Internet Security Isn’t Getting Any Prettier

by Robert Siciliano


Malicious software (malware) is, in many ways, very well understood. Security experts know how it works and why. Cybercriminals’ motivations are pretty straightforward—making money from malware and related attacks.

In the latest McAfee Threats Report: Q3 2012 , malware is still growing and while it’s not growing quite as fast as it was in previous quarters, the amount of malware still topped 100 million samples.

Besides the large growth in mobile malware , there has also been an increase in the tactics that cybercriminals are using to attack you. Some of these techniques include:

  • Autorun Malware: AutoRun (also known as AutoPlay) is a feature in Windows systems that dictates what action the system should take when a device is connected to your PC. So when you connect your USB drive or insert a DVD into your drive, AutoRun is what will automatically open or in some cases play what is on these devices. Cybercriminals use this feature to automatically install malicious software when an infected USB or other removable device is plugged into your PC. What makes AutoRun scary is it requires no effort on your part to click any links. This is a “plug and play” malware and can even come on products shipped right from the factory such as external hard drives, USB drives and LCD picture frames.
  • Mac Malware: With over 350 new samples in Mac malware in Q3 2012, the growing popularity of Apple products has inspired cybercriminals to create malware that will harm Macs. McAfee Labs is seeing fake antivirus programs targeted at Mac users. In other words, there are an increased number of programs known as “scareware,” which claim to protect users from viruses and malware but users who attempt to install the supposed antivirus software are actually downloading malicious software. This malware can damage your Mac or compromise your personal information.
  • Ransomware: Ransomware malware typically accuses you of visiting illegal websites, locks your computer then demands a payment to unlock the device. And even if you pay, you are not guaranteed to get access to your files and now the criminal has your financial information. You can get “infected” with ransomware in a myriad of ways, including links in emails, instant messaging, texts and social networking sites, or by simply visiting a website that can download the malicious software on your computer. With a 43% growth this past quarter, ransomware is definitely something to watch out for.

The past quarter’s threats report has shown cybercrime exhibits few signs of slowing down, and cybercriminals using more tricks to steal your money. To help protect yourself you should:

  • Keep your operating systems updated on all your devices
  • Be selective about websites you visit and use a safe search tool like McAfee SiteAdvisor® to warn you about risky sites before you click
  • Avoid clicking links in emails, text messages or instant messages, especially from people you don’t know
  • Stay educated on the latest tricks, cons and scams designed to fool you
  • Use comprehensive security software that provides cross-device protection for all your PCs, Macs, smartphones and tablets


Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)