An estimated 250,000 new viruses have appeared on the Internet. Since yesterday.
That number comes from Justin Kittredge, special agent with the Maine State Police computer crimes division.
They don’t all succeed making computer programs go sideways. But Kittredge said he’s seen estimates that 30,000 websites are infected with malicious software, or malware, every day.
That’s possible, he said, because the bad guys help one another by testing viruses before they’re released, in a process they likely call getting the bugs out of the bugs.
“They even have technical support for viruses,” Kittredge told me.
One of the most common ploys for cyber criminals is finding weaknesses within websites. Click the wrong thing, and you can be connected to some phony malware that says “you’ve been infected … click here to fix it.” Click again, and an executable (.exe) file is launched; it might rummage through your system, looking for passwords or financial information. It might plant other programs to run later, causing more mischief. Or it might simply lock up your computer.
To get it unlocked, you might become a victim of extortion: Send us money or watch us destroy your computer. The original come-on might be made to appear as a message from a law enforcement agency, demanding money to head off serving a warrant, filing a lawsuit or other bogus threat. This “ransomware,” as it has become known, is a multi-billion dollar problem worldwide. One recent news report put India at the top of the victims’ list, with some $4 billion lost to such scams in that country alone.
A growing portion of those losses are incurred by people who use handheld devices instead of desktop computers. The blending of work and social use on the devices makes them tempting targets.
The cyber criminals are adept at creating variations on old themes. The Nigerian, grandparent, “sweetheart” and similar schemes were fourth on the Top Ten list of consumer complaints announced recently by Maine Attorney General Janet Mills. Such schemes ranked ninth a year earlier.
The anonymous nature of cybercrime makes recovery of losses difficult at best. Justin Kittredge joins other computer experts in saying that the best offense is a good defense:
— Use secure connections (not public wi-fi) for sensitive transactions.
— Use strong passwords containing letters, numbers and symbols.
— Use name-brand virus protection software, and install computer updates regularly.
— Don’t store passwords in your computer or keep lists of them nearby.
— Don’t give smartphones to children.
— Be careful about downloading “free” apps.
— Be discreet on social networks.
The last point is critical. Cyber crooks find gold mines of personal information on social sites; once on the web, such data are difficult, if not impossible, to make private again. Smart consumers don’t hand over information about themselves to complete strangers, and they’re careful about which friends they trust with sensitive information. One more sobering statistic: 60 percent of the photos posted online contain GPS coordinates.
Cyber criminals make many of their big scores using social engineering: gaining people’s trust so that they’ll share the secrets that end up costing them dollars, reputations and more.
“It all comes down to the basics,” Kittredge said.
Try the tech media site www.cnet.com and search “safety” for lots more info.
Consumer Forum is a collaboration of the Bangor Daily News and Northeast CONTACT, Maine’s all-volunteer, nonprofit consumer organization. For assistance with consumer-related issues, including consumer fraud and identity theft, or for information, write Consumer Forum, P.O. Box 486, Brewer 04412, visit http://necontact.wordpress.com or email firstname.lastname@example.org.