By Scott Shuey
Gulfnews, Nov 4 – In the ’80s, creators of computer viruses seemed focused on gaining the infamy associated with causing chaos.
Today they just want your money.
According to Justin Doo, regional director of Middle East and North Africa for TrendMicro, more money is made on cyber crime in the US than is made on illegal drug trafficking.
Despite years of refining software that attempts to block people from obtaining sensitive personal information, cyber criminals are still finding a way to make money.
"They haven’t stopped the business. They haven’t tried to stop making money. They’ve just gotten more clever," said Richard Archdeacon, the director of technical services for Symantec’s Northern European region.
"It’s a very sophisticated business strategy were up against."
One of the oldest ways of committing cyber crime is called phishing, which involves criminals who send out fraudulent emails purporting to come from a financial institution. Such emails usually employ pressure tactics in the hopes of forcing a response.
Usually theses emails are very well designed, even containing links to pages on the web pages of the company the email purports to be from.
While the Middle East isn’t targeted any more or less that the rest of the world, "what the Middle East does suffer from is naivety," Doo said.
"Many of the phishing techniques used today in the Middle East have been used in the US and Europe for several years. Internet users in the Middle East simply aren’t used to seeing them."
Making sure that computer users are informed won’t make the problem go away either.
Many cyber thieves are also becoming craftier, and instead of sending spam are instead focusing on individual companies. This trend is known as spear fishing.
In this type of attack, employees receive a fake email from someone claiming to be a company manager. The email directs them to go to a site and fill out the form they find there.
"The diligent employees think they are following directions," Doo said, "but what they are really doing is handing over personal or corportate information."
Until recently, most phishing attacks relied on people voluntarily handing over information. Not anymore. Many criminals are now sending emails that contain links to websites.
Simply clicking on the link while take the user to a web page where a bot, a small program that can allow a criminal to take over a computer, is placed on the computer. These bots can be used to record user name and password information and, worse, where to use that information.
"An email drags you to a website and drops something down on your computer, which does nothing until its activated," Archdeacon said. "If it doesn’t have a signature, the AV can’t stop it."
Signatures are bits of code in the virus that anti-virus programs use to fight off the virus.
Users also put themselves at risk by falling into bad habits. Doo estimates that on average 80 per cent of user’s use the same profile on different sites, meaning the usernames and passwords are the same.
Four ways to keep your information safe
Justin Doo, regional director of Middle East and North Africa for TrendMicro, outlines how to ensure your information is safe:
– Make sure you are using a "legal" version of your operating system. Bots usually gain control of computers by exploiting known security holes in a computer’s operating system. If you are using an illegal copy of an OS, you will not be able to receive that patches with fix these "holes."
– Don’t click on links in an email. These may take you to sights which will attempt to place a bot on your computer. You should type the website’s address into your browser instead.
– Don’t respond to queries about personal information. Most companies make it a policy to never ask for your user name or password.
– Be careful whom you do business with. One of the most frequently visited websites in the Europe is a music provider in Eastern Europe who illegally sells music albums for 99 cents each, according to Justin Doo. iTunes sells individual songs for 99 cents.
"If they’re so brazen about selling illegal music, how can you trust them with your data," Doo said.