The latest attack identified by security researchers at Sophos, attempts to capitalize on the Google image searches on various topics
(prHWY.com) May 3, 2011 - Albuquerque, NM -- Albuquerque, NM, United States - Cybercriminals are now targeting Internet users through a massive SEO poisoning attack. The latest attack identified by security researchers at Sophos, attempts to capitalize on the Google image searches on various topics from global warming to Osama bin Laden's death. The purpose of the attacks is to entice users to visit compromised web pages, wherein they are sought to download fake anti-virus programs. While browsing the compromised web pages, users are prompted with a fake anti-virus warning, which warns of spyware and adware on the computer. The attack targets Windows and Mac operating systems. When users attempt to close the window, they are prompted to download a .zip file, which either installs a fake anti-virus scanner or a Mac application. The interface of the fake anti-virus application resembles MacDefender, tricking users to believe that scanner is genuine. The fake scanner displays that some crucial applications are infected. Users are enticed to purchase the program to protect confidential information such as credit card information being compromised. Unwary users, who fall prey to the scam, reveal personally identifiable information such as names, credit card numbers, card expiry date, CVV number, e-mail addresses, mailing address and contact numbers.
Fake anti-virus programs are designed to extract confidential information from unsuspecting users by resembling genuine security software. Once installed, the malicious software may make alterations to the system, making it difficult for users to remove the program. Cybercriminals propagate scams through search engines, social networking sites, online advertisements and spam e-mails. Internet users must be vary of pop-ups displaying security alerts. Users must install genuine anti-virus programs by directly visiting website of a legitimate security software vendor. Internet users may abreast themselves of latest security threats by following security blogs, vendor advisories, e-tutorials and undertaking online degree
courses on cyber security.
Google had recently announced plans to introduce a new feature in Chrome, which will warn users from downloading malicious Windows executable files. The feature will match the web pages with the latest list of malicious URLs listed by Safe browsing API. Internet users must use latest updated web browsers and refrain from visiting suspicious sites. Internet users must be cautious while conducting image searches for various topics and events. They must be wary of clicking on suspicious links, advertisements and pop-ups. They must adhere to alerts and guidelines issued by Internet security firms, product vendors and computer security response teams. Proactive action is required to deal with the menace of cybercrime. Vibrant threats in the IT environment has led to increased demand for professionals qualified in computer science degree
and IT security certifications across various sectors.
Employees use Internet for purpose of research, communication and product promotion. Cybercriminals target organizational users through social engineering techniques to extract privileged information. Organizations must train employees on best practices in information security, use of social media sites and computer security through training sessions and e-learning programs. Organizations may also encourage professionals to undertake online university degree courses on information security and participate in security conferences.
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.