even brought this valued security measure under threat. The Guardian has noted how hackers have now developed bots that can permeate these captchas – appearing to have developed almost the same ability to read the text as humans. Websense, an Internet security company has announced that these new bots were perfected early this year and are already being found to be active on the Internet. The industry has deemed this latest news to be disquieting; ‘a severe blow to online security.’

A recent report, commissioned to explore the safety of the Internet has revealed some disturbing facts. The survey was completed in Spain and showed that of the 1.5 million consumer PCs studied, only 37% had fully updated security protection. Of this low proportion, a quarter were still infected.

This had obvious consequences for online security and demonstrates that even a decade after the internet boom began, people are still not taking the threats seriously enough. So many powerful viruses are present nowadays , that an unprotected PC could be damaged or even destroyed within days of first being connected. A further worry was revealed, as results showed that of the unprotected computers – 80% had traces of viruses within them.

Rather than email, the fastest-growing threat is the so called drive-by attacks. This happens when people visit a website that is infected, and malware is installed without your knowledge. It is not just small businesses and independent webpages that are susceptible to having this type of malware present on their pages – other multination companies have been caught out by the hackers too: the Miami Dolphins and the Bank of India between them.

Advice from technicians working for Symantec, was for Internet users to ensure that their computer is fully and adequately protected.

The hacker’s life

So we all know that there are viruses on the internet. But do we know exactly where they come from in the first place. Peter Gutmann, who works as a researcher at the University of Auckland, was quoted in a Guardian article commenting that, ‘a good virus programmer can makes as much as $200,000 a year’, making it very much a viable career path. Perhaps even a lucrative one.

Perhaps what is a little more worrying than this, is the fact that people can now purchase ‘services’ online, aimed specifically at causing confusion online. Wendy Grossman notes how, ‘malware writers have changed from amateurs who want bragging rights to a full blown criminal – and commercial – market. The chains of events leading to attacks can involve as many as six or seven different players: one hacks the website, another writes the exploit toolkit, the third writes the botnet and rents it out at 4¢ per PC, and so on. If you know where to go, you can buy a one-day distributed denial of service (DDOS) attack for $100 (£50), send 10m spam emails for $600, send 1m spam IMs for $150, or pick up 50Mb of stolen bank and credit card accounts for as little as $30.’

So where exactly do these hackers lurk? Well, according to some industry sources you have to know complicated URLs to locate their list of services, then they jump from one domain to another. They loiter menacingly in the backwaters of the World Wide Web.

The lesson perhaps is still to be learnt by some: using the Internet can be a risky business. So make sure that you are protected.